Zasa viry!!!!! Ani AdwCleaner si z tým neporadil

[rastislav123456]

Dobrý den vyosek a spol.Prosím,prosím,neviem ako,ale zasa sa mi tam nejak dostali viry do ProBooku HP 4740s a nevie to odstrániť ani AdwCleaner.Posielam LOG z AdwCleaner.PROSÍM O POMOC

# AdwCleaner v3.101 - Report created 20/04/2014 at 23:23:37
# Updated 20/04/2014 by Xplode
# Operating System : Windows 8 Pro with Media Center (64 bits)
# Username : Kostík a Irenka - HP-KOSTIK
# Running from : C:\Users\Rastislav\Desktop\AdwCleaner 3.101.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7513af53-9c75-4ad4-b47e-8d855099e023}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{7513af53-9c75-4ad4-b47e-8d855099e023}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


*************************

AdwCleaner[R19].txt - [1300 octets] - [20/04/2014 23:23:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R19].txt - [1361 octets] ##########

[Márty84]

Zdravim

Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[rastislav123456]

Tu je nový log z AdwCleaner,ale je to nejaké divné,lebo mi stále dokola maže moje osobné nastavenia Google Chrome po prihlásení do mojho mailu.Mám tam nastaven=e všetky moje záložky stránok.Ešte,že to mám zazálohované inak by som bol nahraný.Neviem aký bordel do prčic sa mi mohol dostať do PC.

# AdwCleaner v3.101 - Report created 21/04/2014 at 00:06:36
# Updated 20/04/2014 by Xplode
# Operating System : Windows 8 Pro with Media Center (64 bits)
# Username : Kostík a Irenka - HP-KOSTIK
# Running from : C:\Users\Rastislav\Desktop\AdwCleaner 3.101.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7513af53-9c75-4ad4-b47e-8d855099e023}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


[ File : C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Rastislav\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Rastislav\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************


AdwCleaner[R23].txt - [1854 octets] - [21/04/2014 00:04:49]
AdwCleaner[S11].txt - [1506 octets] - [21/04/2014 00:06:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [1567 octets] ##########






Inak tento log neviem či vám bude niečo platný.Začína ma to DOSŤ štvať do prčic,nechce sa mi dokola preinštalovávať Google Chrome
Idem to preskenovať ešte MalwareBytesAntimalware ako ste mi poradil.

[Márty84]

A o jakych virech to vlastne porad mluvite? To jako jen ty nalezy ADWCleaneru?

Treba mate nejake svinstvo v te zaloze.

[rastislav123456]

Ano máte pravdu,asi mám niečo v Google Chrome.o chvílu to bude preskenované.Zatial našiel 27 PUP virov.Ale ešte skenuje,zatial posielam prílohu.Ked to bude komplet preskenované tak to pošlem zasa.Zatím a nehnevajte sa,bol som len trochu naštvaný.Ale zatial dakujem za pomoc.

[Márty84]

Ja se nezlobim

Ale vysledky si prohlednu az zitra, ted uz jdu spat. Tak zatim

[rastislav123456]

Tak v prílohe som ofotil kompletný sken MBAM.Snád vám to pomôže zorientovať sa.Zatial som to dal do karantény a nemazal som PUP vírusy.
Dnes mi prosím napíšte ako mám dalej postupovať.Moc dakujem.

[Márty84]

Pokud je vse v karantene, nechte zatim MBAM lezet (doufam, ze mate vypnuty stit).

Dejte log z RSITx64 http://forum.viry.cz/viewtopic.php?f=13&t=130786 . Kdyby byl dlouhy a nevesel se sem, rozdelte ho do vice prispevku.

[kostik123456]

Dobrý den to som já rastislav123456,len som prihlásený ako kostik123456 na priatelku,lebo mi nešlo prihlásiť sa pod rastislav123456.Tu je ten log z ProBooku HP 4740s.MBAM to má v karanténe zatím a nechal som to tak ako ste písali.Musel som to poslať ako prílohu,lebo má to vyše 21000 slov a nešlo to sem skopírovať.

PS - Potom by som poprosil ako sa mám prihlásiť pod rastislav123456,lebo asi mi to zablokovalo-asi som zadal 3x zle heslo

[Márty84]

Dejte log z RSITx64 viewtopic.php?f=13&t=130786 . Kdyby byl dlouhy a nevesel se sem, rozdelte ho do vice prispevku.

S prihlasenim se obratte na Admina http://forum.viry.cz/viewtopic.php?f=12&t=116821

[*]Rudy - hlavní Admin fóra, problémy s přihlášením, oprávnění na sekce, přístupy, udělování hodností - kontaktovat buď přes PMku nebo ICQ 258783352.

[kostik123456]

poslal som vám ten log,máte ho stiahnutý?Musím ísť preč o hodinku som tu speť.

[Márty84]

Stahnuty ho nemam, uz potreti pisu, ze ho chci primo do prispevku a ze jestli je dlouhy, mate ho rozdelit na vic casti. Z toho stahnuteho se to blbe cte.

[kostik123456]

Takže Marty 1 log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kostík a Irenka at 2014-04-21 10:42:11
Microsoft Windows 8 Pro with Media Center
System drive C: has 628 GB (90%) free of 699 GB
Total RAM: 6024 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:42:18, on 21.4.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kostík a Irenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\program files
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Exchange Service (ADExchange) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: CyberLink Product - 2012/09/18 15:03:40 (CLKMSVC10_38F51D56) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem7.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Ralink Check BT Device (RalinkCheckBTDev) - Ralink Technology, Corp. - C:\Programdata\Ralink Driver\RT2860 Wireless LAN Card\Driver\RaCheckBTDev.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14564 bytes

[kostik123456]

2 log

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
dashost.exe {ada69e88-67e4-499d-a03329b0791176ad}
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Programdata\Ralink Driver\RT2860 Wireless LAN Card\Driver\RaCheckBTDev.exe"
C:\Windows\slsvc.exe
C:\Windows\PersonalizeEnabler.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Defender\MsMpEng.exe"
C:\Windows\SysWOW64\svchost.exe -k MbnExt
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-63835fd2-6d50-4a11-a43c-0c667e6a2a4e -SystemEventPortName:HostProcess-a723b53c-aa39-4024-8326-12a792d20507 -IoCancelEventPortName:HostProcess-2e905ca7-8a5e-47eb-b9b1-61d9dc3089ae -NonStateChangingEventPortName:HostProcess-2226d41e-a582-465f-a112-0f7af562ca6c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3e03a791-caaf-441a-bc63-9251dc9bbf68 -DeviceGroupId:
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6c338f33-adda-4269-8d49-9375d7a75821 -SystemEventPortName:HostProcess-ef0c6d5d-6d69-465d-bcc4-d94ea68122a5 -IoCancelEventPortName:HostProcess-1fd5b263-be2a-4db3-9263-dae02812248f -NonStateChangingEventPortName:HostProcess-6dc949a7-979f-4987-bee7-105c334651ca -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0c5dac10-cba3-46f0-87c8-d3796bd79df6 -DeviceGroupId:WudfDefaultDevicePool
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6348.0.1331980574\300352554" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.982.6.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.2.448826529\840971500" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.3.117287006\801674864" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.4.2110868180\1402087185" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.6.1765527923\167686280" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.7.96736508\763950775" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.8.1522022476\531657514" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.9.97025132\1689552816" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.10.731215669\1365218772" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.11.722463799\1712511278" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.12.317076328\370007430" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.13.1120759526\917444755" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.14.1483760790\1351572657" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.15.990483403\1312174559" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.16.654829782\1794721862" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.17.834510825\960207950" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.18.800848981\1559955609" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.19.252950252\1919739780" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.24.1613757844\630733359" /prefetch:673131151
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_80/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --disable-client-side-phishing-detection --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="6348.35.1433736048\1120051706" /prefetch:673131151
"C:\Users\Rastislav\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForKostík a Irenka.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Rastislav\AppData\Roaming\Mozilla\Firefox\Profiles\52i4ous7.default

prefs.js - "browser.startup.homepage" - "https://www.e-quip.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.199 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_199.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.199 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_199.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-23 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-23 441152]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-08-06 1425408]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-23 170304]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-04-08 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP HD Webcam Driver_Monitor"=C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [2012-07-26 303480]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-24 491120]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"BDRegion"=c:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2012-08-04 78352]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-09-19 371976]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2013-06-05 683656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"EaseUS EPM Tray Agent"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe [2014-02-13 254024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Program Files"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-23 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

[kostik123456]

3 log

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-21 10:42:11 ----D---- C:\rsit
2014-04-21 10:42:11 ----D---- C:\Program Files\trend micro
2014-04-21 00:59:01 ----D---- C:\AdwCleaner
2014-04-21 00:40:16 ----A---- C:\Windows\system32\drivers\wStLibG64.sys
2014-04-19 21:47:33 ----D---- C:\Users\Rastislav\AppData\Roaming\Digiarty
2014-04-19 21:47:33 ----D---- C:\Program Files (x86)\Digiarty
2014-04-19 20:55:46 ----A---- C:\Windows\GPInstall.exe
2014-04-19 19:03:18 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-04-19 19:03:15 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-04-19 19:03:15 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-04-19 19:03:15 ----A---- C:\Windows\SYSWOW64\java.exe
2014-04-16 14:01:41 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2014-04-16 13:46:46 ----A---- C:\Windows\system32\DfSdkBt.exe
2014-04-11 23:21:38 ----A---- C:\Windows\SYSWOW64\setupempdrv03.exe
2014-04-11 23:21:38 ----A---- C:\Windows\SYSWOW64\EuGdiDrv.sys
2014-04-11 23:21:38 ----A---- C:\Windows\SYSWOW64\EuEpmGdi.dll
2014-04-11 23:21:38 ----A---- C:\Windows\SYSWOW64\BootMan.exe
2014-04-11 23:21:38 ----A---- C:\Windows\system32\setupempdrvx64.exe
2014-04-11 23:21:38 ----A---- C:\Windows\system32\EuGdiDrv.sys
2014-04-11 23:21:38 ----A---- C:\Windows\system32\EuEpmGdi.dll
2014-04-11 23:21:38 ----A---- C:\Windows\system32\epmntdrv.sys
2014-04-11 23:21:38 ----A---- C:\Windows\system32\BootMan.exe
2014-04-11 23:21:37 ----A---- C:\Windows\SYSWOW64\epmntdrv.sys
2014-04-11 20:01:09 ----D---- C:\Program Files (x86)\Freemake
2014-04-11 19:57:08 ----D---- C:\Program Files\DC++
2014-04-11 19:29:57 ----D---- C:\ProgramData\4079416499ded952
2014-04-11 19:28:08 ----D---- C:\ProgramData\InstallMate
2014-04-08 23:34:47 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-04-08 23:34:47 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-08 23:34:47 ----A---- C:\Windows\system32\KernelBase.dll
2014-04-08 23:34:47 ----A---- C:\Windows\system32\kernel32.dll
2014-04-08 23:34:47 ----A---- C:\Windows\system32\gpedit.dll
2014-04-08 23:34:47 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-04-08 23:34:47 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-04-08 23:34:47 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-04-08 23:34:46 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2014-04-08 23:34:46 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-04-08 23:34:46 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-04-08 23:01:42 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-04-08 23:01:42 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-04-08 23:01:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-08 23:01:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-08 23:01:41 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-08 23:01:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-08 23:01:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-08 23:01:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-08 23:01:41 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-08 23:01:41 ----A---- C:\Windows\system32\UXInit.dll
2014-04-08 23:01:41 ----A---- C:\Windows\system32\urlmon.dll
2014-04-08 23:01:41 ----A---- C:\Windows\system32\msrating.dll
2014-04-08 23:01:41 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-08 23:01:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-04-08 23:01:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-08 23:01:40 ----A---- C:\Windows\system32\iesetup.dll
2014-04-08 23:01:40 ----A---- C:\Windows\system32\iernonce.dll
2014-04-08 23:01:40 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-08 23:01:39 ----A---- C:\Windows\system32\wininet.dll
2014-04-08 23:01:39 ----A---- C:\Windows\system32\uxtheme.dll
2014-04-08 23:01:39 ----A---- C:\Windows\system32\ieframe.dll
2014-04-08 23:01:37 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-08 23:01:37 ----A---- C:\Windows\system32\jscript.dll
2014-04-08 23:01:37 ----A---- C:\Windows\system32\iesysprep.dll
2014-04-08 23:01:35 ----A---- C:\Windows\system32\mshtml.dll
2014-04-08 23:01:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-08 23:01:26 ----A---- C:\Windows\system32\iertutil.dll
2014-04-08 23:01:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-08 23:01:25 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-04-08 23:01:25 ----A---- C:\Windows\system32\jscript9.dll
2014-04-08 23:01:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-08 22:35:46 ----D---- C:\Users\Rastislav\AppData\Roaming\Balabolka
2014-04-06 15:37:13 ----D---- C:\Users\Rastislav\AppData\Roaming\DC++
2014-04-06 15:20:50 ----D---- C:\Users\Rastislav\AppData\Roaming\TeamViewer
2014-04-02 20:37:55 ----D---- C:\Users\Rastislav\AppData\Roaming\InspireSoft
2014-04-02 18:52:05 ----D---- C:\Users\Rastislav\AppData\Roaming\Mozilla
2014-04-02 18:51:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-02 18:51:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-01 17:14:38 ----D---- C:\ProgramData\Oracle
2014-04-01 17:14:06 ----D---- C:\Program Files (x86)\Java
2014-04-01 17:11:50 ----D---- C:\ProgramData\Sun
2014-03-31 21:08:10 ----D---- C:\Users\Rastislav\AppData\Roaming\Notepad++
2014-03-31 21:08:10 ----D---- C:\Program Files (x86)\Notepad++
2014-03-31 21:05:51 ----D---- C:\Program Files (x86)\Balabolka
2014-03-31 21:03:22 ----D---- C:\Users\Rastislav\AppData\Roaming\Subtitle Edit
2014-03-31 21:03:20 ----D---- C:\Program Files (x86)\Subtitle Edit
2014-03-31 21:01:43 ----D---- C:\ProgramData\Freemake
2014-03-31 20:28:22 ----D---- C:\ProgramData\Mozilla
2014-03-31 20:26:35 ----D---- C:\Program Files (x86)\The KMPlayer
2014-03-31 20:17:08 ----A---- C:\Windows\SYSWOW64\AVERM.dll
2014-03-31 20:17:07 ----A---- C:\Windows\SYSWOW64\AVEQT.dll
2014-03-31 20:17:05 ----D---- C:\Program Files (x86)\Ultra Video Joiner
2014-03-31 20:15:11 ----D---- C:\Users\Rastislav\AppData\Roaming\VideoReDo-TVSuite4
2014-03-31 20:15:11 ----D---- C:\Program Files (x86)\VideoReDoTVSuite4
2014-03-31 20:08:59 ----D---- C:\Users\Rastislav\AppData\Roaming\Xilisoft
2014-03-31 20:08:59 ----D---- C:\Program Files (x86)\Xilisoft
2014-03-31 20:06:12 ----D---- C:\Users\Rastislav\AppData\Roaming\Ashampoo Slideshow Studio HD 3
2014-03-31 20:01:55 ----D---- C:\Users\Rastislav\AppData\Roaming\Ashampoo
2014-03-31 19:59:27 ----D---- C:\ProgramData\T-Mobile
2014-03-31 19:58:57 ----D---- C:\Users\Rastislav\AppData\Roaming\T-Mobile
2014-03-31 19:58:52 ----A---- C:\Windows\system32\drivers\ZTEusbser6k.sys
2014-03-31 19:58:52 ----A---- C:\Windows\system32\drivers\ZTEusbnmea.sys
2014-03-31 19:58:52 ----A---- C:\Windows\system32\drivers\ZTEusbnet.sys
2014-03-31 19:58:52 ----A---- C:\Windows\system32\drivers\ZTEusbmdm6k.sys
2014-03-31 19:58:52 ----A---- C:\Windows\system32\drivers\massfilter.sys
2014-03-31 19:58:46 ----D---- C:\Program Files (x86)\ZTE
2014-03-31 19:58:43 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\mod7700.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ewusbwwan.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_wwanecm.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_usbenumfilter.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_juwwanecm.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_juextctrl.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_jucdcecm.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_jucdcacm.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_jubusenum.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_hwusbdev.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_hwupgrade.sys
2014-03-31 19:58:43 ----A---- C:\Windows\system32\drivers\ew_cdcacm.sys
2014-03-31 19:58:32 ----D---- C:\Program Files (x86)\Huawei
2014-03-31 19:58:31 ----D---- C:\Program Files (x86)\T-Mobile
2014-03-31 19:53:44 ----D---- C:\Users\Rastislav\AppData\Roaming\Skype
2014-03-31 19:53:39 ----RD---- C:\Program Files (x86)\Skype
2014-03-31 19:53:36 ----D---- C:\ProgramData\Skype
2014-03-31 19:48:18 ----A---- C:\Users\Rastislav\AppData\Roaming\pcouffin.sys
2014-03-31 19:48:18 ----A---- C:\Users\Rastislav\AppData\Roaming\inst.exe
2014-03-31 19:48:17 ----D---- C:\Users\Rastislav\AppData\Roaming\Vso
2014-03-31 19:30:13 ----D---- C:\Program Files\WinPcap
2014-03-31 19:22:37 ----D---- C:\ProgramData\VSO
2014-03-31 19:22:37 ----D---- C:\Program Files (x86)\VSO
2014-03-31 19:17:00 ----D---- C:\Program Files (x86)\Lavalys
2014-03-31 19:15:57 ----D---- C:\Program Files (x86)\UltraISO
2014-03-31 19:13:31 ----D---- C:\ProgramData\DVD Shrink
2014-03-31 19:13:30 ----D---- C:\Program Files (x86)\DVD Shrink
2014-03-31 19:06:23 ----A---- C:\Windows\system32\drivers\dvdfab.sys
2014-03-31 19:06:21 ----D---- C:\Program Files (x86)\DVDFab Passkey
2014-03-31 18:58:31 ----D---- C:\Users\Rastislav\AppData\Roaming\sMedio
2014-03-31 18:57:56 ----D---- C:\ProgramData\sMedio
2014-03-31 18:53:24 ----D---- C:\Program Files (x86)\sMedio
2014-03-31 18:45:25 ----D---- C:\Users\Rastislav\AppData\Roaming\DVDFab
2014-03-31 18:43:59 ----D---- C:\ProgramData\dvdfab
2014-03-31 18:34:05 ----D---- C:\Program Files (x86)\DVDFab 8 Qt
2014-03-31 18:32:41 ----D---- C:\Users\Rastislav\AppData\Roaming\YouTube Downloader
2014-03-31 18:32:17 ----D---- C:\Program Files (x86)\YTD
2014-03-31 18:25:23 ----D---- C:\Users\Rastislav\AppData\Roaming\uTorrent
2014-03-31 18:25:19 ----D---- C:\Users\Rastislav\AppData\Roaming\BitTorrent
2014-03-31 18:10:56 ----D---- C:\Users\Rastislav\AppData\Roaming\ArcSoft
2014-03-31 18:10:28 ----D---- C:\ProgramData\ArcSoft
2014-03-31 18:06:28 ----D---- C:\Users\Rastislav\AppData\Roaming\vlc
2014-03-31 18:05:58 ----D---- C:\Program Files\VideoLAN
2014-03-31 18:01:30 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-03-31 18:01:30 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-03-31 18:01:30 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-03-31 18:01:30 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-03-31 18:01:29 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-03-31 18:01:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-03-31 18:01:29 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-03-31 18:01:29 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-03-31 18:01:28 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-03-31 18:01:28 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-03-31 18:01:28 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-03-31 18:01:28 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-03-31 18:01:28 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-03-31 18:01:28 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-03-31 18:01:28 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-03-31 18:01:28 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-03-31 18:01:27 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2014-03-31 18:01:27 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2014-03-31 18:01:27 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2014-03-31 18:01:27 ----A---- C:\Windows\system32\XAudio2_6.dll
2014-03-31 18:01:27 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2014-03-31 18:01:27 ----A---- C:\Windows\system32\xactengine3_6.dll
2014-03-31 18:01:24 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2014-03-31 18:01:24 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2014-03-31 18:01:19 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2014-03-31 18:01:19 ----A---- C:\Windows\system32\XAudio2_5.dll
2014-03-31 18:01:18 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2014-03-31 18:01:18 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2014-03-31 18:01:18 ----A---- C:\Windows\system32\xactengine3_5.dll
2014-03-31 18:01:18 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2014-03-31 18:01:17 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2014-03-31 18:01:17 ----A---- C:\Windows\system32\d3dcsx_42.dll
2014-03-31 18:01:16 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2014-03-31 18:01:16 ----A---- C:\Windows\system32\d3dx11_42.dll
2014-03-31 18:01:15 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-03-31 18:01:15 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2014-03-31 18:01:15 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-03-31 18:01:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-03-31 18:01:15 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-03-31 18:01:15 ----A---- C:\Windows\system32\d3dx10_42.dll
2014-03-31 18:01:15 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-03-31 18:01:15 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-03-31 18:01:14 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-03-31 18:01:14 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2014-03-31 18:01:14 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-03-31 18:01:14 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-03-31 18:01:14 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2014-03-31 18:01:14 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-03-31 18:01:13 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-03-31 18:01:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-03-31 18:01:13 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-03-31 18:01:13 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-03-31 18:01:12 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-03-31 18:01:12 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-03-31 18:01:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-03-31 18:01:12 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-03-31 18:01:12 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-03-31 18:01:12 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-03-31 18:01:11 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2014-03-31 18:01:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2014-03-31 18:01:11 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2014-03-31 18:01:11 ----A---- C:\Windows\system32\XAudio2_3.dll
2014-03-31 18:01:11 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2014-03-31 18:01:11 ----A---- C:\Windows\system32\xactengine3_3.dll
2014-03-31 18:01:10 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2014-03-31 18:01:10 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2014-03-31 18:01:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2014-03-31 18:01:10 ----A---- C:\Windows\system32\XAudio2_2.dll
2014-03-31 18:01:10 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2014-03-31 18:01:10 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2014-03-31 18:01:09 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2014-03-31 18:01:09 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-03-31 18:01:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-03-31 18:01:09 ----A---- C:\Windows\system32\xactengine3_2.dll
2014-03-31 18:01:09 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-03-31 18:01:09 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-03-31 18:01:08 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-03-31 18:01:08 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-03-31 18:01:07 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-03-31 18:01:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-03-31 18:01:07 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-03-31 18:01:07 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-03-31 18:01:07 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-03-31 18:01:07 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-03-31 18:01:06 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-03-31 18:01:06 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-03-31 18:01:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-03-31 18:01:06 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-03-31 18:01:06 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-03-31 18:01:06 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-03-31 18:01:05 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-03-31 18:01:05 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-03-31 18:01:05 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-03-31 18:01:05 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-03-31 18:01:04 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-03-31 18:01:04 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-03-31 18:01:03 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-03-31 18:01:03 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-03-31 18:01:03 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-03-31 18:01:03 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-03-31 18:01:03 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-03-31 18:01:03 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-03-31 18:01:03 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-03-31 18:01:03 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-03-31 18:01:01 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-03-31 18:01:01 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-03-31 18:00:57 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-03-31 18:00:57 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-03-31 18:00:57 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-03-31 18:00:57 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-03-31 18:00:56 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-03-31 18:00:56 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-03-31 18:00:53 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-03-31 18:00:53 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-03-31 18:00:53 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-03-31 18:00:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-03-31 18:00:53 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-03-31 18:00:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-03-31 18:00:53 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-03-31 18:00:53 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-03-31 18:00:52 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-03-31 18:00:52 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-03-31 18:00:52 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-03-31 18:00:52 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-03-31 18:00:51 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-03-31 18:00:51 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-03-31 18:00:51 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-03-31 18:00:51 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-03-31 18:00:51 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-03-31 18:00:51 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-03-31 18:00:50 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-03-31 18:00:50 ----A---- C:\Windows\system32\xinput1_3.dll
2014-03-31 18:00:47 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-03-31 18:00:47 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-03-31 18:00:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-03-31 18:00:47 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-03-31 18:00:47 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-03-31 18:00:47 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-03-31 18:00:46 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-03-31 18:00:46 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-03-31 18:00:42 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-03-31 18:00:42 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-03-31 18:00:39 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-03-31 18:00:39 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-03-31 18:00:38 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-03-31 18:00:38 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-03-31 18:00:38 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-03-31 18:00:38 ----A---- C:\Windows\system32\d3dx10.dll
2014-03-31 18:00:37 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-03-31 18:00:37 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-03-31 18:00:37 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-03-31 18:00:37 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-03-31 18:00:36 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-03-31 18:00:36 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-03-31 18:00:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-03-31 18:00:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-03-31 18:00:33 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-03-31 18:00:33 ----A---- C:\Windows\system32\xinput1_2.dll
2014-03-31 18:00:29 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-03-31 18:00:29 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-03-31 18:00:29 ----A---- C:\Windows\system32\xinput1_1.dll
2014-03-31 18:00:29 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-03-31 18:00:26 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-03-31 18:00:26 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-03-31 18:00:22 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-03-31 18:00:22 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-03-31 18:00:21 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-03-31 18:00:21 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-03-31 18:00:21 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-03-31 18:00:21 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-03-31 18:00:21 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-03-31 18:00:21 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-03-31 18:00:20 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-03-31 18:00:20 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-03-31 18:00:20 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-03-31 18:00:20 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-03-31 18:00:19 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-03-31 18:00:19 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-03-31 18:00:19 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-03-31 18:00:19 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-03-31 18:00:18 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-03-31 18:00:18 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-03-31 17:56:55 ----D---- C:\Windows\SYSWOW64\directx
2014-03-31 17:50:35 ----D---- C:\Users\Rastislav\AppData\Roaming\Winamp
2014-03-31 17:50:35 ----D---- C:\Program Files (x86)\Winamp
2014-03-31 17:47:43 ----D---- C:\Program Files\Picon_Manager
2014-03-31 17:43:00 ----D---- C:\Program Files (x86)\EaseUS
2014-03-31 17:36:31 ----D---- C:\Program Files\Recuva
2014-03-31 17:34:05 ----D---- C:\Program Files (x86)\TeamViewer
2014-03-31 17:31:50 ----D---- C:\Users\Rastislav\AppData\Roaming\PC Suite
2014-03-31 17:31:49 ----D---- C:\ProgramData\PC Suite
2014-03-31 17:30:52 ----D---- C:\ProgramData\Nokia
2014-03-31 17:30:28 ----D---- C:\Program Files\DIFX
2014-03-31 17:30:27 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys
2014-03-31 17:30:21 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2014-03-31 17:30:05 ----A---- C:\Windows\system32\nmwcdclsX64.dll
2014-03-31 17:29:38 ----D---- C:\ProgramData\NokiaInstallerCache
2014-03-31 17:29:38 ----D---- C:\Program Files (x86)\Nokia
2014-03-31 17:26:10 ----D---- C:\Users\Rastislav\AppData\Roaming\Macromedia
2014-03-31 17:26:07 ----SHD---- C:\Windows\ftpcache
2014-03-31 17:26:02 ----A---- C:\Windows\Natura Sound Therapy Uninstaller.exe
2014-03-31 17:25:57 ----D---- C:\Program Files (x86)\Natura Sound Therapy
2014-03-31 17:25:17 ----D---- C:\Program Files (x86)\Relax Sound Software
2014-03-31 16:54:21 ----D---- C:\dvbdream
2014-03-31 16:48:24 ----D---- C:\Program Files\DCC E 2.96
2014-03-31 16:46:56 ----D---- C:\Program Files\DCC E2 1.46
2014-03-31 16:44:44 ----D---- C:\Program Files (x86)\dreamboxEDIT
2014-03-31 16:41:07 ----D---- C:\Program Files\Ferguson Ariva 250 Combo
2014-03-31 16:36:30 ----D---- C:\Users\Rastislav\AppData\Roaming\Spyware Terminator
2014-03-31 16:36:30 ----D---- C:\ProgramData\Spyware Terminator
2014-03-31 16:36:30 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-03-31 16:36:24 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-03-31 16:32:54 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-03-31 16:32:34 ----D---- C:\ProgramData\Malwarebytes
2014-03-31 16:32:34 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-31 16:32:34 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-03-31 16:32:34 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-03-31 16:32:34 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-03-30 21:58:58 ----A---- C:\Windows\slsvc.exe
2014-03-30 21:58:58 ----A---- C:\Windows\SLCHook.dll
2014-03-30 21:58:58 ----A---- C:\Windows\PersonalizeEnabler.exe
2014-03-30 21:58:58 ----A---- C:\Windows\EasyHook64.dll
2014-03-30 21:55:27 ----RSHD---- C:\Windows Activation Technologies
2014-03-30 21:43:50 ----D---- C:\Windows\ehome
2014-03-30 21:43:34 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2014-03-30 21:43:34 ----D---- C:\Windows\CSC
2014-03-30 17:29:38 ----A---- C:\Windows\system32\drivers\evbda.sys
2014-03-30 17:29:29 ----A---- C:\Windows\system32\WpcMon.exe
2014-03-30 17:29:27 ----A---- C:\Windows\system32\WinSAT.exe
2014-03-30 17:29:25 ----A---- C:\Windows\system32\drivers\bxvbda.sys
2014-03-30 17:29:24 ----A---- C:\Windows\system32\vssapi.dll
2014-03-30 17:29:22 ----A---- C:\Windows\system32\RacEngn.dll
2014-03-30 17:29:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll
2014-03-30 17:29:21 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2014-03-30 17:29:20 ----A---- C:\Windows\system32\uDWM.dll
2014-03-30 17:29:20 ----A---- C:\Windows\system32\provcore.dll
2014-03-30 17:29:20 ----A---- C:\Windows\system32\MMDevAPI.dll
2014-03-30 17:29:19 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2014-03-30 17:29:17 ----A---- C:\Windows\system32\WinSATAPI.dll
2014-03-30 17:29:16 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2014-03-30 17:29:16 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2014-03-30 17:29:16 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2014-03-30 17:29:16 ----A---- C:\Windows\system32\apphelp.dll
2014-03-30 17:29:15 ----A---- C:\Windows\SYSWOW64\MsSpellCheckingFacility.dll
2014-03-30 17:29:15 ----A---- C:\Windows\system32\MFPlay.dll
2014-03-30 17:29:15 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2014-03-30 17:29:15 ----A---- C:\Windows\system32\drivers\csc.sys
2014-03-30 17:29:15 ----A---- C:\Windows\system32\combase.dll
2014-03-30 17:29:14 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2014-03-30 17:29:14 ----A---- C:\Windows\system32\WWAHost.exe
2014-03-30 17:29:14 ----A---- C:\Windows\system32\WinTypes.dll
2014-03-30 17:29:14 ----A---- C:\Windows\system32\fveapi.dll
2014-03-30 17:29:14 ----A---- C:\Windows\system32\dnsapi.dll
2014-03-30 17:29:13 ----A---- C:\Windows\system32\wlidcredprov.dll
2014-03-30 17:29:13 ----A---- C:\Windows\system32\taskeng.exe
2014-03-30 17:29:13 ----A---- C:\Windows\system32\mfsvr.dll
2014-03-30 17:29:13 ----A---- C:\Windows\system32\mfsrcsnk.dll
2014-03-30 17:29:13 ----A---- C:\Windows\system32\bcdsrv.dll
2014-03-30 17:29:12 ----A---- C:\Windows\system32\wpnprv.dll
2014-03-30 17:29:12 ----A---- C:\Windows\system32\propsys.dll
2014-03-30 17:29:12 ----A---- C:\Windows\system32\drivers\acpi.sys
2014-03-30 17:29:11 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2014-03-30 17:29:11 ----A---- C:\Windows\system32\VAN.dll
2014-03-30 17:29:10 ----A---- C:\Windows\system32\services.exe
2014-03-30 17:29:10 ----A---- C:\Windows\system32\fveapibase.dll
2014-03-30 17:29:08 ----A---- C:\Windows\system32\mmcss.dll
2014-03-30 17:29:07 ----A---- C:\Windows\SYSWOW64\WWAHost.exe
2014-03-30 17:29:07 ----A---- C:\Windows\system32\PackageStateRoaming.dll
2014-03-30 17:29:06 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2014-03-30 17:29:06 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2014-03-30 17:29:06 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-03-30 17:29:06 ----A---- C:\Windows\system32\TpmTasks.dll
2014-03-30 17:29:06 ----A---- C:\Windows\system32\ProximityService.dll
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\VAN.dll
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\twinapi.dll
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\svchost.exe
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\provcore.dll
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\PackageStateRoaming.dll
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\mfsrcsnk.dll
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\combase.dll
2014-03-30 17:29:05 ----A---- C:\Windows\SYSWOW64\avrt.dll
2014-03-30 17:29:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-03-30 17:29:05 ----A---- C:\Windows\system32\msvproc.dll
2014-03-30 17:29:05 ----A---- C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2014-03-30 17:29:05 ----A---- C:\Windows\system32\avrt.dll
2014-03-30 17:29:04 ----A---- C:\Windows\SYSWOW64\WinTypes.dll
2014-03-30 17:29:04 ----A---- C:\Windows\SYSWOW64\perfdisk.dll
2014-03-30 17:29:04 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2014-03-30 17:29:04 ----A---- C:\Windows\system32\svchost.exe
2014-03-30 17:29:04 ----A---- C:\Windows\system32\SettingSyncHost.exe
2014-03-30 17:29:04 ----A---- C:\Windows\system32\perfdisk.dll
2014-03-30 17:29:04 ----A---- C:\Windows\system32\batmeter.dll
2014-03-30 17:29:04 ----A---- C:\Windows\system32\aelupsvc.dll
2014-03-30 17:29:03 ----A---- C:\Windows\SYSWOW64\wlidcredprov.dll
2014-03-30 17:29:03 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2014-03-30 17:29:02 ----A---- C:\Windows\system32\winsrv.dll
2014-03-30 17:29:02 ----A---- C:\Windows\system32\user32.dll
2014-03-30 17:29:02 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-03-30 17:29:02 ----A---- C:\Windows\system32\lsass.exe
2014-03-30 17:29:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-03-30 17:29:01 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2014-03-30 17:29:01 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2014-03-30 17:29:01 ----A---- C:\Windows\SYSWOW64\msvproc.dll
2014-03-30 17:29:01 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2014-03-30 17:29:01 ----A---- C:\Windows\system32\perfnet.dll
2014-03-30 17:29:01 ----A---- C:\Windows\system32\mfh264enc.dll
2014-03-30 17:29:01 ----A---- C:\Windows\system32\lpksetup.exe
2014-03-30 17:29:00 ----A---- C:\Windows\system32\twinapi.dll
2014-03-30 17:29:00 ----A---- C:\Windows\system32\DevPropMgr.dll
2014-03-30 17:28:59 ----A---- C:\Windows\system32\dwm.exe
2014-03-30 17:28:57 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-03-30 17:28:57 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-03-30 17:28:57 ----A---- C:\Windows\system32\drvinst.exe
2014-03-30 17:28:57 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-03-30 17:28:56 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-03-30 17:28:56 ----A---- C:\Windows\SYSWOW64\perfnet.dll
2014-03-30 17:28:56 ----A---- C:\Windows\system32\webio.dll
2014-03-30 17:28:56 ----A---- C:\Windows\system32\perfos.dll
2014-03-30 17:28:56 ----A---- C:\Windows\system32\dxgi.dll
2014-03-30 17:28:56 ----A---- C:\Windows\system32\DAFWSD.dll
2014-03-30 17:28:55 ----A---- C:\Windows\system32\umpo.dll
2014-03-30 17:28:55 ----A---- C:\Windows\system32\sspicli.dll
2014-03-30 17:28:55 ----A---- C:\Windows\system32\RpcEpMap.dll
2014-03-30 17:28:55 ----A---- C:\Windows\system32\lpremove.exe
2014-03-30 17:28:55 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys
2014-03-30 17:28:55 ----A---- C:\Windows\system32\CscMig.dll
2014-03-30 17:28:54 ----A---- C:\Windows\SYSWOW64\vsstrace.dll
2014-03-30 17:28:54 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2014-03-30 17:28:54 ----A---- C:\Windows\system32\vsstrace.dll
2014-03-30 17:28:54 ----A---- C:\Windows\system32\sdbinst.exe
2014-03-30 17:28:53 ----A---- C:\Windows\SYSWOW64\perfproc.dll
2014-03-30 17:28:53 ----A---- C:\Windows\SYSWOW64\perfos.dll
2014-03-30 17:28:53 ----A---- C:\Windows\SYSWOW64\perfctrs.dll
2014-03-30 17:28:53 ----A---- C:\Windows\SYSWOW64\eventcls.dll
2014-03-30 17:28:53 ----A---- C:\Windows\system32\sspisrv.dll
2014-03-30 17:28:53 ----A---- C:\Windows\system32\shimeng.dll
2014-03-30 17:28:53 ----A---- C:\Windows\system32\perfproc.dll
2014-03-30 17:28:53 ----A---- C:\Windows\system32\perfctrs.dll
2014-03-30 17:28:53 ----A---- C:\Windows\system32\MUILanguageCleanup.dll
2014-03-30 17:28:53 ----A---- C:\Windows\system32\lpksetupproxyserv.dll
2014-03-30 17:28:53 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2014-03-30 17:28:53 ----A---- C:\Windows\system32\eventcls.dll
2014-03-30 17:28:52 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-03-30 17:28:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-03-30 17:28:52 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2014-03-30 17:28:52 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-03-30 17:10:45 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-30 17:10:45 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-30 16:57:18 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-03-30 16:52:45 ----A---- C:\Windows\SYSWOW64\newdev.exe
2014-03-30 16:52:45 ----A---- C:\Windows\SYSWOW64\newdev.dll
2014-03-30 16:52:45 ----A---- C:\Windows\SYSWOW64\ndadmin.exe
2014-03-30 16:52:44 ----A---- C:\Windows\system32\newdev.exe
2014-03-30 16:52:44 ----A---- C:\Windows\system32\newdev.dll
2014-03-30 16:52:44 ----A---- C:\Windows\system32\ndadmin.exe
2014-03-30 16:51:36 ----A---- C:\Windows\system32\shell32.dll
2014-03-30 16:51:35 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-03-30 16:51:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-03-30 16:51:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-30 16:51:30 ----A---- C:\Windows\system32\mstscax.dll
2014-03-30 16:51:29 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-03-30 16:51:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-03-30 16:51:27 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-03-30 16:51:27 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-03-30 16:51:27 ----A---- C:\Windows\system32\WSShared.dll
2014-03-30 16:51:27 ----A---- C:\Windows\system32\WSDApi.dll
2014-03-30 16:51:27 ----A---- C:\Windows\system32\NotificationUI.exe
2014-03-30 16:51:27 ----A---- C:\Windows\system32\drivers\storport.sys
2014-03-30 16:51:27 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-03-30 16:51:25 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2014-03-30 16:51:25 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-03-30 16:51:24 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-30 16:51:24 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2014-03-30 16:51:23 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-30 16:51:23 ----A---- C:\Windows\system32\fveskybackup.dll
2014-03-30 16:42:40 ----ASH---- C:\swapfile.sys
2014-03-30 16:42:40 ----ASH---- C:\pagefile.sys
2014-03-30 16:42:40 ----ASH---- C:\hiberfil.sys
2014-03-30 16:42:38 ----SHD---- C:\System Volume Information
2014-03-30 16:41:37 ----D---- C:\ProgramData\Ashampoo
2014-03-30 16:41:19 ----D---- C:\Program Files (x86)\Ashampoo
2014-03-30 16:37:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-03-30 16:30:37 ----RD---- C:\Windows\BrowserChoice
2014-03-30 14:15:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-03-30 14:15:25 ----A---- C:\Windows\system32\dwmcore.dll
2014-03-30 14:15:24 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-03-30 14:15:24 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2014-03-30 14:15:24 ----A---- C:\Windows\system32\mfasfsrcsnk.dll
2014-03-30 14:15:24 ----A---- C:\Windows\explorer.exe
2014-03-30 14:15:23 ----A---- C:\Windows\SYSWOW64\mfasfsrcsnk.dll
2014-03-30 14:15:23 ----A---- C:\Windows\system32\samsrv.dll
2014-03-30 14:15:23 ----A---- C:\Windows\system32\mfcore.dll
2014-03-30 14:15:22 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2014-03-30 14:15:22 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-03-30 14:15:22 ----A---- C:\Windows\system32\audiosrv.dll
2014-03-30 14:15:21 ----A---- C:\Windows\system32\winload.exe
2014-03-30 14:15:20 ----A---- C:\Windows\system32\winresume.exe
2014-03-30 14:15:20 ----A---- C:\Windows\system32\vds.exe
2014-03-30 14:15:20 ----A---- C:\Windows\system32\mscms.dll
2014-03-30 14:15:20 ----A---- C:\Windows\system32\drivers\BthAvrcpTg.sys
2014-03-30 14:15:19 ----A---- C:\Windows\SYSWOW64\mscms.dll
2014-03-30 14:15:19 ----A---- C:\Windows\system32\vdsutil.dll
2014-03-30 14:15:19 ----A---- C:\Windows\system32\samlib.dll
2014-03-30 14:15:19 ----A---- C:\Windows\system32\MbaeParserTask.exe
2014-03-30 14:15:19 ----A---- C:\Windows\system32\DeviceSetupManager.dll
2014-03-30 14:15:18 ----A---- C:\Windows\SYSWOW64\samlib.dll
2014-03-30 14:14:57 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-03-30 14:09:11 ----A---- C:\Windows\system32\wuaueng.dll
2014-03-30 14:09:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-03-30 14:09:10 ----A---- C:\Windows\system32\wuapi.dll
2014-03-30 14:09:10 ----A---- C:\Windows\system32\resutils.dll
2014-03-30 14:09:10 ----A---- C:\Windows\system32\oleaut32.dll
2014-03-30 14:09:10 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-03-30 14:09:10 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-03-30 14:09:10 ----A---- C:\Windows\system32\clusapi.dll
2014-03-30 14:09:09 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-03-30 14:09:09 ----A---- C:\Windows\SYSWOW64\resutils.dll
2014-03-30 14:09:09 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2014-03-30 14:09:09 ----A---- C:\Windows\system32\wuwebv.dll
2014-03-30 14:09:09 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-03-30 14:09:09 ----A---- C:\Windows\system32\wucltux.dll
2014-03-30 14:09:09 ----A---- C:\Windows\system32\wuauclt.exe
2014-03-30 14:09:09 ----A---- C:\Windows\system32\storewuauth.dll
2014-03-30 14:09:09 ----A---- C:\Windows\system32\drivers\spaceport.sys
2014-03-30 14:09:08 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-03-30 14:09:08 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-03-30 14:09:08 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-03-30 14:09:08 ----A---- C:\Windows\system32\wudriver.dll
2014-03-30 14:09:08 ----A---- C:\Windows\system32\wuapp.exe
2014-03-30 14:06:59 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2014-03-30 14:06:55 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2014-03-30 14:06:53 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2014-03-30 14:06:53 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2014-03-30 14:06:53 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-03-30 14:06:53 ----A---- C:\Windows\system32\UIAutomationCore.dll
2014-03-30 14:06:53 ----A---- C:\Windows\system32\ubpm.dll
2014-03-30 14:06:53 ----A---- C:\Windows\system32\kerberos.dll
2014-03-30 14:06:52 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-03-30 14:06:52 ----A---- C:\Windows\system32\wups2.dll
2014-03-30 14:06:52 ----A---- C:\Windows\system32\wups.dll
2014-03-30 14:06:52 ----A---- C:\Windows\system32\drivers\tpm.sys
2014-03-30 14:06:52 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-03-30 14:06:52 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2014-03-30 14:06:52 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2014-03-30 14:05:16 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2014-03-30 14:05:15 ----A---- C:\Windows\system32\msftedit.dll
2014-03-30 14:05:15 ----A---- C:\Windows\system32\localspl.dll
2014-03-30 14:05:15 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-03-30 14:05:14 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-03-30 14:05:13 ----A---- C:\Windows\SYSWOW64\winmm.dll
2014-03-30 14:05:13 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-30 14:05:13 ----A---- C:\Windows\system32\wwanconn.dll
2014-03-30 14:05:13 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-03-30 14:05:13 ----A---- C:\Windows\system32\drivers\sdbus.sys
2014-03-30 14:05:12 ----A---- C:\Windows\SYSWOW64\winmmbase.dll
2014-03-30 14:05:12 ----A---- C:\Windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2014-03-30 14:05:12 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2014-03-30 14:05:12 ----A---- C:\Windows\system32\WinSCard.dll
2014-03-30 14:05:12 ----A---- C:\Windows\system32\winmmbase.dll
2014-03-30 14:05:12 ----A---- C:\Windows\system32\winmm.dll
2014-03-30 14:05:12 ----A---- C:\Windows\system32\WerFault.exe
2014-03-30 14:05:12 ----A---- C:\Windows\system32\wcmsvc.dll
2014-03-30 14:05:12 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2014-03-30 14:05:12 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2014-03-30 14:05:11 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2014-03-30 14:05:11 ----A---- C:\Windows\SYSWOW64\openfiles.exe
2014-03-30 14:05:11 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-03-30 14:05:11 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2014-03-30 14:05:11 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-03-30 14:05:11 ----A---- C:\Windows\system32\wwanmm.dll
2014-03-30 14:05:11 ----A---- C:\Windows\system32\Wwanadvui.dll
2014-03-30 14:05:11 ----A---- C:\Windows\system32\wcmcsp.dll
2014-03-30 14:05:11 ----A---- C:\Windows\system32\openfiles.exe
2014-03-30 14:05:11 ----A---- C:\Windows\system32\nshwfp.dll
2014-03-30 14:05:11 ----A---- C:\Windows\system32\LocationApi.dll
2014-03-30 14:05:11 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-03-30 14:05:11 ----A---- C:\Windows\system32\drivers\udfs.sys
2014-03-30 14:05:11 ----A---- C:\Windows\system32\drivers\msgpioclx.sys
2014-03-30 14:05:10 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-03-30 13:58:32 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2014-03-30 13:58:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-03-30 13:58:31 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2014-03-30 13:58:31 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-03-30 13:58:31 ----A---- C:\Windows\system32\mfplat.dll
2014-03-30 13:58:29 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2014-03-30 13:58:28 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-03-30 13:58:28 ----A---- C:\Windows\system32\winlogon.exe
2014-03-30 13:58:28 ----A---- C:\Windows\system32\drivers\netio.sys
2014-03-30 13:58:27 ----A---- C:\Windows\system32\usercpl.dll
2014-03-30 13:58:26 ----A---- C:\Windows\system32\Windows.Storage.Compression.dll
2014-03-30 13:58:25 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2014-03-30 13:58:25 ----A---- C:\Windows\system32\ListSvc.dll
2014-03-30 13:58:25 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-03-30 13:58:25 ----A---- C:\Windows\system32\bdesvc.dll
2014-03-30 13:58:24 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2014-03-30 13:58:24 ----A---- C:\Windows\system32\SpaceControl.dll
2014-03-30 13:58:23 ----A---- C:\Windows\SYSWOW64\Windows.Storage.Compression.dll
2014-03-30 13:58:23 ----A---- C:\Windows\system32\drivers\sdstor.sys
2014-03-30 13:58:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-03-30 13:58:23 ----A---- C:\Windows\system32\drivers\cng.sys
2014-03-30 13:58:23 ----A---- C:\Windows\system32\drivers\battc.sys
2014-03-30 13:58:22 ----A---- C:\Windows\SYSWOW64\input.dll
2014-03-30 13:58:22 ----A---- C:\Windows\system32\input.dll
2014-03-30 13:58:21 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-03-30 13:58:21 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2014-03-30 13:58:21 ----A---- C:\Windows\system32\microsoft-windows-pdc.dll
2014-03-30 13:58:21 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-03-30 13:58:20 ----A---- C:\Windows\SYSWOW64\PCPKsp.dll
2014-03-30 13:58:20 ----A---- C:\Windows\system32\mswsock.dll
2014-03-30 13:58:19 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2014-03-30 13:58:19 ----A---- C:\Windows\SYSWOW64\AppxSip.dll
2014-03-30 13:58:19 ----A---- C:\Windows\system32\FntCache.dll
2014-03-30 13:58:19 ----A---- C:\Windows\system32\dhcpcore.dll
2014-03-30 13:58:18 ----A---- C:\Windows\system32\BdeUISrv.exe
2014-03-30 13:58:18 ----A---- C:\Windows\system32\AppxSip.dll
2014-03-30 13:58:17 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2014-03-30 13:58:17 ----A---- C:\Windows\system32\PCPKsp.dll
2014-03-30 13:58:17 ----A---- C:\Windows\system32\dhcpcsvc.dll
2014-03-30 13:58:16 ----A---- C:\Windows\SYSWOW64\kbdhebl3.dll
2014-03-30 13:58:16 ----A---- C:\Windows\system32\kbdhebl3.dll
2014-03-30 13:58:01 ----A---- C:\Windows\system32\dskquota.dll
2014-03-30 13:58:00 ----A---- C:\Windows\SYSWOW64\dskquota.dll
2014-03-30 13:57:50 ----A---- C:\Windows\system32\hal.dll
2014-03-30 13:57:42 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2014-03-30 13:57:42 ----A---- C:\Windows\system32\mfnetsrc.dll
2014-03-30 13:57:41 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2014-03-30 13:57:41 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2014-03-30 13:57:41 ----A---- C:\Windows\system32\mfnetcore.dll
2014-03-30 13:57:41 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2014-03-30 13:55:44 ----A---- C:\Windows\system32\netcfg-2352203.txt
2014-03-30 13:55:38 ----A---- C:\Windows\system32\netcfg-2345781.txt
2014-03-30 13:54:23 ----A---- C:\Windows\system32\drivers\hidusb.sys
2014-03-30 13:54:23 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-03-30 13:54:23 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-03-30 13:54:03 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-03-30 13:54:03 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-03-30 13:54:03 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2014-03-30 13:54:03 ----A---- C:\Windows\system32\WebClnt.dll
2014-03-30 13:54:03 ----A---- C:\Windows\system32\SHCore.dll
2014-03-30 13:54:03 ----A---- C:\Windows\system32\MPSSVC.dll
2014-03-30 13:54:03 ----A---- C:\Windows\system32\FirewallAPI.dll
2014-03-30 13:54:03 ----A---- C:\Windows\system32\drivers\disk.sys
2014-03-30 13:54:02 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2014-03-30 13:54:02 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-03-30 13:54:02 ----A---- C:\Windows\system32\wfapigp.dll
2014-03-30 13:54:02 ----A---- C:\Windows\system32\icfupgd.dll
2014-03-30 13:54:02 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2014-03-30 13:54:02 ----A---- C:\Windows\system32\davclnt.dll
2014-03-30 13:50:35 ----A---- C:\Windows\system32\rdpcorets.dll
2014-03-30 13:50:33 ----A---- C:\Windows\SYSWOW64\Taskmgr.exe
2014-03-30 13:50:33 ----A---- C:\Windows\system32\WebcamUi.dll
2014-03-30 13:50:33 ----A---- C:\Windows\system32\Taskmgr.exe
2014-03-30 13:50:33 ----A---- C:\Windows\system32\storagewmi.dll
2014-03-30 13:50:32 ----A---- C:\Windows\SYSWOW64\WebcamUi.dll
2014-03-30 13:50:32 ----A---- C:\Windows\system32\wpnapps.dll
2014-03-30 13:50:32 ----A---- C:\Windows\system32\UserLanguagesCpl.dll
2014-03-30 13:50:31 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2014-03-30 13:50:31 ----A---- C:\Windows\SYSWOW64\UserLanguagesCpl.dll
2014-03-30 13:50:31 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-03-30 13:50:31 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-03-30 13:50:31 ----A---- C:\Windows\system32\mstsc.exe
2014-03-30 13:50:31 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-03-30 13:50:30 ----A---- C:\Windows\system32\vdsldr.exe
2014-03-30 13:50:29 ----A---- C:\Windows\SYSWOW64\vds_ps.dll
2014-03-30 13:50:29 ----A---- C:\Windows\system32\vds_ps.dll
2014-03-30 13:50:29 ----A---- C:\Windows\system32\rfxvmt.dll
2014-03-30 13:50:29 ----A---- C:\Windows\system32\rdpudd.dll
2014-03-30 13:50:29 ----A---- C:\Windows\system32\drivers\BthhfHid.sys
2014-03-30 13:50:29 ----A---- C:\Windows\system32\drivers\BtaMPM.sys
2014-03-30 13:50:12 ----A---- C:\Windows\system32\wmp.dll
2014-03-30 13:50:12 ----A---- C:\Windows\system32\tquery.dll
2014-03-30 13:50:11 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-03-30 13:50:10 ----A---- C:\Windows\system32\mssrch.dll
2014-03-30 13:50:09 ----A---- C:\Windows\SYSWOW64\tquery.dll
2014-03-30 13:50:07 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2014-03-30 13:50:06 ----A---- C:\Windows\system32\ntdll.dll
2014-03-30 13:50:05 ----A---- C:\Windows\system32\MSAudDecMFT.dll
2014-03-30 13:50:04 ----A---- C:\Windows\SYSWOW64\MSAudDecMFT.dll
2014-03-30 13:50:03 ----A---- C:\Windows\system32\schedsvc.dll
2014-03-30 13:50:03 ----A---- C:\Windows\system32\kd_02_10ec.dll
2014-03-30 13:50:02 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2014-03-30 13:50:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-03-30 13:50:02 ----A---- C:\Windows\SYSWOW64\mssph.dll
2014-03-30 13:50:02 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-03-30 13:50:02 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-03-30 13:50:02 ----A---- C:\Windows\system32\rsaenh.dll
2014-03-30 13:50:02 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-03-30 13:50:02 ----A---- C:\Windows\system32\AudioSes.dll
2014-03-30 13:50:01 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2014-03-30 13:50:01 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-03-30 13:50:01 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-03-30 13:50:01 ----A---- C:\Windows\system32\Windows.Networking.dll
2014-03-30 13:50:01 ----A---- C:\Windows\system32\mssph.dll
2014-03-30 13:50:01 ----A---- C:\Windows\system32\dwmredir.dll
2014-03-30 13:50:01 ----A---- C:\Windows\system32\conhost.exe
2014-03-30 13:50:01 ----A---- C:\Windows\system32\AudioEng.dll
2014-03-30 13:50:01 ----A---- C:\Windows\system32\audiodg.exe
2014-03-30 13:50:00 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2014-03-30 13:50:00 ----A---- C:\Windows\system32\wpncore.dll
2014-03-30 13:50:00 ----A---- C:\Windows\system32\RecoveryDrive.exe
2014-03-30 13:50:00 ----A---- C:\Windows\system32\MFMediaEngine.dll
2014-03-30 13:49:59 ----A---- C:\Windows\SYSWOW64\Windows.Networking.dll
2014-03-30 13:49:59 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2014-03-30 13:49:59 ----A---- C:\Windows\system32\rascfg.dll
2014-03-30 13:49:59 ----A---- C:\Windows\system32\dmvdsitf.dll
2014-03-30 13:49:59 ----A---- C:\Windows\system32\ci.dll
2014-03-30 13:49:58 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2014-03-30 13:49:58 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2014-03-30 13:49:58 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2014-03-30 13:49:58 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2014-03-30 13:49:58 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-03-30 13:49:58 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-03-30 13:49:58 ----A---- C:\Windows\system32\fhengine.dll
2014-03-30 13:49:58 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-03-30 13:49:57 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2014-03-30 13:49:57 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2014-03-30 13:49:57 ----A---- C:\Windows\SYSWOW64\dmvdsitf.dll
2014-03-30 13:49:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-03-30 13:49:57 ----A---- C:\Windows\system32\Robocopy.exe
2014-03-30 13:49:57 ----A---- C:\Windows\system32\kdvm.dll
2014-03-30 13:49:57 ----A---- C:\Windows\system32\iuilp.dll
2014-03-30 13:49:56 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2014-03-30 13:49:56 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-03-30 13:49:56 ----A---- C:\Windows\system32\wscsvc.dll
2014-03-30 13:49:56 ----A---- C:\Windows\system32\mssvp.dll
2014-03-30 13:49:56 ----A---- C:\Windows\system32\kdnet.dll
2014-03-30 13:49:56 ----A---- C:\Windows\system32\GenuineCenter.dll
2014-03-30 13:49:56 ----A---- C:\Windows\system32\fmifs.dll
2014-03-30 13:49:56 ----A---- C:\Windows\system32\fhevents.dll
2014-03-30 13:49:56 ----A---- C:\Windows\system32\drivers\wanarp.sys
2014-03-30 13:49:56 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2014-03-30 13:49:56 ----A---- C:\Windows\system32\drivers\hidbth.sys
2014-03-30 13:49:56 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-03-30 13:49:55 ----A---- C:\Windows\SYSWOW64\fmifs.dll
2014-03-30 13:49:55 ----A---- C:\Windows\system32\msshooks.dll
2014-03-30 13:49:55 ----A---- C:\Windows\system32\fhsrchapi.dll
2014-03-30 13:49:55 ----A---- C:\Windows\system32\fhcfg.dll
2014-03-30 13:49:55 ----A---- C:\Windows\system32\fhcat.dll
2014-03-30 13:49:54 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2014-03-30 13:49:54 ----A---- C:\Windows\system32\rasdiag.dll
2014-03-30 13:49:54 ----A---- C:\Windows\system32\mssprxy.dll
2014-03-30 13:49:54 ----A---- C:\Windows\system32\mssphtb.dll
2014-03-30 13:49:54 ----A---- C:\Windows\system32\fhsvc.dll
2014-03-30 13:49:54 ----A---- C:\Windows\system32\fhshl.dll
2014-03-30 13:49:54 ----A---- C:\Windows\system32\fhmanagew.exe
2014-03-30 13:49:54 ----A---- C:\Windows\system32\fhlisten.dll
2014-03-30 13:49:54 ----A---- C:\Windows\system32\fhcleanup.dll
2014-03-30 13:49:53 ----A---- C:\Windows\SYSWOW64\rasser.dll
2014-03-30 13:49:53 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2014-03-30 13:49:53 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2014-03-30 13:49:53 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2014-03-30 13:49:53 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2014-03-30 13:49:53 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2014-03-30 13:49:53 ----A---- C:\Windows\system32\rasser.dll
2014-03-30 13:49:53 ----A---- C:\Windows\system32\rasmxs.dll
2014-03-30 13:49:53 ----A---- C:\Windows\system32\mssitlb.dll
2014-03-30 13:49:53 ----A---- C:\Windows\system32\msscntrs.dll
2014-03-30 13:49:53 ----A---- C:\Windows\system32\fhtask.dll
2014-03-30 13:49:53 ----A---- C:\Windows\system32\fhsrchph.dll
2014-03-30 13:49:53 ----A---- C:\Windows\system32\fhautoplay.dll
2014-03-30 13:49:52 ----A---- C:\Windows\system32\spwmp.dll
2014-03-30 13:49:52 ----A---- C:\Windows\system32\fhsvcctl.dll
2014-03-30 13:49:51 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-03-30 13:49:51 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-03-30 13:49:51 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-03-30 13:49:51 ----A---- C:\Windows\system32\wmploc.DLL
2014-03-30 13:49:51 ----A---- C:\Windows\system32\dxmasf.dll
2014-03-30 13:49:51 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2014-03-30 13:44:13 ----A---- C:\Windows\SYSWOW64\msctf.dll
2014-03-30 13:44:12 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-03-30 13:44:12 ----A---- C:\Windows\SYSWOW64\SettingSyncInfo.dll
2014-03-30 13:44:12 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2014-03-30 13:44:12 ----A---- C:\Windows\SYSWOW64\appmgr.dll
2014-03-30 13:44:11 ----A---- C:\Windows\SYSWOW64\mbsmsapi.dll
2014-03-30 13:44:01 ----A---- C:\Windows\system32\msctf.dll
2014-03-30 13:44:01 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-03-30 13:44:00 ----A---- C:\Windows\system32\shdocvw.dll
2014-03-30 13:43:59 ----A---- C:\Windows\system32\SettingSyncInfo.dll
2014-03-30 13:43:59 ----A---- C:\Windows\system32\SettingSync.dll
2014-03-30 13:43:59 ----A---- C:\Windows\system32\mbsmsapi.dll
2014-03-30 13:43:59 ----A---- C:\Windows\system32\appmgr.dll
2014-03-30 13:43:54 ----A---- C:\Windows\SYSWOW64\wvc.dll
2014-03-30 13:43:54 ----A---- C:\Windows\SYSWOW64\wdc.dll
2014-03-30 13:43:53 ----A---- C:\Windows\system32\wvc.dll
2014-03-30 13:43:53 ----A---- C:\Windows\system32\wdc.dll
2014-03-30 13:43:46 ----A---- C:\Windows\SYSWOW64\KBDKURD.DLL
2014-03-30 13:43:46 ----A---- C:\Windows\SYSWOW64\Display.dll
2014-03-30 13:43:45 ----A---- C:\Windows\system32\KBDKURD.DLL
2014-03-30 13:43:45 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-03-30 13:43:45 ----A---- C:\Windows\system32\drivers\hidi2c.sys
2014-03-30 13:43:45 ----A---- C:\Windows\system32\Display.dll
2014-03-30 13:42:01 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\wfdprov.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\ole32.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll
2014-03-30 13:42:00 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2014-03-30 13:41:59 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-03-30 13:41:55 ----A---- C:\Windows\system32\wlansvc.dll
2014-03-30 13:41:55 ----A---- C:\Windows\system32\wlansec.dll
2014-03-30 13:41:55 ----A---- C:\Windows\system32\wlanmsm.dll
2014-03-30 13:41:55 ----A---- C:\Windows\system32\wlanhlp.dll
2014-03-30 13:41:55 ----A---- C:\Windows\system32\wlanapi.dll
2014-03-30 13:41:55 ----A---- C:\Windows\system32\winhttp.dll
2014-03-30 13:41:55 ----A---- C:\Windows\system32\wfdprov.dll
2014-03-30 13:41:54 ----A---- C:\Windows\system32\wushareduxresources.dll
2014-03-30 13:41:54 ----A---- C:\Windows\system32\wuaext.dll
2014-03-30 13:41:54 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2014-03-30 13:41:54 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2014-03-30 13:41:54 ----A---- C:\Windows\system32\wcncsvc.dll
2014-03-30 13:41:54 ----A---- C:\Windows\system32\WcnApi.dll
2014-03-30 13:41:54 ----A---- C:\Windows\system32\fdWCN.dll
2014-03-30 13:41:54 ----A---- C:\Windows\system32\dafWCN.dll
2014-03-30 13:41:52 ----A---- C:\Windows\system32\rdpclip.exe
2014-03-30 13:41:49 ----A---- C:\Windows\system32\glcndFilter.dll
2014-03-30 13:41:48 ----A---- C:\Windows\system32\ole32.dll
2014-03-30 13:41:48 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2014-03-30 13:41:48 ----A---- C:\Windows\HelpPane.exe
2014-03-30 13:41:47 ----A---- C:\Windows\system32\EncDump.dll
2014-03-30 13:41:47 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-03-30 13:41:46 ----A---- C:\Windows\system32\iscsilog.dll
2014-03-30 13:41:45 ----A---- C:\Windows\system32\drivers\processr.sys
2014-03-30 13:41:45 ----A---- C:\Windows\system32\drivers\intelppm.sys
2014-03-30 13:41:45 ----A---- C:\Windows\system32\drivers\fxppm.sys
2014-03-30 13:41:45 ----A---- C:\Windows\system32\drivers\amdppm.sys
2014-03-30 13:41:45 ----A---- C:\Windows\system32\drivers\amdk8.sys
2014-03-30 13:22:48 ----A---- C:\Windows\AutoKMS.ini
2014-03-30 13:10:48 ----D---- C:\Program Files\Common Files\DESIGNER
2014-03-30 13:10:19 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-03-30 13:09:59 ----D---- C:\Windows\PCHEALTH
2014-03-30 13:09:59 ----D---- C:\Program Files\Microsoft Sync Framework
2014-03-30 13:09:59 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-03-30 13:08:07 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-30 13:07:30 ----D---- C:\Program Files\Microsoft Analysis Services
2014-03-30 13:07:30 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-03-30 13:07:22 ----D---- C:\ProgramData\Microsoft Help
2014-03-30 13:07:22 ----D---- C:\Program Files\Microsoft Office
2014-03-30 13:07:11 ----RHD---- C:\MSOCache
2014-03-30 12:54:35 ----D---- C:\Windows\system32\MRT
2014-03-30 12:54:33 ----A---- C:\Windows\system32\MRT.exe
2014-03-30 12:53:52 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-30 12:43:21 ----A---- C:\Windows\system32\msvcr100_clr0400.dll
2014-03-30 12:43:11 ----A---- C:\Windows\SYSWOW64\msvcr100_clr0400.dll
2014-03-30 12:40:15 ----A---- C:\Windows\system32\sppsvc.exe
2014-03-30 12:40:14 ----A---- C:\Windows\system32\WSService.dll
2014-03-30 12:40:14 ----A---- C:\Windows\system32\sppobjs.dll
2014-03-30 12:40:13 ----A---- C:\Windows\SYSWOW64\sppc.dll
2014-03-30 12:40:13 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-03-30 12:40:13 ----A---- C:\Windows\system32\sppwinob.dll
2014-03-30 12:40:13 ----A---- C:\Windows\system32\sppc.dll
2014-03-30 12:40:12 ----A---- C:\Windows\SYSWOW64\WSSync.dll
2014-03-30 12:40:12 ----A---- C:\Windows\SYSWOW64\WSClient.dll
2014-03-30 12:40:12 ----A---- C:\Windows\system32\WSSync.dll
2014-03-30 12:40:12 ----A---- C:\Windows\system32\WSClient.dll
2014-03-30 12:40:12 ----A---- C:\Windows\system32\drivers\dam.sys
2014-03-30 12:40:11 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-03-30 12:40:11 ----A---- C:\Windows\system32\setupcln.dll
2014-03-30 12:40:10 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2014-03-30 12:40:10 ----A---- C:\Windows\SYSWOW64\OEMLicense.dll
2014-03-30 12:40:10 ----A---- C:\Windows\system32\OEMLicense.dll
2014-03-30 12:36:47 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2014-03-30 12:36:46 ----A---- C:\Windows\system32\sysmain.dll
2014-03-30 12:36:45 ----A---- C:\Windows\system32\VSSVC.exe
2014-03-30 12:36:45 ----A---- C:\Windows\system32\netprofmsvc.dll
2014-03-30 12:36:45 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-03-30 12:36:45 ----A---- C:\Windows\system32\BCP47Langs.dll
2014-03-30 12:36:44 ----A---- C:\Windows\SYSWOW64\BCP47Langs.dll
2014-03-30 12:36:44 ----A---- C:\Windows\system32\netprofm.dll
2014-03-30 12:36:44 ----A---- C:\Windows\system32\gpprefcl.dll
2014-03-30 12:36:43 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2014-03-30 12:36:42 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2014-03-30 12:36:42 ----A---- C:\Windows\system32\taskhost.exe
2014-03-30 12:36:42 ----A---- C:\Windows\system32\stobject.dll
2014-03-30 12:36:42 ----A---- C:\Windows\system32\psmsrv.dll
2014-03-30 12:36:42 ----A---- C:\Windows\system32\netplwiz.dll
2014-03-30 12:36:42 ----A---- C:\Windows\system32\Magnify.exe
2014-03-30 12:36:42 ----A---- C:\Windows\system32\bisrv.dll
2014-03-30 12:36:42 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2014-03-30 12:36:41 ----A---- C:\Windows\SYSWOW64\stobject.dll
2014-03-30 12:36:41 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2014-03-30 12:36:41 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2014-03-30 12:36:41 ----A---- C:\Windows\system32\DevicePairing.dll
2014-03-30 12:36:40 ----A---- C:\Windows\SYSWOW64\netprofm.dll
2014-03-30 12:36:40 ----A---- C:\Windows\SYSWOW64\Magnify.exe
2014-03-30 12:36:40 ----A---- C:\Windows\SYSWOW64\DevicePairing.dll
2014-03-30 12:36:40 ----A---- C:\Windows\system32\taskhostex.exe
2014-03-30 12:36:40 ----A---- C:\Windows\system32\biwinrt.dll
2014-03-30 12:36:40 ----A---- C:\Windows\system32\AuthHost.exe
2014-03-30 12:36:39 ----A---- C:\Windows\SYSWOW64\biwinrt.dll
2014-03-30 12:36:38 ----A---- C:\Windows\system32\muifontsetup.dll
2014-03-30 12:36:37 ----A---- C:\Windows\SYSWOW64\npmproxy.dll
2014-03-30 12:36:37 ----A---- C:\Windows\SYSWOW64\nlmsprep.dll
2014-03-30 12:36:37 ----A---- C:\Windows\SYSWOW64\nlmproxy.dll
2014-03-30 12:36:37 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2014-03-30 12:36:15 ----A---- C:\Windows\SYSWOW64\mmc.exe
2014-03-30 12:36:15 ----A---- C:\Windows\system32\wlidsvc.dll
2014-03-30 12:36:15 ----A---- C:\Windows\system32\mmc.exe
2014-03-30 12:36:14 ----A---- C:\Windows\system32\srmstormod.dll
2014-03-30 12:36:13 ----A---- C:\Windows\system32\Windows.Media.dll
2014-03-30 12:36:13 ----A---- C:\Windows\system32\setupapi.dll
2014-03-30 12:36:12 ----A---- C:\Windows\SYSWOW64\srmstormod.dll
2014-03-30 12:36:12 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2014-03-30 12:36:12 ----A---- C:\Windows\system32\WSDMon.dll
2014-03-30 12:36:12 ----A---- C:\Windows\system32\lsm.dll
2014-03-30 12:36:12 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-03-30 12:36:12 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-03-30 12:36:12 ----A---- C:\Windows\system32\drivers\msgpiowin32.sys
2014-03-30 12:36:11 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2014-03-30 12:36:11 ----A---- C:\Windows\SYSWOW64\wiaacmgr.exe
2014-03-30 12:36:11 ----A---- C:\Windows\SYSWOW64\srmshell.dll
2014-03-30 12:36:11 ----A---- C:\Windows\SYSWOW64\srmscan.dll
2014-03-30 12:36:11 ----A---- C:\Windows\SYSWOW64\srmclient.dll
2014-03-30 12:36:11 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2014-03-30 12:36:11 ----A---- C:\Windows\SYSWOW64\adrclient.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\wiaacmgr.exe
2014-03-30 12:36:11 ----A---- C:\Windows\system32\srmtrace.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\srmshell.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\srmscan.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\srmclient.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\ncbservice.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\MP4SDECD.DLL
2014-03-30 12:36:11 ----A---- C:\Windows\system32\inetpp.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\httpprxm.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\adrclient.dll
2014-03-30 12:36:11 ----A---- C:\Windows\system32\adhsvc.dll
2014-03-30 12:36:10 ----A---- C:\Windows\SYSWOW64\srmtrace.dll
2014-03-30 12:36:10 ----A---- C:\Windows\SYSWOW64\srm_ps.dll
2014-03-30 12:36:10 ----A---- C:\Windows\SYSWOW64\srm.dll
2014-03-30 12:36:10 ----A---- C:\Windows\system32\srm_ps.dll
2014-03-30 12:36:10 ----A---- C:\Windows\system32\srm.dll
2014-03-30 12:36:10 ----A---- C:\Windows\system32\keepaliveprovider.dll
2014-03-30 12:36:10 ----A---- C:\Windows\system32\httpprxp.dll
2014-03-30 12:36:10 ----A---- C:\Windows\system32\adhapi.dll
2014-03-30 12:35:43 ----A---- C:\Windows\system32\wmpmde.dll
2014-03-30 12:35:43 ----A---- C:\Windows\system32\winmde.dll
2014-03-30 12:35:43 ----A---- C:\Windows\system32\mcmde.dll
2014-03-30 12:35:42 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2014-03-30 12:35:42 ----A---- C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-03-30 12:35:42 ----A---- C:\Windows\system32\Windows.Globalization.dll
2014-03-30 12:35:42 ----A---- C:\Windows\system32\TimeBrokerServer.dll
2014-03-30 12:35:42 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2014-03-30 12:35:41 ----A---- C:\Windows\SYSWOW64\winmde.dll
2014-03-30 12:35:41 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2014-03-30 12:35:41 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-03-30 12:35:41 ----A---- C:\Windows\system32\netcfgx.dll
2014-03-30 12:35:41 ----A---- C:\Windows\system32\drvstore.dll
2014-03-30 12:35:41 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-03-30 12:35:40 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2014-03-30 12:35:40 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2014-03-30 12:35:40 ----A---- C:\Windows\system32\usbmon.dll
2014-03-30 12:35:40 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2014-03-30 12:35:39 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2014-03-30 12:35:39 ----A---- C:\Windows\system32\discan.dll
2014-03-30 12:35:38 ----A---- C:\Windows\system32\WSDPrintProxy.DLL
2014-03-30 12:35:38 ----A---- C:\Windows\system32\NdisImPlatform.dll
2014-03-30 12:35:38 ----A---- C:\Windows\system32\fsquirt.exe
2014-03-30 12:35:38 ----A---- C:\Windows\system32\drivers\storahci.sys
2014-03-30 12:35:38 ----A---- C:\Windows\system32\DevDispItemProvider.dll
2014-03-30 12:35:37 ----A---- C:\Windows\SYSWOW64\DevDispItemProvider.dll
2014-03-30 12:35:37 ----A---- C:\Windows\system32\drivers\mouhid.sys
2014-03-30 12:35:37 ----A---- C:\Windows\system32\drivers\monitor.sys
2014-03-30 12:35:37 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2014-03-30 12:35:37 ----A---- C:\Windows\system32\drivers\bthenum.sys
2014-03-30 12:32:55 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-03-30 12:32:55 ----A---- C:\Windows\system32\BFE.DLL
2014-03-30 12:32:54 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2014-03-30 12:32:26 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-03-30 12:32:26 ----A---- C:\Windows\system32\msxml3.dll
2014-03-30 12:31:47 ----A---- C:\Windows\system32\drivers\afd.sys
2014-03-30 12:31:40 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-03-30 12:31:40 ----A---- C:\Windows\system32\comctl32.dll
2014-03-30 12:31:38 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-03-30 12:31:38 ----A---- C:\Windows\system32\synceng.dll
2014-03-30 12:31:31 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-03-30 12:31:31 ----A---- C:\Windows\system32\imagehlp.dll
2014-03-30 12:31:30 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-03-30 12:31:30 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-03-30 12:29:15 ----A---- C:\Windows\system32\consent.exe
2014-03-30 12:29:15 ----A---- C:\Windows\system32\appinfo.dll
2014-03-30 12:26:56 ----A---- C:\Windows\SYSWOW64\duser.dll
2014-03-30 12:26:56 ----A---- C:\Windows\system32\wlroamextension.dll
2014-03-30 12:26:56 ----A---- C:\Windows\system32\ncsi.dll
2014-03-30 12:26:56 ----A---- C:\Windows\system32\duser.dll
2014-03-30 12:26:55 ----A---- C:\Windows\SYSWOW64\wlroamextension.dll
2014-03-30 12:26:55 ----A---- C:\Windows\system32\WWanAPI.dll
2014-03-30 12:26:55 ----A---- C:\Windows\system32\Windows.Networking.Connectivity.dll
2014-03-30 12:26:55 ----A---- C:\Windows\system32\hotspotauth.dll
2014-03-30 12:26:54 ----A---- C:\Windows\SYSWOW64\WWanAPI.dll
2014-03-30 12:26:54 ----A---- C:\Windows\SYSWOW64\Windows.Networking.Connectivity.dll
2014-03-30 12:26:54 ----A---- C:\Windows\SYSWOW64\tasklist.exe
2014-03-30 12:26:54 ----A---- C:\Windows\SYSWOW64\taskkill.exe
2014-03-30 12:26:54 ----A---- C:\Windows\system32\wpd_ci.dll
2014-03-30 12:26:54 ----A---- C:\Windows\system32\wersvc.dll
2014-03-30 12:26:54 ----A---- C:\Windows\system32\tasklist.exe
2014-03-30 12:26:54 ----A---- C:\Windows\system32\taskkill.exe
2014-03-30 12:26:54 ----A---- C:\Windows\system32\nlasvc.dll
2014-03-30 12:26:54 ----A---- C:\Windows\system32\drivers\ks.sys
2014-03-30 12:26:53 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2014-03-30 12:26:53 ----A---- C:\Windows\system32\nlaapi.dll
2014-03-30 12:26:48 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-03-30 12:26:47 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-03-30 12:26:19 ----A---- C:\Windows\system32\crypt32.dll
2014-03-30 12:26:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-03-30 12:26:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-03-30 12:26:05 ----A---- C:\Windows\SYSWOW64\certutil.exe
2014-03-30 12:26:05 ----A---- C:\Windows\system32\cryptnet.dll
2014-03-30 12:26:05 ----A---- C:\Windows\system32\certutil.exe
2014-03-30 12:26:00 ----A---- C:\Windows\system32\win32k.sys
2014-03-30 12:25:59 ----A---- C:\Windows\system32\gdi32.dll
2014-03-30 12:25:58 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-03-30 12:25:57 ----A---- C:\Windows\system32\win32spl.dll
2014-03-30 12:25:38 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-03-30 12:25:38 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-03-30 12:25:20 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-03-30 12:25:20 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-03-30 12:25:19 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-03-30 12:25:19 ----A---- C:\Windows\system32\rpcrt4.dll
2014-03-30 12:25:11 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-03-30 12:25:11 ----A---- C:\Windows\system32\DWrite.dll
2014-03-30 12:24:54 ----A---- C:\Windows\system32\drivers\usbprint.sys
2014-03-30 12:24:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-03-30 12:24:23 ----A---- C:\Windows\SYSWOW64\lpk.dll
2014-03-30 12:24:23 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-03-30 12:24:23 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2014-03-30 12:24:23 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-03-30 12:24:23 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-03-30 12:24:23 ----A---- C:\Windows\system32\vbscript.dll
2014-03-30 12:24:23 ----A---- C:\Windows\system32\lpk.dll
2014-03-30 12:24:23 ----A---- C:\Windows\system32\fontsub.dll
2014-03-30 12:24:23 ----A---- C:\Windows\system32\dciman32.dll
2014-03-30 12:24:23 ----A---- C:\Windows\system32\atmlib.dll
2014-03-30 12:24:23 ----A---- C:\Windows\system32\atmfd.dll
2014-03-30 12:23:58 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2014-03-30 12:23:58 ----A---- C:\Windows\system32\GdiPlus.dll
2014-03-30 12:23:57 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-03-30 12:23:57 ----A---- C:\Windows\system32\msdrm.dll
2014-03-30 12:23:57 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-03-30 12:23:39 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-03-30 12:23:39 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-03-30 12:23:39 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-03-30 12:23:39 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-03-30 12:23:39 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-03-30 12:23:39 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-03-30 12:23:39 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-03-30 12:23:39 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-03-30 12:23:25 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-03-30 12:23:25 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-03-30 12:23:17 ----A---- C:\Windows\system32\d3d10warp.dll
2014-03-30 12:23:17 ----A---- C:\Windows\system32\d2d1.dll
2014-03-30 12:23:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-03-30 12:23:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-03-30 12:22:47 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-03-30 12:22:47 ----A---- C:\Windows\system32\wintrust.dll
2014-03-30 12:22:47 ----A---- C:\Windows\system32\cryptsvc.dll
2014-03-30 12:22:47 ----A---- C:\Windows\system32\apprepapi.dll
2014-03-30 12:22:46 ----A---- C:\Windows\SYSWOW64\apprepsync.dll
2014-03-30 12:22:46 ----A---- C:\Windows\SYSWOW64\apprepapi.dll
2014-03-30 12:22:46 ----A---- C:\Windows\system32\apprepsync.dll
2014-03-30 12:22:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-03-30 12:22:26 ----A---- C:\Windows\system32\schannel.dll
2014-03-30 12:21:43 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2014-03-30 12:21:43 ----A---- C:\Windows\system32\ReAgentc.exe
2014-03-30 12:21:13 ----A---- C:\Windows\SYSWOW64\untfs.dll
2014-03-30 12:21:13 ----A---- C:\Windows\SYSWOW64\autochk.exe
2014-03-30 12:21:13 ----A---- C:\Windows\system32\untfs.dll
2014-03-30 12:21:13 ----A---- C:\Windows\system32\autochk.exe
2014-03-30 12:21:08 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2014-03-30 12:21:08 ----A---- C:\Windows\system32\sysreset.exe
2014-03-30 12:21:08 ----A---- C:\Windows\system32\resetengmig.dll
2014-03-30 12:21:08 ----A---- C:\Windows\system32\reseteng.dll
2014-03-30 12:21:08 ----A---- C:\Windows\system32\ReAgent.dll
2014-03-30 12:20:23 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-30 12:20:23 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-30 12:20:23 ----A---- C:\Windows\system32\pcasvc.dll
2014-03-30 12:20:23 ----A---- C:\Windows\system32\pcalua.exe
2014-03-30 12:20:23 ----A---- C:\Windows\system32\pcaevts.dll
2014-03-30 12:20:23 ----A---- C:\Windows\system32\pcadm.dll
2014-03-30 12:20:20 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2014-03-30 12:20:20 ----A---- C:\Windows\SYSWOW64\dpnlobby.dll
2014-03-30 12:20:20 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2014-03-30 12:20:20 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2014-03-30 12:20:20 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-03-30 12:20:20 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2014-03-30 12:20:20 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2014-03-30 12:20:20 ----A---- C:\Windows\system32\drivers\http.sys
2014-03-30 12:20:20 ----A---- C:\Windows\system32\dpnsvr.exe
2014-03-30 12:20:20 ----A---- C:\Windows\system32\dpnlobby.dll
2014-03-30 12:20:20 ----A---- C:\Windows\system32\dpnhupnp.dll
2014-03-30 12:20:20 ----A---- C:\Windows\system32\dpnhpast.dll
2014-03-30 12:20:20 ----A---- C:\Windows\system32\dpnet.dll
2014-03-30 12:20:20 ----A---- C:\Windows\system32\dpnathlp.dll
2014-03-30 12:20:20 ----A---- C:\Windows\system32\dpnaddr.dll
2014-03-30 12:20:20 ----A---- C:\Windows\system32\d3d11.dll
2014-03-30 12:20:19 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-03-30 12:20:19 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2014-03-30 12:20:19 ----A---- C:\Windows\system32\drivers\UCX01000.SYS
2014-03-30 12:20:00 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-03-30 12:20:00 ----A---- C:\Windows\SYSWOW64\scrobj.dll
2014-03-30 12:20:00 ----A---- C:\Windows\SYSWOW64\esent.dll
2014-03-30 12:20:00 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-03-30 12:20:00 ----A---- C:\Windows\system32\scrrun.dll
2014-03-30 12:20:00 ----A---- C:\Windows\system32\scrobj.dll
2014-03-30 12:20:00 ----A---- C:\Windows\system32\cscript.exe
2014-03-30 12:19:59 ----A---- C:\Windows\system32\esent.dll
2014-03-30 12:19:28 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-03-30 12:19:28 ----A---- C:\Windows\system32\WMPhoto.dll
2014-03-30 12:18:03 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-30 12:18:03 ----A---- C:\Windows\system32\qedit.dll
2014-03-30 12:18:02 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2014-03-30 12:18:02 ----A---- C:\Windows\system32\cryptdlg.dll
2014-03-30 12:18:01 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-30 12:18:01 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-30 12:17:14 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2014-03-30 12:17:14 ----A---- C:\Windows\system32\SysFxUI.dll
2014-03-30 12:17:14 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-03-30 12:17:14 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2014-03-30 12:17:14 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-03-30 12:16:41 ----A---- C:\Windows\system32\twinui.dll
2014-03-30 12:16:40 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-03-30 12:16:39 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-03-30 12:16:39 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-03-30 12:16:39 ----A---- C:\Windows\system32\drivers\pdc.sys
2014-03-30 12:16:39 ----A---- C:\Windows\system32\authui.dll
2014-03-30 12:16:39 ----A---- C:\Windows\system32\actxprxy.dll
2014-03-30 12:15:51 ----A---- C:\Windows\system32\tssdisai.dll
2014-03-30 12:15:50 ----A---- C:\Windows\system32\VmHostAI.dll
2014-03-30 12:15:50 ----A---- C:\Windows\system32\RDWebAI.dll
2014-03-30 12:15:50 ----A---- C:\Windows\system32\appserverai.dll
2014-03-30 12:15:49 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-03-30 12:15:49 ----A---- C:\Windows\system32\poqexec.exe
2014-03-30 12:15:40 ----A---- C:\Windows\system32\msxml6.dll
2014-03-30 12:15:39 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-03-30 12:15:39 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-03-30 12:15:39 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-03-30 12:15:39 ----A---- C:\Windows\system32\msxml6r.dll
2014-03-30 12:15:39 ----A---- C:\Windows\system32\msxml3r.dll
2014-03-30 12:15:33 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-03-30 12:15:33 ----A---- C:\Windows\system32\tzres.dll
2014-03-30 12:15:30 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-03-30 12:15:30 ----A---- C:\Windows\system32\msieftp.dll
2014-03-30 12:10:03 ----D---- C:\Users\Rastislav\AppData\Roaming\CyberLink
2014-03-30 11:53:32 ----D---- C:\Users\Rastislav\AppData\Roaming\HewlettPackard
2014-03-30 11:46:44 ----D---- C:\ProgramData\VS Revo Group
2014-03-30 11:46:44 ----A---- C:\Windows\system32\drivers\revoflt.sys
2014-03-30 11:46:41 ----D---- C:\Program Files\VS Revo Group
2014-03-30 11:22:03 ----A---- C:\Windows\system32\drivers\jmcr.sys
2014-03-30 11:20:25 ----A---- C:\Windows\system32\netcfg-1021562.txt
2014-03-30 11:20:21 ----A---- C:\Windows\SYSWOW64\LOCALSERVICE.INI
2014-03-30 11:20:21 ----A---- C:\Windows\SYSWOW64\LOCALDEVICE.INI
2014-03-30 11:20:19 ----A---- C:\Windows\SYSWOW64\RaCheckBTDev.ini
2014-03-30 11:20:19 ----A---- C:\Windows\system32\RaCheckBTDev.ini
2014-03-30 11:20:13 ----A---- C:\Windows\system32\netcfg-1009578.txt
2014-03-30 11:20:13 ----A---- C:\Windows\system32\netcfg-1009078.txt
2014-03-30 11:20:07 ----D---- C:\Users\Rastislav\AppData\Roaming\InstallShield
2014-03-30 11:14:11 ----D---- C:\ProgramData\Ralink Bluetooth Stack
2014-03-30 11:14:10 ----D---- C:\Program Files (x86)\Ralink Corporation
2014-03-30 11:13:50 ----A---- C:\Windows\system32\netcfg-626265.txt
2014-03-30 11:13:50 ----A---- C:\Windows\system32\netcfg-626046.txt
2014-03-30 10:57:53 ----A---- C:\Windows\system32\unrar64.dll
2014-03-30 10:57:52 ----A---- C:\Windows\SYSWOW64\unrar.dll
2014-03-30 10:57:46 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-03-30 10:56:01 ----D---- C:\Program Files (x86)\Adobe
2014-03-30 10:55:46 ----D---- C:\ProgramData\Adobe
2014-03-30 10:55:28 ----D---- C:\Windows\SYSWOW64\Adobe
2014-03-30 10:46:00 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-30 10:42:07 ----D---- C:\Users\Rastislav\AppData\Roaming\OpenOffice
2014-03-30 10:41:28 ----D---- C:\Program Files (x86)\OpenOffice 4
2014-03-30 10:36:20 ----D---- C:\Users\Rastislav\AppData\Roaming\GHISLER
2014-03-30 10:36:20 ----D---- C:\Program Files\totalcmd
2014-03-30 10:33:12 ----D---- C:\Users\Rastislav\AppData\Roaming\WinArchiver
2014-03-30 10:29:33 ----A---- C:\Windows\system32\drivers\waemu.sys
2014-03-30 10:29:32 ----D---- C:\Program Files (x86)\WinArchiver
2014-03-30 09:51:25 ----D---- C:\Users\Rastislav\AppData\Roaming\WinRAR
2014-03-30 09:51:12 ----D---- C:\Program Files\WinRAR
2014-03-30 09:35:29 ----D---- C:\Program Files (x86)\Google
2014-03-30 09:08:28 ----A---- C:\Windows\system32\netcfg-755890.txt
2014-03-30 09:07:56 ----A---- C:\Windows\system32\netcfg-724140.txt
2014-03-30 09:02:03 ----D---- C:\Users\Rastislav\AppData\Roaming\Hewlett-Packard
2014-03-30 09:00:04 ----D---- C:\Users\Rastislav\AppData\Roaming\hpqlog
2014-03-30 09:00:02 ----D---- C:\Users\Rastislav\AppData\Roaming\ATI
2014-03-30 08:59:22 ----D---- C:\Users\Rastislav\AppData\Roaming\Identities
2014-03-30 08:59:11 ----D---- C:\Users\Rastislav\AppData\Roaming\Synaptics
2014-03-30 08:58:47 ----D---- C:\Users\Rastislav\AppData\Roaming\DigitalPersona
2014-03-30 08:55:19 ----SD---- C:\Users\Rastislav\AppData\Roaming\Microsoft
2014-03-30 08:55:19 ----D---- C:\Users\Rastislav\AppData\Roaming\Adobe
2014-03-30 08:48:46 ----A---- C:\Windows\system32\netcfg-329125.txt