Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku..občasné BSoD..malware?

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Prosím o preventivku..občasné BSoD..malware?

#1 Příspěvek od pepe3dx »

Dobrý den,
nedávno jsem reinstaloval system (cca 7 let starý sys. už byl "trochu" nestabilní) nyní dochází k BSoD (cca 2x-3x do týdne).Také se PC samo zapíná.. :!: :???: Což dříve nedělalo.
Proto prosím o preventivku. :31:

Předem moc děkuji. pepe3dx

Logfile of random's system information tool 1.16 (written by random/random)
Run by Pepe3dx at 2017-12-28 20:32:00
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 57 GB (47%) free of 122 GB
Total RAM: 8146 MB (74% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:32:05, on 28.12.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18860)
Boot mode: Normal

Running processes:
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files\trend micro\Pepe3dx_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 1226__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://files.creative.com/Web/softwareu ... PIDPDE.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8176 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\My Lockbox\mylbx.exe" /a
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3624.0.977162396\405191284" -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" "C:\Users\Pepe3dx\AppData\LocalLow\Mozilla\Temp-{2195df54-6bf7-4a74-968f-f3fdb2f9878d}" 3624 "\\.\pipe\gecko-crash-server-pipe.3624" gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3624.13.444596410\1318752936" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:1|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{2195df54-6bf7-4a74-968f-f3fdb2f9878d}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 3624 "\\.\pipe\gecko-crash-server-pipe.3624" tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3624.20.1080775229\694535738" -childID 3 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:1|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{2195df54-6bf7-4a74-968f-f3fdb2f9878d}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 3624 "\\.\pipe\gecko-crash-server-pipe.3624" tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3624.27.67991279\593050863" -childID 4 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:1|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{2195df54-6bf7-4a74-968f-f3fdb2f9878d}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 3624 "\\.\pipe\gecko-crash-server-pipe.3624" tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3624.34.1573580813\77918946" -childID 5 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:1|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{2195df54-6bf7-4a74-968f-f3fdb2f9878d}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 3624 "\\.\pipe\gecko-crash-server-pipe.3624" tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3624.41.1419699990\2106702232" -childID 6 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:1|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{2195df54-6bf7-4a74-968f-f3fdb2f9878d}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 3624 "\\.\pipe\gecko-crash-server-pipe.3624" tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Pepe3dx\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\{C2BA22C2-615D-4C51-9FB9-6677D2F338F7} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe" -c --uninstall
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\EOSNotify - %windir%\system32\EOSNotify.exe
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Pepe3dx\AppData\Roaming\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\Pepe3dx\AppData\Roaming\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\Pepe3dx\AppData\Roaming\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744\extensions.json
Adblock Plus - webextension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -
Activity Stream - extension - activity-stream@mozilla.org -
Application Update Service Helper - extension - aushelper@mozilla.org -
Multi-process staged rollout - extension - e10srollout@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Form Autofill - extension - formautofill@mozilla.org -
Photon onboarding - extension - onboarding@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Web Compat - extension - webcompat@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -

C:\Users\Pepe3dx\AppData\Roaming\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744\pluginreg.dat
Plugin - Shockwave Flash - 27.0.0.187 - C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll

=========Google Chrome=========

C:\Users\Pepe3dx\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6217.911.0.5
Homepage:
default_search_provider.search_url:
C:\Users\Pepe3dx\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26 435320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26 366200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-12-12 7560296]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 3113592]
"mylbx"=C:\Program Files\My Lockbox\mylbx.exe [2016-06-04 2606824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live! Central 3]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [2013-08-15 461312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0770Mon.exe]
C:\Windows\V0770Mon.exe [2012-06-01 32884]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-01-03 502288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02 65992]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-12-28 20:32:00 ----D---- C:\rsit
2017-12-28 20:32:00 ----D---- C:\Program Files\trend micro
2017-12-26 17:15:35 ----A---- C:\Windows\Reimage.ini
2017-12-25 19:59:29 ----D---- C:\Program Files\Debugging Tools for Windows (x64)
2017-12-25 19:58:32 ----D---- C:\Program Files\Microsoft SDKs
2017-12-15 03:53:04 ----D---- C:\Windows\Minidump
2017-12-14 21:17:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-12-14 21:17:14 ----A---- C:\Windows\system32\mshtml.dll
2017-12-14 21:17:14 ----A---- C:\Windows\system32\ieframe.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\rtm.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\itss.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\itircl.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-12-14 21:17:13 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\wininet.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\win32k.sys
2017-12-14 21:17:13 ----A---- C:\Windows\system32\vbscript.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\urlmon.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\rtm.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-14 21:17:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\mprdim.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\jscript9.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\jscript.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\itss.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\itircl.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\gpedit.dll
2017-12-14 21:17:13 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-12-14 21:17:12 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\webcheck.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\tzres.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\occache.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\msrating.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\inseng.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-14 21:17:12 ----A---- C:\Windows\system32\ieui.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\iesetup.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\iertutil.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\iernonce.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-14 21:17:12 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-14 21:17:12 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-14 21:17:12 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-09 01:15:23 ----D---- C:\Users\Pepe3dx\AppData\Roaming\GHISLER
2017-12-09 01:15:23 ----D---- C:\totalcmd
2017-12-08 12:13:32 ----RD---- C:\Program Files (x86)\Skype
2017-12-07 16:56:32 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Skype
2017-12-07 16:56:20 ----D---- C:\ProgramData\Skype
2017-12-06 05:33:38 ----D---- C:\Program Files\CCleaner
2017-12-06 05:15:53 ----D---- C:\Program Files (x86)\Google
2017-12-04 14:14:00 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2017-12-04 14:11:51 ----D---- C:\Users\Pepe3dx\AppData\Roaming\LibreOffice
2017-12-04 14:11:17 ----D---- C:\Program Files\LibreOffice 5
2017-12-03 17:37:46 ----D---- C:\Program Files\My Lockbox
2017-12-03 17:37:46 ----A---- C:\Windows\system32\drivers\FSPFltd2.sys
2017-12-03 13:47:00 ----D---- C:\KMPlayer
2017-12-03 12:41:52 ----D---- C:\Users\Pepe3dx\AppData\Roaming\MPC-HC
2017-12-03 12:40:39 ----D---- C:\Program Files\MPC-HC
2017-12-03 11:55:49 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Creative
2017-12-03 11:55:48 ----D---- C:\ProgramData\Creative
2017-12-03 11:52:28 ----N---- C:\Windows\Ctregrun.exe
2017-12-03 11:34:50 ----D---- C:\Program Files (x86)\Creative
2017-12-03 11:34:42 ----A---- C:\Windows\system32\drivers\CtClsFlt.sys
2017-12-03 11:34:42 ----A---- C:\Windows\system32\drivers\CtAudDrv.sys
2017-12-03 11:17:19 ----D---- C:\Program Files (x86)\Hewlett-Packard
2017-12-03 11:17:17 ----D---- C:\ProgramData\Visan
2017-12-03 11:17:17 ----D---- C:\ProgramData\HP Photo Creations
2017-12-03 11:17:17 ----D---- C:\Program Files (x86)\HP Photo Creations
2017-12-03 11:17:14 ----N---- C:\Windows\system32\HPDiscoPMC711.dll
2017-12-03 11:17:14 ----D---- C:\Users\Pepe3dx\AppData\Roaming\HpUpdate
2017-12-03 11:17:11 ----D---- C:\ProgramData\HP
2017-12-03 11:17:11 ----D---- C:\Program Files\HP
2017-12-03 11:17:11 ----D---- C:\Program Files (x86)\HP
2017-12-03 11:16:28 ----A---- C:\ProgramData\Ament.ini
2017-12-03 11:04:54 ----A---- C:\Windows\system32\drivers\LNonPnP.sys
2017-12-03 11:04:48 ----D---- C:\ProgramData\Logishrd
2017-12-03 11:04:46 ----D---- C:\Program Files\Logitech
2017-12-03 11:04:31 ----D---- C:\Program Files\Common Files\LogiShrd
2017-12-03 11:04:26 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Logitech
2017-12-03 11:04:26 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Logishrd
2017-12-03 10:50:45 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2017-12-03 10:50:45 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2017-12-03 10:50:45 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2017-12-03 10:50:45 ----A---- C:\Windows\system32\wksprt.exe
2017-12-03 10:50:45 ----A---- C:\Windows\system32\tsgqec.dll
2017-12-03 10:50:45 ----A---- C:\Windows\system32\rdvidcrl.dll
2017-12-03 10:50:45 ----A---- C:\Windows\system32\mstscax.dll
2017-12-03 10:46:58 ----A---- C:\Windows\system32\rdpudd.dll
2017-12-03 10:46:58 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-12-03 10:46:58 ----A---- C:\Windows\system32\rdpcorets.dll
2017-12-03 10:46:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2017-12-03 10:33:14 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-12-03 10:33:13 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2017-12-03 10:33:13 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2017-12-03 10:33:13 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2017-12-03 10:33:13 ----A---- C:\Windows\system32\wksprtPS.dll
2017-12-03 10:33:13 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-12-03 10:33:13 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-12-03 10:33:13 ----A---- C:\Windows\system32\mstsc.exe
2017-12-03 10:33:13 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2017-12-03 10:33:13 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2017-12-03 10:32:24 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2017-12-03 10:32:22 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2017-12-03 10:32:22 ----A---- C:\Windows\system32\rdpendp_winip.dll
2017-12-03 10:31:12 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2017-12-03 10:31:12 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2017-12-03 10:31:12 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2017-12-03 10:31:12 ----A---- C:\Windows\system32\kbdgeoqw.dll
2017-12-03 10:31:12 ----A---- C:\Windows\system32\KBDAZEL.DLL
2017-12-03 10:31:12 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-03 10:04:30 ----D---- C:\Users\Pepe3dx\AppData\Roaming\TS3Client
2017-12-03 10:02:51 ----D---- C:\Users\Pepe3dx\AppData\Roaming\WinRAR
2017-12-03 10:02:40 ----D---- C:\Program Files\WinRAR
2017-12-03 10:00:39 ----D---- C:\Program Files\TeamSpeak 3 Client
2017-12-03 08:39:27 ----D---- C:\ProgramData\Blizzard Entertainment
2017-12-03 08:37:59 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Battle.net
2017-12-03 08:37:13 ----D---- C:\Program Files (x86)\Battle.net
2017-12-03 08:36:15 ----D---- C:\ProgramData\Battle.net
2017-12-03 08:11:25 ----SD---- C:\Windows\system32\CompatTel
2017-12-03 08:11:25 ----D---- C:\Windows\system32\appraiser
2017-12-03 08:04:24 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2017-12-03 08:04:17 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\system32\KBDYAK.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\system32\KBDTAT.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\system32\KBDRU1.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\system32\KBDRU.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\system32\KBDBASH.DLL
2017-12-03 08:04:17 ----A---- C:\Windows\system32\invagent.dll
2017-12-03 08:04:17 ----A---- C:\Windows\system32\generaltel.dll
2017-12-03 08:04:17 ----A---- C:\Windows\system32\devinv.dll
2017-12-03 08:04:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-12-03 08:04:17 ----A---- C:\Windows\system32\centel.dll
2017-12-03 08:04:17 ----A---- C:\Windows\system32\appraiser.dll
2017-12-03 08:04:17 ----A---- C:\Windows\system32\aitstatic.exe
2017-12-03 08:04:17 ----A---- C:\Windows\system32\aepic.dll
2017-12-03 08:04:17 ----A---- C:\Windows\system32\aeinv.dll
2017-12-03 08:04:17 ----A---- C:\Windows\system32\acmigration.dll
2017-12-03 08:04:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2017-12-03 08:04:16 ----A---- C:\Windows\system32\d2d1.dll
2017-12-03 08:04:15 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2017-12-03 08:04:15 ----A---- C:\Windows\SYSWOW64\esent.dll
2017-12-03 08:04:15 ----A---- C:\Windows\system32\fsutil.exe
2017-12-03 08:04:15 ----A---- C:\Windows\system32\esent.dll
2017-12-03 08:04:15 ----A---- C:\Windows\system32\drivers\nvstor.sys
2017-12-03 08:04:15 ----A---- C:\Windows\system32\drivers\nvraid.sys
2017-12-03 08:04:15 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2017-12-03 08:04:15 ----A---- C:\Windows\system32\drivers\amdxata.sys
2017-12-03 08:04:15 ----A---- C:\Windows\system32\drivers\amdsata.sys
2017-12-03 07:51:24 ----A---- C:\Windows\SYSWOW64\wdi.dll
2017-12-03 07:51:24 ----A---- C:\Windows\system32\wdi.dll
2017-12-03 07:51:24 ----A---- C:\Windows\system32\powertracker.dll
2017-12-03 07:51:24 ----A---- C:\Windows\system32\perftrack.dll
2017-12-03 07:48:04 ----D---- C:\Users\Pepe3dx\AppData\Roaming\ATI
2017-12-03 07:48:04 ----D---- C:\ProgramData\ATI
2017-12-02 13:22:05 ----D---- C:\ProgramData\AMD
2017-12-02 13:22:05 ----D---- C:\Program Files (x86)\AMD AVT
2017-12-02 13:22:03 ----D---- C:\Program Files (x86)\AMD APP
2017-12-02 13:21:56 ----D---- C:\Program Files\Common Files\ATI Technologies
2017-12-02 13:21:10 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2017-12-02 13:21:10 ----A---- C:\Windows\system32\coinst.dll
2017-12-02 13:21:10 ----A---- C:\Windows\system32\atipblag.dat
2017-12-02 13:21:10 ----A---- C:\Windows\system32\ATIDEMGX.dll
2017-12-02 13:20:59 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-12-02 13:20:59 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-12-02 13:20:59 ----A---- C:\Windows\system32\UIAnimation.dll
2017-12-02 13:20:59 ----A---- C:\Windows\system32\FntCache.dll
2017-12-02 13:20:59 ----A---- C:\Windows\system32\DWrite.dll
2017-12-02 13:20:48 ----D---- C:\Program Files (x86)\ATI Technologies
2017-12-02 13:20:47 ----D---- C:\Program Files\ATI
2017-12-02 13:20:34 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2017-12-02 13:20:34 ----A---- C:\Windows\system32\d3d10warp.dll
2017-12-02 13:20:32 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2017-12-02 13:20:32 ----A---- C:\Windows\system32\d3d10level9.dll
2017-12-02 13:20:31 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2017-12-02 13:20:31 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2017-12-02 13:19:56 ----D---- C:\Program Files\ATI Technologies
2017-12-02 13:19:48 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2017-12-02 13:19:48 ----A---- C:\Windows\system32\WindowsCodecs.dll
2017-12-02 13:19:47 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2017-12-02 13:19:47 ----A---- C:\Windows\system32\WMPhoto.dll
2017-12-02 13:13:58 ----D---- C:\Windows\system32\appmgmt
2017-12-02 13:10:46 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2017-12-02 13:10:46 ----A---- C:\Windows\system32\poqexec.exe
2017-12-02 13:08:32 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Adobe
2017-12-02 13:05:17 ----D---- C:\Windows\SYSWOW64\Wat
2017-12-02 13:05:17 ----D---- C:\Windows\system32\Wat
2017-12-02 12:59:03 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Macromedia
2017-12-02 12:59:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-12-02 12:59:02 ----D---- C:\Windows\system32\Macromed
2017-12-02 12:59:01 ----D---- C:\Windows\SYSWOW64\Macromed
2017-12-02 12:46:22 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-02 12:46:22 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-02 12:44:48 ----A---- C:\Windows\system32\IEUDINIT.EXE
2017-12-02 12:38:27 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\wextract.exe
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\url.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\msls31.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\mshta.exe
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2017-12-02 12:38:25 ----A---- C:\Windows\SYSWOW64\icardie.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\wextract.exe
2017-12-02 12:38:25 ----A---- C:\Windows\system32\url.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2017-12-02 12:38:25 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2017-12-02 12:38:25 ----A---- C:\Windows\system32\msls31.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\mshtmler.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\msfeedssync.exe
2017-12-02 12:38:25 ----A---- C:\Windows\system32\msfeedsbs.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\licmgr10.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\jsIntl.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\iexpress.exe
2017-12-02 12:38:25 ----A---- C:\Windows\system32\iesysprep.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\ieapfltr.dat
2017-12-02 12:38:25 ----A---- C:\Windows\system32\IEAdvpack.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\icardie.dll
2017-12-02 12:38:25 ----A---- C:\Windows\system32\elshyph.dll
2017-12-02 12:38:24 ----A---- C:\Windows\system32\pngfilt.dll
2017-12-02 12:38:24 ----A---- C:\Windows\system32\mshta.exe
2017-12-02 12:38:24 ----A---- C:\Windows\system32\imgutil.dll
2017-12-02 12:38:24 ----A---- C:\Windows\system32\iepeers.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-12-02 12:32:09 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-12-02 12:32:09 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2017-12-02 12:32:09 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2017-12-02 12:32:09 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2017-12-02 12:32:09 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2017-12-02 12:32:09 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2017-12-02 12:32:09 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2017-12-02 12:32:09 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2017-12-02 12:32:09 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2017-12-02 12:32:09 ----A---- C:\Windows\system32\XpsPrint.dll
2017-12-02 12:32:09 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2017-12-02 12:32:09 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2017-12-02 12:32:09 ----A---- C:\Windows\system32\dxgi.dll
2017-12-02 12:32:09 ----A---- C:\Windows\system32\d3d10core.dll
2017-12-02 12:32:09 ----A---- C:\Windows\system32\d3d10_1core.dll
2017-12-02 12:32:09 ----A---- C:\Windows\system32\d3d10_1.dll
2017-12-02 12:32:09 ----A---- C:\Windows\system32\d3d10.dll
2017-12-02 11:56:36 ----A---- C:\Windows\system32\WUDFx.dll
2017-12-02 11:56:36 ----A---- C:\Windows\system32\WUDFSvc.dll
2017-12-02 11:56:36 ----A---- C:\Windows\system32\WUDFPlatform.dll
2017-12-02 11:56:36 ----A---- C:\Windows\system32\WUDFHost.exe
2017-12-02 11:56:36 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2017-12-02 11:56:36 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2017-12-02 11:56:36 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2017-12-02 11:52:40 ----A---- C:\Windows\SYSWOW64\wmi.dll
2017-12-02 11:52:40 ----A---- C:\Windows\system32\wmi.dll
2017-12-02 11:52:40 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2017-12-02 11:51:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2017-12-02 11:51:46 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2017-12-02 11:50:23 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2017-12-02 11:50:23 ----A---- C:\Windows\SYSWOW64\icardres.dll
2017-12-02 11:50:23 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2017-12-02 11:50:23 ----A---- C:\Windows\system32\infocardapi.dll
2017-12-02 11:50:23 ----A---- C:\Windows\system32\icardres.dll
2017-12-02 11:50:23 ----A---- C:\Windows\system32\icardagt.exe
2017-12-02 11:50:18 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2017-12-02 11:50:18 ----A---- C:\Windows\system32\TsWpfWrp.exe
2017-12-02 11:49:15 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2017-12-02 11:49:15 ----A---- C:\Windows\SYSWOW64\gameux.dll
2017-12-02 11:49:15 ----A---- C:\Windows\system32\Wpc.dll
2017-12-02 11:49:15 ----A---- C:\Windows\system32\gameux.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2017-12-02 11:49:09 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\wuwebv.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\wudriver.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\wucltux.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\wuaueng.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\wuauclt.exe
2017-12-02 11:49:09 ----A---- C:\Windows\system32\wuapp.exe
2017-12-02 11:49:09 ----A---- C:\Windows\system32\wuapi.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\UtcResources.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\shell32.dll
2017-12-02 11:49:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-12-02 11:49:09 ----A---- C:\Windows\system32\diagtrack.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\ucrtbase.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\ole32.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\mf.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-12-02 11:49:08 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-12-02 11:49:08 ----A---- C:\Windows\system32\blackbox.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-12-02 11:49:08 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-12-02 11:49:07 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\wups2.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\wups.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\WsmSvc.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\rpcrt4.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\ntdll.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\msxml3.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\msi.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\mmc.exe
2017-12-02 11:49:07 ----A---- C:\Windows\system32\lsasrv.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-12-02 11:49:07 ----A---- C:\Windows\system32\drmv2clt.dll
2017-12-02 11:49:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-12-02 11:49:06 ----A---- C:\Windows\SYSWOW64\mmc.exe
2017-12-02 11:49:06 ----A---- C:\Windows\system32\wmp.dll
2017-12-02 11:49:05 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-12-02 11:49:05 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-12-02 11:49:05 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-12-02 11:49:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-12-02 11:49:05 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-12-02 11:49:05 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-12-02 11:49:05 ----A---- C:\Windows\system32\tquery.dll
2017-12-02 11:49:05 ----A---- C:\Windows\system32\scavengeui.dll
2017-12-02 11:49:05 ----A---- C:\Windows\system32\Query.dll
2017-12-02 11:49:05 ----A---- C:\Windows\system32\quartz.dll
2017-12-02 11:49:05 ----A---- C:\Windows\system32\oleaut32.dll
2017-12-02 11:49:05 ----A---- C:\Windows\system32\kerberos.dll
2017-12-02 11:49:05 ----A---- C:\Windows\system32\crypt32.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-12-02 11:49:04 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\winresume.exe
2017-12-02 11:49:04 ----A---- C:\Windows\system32\winload.exe
2017-12-02 11:49:04 ----A---- C:\Windows\system32\win32spl.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\wer.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\usp10.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\schannel.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\samsrv.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\rpcss.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\rdpcore.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\msv1_0.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\mssrch.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\msctf.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\localspl.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\KernelBase.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\kernel32.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\inetcomm.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\evr.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-12-02 11:49:04 ----A---- C:\Windows\system32\drivers\srv.sys
2017-12-02 11:49:04 ----A---- C:\Windows\system32\drivers\http.sys
2017-12-02 11:49:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-12-02 11:49:04 ----A---- C:\Windows\system32\drivers\afd.sys
2017-12-02 11:49:04 ----A---- C:\Windows\system32\authui.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\audiosrv.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-12-02 11:49:04 ----A---- C:\Windows\system32\advapi32.dll
2017-12-02 11:49:04 ----A---- C:\Windows\HelpPane.exe
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\wer.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-12-02 11:49:03 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\WsmAuto.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-12-02 11:49:03 ----A---- C:\Windows\system32\wow64win.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\Wldap32.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\wlansec.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\wlanmsm.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\wintrust.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\winsrv.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\WebClnt.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\wdigest.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\wdc.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\user32.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\themeui.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\srcore.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-12-02 11:49:03 ----A---- C:\Windows\system32\rpchttp.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\qdvd.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\pla.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\pcasvc.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\ncrypt.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\msinfo32.exe
2017-12-02 11:49:03 ----A---- C:\Windows\system32\mfplat.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-12-02 11:49:03 ----A---- C:\Windows\system32\gdi32.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\EncDump.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\netio.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\drivers\cng.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\davclnt.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\cryptui.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\cryptsvc.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\cryptnet.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\conhost.exe
2017-12-02 11:49:03 ----A---- C:\Windows\system32\clfs.sys
2017-12-02 11:49:03 ----A---- C:\Windows\system32\ci.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\certcli.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\cdosys.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\AudioSes.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\AudioEng.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\atmfd.dll
2017-12-02 11:49:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\rundll32.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\pla.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\pdh.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\MigAutoPlay.exe
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\input.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\cic.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-12-02 11:49:02 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\wvc.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\wow64.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\wmploc.DLL
2017-12-02 11:49:02 ----A---- C:\Windows\system32\wlansvc.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\wlanhlp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\wlanapi.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\TSpkg.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\t2embed.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\sspicli.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\smss.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\shdocvw.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\secur32.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\samlib.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\rundll32.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\rstrui.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\PrintBrmUi.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\pdhui.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\pdh.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\oleres.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\ntprint.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\nsisvc.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\nlsbres.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\mssvp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\mssphtb.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\mssph.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\msscp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\msscntrs.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\msihnd.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\msiexec.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\mscms.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\mmcshext.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\mmcbase.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\MigAutoPlay.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\mfps.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\lsass.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\input.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\inetpp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\icm32.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\hlink.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\fastfat.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\exfat.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\drivers\appid.sys
2017-12-02 11:49:02 ----A---- C:\Windows\system32\csrsrv.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\cryptsp.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\cryptbase.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\consent.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\cic.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\bcryptprimitives.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\bcrypt.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\bcdedit.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\audiodg.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\asycfilt.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\appinfo.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\appidsvc.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-12-02 11:49:02 ----A---- C:\Windows\system32\appidapi.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\adtschema.dll
2017-12-02 11:49:02 ----A---- C:\Windows\system32\adsmsext.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-12-02 11:49:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\user.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\nsi.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msexch40.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-12-02 11:49:01 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\WsmRes.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\wpnpinst.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\wow64cpu.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\winnsi.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\wermgr.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\WcsPlugInService.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\sspisrv.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\srclient.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\spwmp.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\rrinstaller.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\resmon.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\plasrv.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\perfmon.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\pcawrk.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\pcalua.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\pcaevts.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\pcadm.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\ntvdm64.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\ntprint.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\nsi.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\netbtugc.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\msxml3r.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\mssprxy.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\mssitlb.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\msshooks.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\msobjs.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\msnetobj.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\msmmsp.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\msimsg.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\msaudite.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\mfpmp.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\mferror.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\lpk.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\INETRES.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\inetppui.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\icaapi.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\fontsub.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\dxmasf.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-12-02 11:49:01 ----A---- C:\Windows\system32\dciman32.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\credssp.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\comcat.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\cdd.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\auditpol.exe
2017-12-02 11:49:01 ----A---- C:\Windows\system32\atmlib.dll
2017-12-02 11:49:01 ----A---- C:\Windows\system32\apisetschema.dll
2017-12-02 11:48:53 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2017-12-02 11:48:53 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2017-12-02 11:48:53 ----A---- C:\Windows\system32\EncDec.dll
2017-12-02 11:48:53 ----A---- C:\Windows\system32\CPFilters.dll
2017-12-02 11:48:49 ----A---- C:\Windows\SYSWOW64\tdh.dll
2017-12-02 11:48:49 ----A---- C:\Windows\system32\tdh.dll
2017-12-02 11:48:45 ----A---- C:\Windows\system32\basesrv.dll
2017-12-02 11:48:42 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\SYSWOW64\objsel.dll
2017-12-02 11:48:42 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2017-12-02 11:48:42 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\system32\wincredprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\system32\objsel.dll
2017-12-02 11:48:42 ----A---- C:\Windows\system32\dpapiprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\system32\dimsroam.dll
2017-12-02 11:48:42 ----A---- C:\Windows\system32\cngprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\system32\capiprovider.dll
2017-12-02 11:48:42 ----A---- C:\Windows\system32\adprovider.dll
2017-12-02 11:48:35 ----A---- C:\Windows\system32\sysmain.dll
2017-12-02 11:48:29 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2017-12-02 11:48:29 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2017-12-02 11:48:29 ----A---- C:\Windows\SYSWOW64\sechost.dll
2017-12-02 11:48:29 ----A---- C:\Windows\SYSWOW64\relog.exe
2017-12-02 11:48:29 ----A---- C:\Windows\SYSWOW64\logman.exe
2017-12-02 11:48:29 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2017-12-02 11:48:29 ----A---- C:\Windows\system32\typeperf.exe
2017-12-02 11:48:29 ----A---- C:\Windows\system32\tracerpt.exe
2017-12-02 11:48:29 ----A---- C:\Windows\system32\sechost.dll
2017-12-02 11:48:29 ----A---- C:\Windows\system32\relog.exe
2017-12-02 11:48:29 ----A---- C:\Windows\system32\logman.exe
2017-12-02 11:48:29 ----A---- C:\Windows\system32\diskperf.exe
2017-12-02 11:48:24 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2017-12-02 11:48:24 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2017-12-02 11:48:24 ----A---- C:\Windows\system32\mtxoci.dll
2017-12-02 11:48:18 ----A---- C:\Windows\system32\winlogon.exe
2017-12-02 11:48:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2017-12-02 11:48:17 ----A---- C:\Windows\system32\winsta.dll
2017-12-02 11:48:17 ----A---- C:\Windows\system32\rdrmemptylst.exe
2017-12-02 11:48:17 ----A---- C:\Windows\system32\rdpwsx.dll
2017-12-02 11:48:17 ----A---- C:\Windows\system32\rdpcorekmts.dll
2017-12-02 11:48:17 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll

pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Re: Prosím o preventivku..občasné BSoD..malware?

#2 Příspěvek od pepe3dx »

2017-12-02 11:48:13 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMVXENCD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMVSENCD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMVSDECD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMVENCOD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMVDECOD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\wmpmde.dll
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMADMOE.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\WMADMOD.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\msmpeg2adec.dll
2017-12-02 11:48:13 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2017-12-02 11:48:13 ----A---- C:\Windows\system32\mcmde.dll
2017-12-02 11:48:13 ----A---- C:\Windows\system32\COLORCNV.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\qasf.dll
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\devenum.dll
2017-12-02 11:48:12 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2017-12-02 11:48:12 ----A---- C:\Windows\system32\VIDRESZR.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\system32\SysFxUI.dll
2017-12-02 11:48:12 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\system32\qasf.dll
2017-12-02 11:48:12 ----A---- C:\Windows\system32\MPG4DECD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\system32\MP4SDECD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\system32\MP43DECD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\system32\MP3DMOD.DLL
2017-12-02 11:48:12 ----A---- C:\Windows\system32\mfvdsp.dll
2017-12-02 11:48:12 ----A---- C:\Windows\system32\ksuser.dll
2017-12-02 11:48:12 ----A---- C:\Windows\system32\drivers\portcls.sys
2017-12-02 11:48:12 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2017-12-02 11:48:12 ----A---- C:\Windows\system32\drivers\drmk.sys
2017-12-02 11:48:12 ----A---- C:\Windows\system32\devenum.dll
2017-12-02 11:48:12 ----A---- C:\Windows\system32\d3d11.dll
2017-12-02 11:48:11 ----A---- C:\Windows\system32\RMActivate_isv.exe
2017-12-02 11:48:11 ----A---- C:\Windows\system32\RMActivate.exe
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\secproc.dll
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2017-12-02 11:48:10 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2017-12-02 11:48:10 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2017-12-02 11:48:10 ----A---- C:\Windows\system32\secproc_ssp.dll
2017-12-02 11:48:10 ----A---- C:\Windows\system32\secproc_isv.dll
2017-12-02 11:48:10 ----A---- C:\Windows\system32\secproc.dll
2017-12-02 11:48:10 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2017-12-02 11:48:10 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2017-12-02 11:48:10 ----A---- C:\Windows\system32\msdrm.dll
2017-12-02 11:47:54 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2017-12-02 11:47:54 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2017-12-02 11:47:54 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2017-12-02 11:47:54 ----A---- C:\Windows\system32\shimeng.dll
2017-12-02 11:47:54 ----A---- C:\Windows\system32\sdbinst.exe
2017-12-02 11:47:54 ----A---- C:\Windows\system32\apphelp.dll
2017-12-02 11:47:54 ----A---- C:\Windows\system32\aelupsvc.dll
2017-12-02 11:47:51 ----A---- C:\Windows\system32\termsrv.dll
2017-12-02 11:47:47 ----A---- C:\Windows\SYSWOW64\osk.exe
2017-12-02 11:47:47 ----A---- C:\Windows\system32\osk.exe
2017-12-02 11:47:45 ----A---- C:\Windows\system32\pku2u.dll
2017-12-02 11:47:44 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2017-12-02 11:47:39 ----A---- C:\Windows\SYSWOW64\certutil.exe
2017-12-02 11:47:39 ----A---- C:\Windows\SYSWOW64\certenc.dll
2017-12-02 11:47:39 ----A---- C:\Windows\system32\certutil.exe
2017-12-02 11:47:39 ----A---- C:\Windows\system32\certenc.dll
2017-12-02 11:47:37 ----A---- C:\Windows\SYSWOW64\tbs.dll
2017-12-02 11:47:37 ----A---- C:\Windows\system32\tbs.dll
2017-12-02 11:47:37 ----A---- C:\Windows\system32\gpsvc.dll
2017-12-02 11:47:37 ----A---- C:\Windows\system32\fveapibase.dll
2017-12-02 11:47:37 ----A---- C:\Windows\system32\fveapi.dll
2017-12-02 11:47:36 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2017-12-02 11:47:36 ----A---- C:\Windows\SYSWOW64\polstore.dll
2017-12-02 11:47:36 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2017-12-02 11:47:36 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2017-12-02 11:47:36 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2017-12-02 11:47:36 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2017-12-02 11:47:36 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2017-12-02 11:47:36 ----A---- C:\Windows\system32\winipsec.dll
2017-12-02 11:47:36 ----A---- C:\Windows\system32\polstore.dll
2017-12-02 11:47:36 ----A---- C:\Windows\system32\IPSECSVC.DLL
2017-12-02 11:47:36 ----A---- C:\Windows\system32\gpscript.exe
2017-12-02 11:47:36 ----A---- C:\Windows\system32\gpscript.dll
2017-12-02 11:47:36 ----A---- C:\Windows\system32\gpprefcl.dll
2017-12-02 11:47:36 ----A---- C:\Windows\system32\gpapi.dll
2017-12-02 11:47:36 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2017-12-02 11:47:35 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2017-12-02 11:47:33 ----A---- C:\Windows\SYSWOW64\explorer.exe
2017-12-02 11:47:33 ----A---- C:\Windows\explorer.exe
2017-12-02 11:47:32 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2017-12-02 11:47:32 ----A---- C:\Windows\system32\ntshrui.dll
2017-12-02 11:47:31 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2017-12-02 11:47:31 ----A---- C:\Windows\SYSWOW64\credui.dll
2017-12-02 11:47:31 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2017-12-02 11:47:31 ----A---- C:\Windows\system32\credui.dll
2017-12-02 11:47:29 ----A---- C:\Windows\SYSWOW64\netevent.dll
2017-12-02 11:47:29 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2017-12-02 11:47:29 ----A---- C:\Windows\system32\nlaapi.dll
2017-12-02 11:47:29 ----A---- C:\Windows\system32\netevent.dll
2017-12-02 11:47:29 ----A---- C:\Windows\system32\netcorehc.dll
2017-12-02 11:47:29 ----A---- C:\Windows\system32\ncsi.dll
2017-12-02 11:47:29 ----A---- C:\Windows\system32\iphlpsvc.dll
2017-12-02 11:47:26 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2017-12-02 11:47:26 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2017-12-02 11:47:26 ----A---- C:\Windows\system32\TSWorkspace.dll
2017-12-02 11:47:26 ----A---- C:\Windows\system32\cryptdlg.dll
2017-12-02 11:47:25 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2017-12-02 11:47:25 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2017-12-02 11:47:25 ----A---- C:\Windows\system32\msxml6r.dll
2017-12-02 11:47:25 ----A---- C:\Windows\system32\msxml6.dll
2017-12-02 11:47:24 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2017-12-02 11:47:24 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2017-12-02 11:47:24 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2017-12-02 11:47:24 ----A---- C:\Windows\system32\dhcpcore6.dll
2017-12-02 11:47:23 ----A---- C:\Windows\system32\OxpsConverter.exe
2017-12-02 11:47:22 ----A---- C:\Windows\SYSWOW64\sbe.dll
2017-12-02 11:47:22 ----A---- C:\Windows\system32\sbe.dll
2017-12-02 11:47:21 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2017-12-02 11:47:21 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2017-12-02 11:47:21 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2017-12-02 11:47:21 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2017-12-02 11:47:21 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2017-12-02 11:47:21 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2017-12-02 11:47:21 ----A---- C:\Windows\system32\ws2_32.dll
2017-12-02 11:47:21 ----A---- C:\Windows\system32\wpdshext.dll
2017-12-02 11:47:21 ----A---- C:\Windows\system32\winhttp.dll
2017-12-02 11:47:21 ----A---- C:\Windows\system32\StructuredQuery.dll
2017-12-02 11:47:21 ----A---- C:\Windows\system32\mswsock.dll
2017-12-02 11:47:21 ----A---- C:\Windows\system32\dpnet.dll
2017-12-02 11:47:20 ----A---- C:\Windows\SYSWOW64\wscript.exe
2017-12-02 11:47:20 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2017-12-02 11:47:20 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2017-12-02 11:47:20 ----A---- C:\Windows\SYSWOW64\cscript.exe
2017-12-02 11:47:20 ----A---- C:\Windows\system32\wscript.exe
2017-12-02 11:47:20 ----A---- C:\Windows\system32\scrrun.dll
2017-12-02 11:47:20 ----A---- C:\Windows\system32\imagehlp.dll
2017-12-02 11:47:20 ----A---- C:\Windows\system32\cscript.exe
2017-12-02 11:47:19 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2017-12-02 11:47:19 ----A---- C:\Windows\system32\schedsvc.dll
2017-12-02 11:47:19 ----A---- C:\Windows\system32\iologmsg.dll
2017-12-02 11:47:19 ----A---- C:\Windows\system32\drivers\storport.sys
2017-12-02 11:47:19 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2017-12-02 11:47:19 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2017-12-02 11:47:18 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2017-12-02 11:47:18 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2017-12-02 11:47:18 ----A---- C:\Windows\system32\services.exe
2017-12-02 11:47:18 ----A---- C:\Windows\system32\InkEd.dll
2017-12-02 11:47:18 ----A---- C:\Windows\system32\comctl32.dll
2017-12-02 11:47:17 ----A---- C:\Windows\SYSWOW64\webio.dll
2017-12-02 11:47:17 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2017-12-02 11:47:17 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2017-12-02 11:47:17 ----A---- C:\Windows\system32\webio.dll
2017-12-02 11:47:17 ----A---- C:\Windows\system32\ubpm.dll
2017-12-02 11:47:17 ----A---- C:\Windows\system32\msieftp.dll
2017-12-02 11:47:16 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2017-12-02 11:47:16 ----A---- C:\Windows\system32\drivers\usb8023.sys
2017-12-02 11:47:15 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2017-12-02 11:47:15 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2017-12-02 11:47:15 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2017-12-02 11:47:15 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2017-12-02 11:47:15 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2017-12-02 11:47:15 ----A---- C:\Windows\system32\odbctrac.dll
2017-12-02 11:47:15 ----A---- C:\Windows\system32\odbccu32.dll
2017-12-02 11:47:15 ----A---- C:\Windows\system32\odbccr32.dll
2017-12-02 11:47:15 ----A---- C:\Windows\system32\odbccp32.dll
2017-12-02 11:47:15 ----A---- C:\Windows\system32\drivers\ndis.sys
2017-12-02 11:47:15 ----A---- C:\Windows\system32\drivers\hidparse.sys
2017-12-02 11:47:15 ----A---- C:\Windows\system32\drivers\hidclass.sys
2017-12-02 11:47:14 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2017-12-02 11:47:14 ----A---- C:\Windows\system32\cewmdm.dll
2017-12-02 11:47:13 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2017-12-02 11:47:13 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2017-12-02 11:47:13 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2017-12-02 11:47:13 ----A---- C:\Windows\system32\wwansvc.dll
2017-12-02 11:47:13 ----A---- C:\Windows\system32\wwanprotdim.dll
2017-12-02 11:47:13 ----A---- C:\Windows\system32\nlasvc.dll
2017-12-02 11:47:13 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2017-12-02 11:47:13 ----A---- C:\Windows\system32\drivers\usbcir.sys
2017-12-02 11:47:13 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2017-12-02 11:47:13 ----A---- C:\Windows\system32\drivers\fvevol.sys
2017-12-02 11:47:13 ----A---- C:\Windows\system32\clfsw32.dll
2017-12-02 11:47:12 ----A---- C:\Windows\SYSWOW64\synceng.dll
2017-12-02 11:47:12 ----A---- C:\Windows\SYSWOW64\packager.dll
2017-12-02 11:47:12 ----A---- C:\Windows\system32\synceng.dll
2017-12-02 11:47:12 ----A---- C:\Windows\system32\packager.dll
2017-12-02 11:47:11 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2017-12-02 11:47:11 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2017-12-02 11:47:11 ----A---- C:\Windows\SYSWOW64\notepad.exe
2017-12-02 11:47:11 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2017-12-02 11:47:11 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2017-12-02 11:47:11 ----A---- C:\Windows\system32\xmllite.dll
2017-12-02 11:47:11 ----A---- C:\Windows\system32\scesrv.dll
2017-12-02 11:47:11 ----A---- C:\Windows\system32\notepad.exe
2017-12-02 11:47:11 ----A---- C:\Windows\system32\drivers\disk.sys
2017-12-02 11:47:11 ----A---- C:\Windows\system32\comsvcs.dll
2017-12-02 11:47:11 ----A---- C:\Windows\system32\catsrvut.dll
2017-12-02 11:47:11 ----A---- C:\Windows\notepad.exe
2017-12-02 11:47:10 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2017-12-02 11:47:10 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2017-12-02 11:47:10 ----A---- C:\Windows\SYSWOW64\mscories.dll
2017-12-02 11:47:10 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2017-12-02 11:47:10 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2017-12-02 11:47:10 ----A---- C:\Windows\SYSWOW64\browcli.dll
2017-12-02 11:47:10 ----A---- C:\Windows\system32\wshrm.dll
2017-12-02 11:47:10 ----A---- C:\Windows\system32\netapi32.dll
2017-12-02 11:47:10 ----A---- C:\Windows\system32\mscories.dll
2017-12-02 11:47:10 ----A---- C:\Windows\system32\mscorier.dll
2017-12-02 11:47:10 ----A---- C:\Windows\system32\drivers\rmcast.sys
2017-12-02 11:47:10 ----A---- C:\Windows\system32\dfshim.dll
2017-12-02 11:47:10 ----A---- C:\Windows\system32\browser.dll
2017-12-02 11:47:10 ----A---- C:\Windows\system32\browcli.dll
2017-12-02 11:47:04 ----A---- C:\Windows\SYSWOW64\mfds.dll
2017-12-02 11:47:04 ----A---- C:\Windows\system32\Wdfres.dll
2017-12-02 11:47:04 ----A---- C:\Windows\system32\mfds.dll
2017-12-02 11:47:04 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2017-12-02 11:47:04 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2017-12-02 11:47:03 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2017-12-02 11:47:03 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2017-12-02 11:47:03 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2017-12-02 11:47:03 ----A---- C:\Windows\system32\profsvc.dll
2017-12-02 11:47:03 ----A---- C:\Windows\system32\mapistub.dll
2017-12-02 11:47:03 ----A---- C:\Windows\system32\mapi32.dll
2017-12-02 11:47:03 ----A---- C:\Windows\system32\fixmapi.exe
2017-12-02 11:46:50 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2017-12-02 11:46:50 ----A---- C:\Windows\SYSWOW64\els.dll
2017-12-02 11:46:50 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2017-12-02 11:46:50 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2017-12-02 11:46:50 ----A---- C:\Windows\system32\oleacc.dll
2017-12-02 11:46:50 ----A---- C:\Windows\system32\els.dll
2017-12-02 11:46:50 ----A---- C:\Windows\system32\dwmcore.dll
2017-12-02 11:46:50 ----A---- C:\Windows\system32\dwmapi.dll
2017-12-02 11:46:50 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2017-12-02 11:46:50 ----A---- C:\Windows\system32\drivers\ataport.sys
2017-12-02 11:46:49 ----A---- C:\Windows\SYSWOW64\qedit.dll
2017-12-02 11:46:49 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2017-12-02 11:46:49 ----A---- C:\Windows\system32\qedit.dll
2017-12-02 11:46:49 ----A---- C:\Windows\system32\psisdecd.dll
2017-12-02 11:46:48 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2017-12-02 11:46:48 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2017-12-02 11:46:48 ----A---- C:\Windows\system32\mfc42u.dll
2017-12-02 11:46:48 ----A---- C:\Windows\system32\mfc42.dll
2017-12-02 11:46:48 ----A---- C:\Windows\system32\kdusb.dll
2017-12-02 11:46:48 ----A---- C:\Windows\system32\kdcom.dll
2017-12-02 11:46:48 ----A---- C:\Windows\system32\kd1394.dll
2017-12-02 11:46:47 ----A---- C:\Windows\SYSWOW64\rastls.dll
2017-12-02 11:46:47 ----A---- C:\Windows\SYSWOW64\charmap.exe
2017-12-02 11:46:47 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2017-12-02 11:46:47 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2017-12-02 11:46:47 ----A---- C:\Windows\system32\seclogon.dll
2017-12-02 11:46:47 ----A---- C:\Windows\system32\rastls.dll
2017-12-02 11:46:47 ----A---- C:\Windows\system32\charmap.exe
2017-12-02 11:46:47 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2017-12-02 11:46:47 ----A---- C:\Windows\system32\drivers\stream.sys
2017-12-02 11:46:47 ----A---- C:\Windows\system32\dnsrslvr.dll
2017-12-02 11:46:47 ----A---- C:\Windows\system32\dnscacheugc.exe
2017-12-02 11:46:47 ----A---- C:\Windows\system32\dnsapi.dll
2017-12-02 11:46:46 ----A---- C:\Windows\system32\taskhost.exe
2017-12-02 11:46:45 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2017-12-02 11:46:45 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2017-12-02 11:46:45 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2017-12-02 11:46:45 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2017-12-02 11:46:45 ----A---- C:\Windows\SYSWOW64\devobj.dll
2017-12-02 11:46:45 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2017-12-02 11:46:45 ----A---- C:\Windows\system32\umpnpmgr.dll
2017-12-02 11:46:45 ----A---- C:\Windows\system32\prevhost.exe
2017-12-02 11:46:45 ----A---- C:\Windows\system32\msvcrt.dll
2017-12-02 11:46:45 ----A---- C:\Windows\system32\FXSCOVER.exe
2017-12-02 11:46:45 ----A---- C:\Windows\system32\drivers\partmgr.sys
2017-12-02 11:39:24 ----D---- C:\ProgramData\Package Cache
2017-12-02 11:38:43 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2017-12-02 11:38:43 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2017-12-02 11:38:43 ----A---- C:\Windows\system32\nshwfp.dll
2017-12-02 11:38:43 ----A---- C:\Windows\system32\IKEEXT.DLL
2017-12-02 11:38:43 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2017-12-02 11:38:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-12-02 11:37:56 ----SHD---- C:\Config.Msi
2017-12-02 10:51:19 ----D---- C:\Windows\system32\SPReview
2017-12-02 10:51:13 ----D---- C:\Windows\system32\EventProviders
2017-12-02 10:48:06 ----A---- C:\Windows\system32\netfxperf.dll
2017-12-02 10:48:01 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2017-12-02 10:48:01 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2017-12-02 10:48:01 ----A---- C:\Windows\system32\tssrvlic.dll
2017-12-02 10:48:01 ----A---- C:\Windows\system32\RDVGHelper.exe
2017-12-02 10:48:00 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2017-12-02 10:47:59 ----A---- C:\Windows\system32\xpsservices.dll
2017-12-02 10:47:59 ----A---- C:\Windows\system32\mscoree.dll
2017-12-02 10:47:58 ----A---- C:\Windows\SYSWOW64\PushPrinterConnections.exe
2017-12-02 10:47:58 ----A---- C:\Windows\SYSWOW64\ppcsnap.dll
2017-12-02 10:47:58 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2017-12-02 10:47:58 ----A---- C:\Windows\system32\taskschd.dll
2017-12-02 10:47:58 ----A---- C:\Windows\system32\spwizui.dll
2017-12-02 10:47:58 ----A---- C:\Windows\system32\RacEngn.dll
2017-12-02 10:47:57 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2017-12-02 10:47:57 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2017-12-02 10:47:57 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2017-12-02 10:47:57 ----A---- C:\Windows\system32\WMVCORE.DLL
2017-12-02 10:47:57 ----A---- C:\Windows\system32\wevtsvc.dll
2017-12-02 10:47:57 ----A---- C:\Windows\system32\vssapi.dll
2017-12-02 10:47:57 ----A---- C:\Windows\system32\UIRibbon.dll
2017-12-02 10:47:57 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2017-12-02 10:47:57 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2017-12-02 10:47:57 ----A---- C:\Windows\system32\diagperf.dll
2017-12-02 10:47:56 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2017-12-02 10:47:56 ----A---- C:\Windows\system32\WinSAT.exe
2017-12-02 10:47:56 ----A---- C:\Windows\system32\spreview.exe
2017-12-02 10:47:56 ----A---- C:\Windows\system32\spinstall.exe
2017-12-02 10:47:56 ----A---- C:\Windows\system32\rdpdd.dll
2017-12-02 10:47:56 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2017-12-02 10:47:56 ----A---- C:\Windows\system32\PresentationHost.exe
2017-12-02 10:47:56 ----A---- C:\Windows\system32\MPSSVC.dll
2017-12-02 10:47:56 ----A---- C:\Windows\system32\d3d9.dll
2017-12-02 10:47:56 ----A---- C:\Windows\system32\CertEnroll.dll
2017-12-02 10:47:55 ----A---- C:\Windows\SYSWOW64\rdvgumd32.dll
2017-12-02 10:47:55 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2017-12-02 10:47:55 ----A---- C:\Windows\system32\VSSVC.exe
2017-12-02 10:47:55 ----A---- C:\Windows\system32\SearchFolder.dll
2017-12-02 10:47:55 ----A---- C:\Windows\system32\dbgeng.dll
2017-12-02 10:47:55 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2017-12-02 10:47:54 ----A---- C:\Windows\system32\qmgr.dll
2017-12-02 10:47:54 ----A---- C:\Windows\system32\actxprxy.dll
2017-12-02 10:47:53 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2017-12-02 10:47:53 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2017-12-02 10:47:53 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2017-12-02 10:47:53 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\WSDApi.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\werconcpl.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\wbengine.exe
2017-12-02 10:47:53 ----A---- C:\Windows\system32\umrdp.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\taskeng.exe
2017-12-02 10:47:53 ----A---- C:\Windows\system32\sqmapi.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\setupapi.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\QAGENTRT.DLL
2017-12-02 10:47:53 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2017-12-02 10:47:53 ----A---- C:\Windows\system32\propsys.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\odbc32.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\netlogon.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\LSCSHostPolicy.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\imapi2fs.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\dhcpcore.dll
2017-12-02 10:47:53 ----A---- C:\Windows\system32\certmgr.dll
2017-12-02 10:47:52 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2017-12-02 10:47:52 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\wmicmiplugin.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\tsmf.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\shlwapi.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\rdpshell.exe
2017-12-02 10:47:52 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\netshell.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\netcfgx.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\msdtctm.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\framedynos.dll
2017-12-02 10:47:52 ----A---- C:\Windows\system32\appmgr.dll
2017-12-02 10:47:51 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2017-12-02 10:47:51 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2017-12-02 10:47:51 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2017-12-02 10:47:51 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2017-12-02 10:47:51 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2017-12-02 10:47:51 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\wmpps.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\Vault.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\sxs.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\rdpclip.exe
2017-12-02 10:47:51 ----A---- C:\Windows\system32\QAGENT.DLL
2017-12-02 10:47:51 ----A---- C:\Windows\system32\lsm.exe
2017-12-02 10:47:51 ----A---- C:\Windows\system32\lpksetup.exe
2017-12-02 10:47:51 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\drvstore.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2017-12-02 10:47:51 ----A---- C:\Windows\system32\drivers\csc.sys
2017-12-02 10:47:51 ----A---- C:\Windows\system32\cscsvc.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\cscobj.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\comdlg32.dll
2017-12-02 10:47:51 ----A---- C:\Windows\system32\cmd.exe
2017-12-02 10:47:51 ----A---- C:\Windows\system32\BFE.DLL
2017-12-02 10:47:51 ----A---- C:\Windows\system32\azroles.dll
2017-12-02 10:47:50 ----A---- C:\Windows\SYSWOW64\upnp.dll
2017-12-02 10:47:50 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2017-12-02 10:47:50 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2017-12-02 10:47:50 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2017-12-02 10:47:50 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2017-12-02 10:47:50 ----A---- C:\Windows\system32\webservices.dll
2017-12-02 10:47:50 ----A---- C:\Windows\system32\taskcomp.dll
2017-12-02 10:47:50 ----A---- C:\Windows\system32\spoolsv.exe
2017-12-02 10:47:50 ----A---- C:\Windows\system32\SessEnv.dll
2017-12-02 10:47:50 ----A---- C:\Windows\system32\rdpendp.dll
2017-12-02 10:47:50 ----A---- C:\Windows\system32\pnidui.dll
2017-12-02 10:47:50 ----A---- C:\Windows\system32\mcbuilder.exe
2017-12-02 10:47:50 ----A---- C:\Windows\system32\ipsmsnap.dll
2017-12-02 10:47:50 ----A---- C:\Windows\system32\hgprint.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\userenv.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\rdpendp.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\propsys.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\cmd.exe
2017-12-02 10:47:49 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\WMPEncEn.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\wmpeffects.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\WMNetMgr.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\wlanpref.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\WinSATAPI.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\vpnike.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\vmicsvc.exe
2017-12-02 10:47:49 ----A---- C:\Windows\system32\userenv.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\tspubwmi.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\tscfgwmi.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\SyncCenter.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\stobject.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\srvsvc.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\sqlsrv32.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\sppobjs.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\schtasks.exe
2017-12-02 10:47:49 ----A---- C:\Windows\system32\shsvcs.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\rdpinit.exe
2017-12-02 10:47:49 ----A---- C:\Windows\system32\prncache.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\photowiz.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\netdiagfx.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\mfreadwrite.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\localsec.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\imapi2.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\FXSSVC.exe
2017-12-02 10:47:49 ----A---- C:\Windows\system32\framedyn.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\fde.dll
2017-12-02 10:47:49 ----A---- C:\Windows\system32\drivers\volsnap.sys
2017-12-02 10:47:49 ----A---- C:\Windows\system32\drivers\vmbus.sys
2017-12-02 10:47:49 ----A---- C:\Windows\system32\drivers\udfs.sys
2017-12-02 10:47:49 ----A---- C:\Windows\system32\drivers\msrpc.sys
2017-12-02 10:47:49 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2017-12-02 10:47:49 ----A---- C:\Windows\system32\dot3api.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\spp.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\azroles.dll
2017-12-02 10:47:48 ----A---- C:\Windows\SYSWOW64\appmgr.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\XpsRasterService.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\wusa.exe
2017-12-02 10:47:48 ----A---- C:\Windows\system32\wisptis.exe
2017-12-02 10:47:48 ----A---- C:\Windows\system32\wiaservc.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\vds.exe
2017-12-02 10:47:48 ----A---- C:\Windows\system32\tcpipcfg.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\spp.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\scansetting.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\QSHVHOST.DLL
2017-12-02 10:47:48 ----A---- C:\Windows\system32\printui.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\PkgMgr.exe
2017-12-02 10:47:48 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2017-12-02 10:47:48 ----A---- C:\Windows\system32\ocsetup.exe
2017-12-02 10:47:48 ----A---- C:\Windows\system32\netid.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\mspbda.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\msdri.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2017-12-02 10:47:48 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2017-12-02 10:47:48 ----A---- C:\Windows\system32\drivers\pci.sys
2017-12-02 10:47:48 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2017-12-02 10:47:48 ----A---- C:\Windows\system32\cscui.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\biocpl.dll
2017-12-02 10:47:48 ----A---- C:\Windows\system32\aitagent.exe
2017-12-02 10:47:48 ----A---- C:\Windows\system32\AdmTmpl.dll
2017-12-02 10:47:48 ----A---- C:\Windows\splwow64.exe
2017-12-02 10:47:47 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2017-12-02 10:47:47 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2017-12-02 10:47:47 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2017-12-02 10:47:47 ----A---- C:\Windows\SYSWOW64\calc.exe
2017-12-02 10:47:47 ----A---- C:\Windows\system32\wpdbusenum.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\wcncsvc.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\upnp.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\sppwinob.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\Robocopy.exe
2017-12-02 10:47:47 ----A---- C:\Windows\system32\ocsetapi.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\mprapi.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\eapphost.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\eapp3hst.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\DXP.dll
2017-12-02 10:47:47 ----A---- C:\Windows\system32\drivers\volmgr.sys
2017-12-02 10:47:47 ----A---- C:\Windows\system32\drivers\msdsm.sys
2017-12-02 10:47:47 ----A---- C:\Windows\system32\cfgmgr32.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\sxs.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\stobject.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\prncache.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\printui.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\netshell.dll
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\net1.exe
2017-12-02 10:47:46 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\wlangpui.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\wiadefui.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\VAN.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\thumbcache.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\sdengin2.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\scrptadm.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\scecli.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\samcli.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\rasmans.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\puiobj.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\onex.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\netcenter.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\msftedit.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\msasn1.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\iasrad.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\hal.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\DxpTaskSync.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\dwmredir.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\dskquoui.dll
2017-12-02 10:47:46 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2017-12-02 10:47:46 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2017-12-02 10:47:46 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2017-12-02 10:47:46 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\webservices.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\scrptadm.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\fde.dll
2017-12-02 10:47:45 ----A---- C:\Windows\SYSWOW64\cscobj.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\wscapi.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\WFS.exe
2017-12-02 10:47:45 ----A---- C:\Windows\system32\tapisrv.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\TabSvc.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\srchadmin.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\SndVol.exe
2017-12-02 10:47:45 ----A---- C:\Windows\system32\setupcl.exe
2017-12-02 10:47:45 ----A---- C:\Windows\system32\RpcRtRemote.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\riched20.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\regapi.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\QUTIL.DLL
2017-12-02 10:47:45 ----A---- C:\Windows\system32\netiohlp.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\mtxclu.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\msconfig.exe
2017-12-02 10:47:45 ----A---- C:\Windows\system32\mimefilt.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\lsmproxy.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\logoncli.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\ListSvc.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\iasacct.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\hgcpl.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\fdeploy.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\drivers\termdd.sys
2017-12-02 10:47:45 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2017-12-02 10:47:45 ----A---- C:\Windows\system32\drivers\raspptp.sys
2017-12-02 10:47:45 ----A---- C:\Windows\system32\drivers\msahci.sys
2017-12-02 10:47:45 ----A---- C:\Windows\system32\drivers\ks.sys
2017-12-02 10:47:45 ----A---- C:\Windows\system32\drivers\acpi.sys
2017-12-02 10:47:45 ----A---- C:\Windows\system32\dnscmmc.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\clusapi.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\basecsp.dll
2017-12-02 10:47:45 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\winmm.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\samcli.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\regapi.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\proquota.exe
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\onex.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\netid.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\msutb.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\autochk.exe
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2017-12-02 10:47:44 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\wwanconn.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\wpd_ci.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\wlanui.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\wkssvc.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\vpnikeapi.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\themecpl.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\sppcomapi.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\SmiEngine.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\shsetup.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\sharemediacpl.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\SensorsCpl.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\sdclt.exe
2017-12-02 10:47:44 ----A---- C:\Windows\system32\rdpsign.exe
2017-12-02 10:47:44 ----A---- C:\Windows\system32\prntvpt.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\powercpl.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\nshipsec.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\netjoin.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\nci.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\Narrator.exe
2017-12-02 10:47:44 ----A---- C:\Windows\system32\mprddm.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\fontext.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\fms.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\Faultrep.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\eudcedit.exe
2017-12-02 10:47:44 ----A---- C:\Windows\system32\drivers\winusb.sys
2017-12-02 10:47:44 ----A---- C:\Windows\system32\drivers\wanarp.sys
2017-12-02 10:47:44 ----A---- C:\Windows\system32\drivers\scsiport.sys
2017-12-02 10:47:44 ----A---- C:\Windows\system32\dps.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\Display.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\cabview.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\bcdsrv.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\batmeter.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\AxInstSv.dll
2017-12-02 10:47:44 ----A---- C:\Windows\system32\autochk.exe
2017-12-02 10:47:44 ----A---- C:\Windows\system32\autofmt.exe
2017-12-02 10:47:44 ----A---- C:\Windows\system32\autoconv.exe
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\Vault.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\userinit.exe
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\untfs.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\scecli.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\nci.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\localsec.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\fontext.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\Display.dll
2017-12-02 10:47:43 ----A---- C:\Windows\SYSWOW64\cabview.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\zipfldr.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\wpccpl.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\wmpsrcwp.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\userinit.exe
2017-12-02 10:47:43 ----A---- C:\Windows\system32\usercpl.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\untfs.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\taskmgr.exe
2017-12-02 10:47:43 ----A---- C:\Windows\system32\sud.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\sppsvc.exe
2017-12-02 10:47:43 ----A---- C:\Windows\system32\SndVolSSO.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\slui.exe
2017-12-02 10:47:43 ----A---- C:\Windows\system32\rtutils.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\rasppp.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\provsvc.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\proquota.exe
2017-12-02 10:47:43 ----A---- C:\Windows\system32\prnfldr.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\networkmap.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2017-12-02 10:47:43 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\mblctr.exe
2017-12-02 10:47:43 ----A---- C:\Windows\system32\hbaapi.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\dxdiagn.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\drivers\winhv.sys
2017-12-02 10:47:43 ----A---- C:\Windows\system32\drivers\storvsc.sys
2017-12-02 10:47:43 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2017-12-02 10:47:43 ----A---- C:\Windows\system32\dot3svc.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\dot3cfg.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\DiagCpl.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\DeviceCenter.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\bootres.dll
2017-12-02 10:47:43 ----A---- C:\Windows\system32\accessibilitycpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\wusa.exe
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\VAN.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\syncui.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\sud.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\sethc.exe
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\riched20.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\ftp.exe
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\efscore.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2017-12-02 10:47:42 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\wavemsp.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\vdsutil.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\uxlib.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\tzutil.exe
2017-12-02 10:47:42 ----A---- C:\Windows\system32\twext.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\termmgr.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\taskbarcpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\systemcpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\sysclass.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\syncui.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\ssText3d.scr
2017-12-02 10:47:42 ----A---- C:\Windows\system32\srvcli.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\sqlcese30.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\spwizeng.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\slwga.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\sisbkup.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\shwebsvc.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\sethc.exe
2017-12-02 10:47:42 ----A---- C:\Windows\system32\sdrsvc.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\sdcpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\recovery.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\recdisc.exe
2017-12-02 10:47:42 ----A---- C:\Windows\system32\ReAgent.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\rdpd3d.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\OobeFldr.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\ntlanman.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\nslookup.exe
2017-12-02 10:47:42 ----A---- C:\Windows\system32\netplwiz.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\ncryptui.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\NAPHLPR.DLL
2017-12-02 10:47:42 ----A---- C:\Windows\system32\msvidc32.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\MFPlay.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\iyuv_32.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\iTVData.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\isoburn.exe
2017-12-02 10:47:42 ----A---- C:\Windows\system32\httpapi.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\fvecpl.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\efscore.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\dsuiext.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2017-12-02 10:47:42 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2017-12-02 10:47:42 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2017-12-02 10:47:42 ----A---- C:\Windows\system32\drivers\mpio.sys
2017-12-02 10:47:42 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2017-12-02 10:47:42 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\cca.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\bcdboot.exe
2017-12-02 10:47:42 ----A---- C:\Windows\system32\azroleui.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\autoplay.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\ActionCenter.dll
2017-12-02 10:47:42 ----A---- C:\Windows\system32\acppage.dll
2017-12-02 10:47:41 ----A---- C:\Windows\twain_32.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\twext.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\slwga.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\shacct.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\runonce.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\raschap.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\qcap.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\onexui.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\mstask.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\migisol.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\logagent.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\fms.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\dpx.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\AdmTmpl.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\activeds.dll
2017-12-02 10:47:41 ----A---- C:\Windows\SYSWOW64\acppage.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wsqmcons.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wsnmp32.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wpdwcn.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\WPDSp.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wmpshell.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wmpdxm.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wmdrmnet.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wmdrmdev.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wkscli.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\WinSCard.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\wiavideo.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\WerFaultSecure.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\vss_ps.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\vdsbas.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\unimdmat.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\umb.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\tsbyuv.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\tlscsp.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\tabcal.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\syssetup.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\srrstr.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\sppnp.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\shacct.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\runonce.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\Ribbons.scr
2017-12-02 10:47:41 ----A---- C:\Windows\system32\remotepg.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\rdpencom.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\raschap.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2017-12-02 10:47:41 ----A---- C:\Windows\system32\qcap.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\PresentationSettings.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\OpcServices.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\nltest.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\networkexplorer.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\netutils.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\net1.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2017-12-02 10:47:41 ----A---- C:\Windows\system32\Mystify.scr
2017-12-02 10:47:41 ----A---- C:\Windows\system32\muifontsetup.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\msyuv.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\mstask.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\msrle32.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\MdSched.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\Mcx2Svc.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\iscsium.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\ifsutil.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\FXSAPI.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\ftp.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\drivers\umbus.sys
2017-12-02 10:47:41 ----A---- C:\Windows\system32\diskraid.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\dfrgui.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\dbghelp.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\CscMig.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\cscapi.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\certprop.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\cabinet.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\Bubbles.scr
2017-12-02 10:47:41 ----A---- C:\Windows\system32\bitsadmin.exe
2017-12-02 10:47:41 ----A---- C:\Windows\system32\AzSqlExt.dll
2017-12-02 10:47:41 ----A---- C:\Windows\system32\ActionQueue.dll
2017-12-02 10:47:41 ----A---- C:\Windows\bfsvc.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\utildll.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\takeown.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\sscore.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\sppc.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\spopk.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\shgina.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\riched32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\resutils.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\qdv.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\perfts.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\netutils.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\imm32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\fphc.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\findstr.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\cca.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\SYSWOW64\amstream.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\wshbth.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\wsdchngr.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\WavDest.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\vmstorfltres.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\vmictimeprovider.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\vmicres.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\vmbusres.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\vfwwdm32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\UIRibbonRes.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\tskill.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\tsdiscon.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\tscon.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\TRAPI.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\takeown.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\sscore.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\sppc.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\spopk.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\spbcd.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\schedcli.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\shimgvw.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\shgina.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\shadow.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\rwinsta.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\reset.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\repair-bde.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\RDPENCDD.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\query.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\qprocess.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\qdv.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\QCLIPROV.DLL
2017-12-02 10:47:40 ----A---- C:\Windows\system32\qappsrv.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\profprov.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\PnPUnattend.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\onexui.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\odbcconf.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\nrpsrv.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\napdsnap.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\mydocs.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\MultiDigiMon.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\msdmo.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\mobsync.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\mciqtz32.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\manage-bde.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\luainstall.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\LogonUI.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\logoff.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\KMSVC.DLL
2017-12-02 10:47:40 ----A---- C:\Windows\system32\iscsicli.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\inetmib1.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\iasrecst.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\choice.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\chgusr.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\chgport.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\chglogon.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\change.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\FXSUNATD.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\FXSTIFF.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\FXSMON.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\fphc.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\findstr.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\fdProxy.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\elsTrans.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\EhStorAPI.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\eappgnui.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\dsauth.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2017-12-02 10:47:40 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2017-12-02 10:47:40 ----A---- C:\Windows\system32\drivers\tunnel.sys
2017-12-02 10:47:40 ----A---- C:\Windows\system32\drivers\tdi.sys
2017-12-02 10:47:40 ----A---- C:\Windows\system32\drivers\pacer.sys
2017-12-02 10:47:40 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2017-12-02 10:47:40 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2017-12-02 10:47:40 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2017-12-02 10:47:40 ----A---- C:\Windows\system32\dot3ui.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\dot3msm.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\djoin.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\diskpart.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\cscdll.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\cmstp.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\CertPolEng.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\bitsperf.dll
2017-12-02 10:47:40 ----A---- C:\Windows\system32\BdeHdCfg.exe
2017-12-02 10:47:40 ----A---- C:\Windows\system32\amstream.dll
2017-12-02 10:47:39 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\SYSWOW64\browseui.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\wshirda.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\VmdCoinstall.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\vmbuspipe.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\spwizres.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\shunimpl.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\riched32.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\rdpcfgex.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\pifmgr.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDUS.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDTURME.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDTUQ.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDTUF.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDSG.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDSF.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDPO.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDNEPR.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDMON.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDMAORI.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDLT1.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\kbdlk41a.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDINTEL.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDINTAM.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDINORI.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDINMAR.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDINKAN.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDINHIN.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDINBEN.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDGR1.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDGKL.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDGEO.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDCZ1.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDBULG.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\KBDBLR.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\IcCoinstall.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\scfilter.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\hidusb.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\drivers\cdrom.sys
2017-12-02 10:47:39 ----A---- C:\Windows\system32\dpnaddr.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\C_ISCII.DLL
2017-12-02 10:47:39 ----A---- C:\Windows\system32\browseui.dll
2017-12-02 10:47:39 ----A---- C:\Windows\system32\BlbEvents.dll
2017-12-02 10:47:37 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2017-12-02 10:47:37 ----A---- C:\Windows\system32\dpx.dll
2017-12-02 10:47:35 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2017-12-02 10:47:35 ----A---- C:\Windows\SYSWOW64\printmanagement.msc
2017-12-02 10:47:31 ----A---- C:\Windows\system32\wbemcomn.dll
2017-12-02 10:10:28 ----D---- C:\Program Files (x86)\Microsoft.NET
2017-12-02 10:04:51 ----D---- C:\Windows\system32\MRT
2017-12-02 10:04:49 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-12-02 10:04:47 ----AC---- C:\Windows\system32\MRT.exe
2017-12-02 10:04:39 ----D---- C:\Windows\Migration
2017-12-02 10:01:56 ----A---- C:\Windows\system32\EOSNotify.exe
2017-12-02 09:59:30 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Mozilla
2017-12-02 09:59:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-02 09:59:19 ----D---- C:\Program Files\Mozilla Firefox
2017-12-02 09:21:07 ----HD---- C:\SuperChargerProfile
2017-12-02 09:21:07 ----D---- C:\Program Files (x86)\MSI
2017-12-02 09:20:57 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2017-12-02 09:20:51 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2017-12-02 09:20:50 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2017-12-02 09:20:36 ----RA---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2017-12-02 09:20:32 ----A---- C:\Windows\SYSWOW64\log.txt
2017-12-02 09:20:20 ----D---- C:\Windows\SYSWOW64\RTCOM
2017-12-02 09:20:20 ----D---- C:\Program Files\Realtek
2017-12-02 09:20:12 ----A---- C:\Windows\system32\WavesGUILib.dll
2017-12-02 09:20:12 ----A---- C:\Windows\system32\SRSWOW64.dll
2017-12-02 09:20:12 ----A---- C:\Windows\system32\SRSTSX64.dll
2017-12-02 09:20:12 ----A---- C:\Windows\system32\SRSTSH64.dll
2017-12-02 09:20:12 ----A---- C:\Windows\system32\SRSHP64.dll
2017-12-02 09:20:12 ----A---- C:\Windows\system32\drivers\MBfilt64.sys
2017-12-02 09:20:11 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2017-12-02 09:20:09 ----A---- C:\Windows\system32\RtPgEx64.dll
2017-12-02 09:20:09 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2017-12-02 09:20:09 ----A---- C:\Windows\system32\RtkCfg64.dll
2017-12-02 09:20:09 ----A---- C:\Windows\system32\RtkAPO64.dll
2017-12-02 09:20:09 ----A---- C:\Windows\system32\RtkApi64.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\RTEEP64A.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\RTEEL64A.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\RTEEG64A.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\RTEED64A.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\RTCOM64.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\RP3DHT64.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\RP3DAA64.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\RCoInstII64.dll
2017-12-02 09:20:08 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2017-12-02 09:20:08 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2017-12-02 09:20:05 ----A---- C:\Windows\SYSWOW64\MBTHX32.dll
2017-12-02 09:20:05 ----A---- C:\Windows\system32\MBWrp64.dll
2017-12-02 09:20:05 ----A---- C:\Windows\system32\MBTHX64.dll
2017-12-02 09:20:05 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2017-12-02 09:20:05 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2017-12-02 09:19:58 ----A---- C:\Windows\system32\FMAPO64.dll
2017-12-02 09:19:56 ----A---- C:\Windows\system32\AERTAR64.dll
2017-12-02 09:19:56 ----A---- C:\Windows\system32\AERTAC64.dll
2017-12-02 09:19:55 ----R---- C:\Windows\RtlExUpd.dll
2017-12-02 09:19:55 ----HD---- C:\Program Files (x86)\Temp
2017-12-02 09:19:47 ----D---- C:\ProgramData\Intel
2017-12-02 09:19:47 ----A---- C:\Windows\system32\drivers\WPRO_41_2001.sys
2017-12-02 09:19:42 ----D---- C:\Program Files\Intel
2017-12-02 09:19:42 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2017-12-02 09:19:41 ----A---- C:\Windows\system32\RTNUninst64.dll
2017-12-02 09:19:41 ----A---- C:\Windows\system32\RtNicProp64.dll
2017-12-02 09:19:37 ----SHD---- C:\Windows\Installer
2017-12-02 09:19:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-12-02 09:19:37 ----D---- C:\Program Files (x86)\Realtek
2017-12-02 09:19:09 ----D---- C:\Program Files (x86)\Intel
2017-12-02 09:19:09 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2017-12-02 09:19:07 ----D---- C:\Intel
2017-12-02 09:18:19 ----D---- C:\MSI
2017-12-02 09:16:53 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Identities
2017-12-02 09:16:48 ----SD---- C:\Users\Pepe3dx\AppData\Roaming\Microsoft
2017-12-02 09:16:48 ----D---- C:\Users\Pepe3dx\AppData\Roaming\Media Center Programs
2017-12-02 09:15:39 ----SHD---- C:\Recovery
2017-12-02 09:15:39 ----SHD---- C:\ProgramData\Šablony
2017-12-02 09:15:39 ----SHD---- C:\ProgramData\Plocha
2017-12-02 09:15:39 ----SHD---- C:\ProgramData\Oblíbené položky
2017-12-02 09:15:39 ----SHD---- C:\ProgramData\Nabídka Start
2017-12-02 09:15:39 ----SHD---- C:\ProgramData\Dokumenty
2017-12-02 09:15:39 ----SHD---- C:\ProgramData\Data aplikací
2017-12-02 09:00:25 ----D---- C:\Windows\SoftwareDistribution
2017-12-02 08:56:19 ----D---- C:\Windows\Prefetch
2017-12-02 08:55:53 ----SHD---- C:\System Volume Information
2017-12-02 08:55:53 ----ASH---- C:\pagefile.sys
2017-12-02 08:55:53 ----ASH---- C:\hiberfil.sys
2017-12-02 08:54:34 ----D---- C:\Windows\Panther

====== List of files/folders modified in the last 1 month ======

2017-12-28 20:32:00 ----RD---- C:\Program Files
2017-12-28 20:32:00 ----D---- C:\Windows\Temp
2017-12-28 17:51:40 ----D---- C:\Windows\system32\config
2017-12-28 17:43:42 ----D---- C:\Windows\System32
2017-12-28 17:43:42 ----D---- C:\Windows\inf
2017-12-28 17:43:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-26 17:31:59 ----D---- C:\Windows
2017-12-26 17:30:20 ----D---- C:\Windows\debug
2017-12-26 17:27:44 ----RD---- C:\Program Files (x86)
2017-12-26 17:27:44 ----D---- C:\Windows\SysWOW64
2017-12-26 17:26:57 ----HD---- C:\ProgramData
2017-12-26 17:26:54 ----D---- C:\Windows\system32\Tasks
2017-12-25 19:58:32 ----D---- C:\Program Files (x86)\MSBuild
2017-12-15 00:30:57 ----D---- C:\Windows\rescache
2017-12-14 21:26:28 ----D---- C:\Windows\winsxs
2017-12-14 21:25:36 ----D---- C:\Windows\SYSWOW64\Setup
2017-12-14 21:25:36 ----D---- C:\Windows\SYSWOW64\en-US
2017-12-14 21:25:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-12-14 21:25:36 ----D---- C:\Windows\system32\Setup
2017-12-14 21:25:36 ----D---- C:\Windows\system32\en-US
2017-12-14 21:25:36 ----D---- C:\Windows\system32\drivers
2017-12-14 21:25:36 ----D---- C:\Windows\system32\cs-CZ
2017-12-14 21:25:36 ----D---- C:\Program Files\Internet Explorer
2017-12-14 21:25:36 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-14 21:16:49 ----D---- C:\Windows\system32\catroot2
2017-12-08 12:13:33 ----D---- C:\Program Files (x86)\Common Files
2017-12-06 05:38:15 ----D---- C:\Windows\Logs
2017-12-06 05:21:12 ----D---- C:\Windows\Tasks
2017-12-04 17:50:45 ----D---- C:\Windows\system32\wdi
2017-12-04 14:11:36 ----RSD---- C:\Windows\assembly
2017-12-04 14:11:26 ----RSD---- C:\Windows\Fonts
2017-12-04 03:23:30 ----D---- C:\Windows\AppCompat
2017-12-03 17:33:08 ----D---- C:\Windows\system32\drivers\UMDF
2017-12-03 16:17:06 ----SHD---- C:\$Recycle.Bin
2017-12-03 16:17:05 ----RD---- C:\Users
2017-12-03 11:57:18 ----D---- C:\Windows\Downloaded Program Files
2017-12-03 11:52:25 ----D---- C:\Windows\system32\DriverStore
2017-12-03 11:52:24 ----D---- C:\Windows\twain_32
2017-12-03 11:04:31 ----D---- C:\Program Files\Common Files
2017-12-03 10:34:05 ----D---- C:\Windows\SYSWOW64\wbem
2017-12-03 10:34:05 ----D---- C:\Windows\system32\wbem
2017-12-03 10:34:05 ----D---- C:\Windows\system32\drivers\en-US
2017-12-03 10:34:05 ----D---- C:\Windows\PolicyDefinitions
2017-12-03 08:27:50 ----D---- C:\Windows\Microsoft.NET
2017-12-03 08:11:25 ----D---- C:\Windows\AppPatch
2017-12-03 07:53:52 ----D---- C:\Windows\tracing
2017-12-02 13:21:27 ----D---- C:\Windows\system32\catroot
2017-12-02 13:05:22 ----D---- C:\Windows\ehome
2017-12-02 13:05:22 ----D---- C:\Program Files\Common Files\System
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\zh-TW
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\zh-HK
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\zh-CN
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\tr-TR
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\sv-SE
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\ru-RU
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\pt-PT
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\pt-BR
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\nl-NL
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\nb-NO
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\migration
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\ko-KR
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\ja-JP
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\it-IT
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\fr-FR
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\fi-FI
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\es-ES
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\el-GR
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\de-DE
2017-12-02 13:05:21 ----D---- C:\Windows\SYSWOW64\da-DK
2017-12-02 13:05:21 ----D---- C:\Windows\system32\migration
2017-12-02 13:05:20 ----D---- C:\Windows\system32\zh-TW
2017-12-02 13:05:20 ----D---- C:\Windows\system32\zh-HK
2017-12-02 13:05:20 ----D---- C:\Windows\system32\zh-CN
2017-12-02 13:05:20 ----D---- C:\Windows\system32\tr-TR
2017-12-02 13:05:20 ----D---- C:\Windows\system32\sv-SE
2017-12-02 13:05:20 ----D---- C:\Windows\system32\ru-RU
2017-12-02 13:05:20 ----D---- C:\Windows\system32\pt-PT
2017-12-02 13:05:20 ----D---- C:\Windows\system32\pt-BR
2017-12-02 13:05:20 ----D---- C:\Windows\system32\pl-PL
2017-12-02 13:05:20 ----D---- C:\Windows\system32\nl-NL
2017-12-02 13:05:20 ----D---- C:\Windows\system32\nb-NO
2017-12-02 13:05:20 ----D---- C:\Windows\system32\ko-KR
2017-12-02 13:05:20 ----D---- C:\Windows\system32\ja-JP
2017-12-02 13:05:20 ----D---- C:\Windows\system32\it-IT
2017-12-02 13:05:20 ----D---- C:\Windows\system32\hu-HU
2017-12-02 13:05:20 ----D---- C:\Windows\system32\fr-FR
2017-12-02 13:05:20 ----D---- C:\Windows\system32\fi-FI
2017-12-02 13:05:20 ----D---- C:\Windows\system32\es-ES
2017-12-02 13:05:20 ----D---- C:\Windows\system32\el-GR
2017-12-02 13:05:20 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-02 13:05:20 ----D---- C:\Windows\system32\de-DE
2017-12-02 13:05:20 ----D---- C:\Windows\system32\da-DK
2017-12-02 13:05:19 ----D---- C:\Windows\SYSWOW64\migwiz
2017-12-02 13:05:19 ----D---- C:\Windows\SYSWOW64\Dism
2017-12-02 13:05:19 ----D---- C:\Windows\system32\migwiz
2017-12-02 13:05:19 ----D---- C:\Windows\system32\Dism
2017-12-02 13:05:19 ----D---- C:\Program Files\Windows Media Player
2017-12-02 13:05:19 ----D---- C:\Program Files\DVD Maker
2017-12-02 13:05:19 ----D---- C:\Program Files (x86)\Windows Media Player
2017-12-02 13:05:18 ----D---- C:\Windows\system32\CodeIntegrity
2017-12-02 13:05:18 ----D---- C:\Windows\system32\Boot
2017-12-02 13:05:18 ----D---- C:\Windows\system32\AdvancedInstallers
2017-12-02 13:05:17 ----SD---- C:\ProgramData\Microsoft
2017-12-02 13:05:17 ----D---- C:\Program Files\Windows Defender
2017-12-02 13:05:17 ----D---- C:\Program Files (x86)\Windows Defender
2017-12-02 11:30:31 ----D---- C:\Windows\system32\NDF
2017-12-02 11:27:50 ----D---- C:\Windows\servicing
2017-12-02 11:27:50 ----D---- C:\Program Files\Windows Sidebar
2017-12-02 11:27:50 ----D---- C:\Program Files\Windows Portable Devices
2017-12-02 11:27:50 ----D---- C:\Program Files\Windows Photo Viewer
2017-12-02 11:27:50 ----D---- C:\Program Files\Windows Mail
2017-12-02 11:27:50 ----D---- C:\Program Files (x86)\Windows Sidebar
2017-12-02 11:27:50 ----D---- C:\Program Files (x86)\Windows Portable Devices
2017-12-02 11:27:50 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-12-02 11:27:50 ----D---- C:\Program Files (x86)\Windows Mail
2017-12-02 11:27:49 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2017-12-02 11:27:49 ----D---- C:\Windows\SYSWOW64\sppui
2017-12-02 11:27:49 ----D---- C:\Windows\SYSWOW64\oobe
2017-12-02 11:27:49 ----D---- C:\Windows\SYSWOW64\manifeststore
2017-12-02 11:27:49 ----D---- C:\Windows\SYSWOW64\cs
2017-12-02 11:27:49 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2017-12-02 11:27:48 ----D---- C:\Windows\system32\sppui
2017-12-02 11:27:48 ----D---- C:\Windows\system32\oobe
2017-12-02 11:27:48 ----D---- C:\Windows\system32\manifeststore
2017-12-02 11:27:48 ----D---- C:\Windows\system32\cs
2017-12-02 10:52:28 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2017-12-02 10:52:28 ----A---- C:\Windows\system32\msclmd.dll
2017-12-02 09:20:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2017-12-02 09:19:34 ----D---- C:\Windows\system32\restore
2017-12-02 09:15:39 ----D---- C:\Program Files\Windows NT
2017-12-02 09:00:19 ----D---- C:\Windows\system32\sysprep
2017-12-02 08:56:18 ----D---- C:\Windows\CSC
2017-12-02 08:54:15 ----D---- C:\Windows\Setup

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 FSProFilter2;FSPro File Filter 2; C:\Windows\System32\Drivers\FSPFltd2.sys [2011-06-03 57648]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-04-01 104976]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-09-05 178176]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-01-23 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-01-23 25536]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2012-01-23 44992]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2015-06-18 86672]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2015-06-18 69264]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 V0770Vid;Live! Cam Sync HD VF0770 Driver; C:\Windows\system32\DRIVERS\V0770Vid.sys [2012-06-01 379776]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001); C:\Windows\system32\drivers\WPRO_41_2001.sys [2017-12-28 34752]
S3 MSICDSetup;MSICDSetup; \??\G:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-04-06 236544]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-01-23 132608]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-01-03 138768]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-14 116224]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 356808]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-12-28 194000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-12-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku..občasné BSoD..malware?

#3 Příspěvek od Rudy »

Zdravím!
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Re: Prosím o preventivku..občasné BSoD..malware?

#4 Příspěvek od pepe3dx »

Ano měl by být. Už jsme to spolu řešily loni, když jste mi pomáhal zbavit se havěti.. :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku..občasné BSoD..malware?

#5 Příspěvek od Rudy »

OK. Udělejte tento sken:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
a klikněte na >Prohledat<. Dejte oba logy.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Re: Prosím o preventivku..občasné BSoD..malware?

#6 Příspěvek od pepe3dx »

V příloze zasílám logy.. :)

pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Re: Prosím o preventivku..občasné BSoD..malware?

#7 Příspěvek od pepe3dx »

extras

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku..občasné BSoD..malware?

#8 Příspěvek od Rudy »

V obou případech mi to hlásí poškozený archiv. Uložte jako *.zip, nebo to někam upněte a dejte sem odkaz.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Re: Prosím o preventivku..občasné BSoD..malware?

#9 Příspěvek od pepe3dx »

ok..hodím to do zipu.. :?:
Přílohy
Extras.zip
(7.6 KiB) Staženo 38 x

pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Re: Prosím o preventivku..občasné BSoD..malware?

#10 Příspěvek od pepe3dx »

OTL
Přílohy
OTL.zip
(53.93 KiB) Staženo 37 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku..občasné BSoD..malware?

#11 Příspěvek od Rudy »

Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:
:OTL
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4073634370-3322458033-3710082076-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{36a4b945-d736-11e7-a43d-d1322da15b03}\Shell - "" = AutoRun
O33 - MountPoints2\{36a4b945-d736-11e7-a43d-d1322da15b03}\Shell\AutoRun\command - "" = G:\Setup.exe

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Re: Prosím o preventivku..občasné BSoD..malware?

#12 Příspěvek od pepe3dx »

Zde je OTL log.

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4073634370-3322458033-3710082076-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36a4b945-d736-11e7-a43d-d1322da15b03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36a4b945-d736-11e7-a43d-d1322da15b03}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36a4b945-d736-11e7-a43d-d1322da15b03}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36a4b945-d736-11e7-a43d-d1322da15b03}\ not found.
File G:\Setup.exe not found.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lucinka
->Temp folder emptied: 3015972 bytes
->Temporary Internet Files folder emptied: 33316 bytes
->FireFox cache emptied: 118706754 bytes

User: Pepe3dx
->Temp folder emptied: 54146844 bytes
->Temporary Internet Files folder emptied: 600345 bytes
->FireFox cache emptied: 380924477 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2816 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13504 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58525348 bytes
RecycleBin emptied: 1023082670 bytes

Total Files Cleaned = 1 563,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Lucinka

User: Pepe3dx
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 12302017_183543

Files\Folders moved on Reboot...
C:\Users\Pepe3dx\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Pepe3dx\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\Pepe3dx\AppData\Local\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744\startupCache\scriptCache-child-current.bin moved successfully.
C:\Users\Pepe3dx\AppData\Local\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744\startupCache\scriptCache-current.bin moved successfully.
C:\Users\Pepe3dx\AppData\Local\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744\startupCache\startupCache.8.little moved successfully.
C:\Users\Pepe3dx\AppData\Local\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744\OfflineCache\index.sqlite moved successfully.
C:\Users\Pepe3dx\AppData\Local\Mozilla\Firefox\Profiles\lzjhxdbn.default-1514305240744\cache2\entries\6DC8805AC79C6370638F8B113D2FD15C8EB964A5 moved successfully.
C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku..občasné BSoD..malware?

#13 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

pepe3dx
Návštěvník
Návštěvník
Příspěvky: 208
Registrován: 14 lis 2011 20:42

Re: Prosím o preventivku..občasné BSoD..malware?

#14 Příspěvek od pepe3dx »

Je možné, že to způsobovalo BSoD a samovolné spouštění PC..?? Nebo spíše hledat problém v HW..??

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivku..občasné BSoD..malware?

#15 Příspěvek od Rudy »

pepe3dx píše:Je možné, že to způsobovalo BSoD a samovolné spouštění PC..?? Nebo spíše hledat problém v HW..??
To nevím. Otevřte adresář c:\windows\minidump a pokud tam najdete nějaké soubory, zabalte je do zipu a přiložte k vašmu příštímu postu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno