VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vir v notebooků

https://forum.viry.cz:443/viewtopic.php?t=151167

Stránka 1 z 1

Vir v notebooků

Napsal: 18 led 2017 13:22
od NellyF
Dobrý den,
Chtěla bych někoho z vás poprosit o pomoc. Já sprostá sem si stáhla soubor, kde sem měla překvapení od ruských kamarádů v podobě Windows 32 malwere gen. Něco se mi povedlo odstranít esetem, ale furt když zapnu notebook jako prvý se mi otevře tabulka, že k souboru není přidružen program. A když jsme otevřela operu prohlížeč hned na úvod ruský vyhledávač. Jsem zoufalá a vůbec nevím co dělat. Vím že jsem udělala chybu ale nenašel by se někdo kdo by mi věděl pomoc prosím.

Re: Vir v notebooků

Napsal: 18 led 2017 15:54
od Roli
Zdravím,

jelikož z křišťálové koule zatím věštit neumím, dej mi sem prosím podle návodu log.txt z Rsit.

Re: Vir v notebooků

Napsal: 18 led 2017 17:02
od NellyF
Logfile of random's system information tool 1.14 (written by random/random)
Run by Nelly Freharová at 2017-01-18 16:42:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 379 GB (79%) free of 477 GB
Total RAM: 2811 MB (63% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:42:40, on 18.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Nelly Freharová\Pictures\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Nelly Freharová_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://search.avast.com/AV772/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avast.com/AV772/search/w ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avast.com/AV772/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://search.avast.com/AV772/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avast.com/AV772/search/w ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avast.com/AV772/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noblocking.biz/wpad.dat?c617350c ... a922730178
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [ycmocfihcx] explorer "http://rigneda.ru/?utm_source=uoua03&ut ... d=20170114"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe

--
End of file - 5886 bytes

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8C31F27B-BE8A-4e4b-A478-17760AF1F5D9}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8C31F27B-BE8A-4e4b-A478-17760AF1F5D9}]
"URL"=https://search.avast.com/AV772/search/w ... earchTerms}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ycmocfihcx"=explorer http://rigneda.ru/?utm_source=uoua03&ut ... d=20170114 []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-18 16:42:34 ----D---- C:\rsit
2017-01-18 16:42:34 ----D---- C:\Program Files (x86)\trend micro
2017-01-16 21:15:44 ----A---- C:\Windows\SysWOW64\dfshim.dll
2017-01-16 21:15:11 ----A---- C:\Windows\SysWOW64\mstscax.dll
2017-01-16 21:15:00 ----A---- C:\Windows\SysWOW64\mshtml.dll
2017-01-16 21:14:55 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2017-01-16 21:14:53 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2017-01-16 21:14:53 ----A---- C:\Windows\SysWOW64\mfc40.dll
2017-01-16 21:14:30 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2017-01-16 21:14:24 ----A---- C:\Windows\SysWOW64\d2d1.dll
2017-01-16 21:14:22 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2017-01-16 21:14:19 ----A---- C:\Windows\SysWOW64\shell32.dll
2017-01-16 21:14:16 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2017-01-16 21:14:14 ----A---- C:\Windows\SysWOW64\secproc.dll
2017-01-16 21:14:13 ----A---- C:\Windows\SysWOW64\ieframe.dll
2017-01-16 21:14:12 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2017-01-16 21:14:02 ----A---- C:\Windows\SysWOW64\mscoree.dll
2017-01-16 21:13:57 ----A---- C:\Windows\SysWOW64\mf.dll
2017-01-16 21:13:52 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2017-01-16 21:13:50 ----A---- C:\Windows\SysWOW64\mssrch.dll
2017-01-16 21:13:50 ----A---- C:\Windows\SysWOW64\iertutil.dll
2017-01-16 21:13:48 ----A---- C:\Windows\explorer.exe
2017-01-16 21:13:47 ----A---- C:\Windows\SysWOW64\wmp.dll
2017-01-16 21:13:45 ----A---- C:\Windows\SysWOW64\esent.dll
2017-01-16 21:13:43 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2017-01-16 21:13:43 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2017-01-16 21:13:38 ----A---- C:\Windows\SysWOW64\tquery.dll
2017-01-16 21:13:34 ----A---- C:\Windows\SysWOW64\RacEngn.dll
2017-01-16 21:13:32 ----A---- C:\Windows\SysWOW64\AuthFWSnapin.dll
2017-01-16 21:13:28 ----A---- C:\Windows\SysWOW64\wininet.dll
2017-01-16 21:13:27 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2017-01-16 21:13:25 ----A---- C:\Windows\SysWOW64\ole32.dll
2017-01-16 21:13:24 ----A---- C:\Windows\SysWOW64\urlmon.dll
2017-01-16 21:13:21 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2017-01-16 21:13:20 ----A---- C:\Windows\SysWOW64\vssapi.dll
2017-01-16 21:13:20 ----A---- C:\Windows\SysWOW64\SearchFolder.dll
2017-01-16 21:13:20 ----A---- C:\Windows\SysWOW64\DWrite.dll
2017-01-16 21:13:19 ----A---- C:\Windows\SysWOW64\explorer.exe
2017-01-16 21:13:19 ----A---- C:\Windows\SysWOW64\d3d9.dll
2017-01-16 21:13:18 ----A---- C:\Windows\SysWOW64\taskschd.dll
2017-01-16 21:13:16 ----A---- C:\Windows\SysWOW64\crypt32.dll
2017-01-16 21:13:13 ----A---- C:\Windows\SysWOW64\mstsc.exe
2017-01-16 21:13:11 ----A---- C:\Windows\SysWOW64\ntdll.dll
2017-01-16 21:13:11 ----A---- C:\Windows\SysWOW64\kerberos.dll
2017-01-16 21:13:10 ----A---- C:\Windows\SysWOW64\wer.dll
2017-01-16 21:13:10 ----A---- C:\Windows\SysWOW64\certcli.dll
2017-01-16 21:13:08 ----A---- C:\Windows\SysWOW64\msxml6.dll
2017-01-16 21:13:07 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2017-01-16 21:13:06 ----A---- C:\Windows\SysWOW64\odbc32.dll
2017-01-16 21:13:05 ----A---- C:\Windows\SysWOW64\tcpmonui.dll
2017-01-16 21:13:04 ----A---- C:\Windows\SysWOW64\mstime.dll
2017-01-16 21:13:02 ----A---- C:\Windows\SysWOW64\quartz.dll
2017-01-16 21:13:01 ----A---- C:\Windows\SysWOW64\TSWorkspace.dll
2017-01-16 21:13:00 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2017-01-16 21:13:00 ----A---- C:\Windows\SysWOW64\tsmf.dll
2017-01-16 21:13:00 ----A---- C:\Windows\SysWOW64\dot3api.dll
2017-01-16 21:12:59 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2017-01-16 21:12:59 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2017-01-16 21:12:58 ----A---- C:\Windows\SysWOW64\winhttp.dll
2017-01-16 21:12:58 ----A---- C:\Windows\SysWOW64\setupapi.dll
2017-01-16 21:12:56 ----A---- C:\Windows\SysWOW64\apphelp.dll
2017-01-16 21:12:52 ----A---- C:\Windows\SysWOW64\MSVidCtl.dll
2017-01-16 21:12:51 ----A---- C:\Windows\SysWOW64\dbgeng.dll
2017-01-16 21:12:49 ----A---- C:\Windows\SysWOW64\netlogon.dll
2017-01-16 21:12:48 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2017-01-16 21:12:48 ----A---- C:\Windows\SysWOW64\d3d11.dll
2017-01-16 21:12:46 ----A---- C:\Windows\SysWOW64\netcfgx.dll
2017-01-16 21:12:44 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2017-01-16 21:12:38 ----A---- C:\Windows\SysWOW64\webio.dll
2017-01-16 21:12:37 ----A---- C:\Windows\SysWOW64\Query.dll
2017-01-16 21:12:35 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2017-01-16 21:12:34 ----A---- C:\Windows\SysWOW64\advapi32.dll
2017-01-16 21:12:33 ----A---- C:\Windows\SysWOW64\upnp.dll
2017-01-16 21:12:32 ----A---- C:\Windows\SysWOW64\schannel.dll
2017-01-16 21:12:32 ----A---- C:\Windows\SysWOW64\DShowRdpFilter.dll
2017-01-16 21:12:31 ----A---- C:\Windows\SysWOW64\mmcndmgr.dll
2017-01-16 21:12:28 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2017-01-16 21:12:28 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2017-01-16 21:12:27 ----A---- C:\Windows\SysWOW64\imapi2fs.dll
2017-01-16 21:12:25 ----A---- C:\Windows\SysWOW64\msdrm.dll
2017-01-16 21:12:25 ----A---- C:\Windows\SysWOW64\authui.dll
2017-01-16 21:12:23 ----A---- C:\Windows\SysWOW64\SessEnv.dll
2017-01-16 21:12:20 ----A---- C:\Windows\SysWOW64\PortableDeviceApi.dll
2017-01-16 21:12:19 ----A---- C:\Windows\SysWOW64\usp10.dll
2017-01-16 21:12:19 ----A---- C:\Windows\SysWOW64\shlwapi.dll
2017-01-16 21:12:17 ----A---- C:\Windows\SysWOW64\mcbuilder.exe
2017-01-16 21:12:14 ----A---- C:\Windows\SysWOW64\userenv.dll
2017-01-16 21:12:14 ----A---- C:\Windows\SysWOW64\certmgr.dll
2017-01-16 21:12:13 ----A---- C:\Windows\SysWOW64\kernel32.dll
2017-01-16 21:12:12 ----A---- C:\Windows\SysWOW64\xpsservices.dll
2017-01-16 21:12:12 ----A---- C:\Windows\SysWOW64\WebClnt.dll
2017-01-16 21:12:12 ----A---- C:\Windows\SysWOW64\drvstore.dll
2017-01-16 21:12:12 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll
2017-01-16 21:12:10 ----A---- C:\Windows\SysWOW64\comdlg32.dll
2017-01-16 21:12:03 ----A---- C:\Windows\SysWOW64\cmd.exe
2017-01-16 21:11:59 ----A---- C:\Windows\SysWOW64\framedynos.dll
2017-01-16 21:11:59 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2017-01-16 21:11:58 ----A---- C:\Windows\SysWOW64\win32spl.dll
2017-01-16 21:11:58 ----A---- C:\Windows\SysWOW64\propsys.dll
2017-01-16 21:11:57 ----A---- C:\Windows\SysWOW64\Wldap32.dll
2017-01-16 21:11:57 ----A---- C:\Windows\SysWOW64\mfds.dll
2017-01-16 21:11:53 ----A---- C:\Windows\SysWOW64\user32.dll
2017-01-16 21:11:48 ----A---- C:\Windows\SysWOW64\ncsi.dll
2017-01-16 21:11:48 ----A---- C:\Windows\SysWOW64\azroles.dll
2017-01-16 21:11:40 ----A---- C:\Windows\SysWOW64\themeui.dll
2017-01-16 21:11:39 ----A---- C:\Windows\SysWOW64\credui.dll
2017-01-16 21:11:38 ----A---- C:\Windows\SysWOW64\taskeng.exe
2017-01-16 21:11:38 ----A---- C:\Windows\SysWOW64\spp.dll
2017-01-16 21:11:38 ----A---- C:\Windows\SysWOW64\dhcpcore.dll
2017-01-16 21:11:38 ----A---- C:\Windows\splwow64.exe
2017-01-16 21:11:37 ----A---- C:\Windows\SysWOW64\mswsock.dll
2017-01-16 21:11:37 ----A---- C:\Windows\SysWOW64\jscript.dll
2017-01-16 21:11:37 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2017-01-16 21:11:34 ----A---- C:\Windows\SysWOW64\wintrust.dll
2017-01-16 21:11:34 ----A---- C:\Windows\SysWOW64\basecsp.dll
2017-01-16 21:11:33 ----A---- C:\Windows\SysWOW64\mfreadwrite.dll
2017-01-16 21:11:32 ----A---- C:\Windows\SysWOW64\msxml3.dll
2017-01-16 21:11:32 ----A---- C:\Windows\SysWOW64\dxgi.dll
2017-01-16 21:11:32 ----A---- C:\Windows\SysWOW64\dbghelp.dll
2017-01-16 21:11:31 ----A---- C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-01-16 21:11:29 ----A---- C:\Windows\SysWOW64\taskcomp.dll
2017-01-16 21:11:26 ----A---- C:\Windows\SysWOW64\evr.dll
2017-01-16 21:11:23 ----A---- C:\Windows\SysWOW64\WinSATAPI.dll
2017-01-16 21:11:22 ----A---- C:\Windows\SysWOW64\calc.exe
2017-01-16 21:11:16 ----A---- C:\Windows\SysWOW64\EncDec.dll
2017-01-16 21:11:14 ----A---- C:\Windows\SysWOW64\sqlsrv32.dll
2017-01-16 21:11:10 ----A---- C:\Windows\SysWOW64\UIRibbon.dll
2017-01-16 21:11:08 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2017-01-16 21:11:07 ----A---- C:\Windows\SysWOW64\sxs.dll
2017-01-16 21:11:06 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2017-01-16 21:11:04 ----A---- C:\Windows\SysWOW64\netshell.dll
2017-01-16 21:11:03 ----A---- C:\Windows\SysWOW64\ws2_32.dll
2017-01-16 21:11:03 ----A---- C:\Windows\SysWOW64\stobject.dll
2017-01-16 21:10:59 ----A---- C:\Windows\SysWOW64\gdi32.dll
2017-01-16 21:10:58 ----A---- C:\Windows\SysWOW64\comctl32.dll
2017-01-16 21:10:57 ----A---- C:\Windows\SysWOW64\prncache.dll
2017-01-16 21:10:56 ----A---- C:\Windows\SysWOW64\printui.dll
2017-01-16 21:10:55 ----A---- C:\Windows\SysWOW64\msi.dll
2017-01-16 21:10:54 ----A---- C:\Windows\SysWOW64\WSDApi.dll
2017-01-16 21:10:54 ----A---- C:\Windows\SysWOW64\wmpeffects.dll
2017-01-16 21:10:53 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2017-01-16 21:10:53 ----A---- C:\Windows\SysWOW64\net1.exe
2017-01-16 21:10:50 ----A---- C:\Windows\SysWOW64\scansetting.dll
2017-01-16 21:10:50 ----A---- C:\Windows\SysWOW64\mfc42u.dll
2017-01-16 21:10:46 ----A---- C:\Windows\SysWOW64\MMDevAPI.dll
2017-01-16 21:10:46 ----A---- C:\Windows\SysWOW64\davclnt.dll
2017-01-16 21:10:45 ----A---- C:\Windows\SysWOW64\WMVCORE.DLL
2017-01-16 21:10:44 ----A---- C:\Windows\SysWOW64\wlangpui.dll
2017-01-16 21:10:43 ----A---- C:\Windows\SysWOW64\aaclient.dll
2017-01-16 21:10:40 ----A---- C:\Windows\SysWOW64\QSHVHOST.DLL
2017-01-16 21:10:38 ----A---- C:\Windows\SysWOW64\wpdshext.dll
2017-01-16 21:10:38 ----A---- C:\Windows\SysWOW64\t2embed.dll
2017-01-16 21:10:38 ----A---- C:\Windows\SysWOW64\pnidui.dll
2017-01-16 21:10:37 ----A---- C:\Windows\SysWOW64\webservices.dll
2017-01-16 21:10:37 ----A---- C:\Windows\SysWOW64\fde.dll
2017-01-16 21:10:36 ----A---- C:\Windows\SysWOW64\SyncCenter.dll
2017-01-16 21:10:36 ----A---- C:\Windows\SysWOW64\netdiagfx.dll
2017-01-16 21:10:34 ----A---- C:\Windows\SysWOW64\wuapi.dll
2017-01-16 21:10:34 ----A---- C:\Windows\SysWOW64\wscapi.dll
2017-01-16 21:10:26 ----A---- C:\Windows\SysWOW64\WinSCard.dll
2017-01-16 21:10:25 ----A---- C:\Windows\SysWOW64\pla.dll
2017-01-16 21:10:25 ----A---- C:\Windows\SysWOW64\msasn1.dll
2017-01-16 21:10:21 ----A---- C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-01-16 21:10:20 ----A---- C:\Windows\SysWOW64\rdpcore.dll
2017-01-16 21:10:19 ----A---- C:\Windows\SysWOW64\winsta.dll
2017-01-16 21:10:15 ----A---- C:\Windows\SysWOW64\iepeers.dll
2017-01-16 21:10:13 ----A---- C:\Windows\SysWOW64\imapi2.dll
2017-01-16 21:10:12 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2017-01-16 21:10:10 ----A---- C:\Windows\SysWOW64\gameux.dll
2017-01-16 21:10:10 ----A---- C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-01-16 21:10:06 ----A---- C:\Windows\SysWOW64\onex.dll
2017-01-16 21:10:05 ----A---- C:\Windows\SysWOW64\WMPEncEn.dll
2017-01-16 21:10:04 ----A---- C:\Windows\SysWOW64\winmm.dll
2017-01-16 21:10:04 ----A---- C:\Windows\SysWOW64\shsvcs.dll
2017-01-16 21:10:04 ----A---- C:\Windows\SysWOW64\mssvp.dll
2017-01-16 21:10:02 ----A---- C:\Windows\SysWOW64\hbaapi.dll
2017-01-16 21:10:02 ----A---- C:\Windows\SysWOW64\autofmt.exe
2017-01-16 21:10:00 ----A---- C:\Windows\SysWOW64\netiohlp.dll
2017-01-16 21:10:00 ----A---- C:\Windows\SysWOW64\autochk.exe
2017-01-16 21:09:59 ----A---- C:\Windows\SysWOW64\samcli.dll
2017-01-16 21:09:58 ----A---- C:\Windows\SysWOW64\proquota.exe
2017-01-16 21:09:58 ----A---- C:\Windows\SysWOW64\msutb.dll
2017-01-16 21:09:58 ----A---- C:\Windows\SysWOW64\IPHLPAPI.DLL
2017-01-16 21:09:57 ----A---- C:\Windows\SysWOW64\thumbcache.dll
2017-01-16 21:09:57 ----A---- C:\Windows\SysWOW64\msinfo32.exe
2017-01-16 21:09:57 ----A---- C:\Windows\SysWOW64\autoconv.exe
2017-01-16 21:09:57 ----A---- C:\Windows\SysWOW64\AudioSes.dll
2017-01-16 21:09:56 ----A---- C:\Windows\SysWOW64\sbe.dll
2017-01-16 21:09:56 ----A---- C:\Windows\SysWOW64\regapi.dll
2017-01-16 21:09:56 ----A---- C:\Windows\SysWOW64\mimefilt.dll
2017-01-16 21:09:56 ----A---- C:\Windows\SysWOW64\ipsmsnap.dll
2017-01-16 21:09:55 ----A---- C:\Windows\SysWOW64\srchadmin.dll
2017-01-16 21:09:54 ----A---- C:\Windows\SysWOW64\tcpipcfg.dll
2017-01-16 21:09:54 ----A---- C:\Windows\SysWOW64\schtasks.exe
2017-01-16 21:09:54 ----A---- C:\Windows\SysWOW64\powercpl.dll
2017-01-16 21:09:54 ----A---- C:\Windows\SysWOW64\eapphost.dll
2017-01-16 21:09:52 ----A---- C:\Windows\SysWOW64\framedyn.dll
2017-01-16 21:09:51 ----A---- C:\Windows\SysWOW64\wcncsvc.dll
2017-01-16 21:09:51 ----A---- C:\Windows\SysWOW64\msihnd.dll
2017-01-16 21:09:50 ----A---- C:\Windows\SysWOW64\mscorier.dll
2017-01-16 21:09:49 ----A---- C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2017-01-16 21:09:48 ----A---- C:\Windows\SysWOW64\QAGENT.DLL
2017-01-16 21:09:47 ----A---- C:\Windows\SysWOW64\netid.dll
2017-01-16 21:09:47 ----A---- C:\Windows\SysWOW64\actxprxy.dll
2017-01-16 21:09:46 ----A---- C:\Windows\SysWOW64\wdc.dll
2017-01-16 21:09:44 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2017-01-16 21:09:43 ----A---- C:\Windows\SysWOW64\scesrv.dll
2017-01-16 21:09:41 ----A---- C:\Windows\SysWOW64\untfs.dll
2017-01-16 21:09:41 ----A---- C:\Windows\SysWOW64\rastls.dll
2017-01-16 21:09:41 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2017-01-16 21:09:41 ----A---- C:\Windows\SysWOW64\nci.dll
2017-01-16 21:09:40 ----A---- C:\Windows\SysWOW64\wlanpref.dll
2017-01-16 21:09:40 ----A---- C:\Windows\SysWOW64\Vault.dll
2017-01-16 21:09:39 ----A---- C:\Windows\SysWOW64\WMNetMgr.dll
2017-01-16 21:09:39 ----A---- C:\Windows\SysWOW64\RpcRtRemote.dll
2017-01-16 21:09:39 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2017-01-16 21:09:38 ----A---- C:\Windows\SysWOW64\Robocopy.exe
2017-01-16 21:09:34 ----A---- C:\Windows\SysWOW64\DxpTaskSync.dll
2017-01-16 21:09:32 ----A---- C:\Windows\SysWOW64\taskmgr.exe
2017-01-16 21:09:28 ----A---- C:\Windows\SysWOW64\mtxclu.dll
2017-01-16 21:09:28 ----A---- C:\Windows\SysWOW64\Display.dll
2017-01-16 21:09:27 ----A---- C:\Windows\SysWOW64\atmfd.dll
2017-01-16 21:09:23 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll
2017-01-16 21:09:23 ----A---- C:\Windows\SysWOW64\userinit.exe
2017-01-16 21:09:23 ----A---- C:\Windows\SysWOW64\puiobj.dll
2017-01-16 21:09:23 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2017-01-16 21:09:21 ----A---- C:\Windows\SysWOW64\termmgr.dll
2017-01-16 21:09:20 ----A---- C:\Windows\SysWOW64\eudcedit.exe
2017-01-16 21:09:18 ----A---- C:\Windows\SysWOW64\shsetup.dll
2017-01-16 21:09:18 ----A---- C:\Windows\SysWOW64\logoncli.dll
2017-01-16 21:09:17 ----A---- C:\Windows\SysWOW64\wiadefui.dll
2017-01-16 21:09:17 ----A---- C:\Windows\SysWOW64\sppcomapi.dll
2017-01-16 21:09:17 ----A---- C:\Windows\SysWOW64\rasppp.dll
2017-01-16 21:09:16 ----A---- C:\Windows\SysWOW64\cabview.dll
2017-01-16 21:09:14 ----A---- C:\Windows\SysWOW64\FirewallControlPanel.dll
2017-01-16 21:09:12 ----A---- C:\Windows\SysWOW64\themecpl.dll
2017-01-16 21:09:12 ----A---- C:\Windows\SysWOW64\SensorsCpl.dll
2017-01-16 21:09:09 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2017-01-16 21:09:08 ----A---- C:\Windows\SysWOW64\dnscmmc.dll
2017-01-16 21:09:06 ----A---- C:\Windows\SysWOW64\PhotoScreensaver.scr
2017-01-16 21:09:06 ----A---- C:\Windows\SysWOW64\hgcpl.dll
2017-01-16 21:09:04 ----A---- C:\Windows\SysWOW64\tapisrv.dll
2017-01-16 21:09:04 ----A---- C:\Windows\SysWOW64\scecli.dll
2017-01-16 21:09:04 ----A---- C:\Windows\SysWOW64\mscories.dll
2017-01-16 21:09:04 ----A---- C:\Windows\SysWOW64\mscms.dll
2017-01-16 21:09:04 ----A---- C:\Windows\SysWOW64\localsec.dll
2017-01-16 21:09:04 ----A---- C:\Windows\SysWOW64\fontext.dll
2017-01-16 21:09:03 ----A---- C:\Windows\SysWOW64\mprddm.dll
2017-01-16 21:09:02 ----A---- C:\Windows\SysWOW64\iasacct.dll
2017-01-16 21:09:01 ----A---- C:\Windows\SysWOW64\SndVolSSO.dll
2017-01-16 21:09:00 ----A---- C:\Windows\SysWOW64\usercpl.dll
2017-01-16 21:08:58 ----A---- C:\Windows\SysWOW64\wlanui.dll
2017-01-16 21:08:58 ----A---- C:\Windows\SysWOW64\VAN.dll
2017-01-16 21:08:58 ----A---- C:\Windows\SysWOW64\qedit.dll
2017-01-16 21:08:58 ----A---- C:\Windows\SysWOW64\PerfCenterCPL.dll
2017-01-16 21:08:57 ----A---- C:\Windows\SysWOW64\qdvd.dll
2017-01-16 21:08:57 ----A---- C:\Windows\SysWOW64\prntvpt.dll
2017-01-16 21:08:57 ----A---- C:\Windows\SysWOW64\netcenter.dll
2017-01-16 21:08:57 ----A---- C:\Windows\SysWOW64\batmeter.dll
2017-01-16 21:08:56 ----A---- C:\Windows\SysWOW64\SndVol.exe
2017-01-16 21:08:55 ----A---- C:\Windows\SysWOW64\w32tm.exe
2017-01-16 21:08:54 ----A---- C:\Windows\SysWOW64\spwizeng.dll
2017-01-16 21:08:54 ----A---- C:\Windows\SysWOW64\azroleui.dll
2017-01-16 21:08:54 ----A---- C:\Windows\SysWOW64\accessibilitycpl.dll
2017-01-16 21:08:50 ----A---- C:\Windows\SysWOW64\zipfldr.dll
2017-01-16 21:08:50 ----A---- C:\Windows\SysWOW64\fdeploy.dll
2017-01-16 21:08:49 ----A---- C:\Windows\SysWOW64\MSAC3ENC.DLL
2017-01-16 21:08:48 ----A---- C:\Windows\SysWOW64\netjoin.dll
2017-01-16 21:08:48 ----A---- C:\Windows\SysWOW64\cryptui.dll
2017-01-16 21:08:48 ----A---- C:\Windows\SysWOW64\adsldp.dll
2017-01-16 21:08:46 ----A---- C:\Windows\SysWOW64\networkmap.dll
2017-01-16 21:08:44 ----A---- C:\Windows\SysWOW64\Faultrep.dll
2017-01-16 21:08:43 ----A---- C:\Windows\SysWOW64\wusa.exe
2017-01-16 21:08:43 ----A---- C:\Windows\SysWOW64\prnfldr.dll
2017-01-16 21:08:43 ----A---- C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2017-01-16 21:08:43 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll
2017-01-16 21:08:42 ----A---- C:\Windows\SysWOW64\sud.dll
2017-01-16 21:08:42 ----A---- C:\Windows\SysWOW64\OnLineIDCpl.dll
2017-01-16 21:08:42 ----A---- C:\Windows\SysWOW64\ActionCenter.dll
2017-01-16 21:08:41 ----A---- C:\Windows\SysWOW64\msieftp.dll
2017-01-16 21:08:40 ----A---- C:\Windows\SysWOW64\photowiz.dll
2017-01-16 21:08:39 ----A---- C:\Windows\SysWOW64\MediaMetadataHandler.dll
2017-01-16 21:08:38 ----A---- C:\Windows\SysWOW64\credssp.dll
2017-01-16 21:08:36 ----A---- C:\Windows\SysWOW64\iasrad.dll
2017-01-16 21:08:34 ----A---- C:\Windows\SysWOW64\iprtrmgr.dll
2017-01-16 21:08:33 ----A---- C:\Windows\SysWOW64\defaultlocationcpl.dll
2017-01-16 21:08:32 ----A---- C:\Windows\SysWOW64\dot3cfg.dll
2017-01-16 21:08:31 ----A---- C:\Windows\SysWOW64\ftp.exe
2017-01-16 21:08:30 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2017-01-16 21:08:28 ----A---- C:\Windows\SysWOW64\sisbkup.dll
2017-01-16 21:08:28 ----A---- C:\Windows\SysWOW64\ifsutil.dll
2017-01-16 21:08:25 ----A---- C:\Windows\SysWOW64\shwebsvc.dll
2017-01-16 21:08:23 ----A---- C:\Windows\SysWOW64\efscore.dll
2017-01-16 21:08:22 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2017-01-16 21:08:21 ----A---- C:\Windows\SysWOW64\odbcjt32.dll
2017-01-16 21:08:16 ----A---- C:\Windows\SysWOW64\ActionCenterCPL.dll
2017-01-16 21:08:15 ----A---- C:\Windows\SysWOW64\syncui.dll
2017-01-16 21:08:15 ----A---- C:\Windows\SysWOW64\autoplay.dll
2017-01-16 21:08:14 ----A---- C:\Windows\SysWOW64\DeviceCenter.dll
2017-01-16 21:08:12 ----A---- C:\Windows\SysWOW64\ntlanman.dll
2017-01-16 21:08:11 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2017-01-16 21:08:10 ----A---- C:\Windows\SysWOW64\dskquoui.dll
2017-01-16 21:08:09 ----A---- C:\Windows\SysWOW64\rtutils.dll
2017-01-16 21:08:09 ----A---- C:\Windows\SysWOW64\OobeFldr.dll
2017-01-16 21:08:06 ----A---- C:\Windows\SysWOW64\systemcpl.dll
2017-01-16 21:08:05 ----A---- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-01-16 21:08:05 ----A---- C:\Windows\SysWOW64\ntprint.dll
2017-01-16 21:08:03 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2017-01-16 21:08:02 ----A---- C:\Windows\SysWOW64\sethc.exe
2017-01-16 21:08:01 ----A---- C:\Windows\SysWOW64\riched20.dll
2017-01-16 21:07:59 ----A---- C:\Windows\SysWOW64\blackbox.dll
2017-01-16 21:07:58 ----A---- C:\Windows\SysWOW64\wmpsrcwp.dll
2017-01-16 21:07:58 ----A---- C:\Windows\SysWOW64\vbscript.dll
2017-01-16 21:07:58 ----A---- C:\Windows\SysWOW64\netplwiz.dll
2017-01-16 21:07:58 ----A---- C:\Windows\SysWOW64\NAPHLPR.DLL
2017-01-16 21:07:58 ----A---- C:\Windows\SysWOW64\migisol.dll
2017-01-16 21:07:58 ----A---- C:\Windows\SysWOW64\fms.dll
2017-01-16 21:07:58 ----A---- C:\Windows\SysWOW64\activeds.dll
2017-01-16 21:07:57 ----A---- C:\Windows\SysWOW64\dpx.dll
2017-01-16 21:07:53 ----A---- C:\Windows\SysWOW64\nshipsec.dll
2017-01-16 21:07:53 ----A---- C:\Windows\SysWOW64\nlaapi.dll
2017-01-16 21:07:53 ----A---- C:\Windows\SysWOW64\httpapi.dll
2017-01-16 21:07:53 ----A---- C:\Windows\SysWOW64\cdosys.dll
2017-01-16 21:07:53 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2017-01-16 21:07:52 ----A---- C:\Windows\SysWOW64\msftedit.dll
2017-01-16 21:07:52 ----A---- C:\Windows\SysWOW64\isoburn.exe
2017-01-16 21:07:51 ----A---- C:\Windows\SysWOW64\wavemsp.dll
2017-01-16 21:07:51 ----A---- C:\Windows\SysWOW64\ReAgent.dll
2017-01-16 21:07:50 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2017-01-16 21:07:50 ----A---- C:\Windows\SysWOW64\wlanmsm.dll
2017-01-16 21:07:50 ----A---- C:\Windows\SysWOW64\provsvc.dll
2017-01-16 21:07:49 ----A---- C:\Windows\SysWOW64\dot3ui.dll
2017-01-16 21:07:47 ----A---- C:\Windows\SysWOW64\dsuiext.dll
2017-01-16 21:07:47 ----A---- C:\Windows\SysWOW64\dfrgui.exe
2017-01-16 21:07:46 ----A---- C:\Windows\SysWOW64\tzutil.exe
2017-01-16 21:07:45 ----A---- C:\Windows\SysWOW64\ocsetup.exe
2017-01-16 21:07:45 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2017-01-16 21:07:44 ----A---- C:\Windows\SysWOW64\wvc.dll
2017-01-16 21:07:44 ----A---- C:\Windows\SysWOW64\wtsapi32.dll
2017-01-16 21:07:44 ----A---- C:\Windows\SysWOW64\wimgapi.dll
2017-01-16 21:07:43 ----A---- C:\Windows\SysWOW64\PkgMgr.exe
2017-01-16 21:07:43 ----A---- C:\Windows\SysWOW64\mstask.dll
2017-01-16 21:07:42 ----A---- C:\Windows\SysWOW64\webcheck.dll
2017-01-16 21:07:42 ----A---- C:\Windows\SysWOW64\twext.dll
2017-01-16 21:07:41 ----A---- C:\Windows\SysWOW64\shdocvw.dll
2017-01-16 21:07:36 ----A---- C:\Windows\twain_32.dll
2017-01-16 21:07:35 ----A---- C:\Windows\SysWOW64\qcap.dll
2017-01-16 21:07:33 ----A---- C:\Windows\SysWOW64\setupugc.exe
2017-01-16 21:07:33 ----A---- C:\Windows\SysWOW64\occache.dll
2017-01-16 21:07:32 ----A---- C:\Windows\SysWOW64\qasf.dll
2017-01-16 21:07:32 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2017-01-16 21:07:31 ----A---- C:\Windows\SysWOW64\uxlib.dll
2017-01-16 21:07:31 ----A---- C:\Windows\SysWOW64\msrating.dll
2017-01-16 21:07:30 ----A---- C:\Windows\SysWOW64\ssText3d.scr
2017-01-16 21:07:30 ----A---- C:\Windows\SysWOW64\slwga.dll
2017-01-16 21:07:29 ----A---- C:\Windows\SysWOW64\msvfw32.dll
2017-01-16 21:07:29 ----A---- C:\Windows\SysWOW64\imgutil.dll
2017-01-16 21:07:28 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2017-01-16 21:07:27 ----A---- C:\Windows\SysWOW64\nslookup.exe
2017-01-16 21:07:27 ----A---- C:\Windows\SysWOW64\audiodev.dll
2017-01-16 21:07:26 ----A---- C:\Windows\SysWOW64\wmdrmsdk.dll
2017-01-16 21:07:25 ----A---- C:\Windows\SysWOW64\clusapi.dll
2017-01-16 21:07:24 ----A---- C:\Windows\SysWOW64\DevicePairingFolder.dll
2017-01-16 21:07:23 ----A---- C:\Windows\SysWOW64\WPDShServiceObj.dll
2017-01-16 21:07:23 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2017-01-16 21:07:21 ----A---- C:\Windows\SysWOW64\msscp.dll
2017-01-16 21:07:21 ----A---- C:\Windows\SysWOW64\diskraid.exe
2017-01-16 21:07:19 ----A---- C:\Windows\SysWOW64\wimserv.exe
2017-01-16 21:07:19 ----A---- C:\Windows\SysWOW64\TSpkg.dll
2017-01-16 21:07:18 ----A---- C:\Windows\SysWOW64\rdpencom.dll
2017-01-16 21:07:18 ----A---- C:\Windows\SysWOW64\acppage.dll
2017-01-16 21:07:17 ----A---- C:\Windows\SysWOW64\perfmon.exe
2017-01-16 21:07:17 ----A---- C:\Windows\SysWOW64\fontsub.dll
2017-01-16 21:07:15 ----A---- C:\Windows\SysWOW64\remotepg.dll
2017-01-16 21:07:15 ----A---- C:\Windows\SysWOW64\raschap.dll
2017-01-16 21:07:15 ----A---- C:\Windows\bfsvc.exe
2017-01-16 21:07:11 ----A---- C:\Windows\SysWOW64\drmmgrtn.dll
2017-01-16 21:07:10 ----A---- C:\Windows\SysWOW64\QUTIL.DLL
2017-01-16 21:07:10 ----A---- C:\Windows\SysWOW64\NAPCRYPT.DLL
2017-01-16 21:07:10 ----A---- C:\Windows\SysWOW64\input.dll
2017-01-16 21:07:09 ----A---- C:\Windows\SysWOW64\odbccp32.dll
2017-01-16 21:07:09 ----A---- C:\Windows\SysWOW64\networkexplorer.dll
2017-01-16 21:07:08 ----A---- C:\Windows\SysWOW64\UserAccountControlSettings.dll
2017-01-16 21:07:08 ----A---- C:\Windows\SysWOW64\olepro32.dll
2017-01-16 21:07:08 ----A---- C:\Windows\SysWOW64\ocsetapi.dll
2017-01-16 21:07:07 ----A---- C:\Windows\SysWOW64\vpnikeapi.dll
2017-01-16 21:07:06 ----A---- C:\Windows\SysWOW64\wmpdxm.dll
2017-01-16 21:07:05 ----A---- C:\Windows\SysWOW64\onexui.dll
2017-01-16 21:07:04 ----A---- C:\Windows\SysWOW64\vdsbas.dll
2017-01-16 21:07:04 ----A---- C:\Windows\SysWOW64\iTVData.dll
2017-01-16 21:07:03 ----A---- C:\Windows\SysWOW64\wpdwcn.dll
2017-01-16 21:07:03 ----A---- C:\Windows\SysWOW64\runonce.exe
2017-01-16 21:07:03 ----A---- C:\Windows\SysWOW64\inseng.dll
2017-01-16 21:07:03 ----A---- C:\Windows\SysWOW64\dxdiagn.dll
2017-01-16 21:07:02 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2017-01-16 21:07:01 ----A---- C:\Windows\SysWOW64\logagent.exe
2017-01-16 21:06:58 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2017-01-16 21:06:58 ----A---- C:\Windows\SysWOW64\MFPlay.dll
2017-01-16 21:06:58 ----A---- C:\Windows\SysWOW64\eapp3hst.dll
2017-01-16 21:06:57 ----A---- C:\Windows\SysWOW64\msiexec.exe
2017-01-16 21:06:56 ----A---- C:\Windows\SysWOW64\d3d10level9.dll
2017-01-16 21:06:55 ----A---- C:\Windows\SysWOW64\wmpshell.dll
2017-01-16 21:06:55 ----A---- C:\Windows\SysWOW64\wmdrmdev.dll
2017-01-16 21:06:55 ----A---- C:\Windows\SysWOW64\shacct.dll
2017-01-16 21:06:54 ----A---- C:\Windows\SysWOW64\lsmproxy.dll
2017-01-16 21:06:54 ----A---- C:\Windows\SysWOW64\bitsadmin.exe
2017-01-16 21:06:53 ----A---- C:\Windows\SysWOW64\wudriver.dll
2017-01-16 21:06:52 ----A---- C:\Windows\SysWOW64\unimdmat.dll
2017-01-16 21:06:51 ----A---- C:\Windows\SysWOW64\sqlcese30.dll
2017-01-16 21:06:51 ----A---- C:\Windows\SysWOW64\rdpd3d.dll
2017-01-16 21:06:51 ----A---- C:\Windows\SysWOW64\iscsium.dll
2017-01-16 21:06:50 ----A---- C:\Windows\SysWOW64\Bubbles.scr
2017-01-16 21:06:49 ----A---- C:\Windows\SysWOW64\mprapi.dll
2017-01-16 21:06:47 ----A---- C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2017-01-16 21:06:47 ----A---- C:\Windows\SysWOW64\pdh.dll
2017-01-16 21:06:47 ----A---- C:\Windows\SysWOW64\OpcServices.dll
2017-01-16 21:06:47 ----A---- C:\Windows\SysWOW64\cscapi.dll
2017-01-16 21:06:46 ----A---- C:\Windows\SysWOW64\ncryptui.dll
2017-01-16 21:06:46 ----A---- C:\Windows\SysWOW64\logman.exe
2017-01-16 21:06:45 ----A---- C:\Windows\SysWOW64\WPDSp.dll
2017-01-16 21:06:45 ----A---- C:\Windows\SysWOW64\srvcli.dll
2017-01-16 21:06:45 ----A---- C:\Windows\SysWOW64\olethk32.dll
2017-01-16 21:06:44 ----A---- C:\Windows\SysWOW64\Ribbons.scr
2017-01-16 21:06:44 ----A---- C:\Windows\SysWOW64\QSVRMGMT.DLL
2017-01-16 21:06:44 ----A---- C:\Windows\SysWOW64\PortableDeviceStatus.dll
2017-01-16 21:06:44 ----A---- C:\Windows\SysWOW64\odbctrac.dll
2017-01-16 21:06:43 ----A---- C:\Windows\SysWOW64\tsgqec.dll
2017-01-16 21:06:43 ----A---- C:\Windows\SysWOW64\Mystify.scr
2017-01-16 21:06:42 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2017-01-16 21:06:42 ----A---- C:\Windows\SysWOW64\utildll.dll
2017-01-16 21:06:42 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2017-01-16 21:06:42 ----A---- C:\Windows\SysWOW64\mapistub.dll
2017-01-16 21:06:42 ----A---- C:\Windows\SysWOW64\mapi32.dll
2017-01-16 21:06:41 ----A---- C:\Windows\SysWOW64\WMADMOD.DLL
2017-01-16 21:06:40 ----A---- C:\Windows\SysWOW64\wiavideo.dll
2017-01-16 21:06:40 ----A---- C:\Windows\SysWOW64\takeown.exe
2017-01-16 21:06:40 ----A---- C:\Windows\SysWOW64\fphc.dll
2017-01-16 21:06:40 ----A---- C:\Windows\SysWOW64\dot3msm.dll
2017-01-16 21:06:40 ----A---- C:\Windows\SysWOW64\avifil32.dll
2017-01-16 21:06:38 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2017-01-16 21:06:37 ----A---- C:\Windows\SysWOW64\WMVSDECD.DLL
2017-01-16 21:06:37 ----A---- C:\Windows\SysWOW64\wmdrmnet.dll
2017-01-16 21:06:37 ----A---- C:\Windows\SysWOW64\sqmapi.dll
2017-01-16 21:06:35 ----A---- C:\Windows\SysWOW64\imagehlp.dll
2017-01-16 21:06:34 ----A---- C:\Windows\SysWOW64\qdv.dll
2017-01-16 21:06:34 ----A---- C:\Windows\SysWOW64\EhStorAPI.dll
2017-01-16 21:06:33 ----A---- C:\Windows\SysWOW64\sppinst.dll
2017-01-16 21:06:33 ----A---- C:\Windows\SysWOW64\msnetobj.dll
2017-01-16 21:06:32 ----A---- C:\Windows\SysWOW64\msyuv.dll
2017-01-16 21:06:30 ----A---- C:\Windows\SysWOW64\QCLIPROV.DLL
2017-01-16 21:06:30 ----A---- C:\Windows\SysWOW64\msrle32.dll
2017-01-16 21:06:28 ----A---- C:\Windows\SysWOW64\cca.dll
2017-01-16 21:06:27 ----A---- C:\Windows\SysWOW64\cmstp.exe
2017-01-16 21:06:26 ----A---- C:\Windows\SysWOW64\sspicli.dll
2017-01-16 21:06:24 ----A---- C:\Windows\SysWOW64\wsnmp32.dll
2017-01-16 21:06:24 ----A---- C:\Windows\SysWOW64\vfwwdm32.dll
2017-01-16 21:06:24 ----A---- C:\Windows\SysWOW64\pdhui.dll
2017-01-16 21:06:24 ----A---- C:\Windows\SysWOW64\MuiUnattend.exe
2017-01-16 21:06:23 ----A---- C:\Windows\SysWOW64\WMSPDMOD.DLL
2017-01-16 21:06:23 ----A---- C:\Windows\SysWOW64\setupcln.dll
2017-01-16 21:06:21 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2017-01-16 21:06:21 ----A---- C:\Windows\SysWOW64\msorcl32.dll
2017-01-16 21:06:21 ----A---- C:\Windows\SysWOW64\iasrecst.dll
2017-01-16 21:06:21 ----A---- C:\Windows\SysWOW64\AzSqlExt.dll
2017-01-16 21:06:19 ----A---- C:\Windows\SysWOW64\relog.exe
2017-01-16 21:06:19 ----A---- C:\Windows\SysWOW64\netiougc.exe
2017-01-16 21:06:19 ----A---- C:\Windows\SysWOW64\iscsicli.exe
2017-01-16 21:06:18 ----A---- C:\Windows\SysWOW64\wkscli.dll
2017-01-16 21:06:18 ----A---- C:\Windows\SysWOW64\spbcd.dll
2017-01-16 21:06:18 ----A---- C:\Windows\SysWOW64\mydocs.dll
2017-01-16 21:06:18 ----A---- C:\Windows\SysWOW64\amstream.dll
2017-01-16 21:06:17 ----A---- C:\Windows\SysWOW64\rastapi.dll
2017-01-16 21:06:17 ----A---- C:\Windows\SysWOW64\netbtugc.exe
2017-01-16 21:06:17 ----A---- C:\Windows\SysWOW64\diskpart.exe
2017-01-16 21:06:16 ----A---- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2017-01-16 21:06:16 ----A---- C:\Windows\SysWOW64\resutils.dll
2017-01-16 21:06:16 ----A---- C:\Windows\SysWOW64\itircl.dll
2017-01-16 21:06:14 ----A---- C:\Windows\SysWOW64\secproc_ssp.dll
2017-01-16 21:06:13 ----A---- C:\Windows\SysWOW64\syssetup.dll
2017-01-16 21:06:13 ----A---- C:\Windows\SysWOW64\CertPolEng.dll
2017-01-16 21:06:12 ----A---- C:\Windows\SysWOW64\wmpps.dll
2017-01-16 21:06:10 ----A---- C:\Windows\SysWOW64\wuapp.exe
2017-01-16 21:06:10 ----A---- C:\Windows\SysWOW64\secur32.dll
2017-01-16 21:06:09 ----A---- C:\Windows\SysWOW64\WerFaultSecure.exe
2017-01-16 21:06:09 ----A---- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2017-01-16 21:06:09 ----A---- C:\Windows\SysWOW64\ReAgentc.exe
2017-01-16 21:06:09 ----A---- C:\Windows\SysWOW64\eappgnui.dll
2017-01-16 21:06:08 ----A---- C:\Windows\SysWOW64\tlscsp.dll
2017-01-16 21:06:08 ----A---- C:\Windows\SysWOW64\RMActivate_ssp.exe
2017-01-16 21:06:08 ----A---- C:\Windows\SysWOW64\findstr.exe
2017-01-16 21:06:06 ----A---- C:\Windows\SysWOW64\netutils.dll
2017-01-16 21:06:04 ----A---- C:\Windows\SysWOW64\mobsync.exe
2017-01-16 21:06:04 ----A---- C:\Windows\SysWOW64\mciqtz32.dll
2017-01-16 21:06:04 ----A---- C:\Windows\SysWOW64\dnscacheugc.exe
2017-01-16 21:06:03 ----A---- C:\Windows\SysWOW64\netapi32.dll
2017-01-16 21:06:01 ----A---- C:\Windows\SysWOW64\sppc.dll
2017-01-16 21:06:01 ----A---- C:\Windows\SysWOW64\muifontsetup.dll
2017-01-16 21:06:01 ----A---- C:\Windows\SysWOW64\iccvid.dll
2017-01-16 21:06:01 ----A---- C:\Windows\SysWOW64\cabinet.dll
2017-01-16 21:06:00 ----A---- C:\Windows\SysWOW64\spopk.dll
2017-01-16 21:06:00 ----A---- C:\Windows\SysWOW64\shimgvw.dll
2017-01-16 21:06:00 ----A---- C:\Windows\SysWOW64\prevhost.exe
2017-01-16 21:06:00 ----A---- C:\Windows\SysWOW64\luainstall.dll
2017-01-16 21:05:59 ----A---- C:\Windows\SysWOW64\unlodctr.exe
2017-01-16 21:05:59 ----A---- C:\Windows\SysWOW64\msdmo.dll
2017-01-16 21:05:58 ----A---- C:\Windows\SysWOW64\rdprefdrvapi.dll
2017-01-16 21:05:58 ----A---- C:\Windows\SysWOW64\inetmib1.dll
2017-01-16 21:05:56 ----A---- C:\Windows\SysWOW64\odbcconf.dll
2017-01-16 21:05:55 ----A---- C:\Windows\SysWOW64\browcli.dll
2017-01-16 21:05:54 ----A---- C:\Windows\SysWOW64\wups.dll
2017-01-16 21:05:54 ----A---- C:\Windows\SysWOW64\UIRibbonRes.dll
2017-01-16 21:05:52 ----A---- C:\Windows\SysWOW64\perfts.dll
2017-01-16 21:05:51 ----A---- C:\Windows\SysWOW64\imm32.dll
2017-01-16 21:05:43 ----A---- C:\Windows\SysWOW64\TRAPI.dll
2017-01-16 21:05:43 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2017-01-16 21:05:43 ----A---- C:\Windows\SysWOW64\elsTrans.dll
2017-01-16 21:05:42 ----A---- C:\Windows\SysWOW64\bitsperf.dll
2017-01-16 21:05:41 ----A---- C:\Windows\SysWOW64\wshbth.dll
2017-01-16 21:05:41 ----A---- C:\Windows\SysWOW64\schedcli.dll
2017-01-16 21:05:41 ----A---- C:\Windows\SysWOW64\napdsnap.dll
2017-01-16 21:05:41 ----A---- C:\Windows\SysWOW64\dsauth.dll
2017-01-16 21:05:41 ----A---- C:\Windows\SysWOW64\cscdll.dll
2017-01-16 21:05:41 ----A---- C:\Windows\SysWOW64\atmlib.dll
2017-01-16 21:05:38 ----A---- C:\Windows\SysWOW64\wsdchngr.dll
2017-01-16 21:05:38 ----A---- C:\Windows\SysWOW64\sscore.dll
2017-01-16 21:05:38 ----A---- C:\Windows\SysWOW64\shgina.dll
2017-01-16 21:05:37 ----A---- C:\Windows\SysWOW64\riched32.dll
2017-01-16 21:05:29 ----A---- C:\Windows\SysWOW64\wshirda.dll
2017-01-16 21:05:25 ----A---- C:\Windows\SysWOW64\browseui.dll
2017-01-16 21:05:24 ----A---- C:\Windows\SysWOW64\spwmp.dll
2017-01-16 21:05:21 ----A---- C:\Windows\SysWOW64\C_ISCII.DLL
2017-01-16 21:05:18 ----A---- C:\Windows\SysWOW64\shunimpl.dll
2017-01-16 21:05:18 ----A---- C:\Windows\SysWOW64\dxmasf.dll
2017-01-16 21:05:12 ----A---- C:\Windows\SysWOW64\KBDTUF.DLL
2017-01-16 21:05:12 ----A---- C:\Windows\SysWOW64\KBDSG.DLL
2017-01-16 21:05:12 ----A---- C:\Windows\SysWOW64\kbdlk41a.dll
2017-01-16 21:05:12 ----A---- C:\Windows\SysWOW64\KBDGR1.DLL
2017-01-16 21:05:11 ----A---- C:\Windows\SysWOW64\KBDTUQ.DLL
2017-01-16 21:05:11 ----A---- C:\Windows\SysWOW64\KBDGKL.DLL
2017-01-16 21:05:10 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2017-01-16 21:05:09 ----A---- C:\Windows\SysWOW64\KBDGEO.DLL
2017-01-16 21:05:09 ----A---- C:\Windows\SysWOW64\KBDBLR.DLL
2017-01-16 21:05:08 ----A---- C:\Windows\SysWOW64\KBDUS.DLL
2017-01-16 21:05:08 ----A---- C:\Windows\SysWOW64\KBDUGHR1.DLL
2017-01-16 21:05:08 ----A---- C:\Windows\SysWOW64\KBDTURME.DLL
2017-01-16 21:05:08 ----A---- C:\Windows\SysWOW64\KBDTAJIK.DLL
2017-01-16 21:05:08 ----A---- C:\Windows\SysWOW64\KBDMON.DLL
2017-01-16 21:05:08 ----A---- C:\Windows\SysWOW64\KBDINTEL.DLL
2017-01-16 21:05:08 ----A---- C:\Windows\SysWOW64\KBDINHIN.DLL
2017-01-16 21:05:08 ----A---- C:\Windows\SysWOW64\KBDCZ1.DLL
2017-01-16 21:05:07 ----A---- C:\Windows\SysWOW64\KBDMAORI.DLL
2017-01-16 21:05:07 ----A---- C:\Windows\SysWOW64\KBDLT1.DLL
2017-01-16 21:05:07 ----A---- C:\Windows\SysWOW64\KBDINTAM.DLL
2017-01-16 21:05:07 ----A---- C:\Windows\SysWOW64\KBDINORI.DLL
2017-01-16 21:05:07 ----A---- C:\Windows\SysWOW64\KBDINMAR.DLL
2017-01-16 21:05:07 ----A---- C:\Windows\SysWOW64\KBDINKAN.DLL
2017-01-16 21:05:07 ----A---- C:\Windows\SysWOW64\KBDINBEN.DLL
2017-01-16 21:05:06 ----A---- C:\Windows\SysWOW64\KBDBULG.DLL
2017-01-16 21:05:05 ----A---- C:\Windows\SysWOW64\KBDBASH.DLL
2017-01-16 21:05:03 ----A---- C:\Windows\SysWOW64\KBDSF.DLL
2017-01-16 21:05:03 ----A---- C:\Windows\SysWOW64\KBDPO.DLL
2017-01-16 21:05:03 ----A---- C:\Windows\SysWOW64\KBDNEPR.DLL
2017-01-16 21:05:02 ----A---- C:\Windows\SysWOW64\tzres.dll
2017-01-16 21:05:02 ----A---- C:\Windows\SysWOW64\pifmgr.dll
2017-01-16 21:05:02 ----A---- C:\Windows\SysWOW64\nlsbres.dll
2017-01-16 21:05:02 ----A---- C:\Windows\SysWOW64\dpnaddr.dll
2017-01-16 21:05:01 ----A---- C:\Windows\SysWOW64\spwizres.dll
2017-01-16 21:04:02 ----A---- C:\Windows\SysWOW64\wdscore.dll
2017-01-16 21:02:35 ----A---- C:\Windows\SysWOW64\wbemcomn.dll
2017-01-16 18:58:12 ----SHD---- C:\Config.Msi
2017-01-16 18:42:26 ----D---- C:\ProgramData\ESET
2017-01-15 12:55:27 ----A---- C:\autoexec.bat
2017-01-15 12:55:12 ----D---- C:\Program Files (x86)\Enigma Software Group
2017-01-15 12:54:22 ----D---- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2017-01-15 12:50:57 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2017-01-15 12:36:46 ----HD---- C:\$AV_AVG
2017-01-15 12:03:42 ----SD---- C:\Windows\SysWOW64\Microsoft
2017-01-15 11:58:27 ----D---- C:\Program Files (x86)\Google
2017-01-15 11:52:48 ----D---- C:\Program Files (x86)\AVG
2017-01-15 11:52:00 ----HD---- C:\ProgramData\Common Files
2017-01-15 11:52:00 ----D---- C:\ProgramData\Avg
2017-01-15 02:34:38 ----A---- C:\Windows\ntbtlog.txt
2017-01-14 23:35:33 ----D---- C:\ProgramData\Mail.Ru
2017-01-14 21:27:27 ----D---- C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
2017-01-14 19:49:22 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\uTorrent
2017-01-14 19:29:49 ----D---- C:\ProgramData\Electronic Arts
2017-01-10 21:22:58 ----D---- C:\Windows\Minidump
2017-01-10 21:11:14 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\Leadertech
2017-01-10 16:43:51 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\Macromedia
2017-01-09 12:08:35 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2017-01-09 12:08:35 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-01-09 12:08:35 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2017-01-09 12:08:34 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-01-09 12:08:33 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2017-01-09 12:08:33 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2017-01-09 12:08:32 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2017-01-09 12:08:31 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2017-01-09 12:08:28 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2017-01-09 12:08:26 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2017-01-09 12:08:25 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-01-09 12:08:24 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2017-01-09 12:08:23 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2017-01-09 12:08:23 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2017-01-09 12:08:22 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2017-01-09 12:08:22 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2017-01-09 12:08:22 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-01-09 12:08:19 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2017-01-09 12:08:19 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-01-09 12:08:18 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2017-01-09 12:08:18 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-01-09 12:08:17 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2017-01-09 12:08:17 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-01-09 12:08:16 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2017-01-09 12:08:15 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2017-01-09 12:08:15 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-01-09 12:08:14 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2017-01-09 12:08:13 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-01-09 12:08:12 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2017-01-09 12:08:12 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-01-09 12:08:11 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2017-01-09 12:08:11 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2017-01-09 12:08:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-01-09 12:08:10 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2017-01-09 12:08:10 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-01-09 12:08:10 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2017-01-09 12:08:08 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2017-01-09 12:08:08 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-01-09 12:08:07 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2017-01-09 12:08:07 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-01-09 12:08:06 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2017-01-09 12:08:06 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2017-01-09 12:08:05 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2017-01-09 12:08:04 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-01-09 12:08:04 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2017-01-09 12:08:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-01-09 12:08:02 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2017-01-09 12:08:02 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2017-01-09 12:08:01 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2017-01-09 12:08:01 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-01-09 12:08:00 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2017-01-09 12:07:59 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2017-01-09 12:07:58 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2017-01-09 12:07:58 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-01-09 12:07:57 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2017-01-09 12:07:57 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-01-09 12:07:57 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2017-01-09 12:07:56 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2017-01-09 12:07:56 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-01-09 12:07:55 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2017-01-09 12:07:55 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2017-01-09 12:07:54 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2017-01-09 12:07:54 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-01-09 12:07:53 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2017-01-09 12:07:52 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2017-01-09 12:07:52 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2017-01-09 12:07:51 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2017-01-09 12:07:51 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2017-01-09 12:07:51 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2017-01-09 12:07:50 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2017-01-09 12:07:49 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2017-01-09 12:07:49 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2017-01-09 12:07:48 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2017-01-09 12:07:48 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2017-01-09 12:07:47 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2017-01-09 11:30:13 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\Steam
2017-01-06 11:02:26 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\Mozilla
2017-01-05 21:02:22 ----D---- C:\Program Files (x86)\UltraISO
2017-01-05 20:41:30 ----D---- C:\Program Files (x86)\Elaborate Bytes
2016-12-30 21:11:29 ----D---- C:\Program Files (x86)\Worms Armageddon - New Edition
2016-12-29 20:30:04 ----A---- C:\Windows\game.ini
2016-12-29 20:25:57 ----D---- C:\Program Files (x86)\Activision
2016-12-29 19:08:41 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2016-12-27 20:01:27 ----D---- C:\Program Files (x86)\EA Sports
2016-12-27 20:01:00 ----D---- C:\Windows\SysWOW64\Macromed
2016-12-27 19:47:03 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\GHISLER
2016-12-27 19:47:03 ----D---- C:\totalcmd
2016-12-27 16:50:48 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\Origin
2016-12-27 16:40:43 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-27 16:40:41 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2016-12-27 16:40:41 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2016-12-27 16:40:41 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2016-12-27 16:40:40 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-27 16:40:39 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2016-12-27 16:40:38 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2016-12-27 16:40:37 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2016-12-27 16:40:35 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2016-12-27 16:27:41 ----D---- C:\hry
2016-12-27 16:05:44 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\BSplayer Pro
2016-12-27 16:05:44 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\BSplayer
2016-12-27 16:05:43 ----D---- C:\Program Files (x86)\Webteh
2016-12-25 15:17:34 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\msihmdt
2016-12-25 13:30:41 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2016-12-25 13:30:41 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-12-25 13:30:34 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2016-12-25 13:30:34 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-12-25 13:30:33 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2016-12-25 13:30:33 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2016-12-25 13:30:31 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2016-12-25 13:30:01 ----D---- C:\Program Files (x86)\Microsoft XNA
2016-12-25 13:05:43 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-25 12:57:00 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-12-25 11:29:56 ----D---- C:\Program Files (x86)\Czech Soccer Manager
2016-12-25 11:29:20 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\WinRAR
2016-12-24 16:28:22 ----D---- C:\Windows\Migration
2016-12-24 16:28:00 ----A---- C:\Windows\SysWOW64\poqexec.exe
2016-12-24 16:27:56 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-24 16:27:55 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-24 16:11:01 ----D---- C:\Windows\SysWOW64\RTCOM
2016-12-24 16:00:53 ----A---- C:\Windows\SysWOW64\SRCOM.dll
2016-12-24 15:59:55 ----A---- C:\Windows\SysWOW64\SFCOM.dll
2016-12-24 15:59:55 ----A---- C:\Windows\SysWOW64\SECOMN32.DLL
2016-12-24 15:59:33 ----A---- C:\Windows\SysWOW64\RltkAPO.dll
2016-12-24 15:52:47 ----D---- C:\Program Files (x86)\Realtek
2016-12-24 15:52:38 ----HD---- C:\Program Files (x86)\Temp
2016-12-24 15:52:21 ----A---- C:\Windows\RtlExUpd.dll
2016-12-24 11:17:56 ----D---- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect
2016-12-24 11:09:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-12-24 11:07:22 ----D---- C:\ProgramData\Qualcomm Atheros
2016-12-24 10:57:51 ----D---- C:\ProgramData\AMD
2016-12-24 10:56:07 ----D---- C:\Program Files (x86)\AMD
2016-12-24 10:52:55 ----D---- C:\ProgramData\Package Cache
2016-12-24 10:42:31 ----D---- C:\Program Files (x86)\Common Files\AV
2016-12-24 10:41:21 ----A---- C:\Windows\SysWOW64\ucrtbase.dll
2016-12-24 10:41:03 ----D---- C:\ProgramData\SlimWare Utilities, Inc
2016-12-24 10:39:17 ----SHD---- C:\Windows\Installer
2016-12-24 10:39:11 ----D---- C:\ProgramData\AVAST Software
2016-12-24 10:35:50 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\Opera Software
2016-12-24 10:35:32 ----D---- C:\Program Files (x86)\Opera
2016-12-24 10:23:39 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\Identities
2016-12-24 10:21:47 ----SD---- C:\Users\Nelly Freharová\AppData\Roaming\Microsoft
2016-12-24 10:21:47 ----D---- C:\Users\Nelly Freharová\AppData\Roaming\Media Center Programs
2016-12-24 10:20:57 ----SHD---- C:\Recovery
2016-12-24 10:20:56 ----SHD---- C:\ProgramData\Šablony
2016-12-24 10:20:56 ----SHD---- C:\ProgramData\Plocha
2016-12-24 10:20:56 ----SHD---- C:\ProgramData\Oblíbené položky
2016-12-24 10:20:56 ----SHD---- C:\ProgramData\Nabídka Start
2016-12-24 10:20:56 ----SHD---- C:\ProgramData\Dokumenty
2016-12-24 10:20:56 ----SHD---- C:\ProgramData\Data aplikací
2016-12-24 10:15:35 ----D---- C:\Windows\SoftwareDistribution
2016-12-24 10:12:15 ----D---- C:\Windows\Prefetch
2016-12-24 10:12:05 ----ASH---- C:\pagefile.sys
2016-12-24 10:12:05 ----ASH---- C:\hiberfil.sys
2016-12-24 10:11:22 ----SHD---- C:\System Volume Information
2016-12-24 10:10:45 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

2017-01-18 16:42:37 ----D---- C:\Windows\Temp
2017-01-18 16:42:34 ----RD---- C:\Program Files (x86)
2017-01-18 16:38:32 ----D---- C:\Windows\System32
2017-01-18 16:38:32 ----D---- C:\Windows\inf
2017-01-18 14:29:23 ----D---- C:\Windows\Microsoft.NET
2017-01-18 14:28:27 ----RSD---- C:\Windows\assembly
2017-01-18 12:40:06 ----D---- C:\Windows\winsxs
2017-01-18 12:38:44 ----D---- C:\Windows
2017-01-18 12:33:49 ----D---- C:\Program Files (x86)\Windows Sidebar
2017-01-18 12:33:49 ----D---- C:\Program Files (x86)\Windows Portable Devices
2017-01-18 12:33:49 ----D---- C:\Program Files (x86)\Windows Media Player
2017-01-18 12:33:49 ----D---- C:\Program Files (x86)\Windows Mail
2017-01-18 12:33:49 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-18 12:33:48 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-01-18 12:33:43 ----D---- C:\Windows\servicing
2017-01-18 12:33:42 ----D---- C:\Windows\ehome
2017-01-18 12:33:32 ----D---- C:\Windows\SysWOW64\oobe
2017-01-18 12:33:32 ----D---- C:\Windows\SysWOW64\migration
2017-01-18 12:33:32 ----D---- C:\Windows\SysWOW64\da-DK
2017-01-18 12:33:32 ----D---- C:\Windows\SysWOW64\AdvancedInstallers
2017-01-18 12:33:31 ----D---- C:\Windows\SysWOW64\Setup
2017-01-18 12:33:31 ----D---- C:\Windows\SysWOW64\cs-CZ
2017-01-18 12:33:31 ----D---- C:\Windows\SysWOW64\cs
2017-01-18 12:33:27 ----D---- C:\Windows\SysWOW64\sppui
2017-01-18 12:33:27 ----D---- C:\Windows\SysWOW64\manifeststore
2017-01-18 12:33:27 ----D---- C:\Windows\SysWOW64\es-ES
2017-01-18 12:33:26 ----D---- C:\Windows\SysWOW64\wbem
2017-01-18 12:33:25 ----D---- C:\Windows\SysWOW64\migwiz
2017-01-18 12:33:25 ----D---- C:\Windows\SysWOW64\Dism
2017-01-18 12:33:25 ----D---- C:\Windows\SysWOW64
2017-01-18 12:33:05 ----D---- C:\Windows\PolicyDefinitions
2017-01-18 12:32:39 ----RSD---- C:\Windows\Fonts
2017-01-18 12:32:38 ----D---- C:\Windows\AppPatch
2017-01-18 12:08:04 ----A---- C:\Windows\SysWOW64\msclmd.dll
2017-01-16 18:42:26 ----RD---- C:\Program Files
2017-01-16 18:42:26 ----HD---- C:\ProgramData
2017-01-15 12:50:57 ----D---- C:\Program Files (x86)\Common Files
2017-01-15 12:16:54 ----D---- C:\Windows\Tasks
2017-01-14 19:33:12 ----SHD---- C:\$Recycle.Bin
2017-01-13 13:50:03 ----D---- C:\Windows\SysWOW64\GroupPolicy
2016-12-27 23:09:32 ----D---- C:\Windows\rescache
2016-12-27 23:04:48 ----D---- C:\Windows\Logs
2016-12-25 13:30:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2016-12-25 12:59:01 ----D---- C:\Windows\SysWOW64\en-US
2016-12-25 12:56:56 ----SD---- C:\ProgramData\Microsoft
2016-12-25 10:57:26 ----D---- C:\Windows\LiveKernelReports
2016-12-24 16:29:21 ----D---- C:\Windows\debug
2016-12-24 10:21:44 ----RD---- C:\Users
2016-12-24 10:10:10 ----D---- C:\Windows\Setup

File C:\Windows\SysWOW64\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys []
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 aswHdsKe;aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-04 344064]
R2 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-08-10 57344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Vir v notebooků

Napsal: 20 led 2017 19:21
od Roli
Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém



Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ycmocfihcx"=-

:commands
[purity]
[emptytemp]
[start explorer]
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\


Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz