Odinstalace KMSpico a kontrola logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 11 říj 2017 10:34

tady zatim log z adwcleaneru.
# AdwCleaner 7.0.3.1 - Logfile created on Wed Oct 11 00:35:08 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 8.1 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Adela\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Adela\AppData\Local\AdService
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESTsoft
Deleted: C:\ProgramData\ESTsoft
Deleted: C:\ProgramData\Application Data\ESTsoft
Deleted: C:\Program Files (x86)\ESTsoft
Deleted: C:\Users\Adela\AppData\Roaming\ESTsoft
Deleted: C:\Users\Adela\AppData\Local\VirtualStore\Program Files (x86)\ESTsoft
Deleted: C:\Users\All Users\ESTsoft
Deleted: C:\ProgramData\e1be98e0


***** [ Files ] *****

Deleted: C:\Windows\System32\config\systemprofile\appdata\local\installationconfiguration.xml
Deleted: C:\Users\Adela\appdata\local\installationconfiguration.xml


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.biz
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.azlyrics.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-1277085983-4139081718-311539203-1001\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1277085983-4139081718-311539203-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10112017022232127\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKU\S-1-5-21-1277085983-4139081718-311539203-1001\Software\FastDataX
Deleted: [Key] - HKU\S-1-5-21-1277085983-4139081718-311539203-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10112017022232127\Software\FastDataX
Deleted: [Key] - HKCU\Software\FastDataX
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted: [Key] - HKU\S-1-5-21-1277085983-4139081718-311539203-1001\Software\SetupCompany
Deleted: [Key] - HKU\S-1-5-21-1277085983-4139081718-311539203-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10112017022232127\Software\SetupCompany
Deleted: [Key] - HKCU\Software\SetupCompany
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2966 B] - [2017/10/10 12:58:31]
C:/AdwCleaner/AdwCleaner[S1].txt - [3511 B] - [2017/10/11 0:33:45]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Reklama
asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 11 říj 2017 10:47

Tady z jrt:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Pro x64
Ran by Adela (Administrator) on st 11. 10. 2017 at 10:38:14,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\Program Files (x86)\GUTB344.tmp (File)



Registry: 1

Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 11. 10. 2017 at 10:41:03,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod jaro3 » 11 říj 2017 17:35

Ještě to další.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 13 říj 2017 09:43

ogueKiller V12.11.19.0 [Oct 9 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Adela [Práva správce]
Started from : C:\Users\Adela\Desktop\gramy\RogueKiller_portable32.exe
Mód : Prohledat -- Datum : 10/13/2017 01:30:03 (Duration : 00:36:19)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[Adw.EnjoyWifi] (X64) HKEY_USERS\S-1-5-21-1277085983-4139081718-311539203-1001\Software\enjoyWifi -> Nalezeno
[Adw.EnjoyWifi] (X86) HKEY_USERS\S-1-5-21-1277085983-4139081718-311539203-1001\Software\enjoyWifi -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[PUP.Gen0][Soubor] C:\Windows\SECOH-QAD.exe -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 +++++
--- User ---
[MBR] 3d2f991be75867f45a3c8d71956f54f4
[BSP] 7ad93314db0007bbac2689e6bcc97239 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 610128 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod jaro3 » 13 říj 2017 09:44

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
http://leteckaposta.cz/415997425
klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 16 říj 2017 14:59

RogueKiller V12.11.19.0 [Oct 9 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Adela [Práva správce]
Started from : C:\Users\Adela\Desktop\gramy\RogueKiller_portable32.exe
Mód : Smazat -- Datum : 10/16/2017 14:14:26 (Duration : 00:37:12)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[Adw.EnjoyWifi] (X64) HKEY_USERS\S-1-5-21-1277085983-4139081718-311539203-1001\Software\enjoyWifi -> Smazáno
[Adw.EnjoyWifi] (X86) HKEY_USERS\S-1-5-21-1277085983-4139081718-311539203-1001\Software\enjoyWifi -> Smazáno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[PUP.Gen0][Soubor] C:\Windows\SECOH-QAD.exe -> Smazáno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 +++++
--- User ---
[MBR] 3d2f991be75867f45a3c8d71956f54f4
[BSP] 7ad93314db0007bbac2689e6bcc97239 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 610128 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 16 říj 2017 16:36

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Adela on po 16. 10. 2017 at 15:03:05,49.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Adela\Desktop\gramy\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16. 10. 2017 15:04:24 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Seznam.cz deleted successfully
C:\Users\Adela\AppData\Local\EmieSiteList deleted successfully
C:\Users\Adela\AppData\Local\EmieUserList deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Seznam.cz not found
C:\Users\Adela\.android deleted
C:\PROGRA~2\GUMB343.tmp deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\found.004 deleted
C:\found.005 deleted
C:\found.006 deleted
C:\Users\Adela\AppData\Roaming\Wondershare deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Adela\AppData\Local\Wondershare deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AVAST Software deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Adela\bsplayer270.setup.exe deleted
C:\Users\Adela\HijackThis.exe deleted
C:\Users\Adela\iview441_x64_setup.exe deleted
C:\Users\Adela\mobilego_setup_full818.exe deleted
C:\Users\Adela\MyPhoneExplorer_Setup_v1.8.8.exe deleted
C:\Users\Adela\SkypeSetup.exe deleted
"C:\Users\Adela\AppData\Local\{04310E9C-478E-449F-ADA2-CF0A392F26A9}" deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.1\Newtonsoft.Json.dll" deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.1\WsAppCollect.dll" deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.1\WsAppCommon.dll" not deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.1\WsAppService.exe" not deleted
"C:\PROGRA~2\Wondershare" not deleted
"C:\PROGRA~2\Wondershare\WAF" not deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.1" not deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

Grammarly for Chrome - Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
Chrome Media Router - Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adela\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Adela\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=262 folders=104 103815573 bytes)

==== Empty Temp Folders ======================

C:\Users\Adela\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Adela\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Wondershare\WAF\2.3.1.1\WsAppCommon.dll" not found
"C:\PROGRA~2\Wondershare\WAF\2.3.1.1\WsAppService.exe" not found
"C:\PROGRA~2\Wondershare" not found

==== EOF on po 16. 10. 2017 at 15:43:34,53 ======================

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 16 říj 2017 16:54

Zemana AntiMalware 2.74.2.150 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017/10/16
Operating System : Windows 8.1 64-bit
Processor : 2X AMD A4-3300M APU with Radeon(tm) HD Graphics
BIOS Mode : Legacy
CUID : 12A950C00EC767E43A4FA0
Scan Type : Skenování systému
Duration : 9m 55s
Scanned Objects : 75275
Detected Objects : 2
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Wize Search SafeFinder
Status : Skenováno
Object : %localappdata%\google\chrome\user data\default\extensions\feeilhmlfcpfchpbgoknoeefdkbgionj
MD5 : -
Publisher : -
Size : -
Version : -
Detection : PUA.ChromeExt!Gr
Cleaning Action : Opravit
Related Objects :
Rozšíření prohlížeče - Wize Search SafeFinder

KMSpico_setup.exe
Status : Skenováno
Object : %userprofile%\downloads\kmspico.v10.1.7.final\kmspico.v10.1.7.final\kmspico_setup.exe
MD5 : A89C072C83A54CB5AA2C570F3D910A56
Publisher : @ByELDI
Size : 3211592
Version : 10.1.7.0
Detection : PUA:Win32/HackTool.IdleKMS
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\kmspico.v10.1.7.final\kmspico.v10.1.7.final\kmspico_setup.exe


Cleaning Result
-------------------------------------------------------
Cleaned : 2
Reported as safe : 0
Failed : 0

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 16 říj 2017 17:06

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:06:20, on 16. 10. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Adela\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Adela\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\PROGRA~2\MICROS~1\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{23990FFD-9393-4FD2-9BD6-98272CAAEFEA}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B98E086-7AE3-4428-8EE3-E0B9DE6FE919}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C8E1521-92EC-47FD-AD09-C12D173DA866}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{81645F0E-4FDB-4CF9-A0C0-3D8C6C5F26A4}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{8718928D-CBEB-45EA-A621-800A9249001D}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC427FEA-C20A-447F-A6D6-B5E999629016}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: NameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{23990FFD-9393-4FD2-9BD6-98272CAAEFEA}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Unknown owner - C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 10031 bytes

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 16 říj 2017 17:20

tady prvni polovina logu z TRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-10-2017
Ran by Adela (administrator) on HP (16-10-2017 17:07:27)
Running from C:\Users\Adela\Desktop\gramy
Loaded Profiles: Adela (Available Profiles: Adela)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Spotify Ltd) C:\Users\Adela\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [SERVICE] => [X]
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-1277085983-4139081718-311539203-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-1277085983-4139081718-311539203-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-1277085983-4139081718-311539203-1001\...\Run: [Spotify Web Helper] => C:\Users\Adela\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-10] (Spotify Ltd)
HKU\S-1-5-21-1277085983-4139081718-311539203-1001\...\MountPoints2: {e284a729-5f5d-11e7-8376-d0df9aa83a48} - "D:\setup.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{23990FFD-9393-4FD2-9BD6-98272CAAEFEA}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{23990FFD-9393-4FD2-9BD6-98272CAAEFEA}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{7B98E086-7AE3-4428-8EE3-E0B9DE6FE919}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7B98E086-7AE3-4428-8EE3-E0B9DE6FE919}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{7C8E1521-92EC-47FD-AD09-C12D173DA866}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7C8E1521-92EC-47FD-AD09-C12D173DA866}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{81645F0E-4FDB-4CF9-A0C0-3D8C6C5F26A4}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{AC427FEA-C20A-447F-A6D6-B5E999629016}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{AC427FEA-C20A-447F-A6D6-B5E999629016}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1277085983-4139081718-311539203-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default [2017-10-16]
CHR Extension: (Prezentace) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-16]
CHR Extension: (YouTube) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-16]
CHR Extension: (Tabulky) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-16]
CHR Extension: (Gmail) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-16]
CHR Extension: (Chrome Media Router) - C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-07-03] (Disc Soft Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-07-03] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-07-03] (Disc Soft Ltd)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-11] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [45504 2017-10-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-16] (Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2017-10-13] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-10-16] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-10-16] (Zemana Ltd.)
S1 bovclsad; \??\C:\Windows\system32\drivers\bovclsad.sys [X]
S1 cuddyiap; \??\C:\Windows\system32\drivers\cuddyiap.sys [X]
S1 djqlvvbq; \??\C:\Windows\system32\drivers\djqlvvbq.sys [X]
S1 hcvdrweh; \??\C:\Windows\system32\drivers\hcvdrweh.sys [X]
S1 lphkruin; \??\C:\Windows\system32\drivers\lphkruin.sys [X]
S1 ltkutebv; \??\C:\Windows\system32\drivers\ltkutebv.sys [X]
S1 nytowmzz; \??\C:\Windows\system32\drivers\nytowmzz.sys [X]
S1 ohrqfygr; \??\C:\Windows\system32\drivers\ohrqfygr.sys [X]
S1 pzdssjuf; \??\C:\Windows\system32\drivers\pzdssjuf.sys [X]
S1 qbvwdmuq; \??\C:\Windows\system32\drivers\qbvwdmuq.sys [X]
S1 qgrcojfo; \??\C:\Windows\system32\drivers\qgrcojfo.sys [X]
S1 rpwznmko; \??\C:\Windows\system32\drivers\rpwznmko.sys [X]
S1 sayxuubm; \??\C:\Windows\system32\drivers\sayxuubm.sys [X]
S1 tlqdcsls; \??\C:\Windows\system32\drivers\tlqdcsls.sys [X]
S1 tmzzmgcl; \??\C:\Windows\system32\drivers\tmzzmgcl.sys [X]
S1 vejdaxip; \??\C:\Windows\system32\drivers\vejdaxip.sys [X]
S1 vkeelocy; \??\C:\Windows\system32\drivers\vkeelocy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-16 17:07 - 2017-10-16 17:07 - 000000000 ____D C:\FRST
2017-10-16 17:03 - 2017-10-16 17:03 - 000003007 _____ C:\Users\Adela\Desktop\HiJackThis.lnk
2017-10-16 17:03 - 2017-10-16 17:03 - 000000000 ____D C:\Users\Adela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2017-10-16 17:03 - 2017-10-16 17:03 - 000000000 ____D C:\Program Files (x86)\Trend Micro
2017-10-16 16:40 - 2017-10-16 17:07 - 000023269 _____ C:\Windows\ZAM.krnl.trace
2017-10-16 16:40 - 2017-10-16 17:07 - 000010175 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-10-16 16:40 - 2017-10-16 16:40 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-10-16 16:40 - 2017-10-16 16:40 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-10-16 16:40 - 2017-10-16 16:40 - 000001160 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-10-16 16:40 - 2017-10-16 16:40 - 000000000 ____D C:\Users\Adela\AppData\Local\Zemana
2017-10-16 16:40 - 2017-10-16 16:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-10-16 16:40 - 2017-10-16 16:40 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-10-16 16:36 - 2017-10-16 16:36 - 006625600 _____ (Zemana Ltd. ) C:\Users\Adela\Downloads\Zemana.AntiMalware.Setup.exe
2017-10-16 15:20 - 2017-10-16 15:03 - 000024064 _____ C:\Windows\zoek-delete.exe
2017-10-16 15:03 - 2017-10-16 15:18 - 000000000 ____D C:\zoek_backup
2017-10-13 01:30 - 2017-10-13 01:30 - 000024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-10-13 01:29 - 2017-10-16 15:00 - 000000000 ____D C:\ProgramData\RogueKiller
2017-10-11 11:34 - 2017-10-11 11:34 - 000000000 ____D C:\ProgramData\Sophos
2017-10-11 11:28 - 2017-10-11 11:28 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-10-11 11:28 - 2017-10-11 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-10-11 11:27 - 2017-10-11 11:27 - 000000000 ____D C:\Program Files (x86)\Sophos
2017-10-11 10:41 - 2017-10-11 10:41 - 000000737 _____ C:\Users\Adela\Desktop\JRT.txt
2017-10-11 10:26 - 2017-10-11 10:26 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-10-11 10:22 - 2017-10-11 10:22 - 001678576 _____ C:\Windows\Minidump\101117-15906-01.dmp
2017-10-11 10:00 - 2017-10-11 10:00 - 001683472 _____ C:\Windows\Minidump\101117-17921-01.dmp
2017-10-11 09:59 - 2017-10-11 09:59 - 001678560 _____ C:\Windows\Minidump\101117-17265-01.dmp
2017-10-11 02:44 - 2017-10-11 02:44 - 001678576 _____ C:\Windows\Minidump\101117-17296-01.dmp
2017-10-11 02:43 - 2017-10-11 02:43 - 001681392 _____ C:\Windows\Minidump\101117-17109-01.dmp
2017-10-10 21:42 - 2017-10-16 15:43 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-10-10 21:42 - 2017-10-16 15:43 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-10-10 14:56 - 2017-10-11 02:35 - 000000000 ____D C:\AdwCleaner
2017-10-10 13:44 - 2017-10-11 10:26 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-10 13:44 - 2017-10-10 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-10 00:07 - 2017-10-10 13:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-10 00:07 - 2017-10-10 00:07 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-05 10:02 - 2017-10-05 10:02 - 001683488 _____ C:\Windows\Minidump\100517-15328-01.dmp
2017-10-05 10:00 - 2017-10-05 10:00 - 000310160 _____ C:\Windows\Minidump\100517-18656-01.dmp
2017-10-05 09:52 - 2017-10-05 09:52 - 000576504 _____ C:\Windows\Minidump\100517-15812-01.dmp
2017-10-05 09:07 - 2017-10-05 09:08 - 000310264 _____ C:\Windows\Minidump\100517-15531-01.dmp
2017-10-05 01:55 - 2017-10-05 01:55 - 000310200 _____ C:\Windows\Minidump\100517-30437-01.dmp
2017-10-05 01:53 - 2017-10-05 01:53 - 000310192 _____ C:\Windows\Minidump\100517-29953-01.dmp
2017-10-04 23:54 - 2017-10-04 23:55 - 001681392 _____ C:\Windows\Minidump\100417-30312-01.dmp
2017-10-03 14:04 - 2017-10-03 14:04 - 000001234 _____ C:\Users\Adela\Desktop\Google Chrome.lnk
2017-10-03 10:42 - 2017-10-03 10:42 - 001678576 _____ C:\Windows\Minidump\100317-31562-01.dmp
2017-10-03 10:03 - 2017-10-16 15:43 - 000000008 __RSH C:\Users\Adela\ntuser.pol
2017-10-03 08:59 - 2017-10-03 08:59 - 000000000 _____ C:\Windows\Minidump\100317-26484-01.dmp
2017-10-03 08:57 - 2017-10-03 08:57 - 000000000 _____ C:\Windows\Minidump\100317-27265-01.dmp
2017-10-02 10:35 - 2017-10-02 10:35 - 001678576 _____ C:\Windows\Minidump\100217-39500-01.dmp
2017-10-01 15:59 - 2017-10-01 15:59 - 001678576 _____ C:\Windows\Minidump\100117-41671-01.dmp
2017-10-01 14:57 - 2017-10-01 15:06 - 000000000 ____D C:\Users\Adela\AppData\Roaming\Seznam.cz
2017-10-01 14:56 - 2017-10-16 15:43 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-10-01 14:52 - 2017-10-01 14:52 - 000000000 ____D C:\Users\Adela\AppData\Roaming\Mozilla
2017-10-01 14:50 - 2017-10-05 09:58 - 000000000 ____D C:\Applications
2017-10-01 14:50 - 2017-10-01 14:50 - 000140800 _____ C:\Users\Adela\AppData\Local\installer.dat
2017-10-01 14:50 - 2017-10-01 14:50 - 000003232 _____ C:\Windows\System32\Tasks\ShadowsocksS
2017-10-01 14:50 - 2017-10-01 14:50 - 000000000 ____D C:\WinSys
2017-10-01 14:45 - 2017-10-01 14:45 - 003192832 _____ C:\Users\Adela\KMSPico 10.2.1 [DazTeam] (1).iso
2017-10-01 14:39 - 2017-10-01 14:39 - 003690328 _____ (@ByELDI ) C:\Users\Adela\Nepotvrzeno 333592.crdownload
2017-09-30 12:39 - 2017-09-30 12:39 - 001678576 _____ C:\Windows\Minidump\093017-25609-01.dmp
2017-09-30 02:43 - 2017-09-02 01:54 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-30 02:43 - 2017-09-02 01:54 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-30 02:38 - 2017-09-30 02:38 - 000310160 _____ C:\Windows\Minidump\093017-44656-01.dmp
2017-09-29 15:57 - 2017-09-29 16:03 - 000000000 ___SD C:\Windows\system32\CompatTel
2017-09-19 17:26 - 2017-09-19 17:31 - 000000000 ____D C:\Windows\system32\MRT
2017-09-19 17:25 - 2017-09-19 17:25 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-19 16:35 - 2017-09-19 16:35 - 000002990 _____ C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2017-09-19 16:35 - 2017-09-19 16:35 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-09-19 16:15 - 2016-01-10 19:50 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2017-09-19 16:15 - 2016-01-10 19:31 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2017-09-19 16:15 - 2016-01-10 19:16 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-09-19 16:15 - 2016-01-10 19:14 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2017-09-19 16:15 - 2016-01-10 19:12 - 000532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-09-19 16:15 - 2016-01-10 18:58 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-09-19 16:15 - 2016-01-10 18:51 - 000702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-09-19 16:15 - 2016-01-10 18:49 - 000443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2017-09-19 16:15 - 2016-01-10 18:40 - 000116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2017-09-19 16:15 - 2014-03-06 11:24 - 000111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2017-09-19 16:15 - 2014-03-06 11:24 - 000033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2017-09-19 16:15 - 2014-03-06 11:19 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-09-19 16:10 - 2015-05-30 21:36 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-09-19 16:10 - 2015-05-30 21:35 - 000911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-09-19 16:10 - 2014-12-08 21:42 - 000413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-09-19 16:10 - 2014-12-08 21:42 - 000372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-09-19 16:10 - 2014-12-08 21:42 - 000108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-09-19 16:10 - 2014-12-08 21:42 - 000038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2017-09-19 16:10 - 2014-12-08 21:42 - 000033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2017-09-19 16:09 - 2016-05-06 17:45 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-09-19 16:09 - 2016-05-06 17:23 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-09-19 16:09 - 2015-11-05 10:59 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2017-09-19 16:09 - 2014-12-09 03:50 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-09-19 16:08 - 2016-04-09 23:58 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-09-19 16:08 - 2016-04-09 23:50 - 000375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 002745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 002528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 002450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 002447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 002334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 002324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 001877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 001798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 001484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 001288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 001210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 001150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 001115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 001037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2017-09-19 16:08 - 2015-12-05 07:58 - 000090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2017-09-19 16:08 - 2015-12-05 07:58 - 000076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2017-09-19 16:08 - 2015-12-03 20:07 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-09-19 16:08 - 2015-12-03 20:07 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-09-19 16:08 - 2015-12-03 20:05 - 000644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-09-19 16:08 - 2015-12-03 20:02 - 001664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-09-19 16:08 - 2015-12-03 20:00 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-09-19 16:08 - 2015-12-03 19:58 - 000378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2017-09-19 16:08 - 2015-12-03 19:30 - 000468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-09-19 16:08 - 2015-12-03 19:28 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-09-19 16:08 - 2015-12-03 19:28 - 000245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2017-09-19 16:08 - 2015-12-03 19:27 - 000736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2017-09-19 16:08 - 2015-12-03 19:24 - 001411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2017-09-19 16:08 - 2015-12-03 19:23 - 000402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2017-09-19 16:08 - 2015-12-03 19:01 - 000743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2017-09-19 16:08 - 2015-12-03 18:40 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-09-19 16:08 - 2015-12-03 18:29 - 000887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2017-09-19 16:08 - 2015-10-13 19:10 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-09-19 16:08 - 2015-07-10 19:54 - 001217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-09-19 16:08 - 2014-12-09 05:45 - 000393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2017-09-19 16:08 - 2014-12-09 03:56 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2017-09-19 16:08 - 2014-10-29 04:46 - 000272384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-09-19 16:07 - 2016-05-12 18:17 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-09-19 16:07 - 2016-05-12 18:12 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2017-09-19 16:07 - 2016-05-12 18:08 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-09-19 16:07 - 2016-05-12 17:59 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-09-19 16:07 - 2016-05-12 17:43 - 000291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-09-19 16:07 - 2016-05-12 17:40 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2017-09-19 16:07 - 2016-05-12 17:37 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-09-19 16:07 - 2016-03-31 08:50 - 001307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-19 16:07 - 2016-03-31 05:40 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-19 16:07 - 2015-12-02 17:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-09-19 16:07 - 2015-12-02 17:01 - 000561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2017-09-19 16:06 - 2015-01-30 03:29 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2017-09-19 16:05 - 2014-10-29 03:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\rasadhlp.dll
2017-09-19 16:04 - 2014-10-29 05:18 - 000848568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2017-09-19 16:04 - 2014-10-29 05:18 - 000348048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\verifier.dll
2017-09-19 16:04 - 2014-10-29 05:18 - 000255136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
2017-09-19 16:04 - 2014-10-29 05:18 - 000164264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-09-19 16:04 - 2014-10-29 05:18 - 000120352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2017-09-19 16:04 - 2014-10-29 05:18 - 000029920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel.appcore.dll
2017-09-19 16:04 - 2014-10-29 05:18 - 000016504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psapi.dll
2017-09-19 16:04 - 2014-10-29 05:17 - 000033088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2017-09-19 16:04 - 2014-10-29 05:15 - 000192096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000168256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000165728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntasn1.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000156992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dssenh.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000154392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntmarta.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000110512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000099104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000098152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000096032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000074352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000068168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000051608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000035592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2017-09-19 16:04 - 2014-10-29 05:15 - 000021696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsrole.dll
2017-09-19 16:04 - 2014-10-29 05:13 - 000185880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 001907384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 000430176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 000416760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 000413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-09-19 16:04 - 2014-10-29 05:12 - 000403776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 000241680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 000116696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxva2.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 000102728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 000087224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpr.dll
2017-09-19 16:04 - 2014-10-29 05:12 - 000051096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wwapi.dll
2017-09-19 16:04 - 2014-10-29 05:11 - 002689392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2017-09-19 16:04 - 2014-10-29 05:11 - 001024200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-09-19 16:04 - 2014-10-29 05:11 - 000488064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2017-09-19 16:04 - 2014-10-29 05:11 - 000191104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2017-09-19 16:04 - 2014-10-29 05:11 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2017-09-19 16:04 - 2014-10-29 05:11 - 000187488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2017-09-19 16:04 - 2014-10-29 05:11 - 000150776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2017-09-19 16:04 - 2014-10-29 05:11 - 000028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraSettingsUIHost.exe
2017-09-19 16:04 - 2014-10-29 05:10 - 001287112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 001178104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000569128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000367248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000278352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000276816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000272648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000094464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2017-09-19 16:04 - 2014-10-29 05:10 - 000052664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000040816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2017-09-19 16:04 - 2014-10-29 05:10 - 000038184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2017-09-19 16:04 - 2014-10-29 05:10 - 000034016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialUIBroker.exe
2017-09-19 16:04 - 2014-10-29 05:10 - 000030944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2017-09-19 16:04 - 2014-10-29 05:10 - 000029888 _____ (Microsoft Corporation)

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 16 říj 2017 17:21

Tady druha cast, budu to muset rozdelit do vice nez dvou kvuli velikosti.
C:\Windows\SysWOW64\PasswordOnWakeSettingFlyout.exe
2017-09-19 16:04 - 2014-10-29 05:10 - 000026304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
2017-09-19 16:04 - 2014-10-29 05:09 - 000017216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
2017-09-19 16:04 - 2014-10-29 05:07 - 005120000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 001321192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000336680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000331048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000320256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000136840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000134280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWWizFwk.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000089816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msacm32.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000039720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000036136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msgsm32.acm
2017-09-19 16:04 - 2014-10-29 05:07 - 000029960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imaadp32.acm
2017-09-19 16:04 - 2014-10-29 05:07 - 000028896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msadp32.acm
2017-09-19 16:04 - 2014-10-29 05:07 - 000022720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msg711.acm
2017-09-19 16:04 - 2014-10-29 05:07 - 000019096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2017-09-19 16:04 - 2014-10-29 05:07 - 000018040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2017-09-19 16:04 - 2014-10-29 05:06 - 000800008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2017-09-19 16:04 - 2014-10-29 05:06 - 000111064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTWorkQ.dll
2017-09-19 16:04 - 2014-10-29 05:06 - 000090368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfAACEnc.dll
2017-09-19 16:04 - 2014-10-29 05:05 - 000052152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2017-09-19 16:04 - 2014-10-29 05:05 - 000030984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-19 16:04 - 2014-10-29 04:11 - 001070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-09-19 16:04 - 2014-10-29 04:10 - 000515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2017-09-19 16:04 - 2014-10-29 04:05 - 002628608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-09-19 16:04 - 2014-10-29 04:04 - 000445440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp60.dll
2017-09-19 16:04 - 2014-10-29 04:04 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcirt.dll
2017-09-19 16:04 - 2014-10-29 04:04 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceUxRes.dll
2017-09-19 16:04 - 2014-10-29 04:04 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2help.dll
2017-09-19 16:04 - 2014-10-29 04:04 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rnr20.dll
2017-09-19 16:04 - 2014-10-29 04:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll
2017-09-19 16:04 - 2014-10-29 04:03 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-19 16:04 - 2014-10-29 04:03 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ktmw32.dll
2017-09-19 16:04 - 2014-10-29 04:03 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\txfw32.dll
2017-09-19 16:04 - 2014-10-29 04:03 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wship6.dll
2017-09-19 16:04 - 2014-10-29 04:03 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSHTCPIP.DLL
2017-09-19 16:04 - 2014-10-29 04:00 - 000594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dramp.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000435200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glmf32.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spfileq.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPInf.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sfc_os.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Nlsdl.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciwave.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciseq.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davhlpr.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmutil.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscpxl32.dLL
2017-09-19 16:04 - 2014-10-29 04:00 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbios.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscat32.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensApi.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\softpub.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nddeapi.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiwer.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssip32.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ir50_32.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ir41_32.ax
2017-09-19 16:04 - 2014-10-29 04:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OskSupport.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ir50_qcx.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ir50_qc.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ir41_qcx.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ir41_qc.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ir32_32.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\getuname.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osuninst.dll
2017-09-19 16:04 - 2014-10-29 04:00 - 000003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprop.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 002013696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glu32.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regini.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\feclient.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\htui.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efsutil.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrnr.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comp.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fc.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\replace.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vdmdbg.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsock32.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\doskey.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\find.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subst.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\print.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msidcrl40.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\help.exe
2017-09-19 16:04 - 2014-10-29 03:59 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sas.dll
2017-09-19 16:04 - 2014-10-29 03:59 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XInput9_1_0.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000423424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbnetlib.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\radardt.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000085504 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\makecab.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000069120 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm
2017-09-19 16:04 - 2014-10-29 03:58 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drttransport.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcbcp.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcicda.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cliconfg.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mode.com
2017-09-19 16:04 - 2014-10-29 03:58 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ureg.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drprov.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sort.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osbaseln.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\umdmxfrm.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\midimap.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chkntfs.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbnmpntw.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSRPC.DLL
2017-09-19 16:04 - 2014-10-29 03:58 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tree.com
2017-09-19 16:04 - 2014-10-29 03:58 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiltcfg.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskcomp.com
2017-09-19 16:04 - 2014-10-29 03:58 - 000014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\label.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdkey.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwinsat.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\recover.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chcp.com
2017-09-19 16:04 - 2014-10-29 03:58 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskcopy.com
2017-09-19 16:04 - 2014-10-29 03:58 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dvdplay.exe
2017-09-19 16:04 - 2014-10-29 03:58 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TimeDateMUICallback.dll
2017-09-19 16:04 - 2014-10-29 03:58 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acledit.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\opengl32.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2017-09-19 16:04 - 2014-10-29 03:57 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drt.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldpc.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cliconfg.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\expand.exe
2017-09-19 16:04 - 2014-10-29 03:57 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hidphone.tsp
2017-09-19 16:04 - 2014-10-29 03:57 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syskey.exe
2017-09-19 16:04 - 2014-10-29 03:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmintf.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2017-09-19 16:04 - 2014-10-29 03:57 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\serwvdrv.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcacli.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmlprovi.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpupdate.exe
2017-09-19 16:04 - 2014-10-29 03:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcmsetup.exe
2017-09-19 16:04 - 2014-10-29 03:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DDOIProxy.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\panmap.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutilx.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RdpSaPs.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcico.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IconCodecService.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrnsave.scr
2017-09-19 16:04 - 2014-10-29 03:57 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spnet.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcNs4.dll
2017-09-19 16:04 - 2014-10-29 03:57 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shfolder.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.ps.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtfwd.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capisp.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\irclass.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSChannel.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmcodecdspps.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcji32.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odtext32.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odpdx32.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odfox32.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oddbse32.dll
2017-09-19 16:04 - 2014-10-29 03:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odexl32.dll
2017-09-19 16:04 - 2014-10-29 03:55 - 000171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-09-19 16:04 - 2014-10-29 03:55 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-09-19 16:04 - 2014-10-29 03:55 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2017-09-19 16:04 - 2014-10-29 03:55 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pid.dll
2017-09-19 16:04 - 2014-10-29 03:55 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
2017-09-19 16:04 - 2014-10-29 03:55 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfime.ime
2017-09-19 16:04 - 2014-10-29 03:54 - 015784448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DDORes.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000401408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dim.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000114688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfui.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfp.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avicap32.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drtprov.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2017-09-19 16:04 - 2014-10-29 03:54 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\extrac32.exe
2017-09-19 16:04 - 2014-10-29 03:54 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcPing.exe
2017-09-19 16:04 - 2014-10-29 03:54 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msacm32.drv
2017-09-19 16:04 - 2014-10-29 03:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secinit.exe
2017-09-19 16:04 - 2014-10-29 03:54 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ctfmon.exe
2017-09-19 16:04 - 2014-10-29 03:53 - 002238464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NL7Data0404.dll
2017-09-19 16:04 - 2014-10-29 03:53 - 001065984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8.dll
2017-09-19 16:04 - 2014-10-29 03:53 - 000433152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese40.dll
2017-09-19 16:04 - 2014-10-29 03:53 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-09-19 16:04 - 2014-10-29 03:53 - 000163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-19 16:04 - 2014-10-29 03:53 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2017-09-19 16:04 - 2014-10-29 03:53 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2017-09-19 16:04 - 2014-10-29 03:53 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlaySndSrv.dll
2017-09-19 16:04 - 2014-10-29 03:53 - 000027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcnsh.dll
2017-09-19 16:04 - 2014-10-29 03:53 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2017-09-19 16:04 - 2014-10-29 03:53 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ktmutil.exe
2017-09-19 16:04 - 2014-10-29 03:53 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\verclsid.exe
2017-09-19 16:04 - 2014-10-29 03:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2017-09-19 16:04 - 2014-10-29 03:52 - 003355136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NL7Data0804.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000181248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB7.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hdwwiz.exe
2017-09-19 16:04 - 2014-10-29 03:52 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winver.exe
2017-09-19 16:04 - 2014-10-29 03:52 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000031744 _____ (Microsoft Corporation)
C:\Windows\SysWOW64\PlayToStatusProvider.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmib.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compact.exe
2017-09-19 16:04 - 2014-10-29 03:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
2017-09-19 16:04 - 2014-10-29 03:52 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdext.dll
2017-09-19 16:04 - 2014-10-29 03:52 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\write.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 007331840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NL7Data0011.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NL7Data001E.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsdmo.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmstyle.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usbceip.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oledlg.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmscript.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olecli32.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcompos.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndadmin.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dxof.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprovisionsp.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasphone.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msports.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmloader.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdrleakdiag.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmband.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\where.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olesvr32.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timeout.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clip.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\at.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dswave.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winusb.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorSvc.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runas.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdial.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetmon.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcmonitor.dll
2017-09-19 16:04 - 2014-10-29 03:51 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InfDefaultInstall.exe
2017-09-19 16:04 - 2014-10-29 03:51 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systray.exe
2017-09-19 16:04 - 2014-10-29 03:50 - 000711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2017-09-19 16:04 - 2014-10-29 03:50 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlceoledb40.dll
2017-09-19 16:04 - 2014-10-29 03:50 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcecompact40.dll
2017-09-19 16:04 - 2014-10-29 03:50 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmsynth.dll
2017-09-19 16:04 - 2014-10-29 03:50 - 000101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscript.ocx
2017-09-19 16:04 - 2014-10-29 03:50 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2017-09-19 16:04 - 2014-10-29 03:50 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2017-09-19 16:04 - 2014-10-29 03:50 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cttunesvr.exe
2017-09-19 16:04 - 2014-10-29 03:50 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Apphlpdm.dll
2017-09-19 16:04 - 2014-10-29 03:50 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxsstore.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000742400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlceqp40.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2017-09-19 16:04 - 2014-10-29 03:49 - 000207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmime.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2017-09-19 16:04 - 2014-10-29 03:49 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmview.ocx
2017-09-19 16:04 - 2014-10-29 03:49 - 000082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2017-09-19 16:04 - 2014-10-29 03:49 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutilext.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceDisplayStatusManager.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingProxy.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlaninst.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2017-09-19 16:04 - 2014-10-29 03:49 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2017-09-19 16:04 - 2014-10-29 03:49 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CHxReadingStringIME.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 001497600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskcopy.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000524800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB70804.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000524800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB70404.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000524800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB7001E.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000524800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB70011.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000466944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2017-09-19 16:04 - 2014-10-29 03:48 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\verifier.exe
2017-09-19 16:04 - 2014-10-29 03:48 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmusic.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\whoami.exe
2017-09-19 16:04 - 2014-10-29 03:48 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\forfiles.exe
2017-09-19 16:04 - 2014-10-29 03:48 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sfc.exe
2017-09-19 16:04 - 2014-10-29 03:48 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcreate.exe
2017-09-19 16:04 - 2014-10-29 03:48 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\waitfor.exe
2017-09-19 16:04 - 2014-10-29 03:48 - 000028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\choice.exe
2017-09-19 16:04 - 2014-10-29 03:48 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsCtfMonitor.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshelper.dll
2017-09-19 16:04 - 2014-10-29 03:48 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RmClient.exe
2017-09-19 16:04 - 2014-10-29 03:47 - 001096192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ogldrv.dll
2017-09-19 16:04 - 2014-10-29 03:47 - 000982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpssvcs.dll
2017-09-19 16:04 - 2014-10-29 03:47 - 000517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2017-09-19 16:04 - 2014-10-29 03:47 - 000186368 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codecp.acm
2017-09-19 16:04 - 2014-10-29 03:47 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2017-09-19 16:04 - 2014-10-29 03:47 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassvcs.dll
2017-09-19 16:04 - 2014-10-29 03:47 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gcdef.dll
2017-09-19 16:04 - 2014-10-29 03:47 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bootcfg.exe
2017-09-19 16:04 - 2014-10-29 03:47 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\console.dll
2017-09-19 16:04 - 2014-10-29 03:47 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2017-09-19 16:04 - 2014-10-29 03:47 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2017-09-19 16:04 - 2014-10-29 03:47 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSTheme.exe
2017-09-19 16:04 - 2014-10-29 03:47 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddodiag.exe
2017-09-19 16:04 - 2014-10-29 03:47 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000292352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsnt.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2017-09-19 16:04 - 2014-10-29 03:46 - 000227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000188416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssha.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmvdspa.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2017-09-19 16:04 - 2014-10-29 03:46 - 000110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2017-09-19 16:04 - 2014-10-29 03:46 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\loghours.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmci.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dssec.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtsh.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Management.Workplace.WorkplaceSettings.dll
2017-09-19 16:04 - 2014-10-29 03:46 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\serialui.dll
2017-09-19 16:04 - 2014-10-29 03:45 - 000672768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2017-09-19 16:04 - 2014-10-29 03:45 - 000273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPSTAT.EXE
2017-09-19 16:04 - 2014-10-29 03:45 - 000192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpresult.exe
2017-09-19 16:04 - 2014-10-29 03:45 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iashlpr.dll
2017-09-19 16:04 - 2014-10-29 03:45 - 000085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2017-09-19 16:04 - 2014-10-29 03:45 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2017-09-19 16:04 - 2014-10-29 03:45 - 000075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2017-09-19 16:04 - 2014-10-29 03:45 - 000074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usbui.dll
2017-09-19 16:04 - 2014-10-29 03:45 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2017-09-19 16:04 - 2014-10-29 03:45 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2017-09-19 16:04 - 2014-10-29 03:45 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2017-09-19 16:04 - 2014-10-29 03:45 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2017-09-19 16:04 - 2014-10-29 03:45 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bidispl.dll
2017-09-19 16:04 - 2014-10-29 03:45 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cipher.exe
2017-09-19 16:04 - 2014-10-29 03:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napipsec.dll
2017-09-19 16:04 - 2014-10-29 03:45 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiprop.dll
2017-09-19 16:04 - 2014-10-29 03:44 - 002984448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-09-19 16:04 - 2014-10-29 03:44 - 000778752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2017-09-19 16:04 - 2014-10-29 03:44 - 000400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2017-09-19 16:04 - 2014-10-29 03:44 - 000229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2017-09-19 16:04 - 2014-10-29 03:44 - 000218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.exe
2017-09-19 16:04 - 2014-10-29 03:44 - 000121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2017-09-19 16:04 - 2014-10-29 03:44 - 000120832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2017-09-19 16:04 - 2014-10-29 03:44 - 000104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontview.exe
2017-09-19 16:04 - 2014-10-29 03:44 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationNotifications.exe
2017-09-19 16:04 - 2014-10-29 03:44 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000289792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WmpDui.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3gpui.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2017-09-19 16:04 - 2014-10-29 03:43 - 000225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offfilt.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000196096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2017-09-19 16:04 - 2014-10-29 03:43 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bdaplgin.ax
2017-09-19 16:04 - 2014-10-29 03:43 - 000056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xwizard.exe
2017-09-19 16:04 - 2014-10-29 03:43 - 000056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2017-09-19 16:04 - 2014-10-29 03:43 - 000042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AtBroker.exe
2017-09-19 16:04 - 2014-10-29 03:43 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2017-09-19 16:04 - 2014-10-29 03:42 - 000305664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2017-09-19 16:04 - 2014-10-29 03:42 - 000198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapi32.dll
2017-09-19 16:04 - 2014-10-29 03:42 - 000138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-09-19 16:04 - 2014-10-29 03:42 - 000112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2017-09-19 16:04 - 2014-10-29 03:42 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2017-09-19 16:04 - 2014-10-29 03:42 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.exe
2017-09-19 16:04 - 2014-10-29 03:42 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\radarrs.dll
2017-09-19 16:04 - 2014-10-29 03:42 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2017-09-19 16:04 - 2014-10-29 03:42 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmps.dll
2017-09-19 16:04 - 2014-10-29 03:42 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndproxystub.dll
2017-09-19 16:04 - 2014-10-29 03:41 - 000381952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassdo.dll
2017-09-19 16:04 - 2014-10-29 03:41 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2017-09-19 16:04 - 2014-10-29 03:41 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\modemui.dll
2017-09-19 16:04 - 2014-10-29 03:41 - 000222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassam.dll
2017-09-19 16:04 - 2014-10-29 03:41 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2017-09-19 16:04 - 2014-10-29 03:40 - 002036224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0007.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000292352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2017-09-19 16:04 - 2014-10-29 03:40 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2017-09-19 16:04 - 2014-10-29 03:40 - 000138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\softkbd.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000136704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\joy.cpl
2017-09-19 16:04 - 2014-10-29 03:40 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000109056 _____ (Microsoft Corporation)

asphyxxia
Level 1
Level 1
Příspěvky: 56
Registrován: duben 16
Pohlaví: Žena
Stav:
Offline

Re: Odinstalace KMSpico a kontrola logu

Příspěvekod asphyxxia » 16 říj 2017 17:22

3. cast

C:\Windows\SysWOW64\WinMsoIrmProtector.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2017-09-19 16:04 - 2014-10-29 03:40 - 000103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinOpcIrmProtector.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2017-09-19 16:04 - 2014-10-29 03:40 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingWizard.exe
2017-09-19 16:04 - 2014-10-29 03:40 - 000051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-09-19 16:04 - 2014-10-29 03:40 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deskadp.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\docprop.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmlog.dll
2017-09-19 16:04 - 2014-10-29 03:40 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shutdown.exe
2017-09-19 16:04 - 2014-10-29 03:40 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2017-09-19 16:04 - 2014-10-29 03:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Netplwiz.exe
2017-09-19 16:04 - 2014-10-29 03:40 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DefaultDeviceManager.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 009604608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData000a.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 004531712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0416.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 004530688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData001d.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWGP.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscandui.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartScreenSettings.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icsigd.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\control.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Fondue.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceProperties.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesRemote.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesProtection.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesPerformance.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesHardware.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesComputerName.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DpiScaling.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RunLegacyCPLElevated.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ustprov.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deskmon.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComputerDefaults.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ThumbnailExtractionHost.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dvdupgrd.exe
2017-09-19 16:04 - 2014-10-29 03:39 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NcdProp.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DefaultPrinterProvider.dll
2017-09-19 16:04 - 2014-10-29 03:39 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2017-09-19 16:04 - 2014-10-29 03:38 - 004945920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 004530688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0010.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 004530176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0414.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 004529664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0816.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 002387456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData000d.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 002307072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData000c.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 002012160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0026.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 002012160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData000f.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 001548800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0000.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hdwwiz.cpl
2017-09-19 16:04 - 2014-10-29 03:38 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdart.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndfhcdiscovery.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XPSSHHDR.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DfsShlEx.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2nacp.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3hc.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msident.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucmhc.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2017-09-19 16:04 - 2014-10-29 03:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hcproviders.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndfetw.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shpafact.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\grpconv.exe
2017-09-19 16:04 - 2014-10-29 03:38 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DDACLSys.dll
2017-09-19 16:04 - 2014-10-29 03:38 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoveDeviceElevated.dll
2017-09-19 16:04 - 2014-10-29 03:37 - 003149824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0039.dll
2017-09-19 16:04 - 2014-10-29 03:37 - 001829376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData002a.dll
2017-09-19 16:04 - 2014-10-29 03:37 - 001563136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-19 16:04 - 2014-10-29 03:37 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2017-09-19 16:04 - 2014-10-29 03:37 - 000132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2017-09-19 16:04 - 2014-10-29 03:37 - 000072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2017-09-19 16:04 - 2014-10-29 03:37 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprnext.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData004e.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData004c.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData004b.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData004a.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0049.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0047.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0046.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0045.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 003132928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0020.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001999360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0027.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001997824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0c1a.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001997824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData081a.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001997824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0024.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001997824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData001b.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001997824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData001a.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001997824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0018.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001997824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0003.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001997824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0002.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001829376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData003e.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001829376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0022.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 001829376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0021.dll
2017-09-19 16:04 - 2014-10-29 03:36 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWNet.dll
2017-09-19 16:04 - 2014-10-29 03:35 - 000315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2017-09-19 16:04 - 2014-10-29 03:35 - 000100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xwreg.dll
2017-09-19 16:04 - 2014-10-29 03:35 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-09-19 16:04 - 2014-10-29 03:35 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConnectedAccountState.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdlgs.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shrpubw.exe
2017-09-19 16:04 - 2014-10-29 03:34 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswmdm.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\difxapi.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdminst.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000120832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptext.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000054272 _____ (Twain Working Group) C:\Windows\twain_32.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000046080 _____ C:\Windows\SysWOW64\BWContextHandler.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FdDevQuery.dll
2017-09-19 16:04 - 2014-10-29 03:34 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efsui.exe
2017-09-19 16:04 - 2014-10-29 03:33 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uireng.dll
2017-09-19 16:04 - 2014-10-29 03:33 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotesp.tsp
2017-09-19 16:04 - 2014-10-29 03:33 - 000068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsockhc.dll
2017-09-19 16:04 - 2014-10-29 03:33 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2017-09-19 16:04 - 2014-10-29 03:33 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\btpanui.dll
2017-09-19 16:04 - 2014-10-29 03:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\frprov.dll
2017-09-19 16:04 - 2014-10-29 03:33 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2017-09-19 16:04 - 2014-10-29 03:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000654848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comuid.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000512512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cttune.exe
2017-09-19 16:04 - 2014-10-29 03:32 - 000226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsprop.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2017-09-19 16:04 - 2014-10-29 03:32 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoveDeviceContextHandler.dll
2017-09-19 16:04 - 2014-10-29 03:32 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanui2.dll
2017-09-19 16:04 - 2014-10-29 03:31 - 000342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2017-09-19 16:04 - 2014-10-29 03:31 - 000202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2017-09-19 16:04 - 2014-10-29 03:31 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdiagprv.dll
2017-09-19 16:04 - 2014-10-29 03:31 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2017-09-19 16:04 - 2014-10-29 03:31 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rshx32.dll
2017-09-19 16:04 - 2014-10-29 03:31 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorPwdMgr.dll
2017-09-19 16:04 - 2014-10-29 03:31 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2017-09-19 16:04 - 2014-10-29 03:31 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credwiz.exe
2017-09-19 16:04 - 2014-10-29 03:30 - 000597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2017-09-19 16:04 - 2014-10-29 03:30 - 000579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2017-09-19 16:04 - 2014-10-29 03:30 - 000484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdial32.dll
2017-09-19 16:04 - 2014-10-29 03:30 - 000482304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2017-09-19 16:04 - 2014-10-29 03:30 - 000210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2017-09-19 16:04 - 2014-10-29 03:30 - 000184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2017-09-19 16:04 - 2014-10-29 03:30 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-09-19 16:04 - 2014-10-29 03:30 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2017-09-19 16:04 - 2014-10-29 03:30 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssadmin.exe
2017-09-19 16:04 - 2014-10-29 03:30 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndishc.dll
2017-09-19 16:04 - 2014-10-29 03:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2017-09-19 16:04 - 2014-10-29 03:29 - 000528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IasMigPlugin.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\filemgmt.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000195584 _____ (Microsoft Corporation)
C:\Windows\SysWOW64\DevicePairingFolder.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keymgr.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000120832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dsui.dll
2017-09-19 16:04 - 2014-10-29 03:29 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2017-09-19 16:04 - 2014-10-29 03:29 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systeminfo.exe
2017-09-19 16:04 - 2014-10-29 03:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2017-09-19 16:04 - 2014-10-29 03:29 - 000068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\driverquery.exe
2017-09-19 16:04 - 2014-10-29 03:29 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\getmac.exe
2017-09-19 16:04 - 2014-10-29 03:29 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gptext.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 002213888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsquery.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2017-09-19 16:04 - 2014-10-29 03:28 - 000241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xwtpdui.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xwtpw32.dll
2017-09-19 16:04 - 2014-10-29 03:28 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2017-09-19 16:04 - 2014-10-29 03:28 - 000078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2017-09-19 16:04 - 2014-10-29 03:28 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RdpSa.exe
2017-09-19 16:04 - 2014-10-29 03:27 - 000458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2017-09-19 16:04 - 2014-10-29 03:27 - 000416768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\irprops.cpl
2017-09-19 16:04 - 2014-10-29 03:27 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xwizards.dll
2017-09-19 16:04 - 2014-10-29 03:27 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2017-09-19 16:04 - 2014-10-29 03:27 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptuiwizard.dll
2017-09-19 16:04 - 2014-10-29 03:27 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2017-09-19 16:04 - 2014-10-29 03:27 - 000277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EaseOfAccessDialog.exe
2017-09-19 16:04 - 2014-10-29 03:27 - 000248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmontr.dll
2017-09-19 16:04 - 2014-10-29 03:27 - 000131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2017-09-19 16:04 - 2014-10-29 03:27 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HelpPaneProxy.dll
2017-09-19 16:04 - 2014-10-29 03:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\signdrv.dll
2017-09-19 16:04 - 2014-10-29 03:26 - 000182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\p2pnetsh.dll
2017-09-19 16:04 - 2014-10-29 03:26 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAuthn.exe
2017-09-19 16:04 - 2014-10-29 03:26 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uicom.dll
2017-09-19 16:04 - 2014-10-29 03:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 001812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 001058816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certreq.exe
2017-09-19 16:04 - 2014-10-29 03:25 - 000236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrdc.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2017-09-19 16:04 - 2014-10-29 03:25 - 000136704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlhtml.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2017-09-19 16:04 - 2014-10-29 03:25 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmlfilter.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkitemfactory.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tpmcompc.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtffilt.dll
2017-09-19 16:04 - 2014-10-29 03:25 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2017-09-19 16:04 - 2014-10-29 03:24 - 002364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-19 16:04 - 2014-10-29 03:24 - 001335296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2017-09-19 16:04 - 2014-10-29 03:24 - 000902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2017-09-19 16:04 - 2014-10-29 03:24 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2017-09-19 16:04 - 2014-10-29 03:24 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2017-09-19 16:04 - 2014-10-29 03:24 - 000446976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiashext.dll
2017-09-19 16:04 - 2014-10-29 03:24 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2017-09-19 16:04 - 2014-10-29 03:24 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWiaCompat.dll
2017-09-19 16:04 - 2014-10-29 03:24 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-09-19 16:04 - 2014-10-29 03:23 - 001826304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2017-09-19 16:04 - 2014-10-29 03:23 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2017-09-19 16:04 - 2014-10-29 03:23 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlandlg.dll
2017-09-19 16:04 - 2014-10-29 03:23 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2017-09-19 16:04 - 2014-10-29 03:23 - 000107008 _____ C:\Windows\SysWOW64\OEMLicense.dll
2017-09-19 16:04 - 2014-10-29 03:23 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2017-09-19 16:04 - 2014-10-29 03:23 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkspbrokerAx.dll
2017-09-19 16:04 - 2014-10-29 03:22 - 002551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2017-09-19 16:04 - 2014-10-29 03:22 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2017-09-19 16:04 - 2014-10-29 03:22 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rekeywiz.exe
2017-09-19 16:04 - 2014-10-29 03:22 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmInit.exe
2017-09-19 16:04 - 2014-10-29 03:22 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2017-09-19 16:04 - 2014-10-29 03:21 - 000150016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidx.dll
2017-09-19 16:04 - 2014-10-29 03:20 - 000770048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsecsnp.dll
2017-09-19 16:04 - 2014-10-29 03:20 - 000558080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2017-09-19 16:04 - 2014-10-29 03:20 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2017-09-19 16:04 - 2014-10-29 03:20 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-09-19 16:04 - 2014-10-29 03:20 - 000264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2017-09-19 16:04 - 2014-10-29 03:20 - 000229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2017-09-19 16:04 - 2014-10-29 03:20 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\L2SecHC.dll
2017-09-19 16:04 - 2014-10-29 03:20 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapimig.exe
2017-09-19 16:04 - 2014-10-29 03:20 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthExt.dll
2017-09-19 16:04 - 2014-10-29 03:19 - 002714624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-09-19 16:04 - 2014-10-29 03:19 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2017-09-19 16:04 - 2014-10-29 03:19 - 000621568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsFilt.dll
2017-09-19 16:04 - 2014-10-29 03:19 - 000465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-09-19 16:04 - 2014-10-29 03:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2017-09-19 16:04 - 2014-10-29 03:18 - 001984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2017-09-19 16:04 - 2014-10-29 03:18 - 000967680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2017-09-19 16:04 - 2014-10-29 03:18 - 000281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2017-09-19 16:04 - 2014-10-29 03:18 - 000274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2017-09-19 16:04 - 2014-10-29 03:17 - 001402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-09-19 16:04 - 2014-10-29 03:17 - 001296896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\connect.dll
2017-09-19 16:04 - 2014-10-29 03:17 - 000439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2017-09-19 16:04 - 2014-10-29 03:17 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2017-09-19 16:04 - 2014-10-29 03:17 - 000114688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-09-19 16:04 - 2014-10-29 03:16 - 001669632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2017-09-19 16:04 - 2014-10-29 03:16 - 000795136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2017-09-19 16:04 - 2014-10-29 03:16 - 000675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2017-09-19 16:04 - 2014-10-29 03:16 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2017-09-19 16:04 - 2014-10-29 03:16 - 000291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll
2017-09-19 16:04 - 2014-10-29 03:16 - 000198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msoeacct.dll
2017-09-19 16:04 - 2014-10-29 03:16 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-09-19 16:04 - 2014-10-29 03:15 - 000809472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-09-19 16:04 - 2014-10-29 03:15 - 000671744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2017-09-19 16:04 - 2014-10-29 03:14 - 003553280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-09-19 16:04 - 2014-10-29 03:14 - 000609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-09-19 16:04 - 2014-10-29 03:14 - 000288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2017-09-19 16:04 - 2014-10-29 03:14 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msoert2.dll
2017-09-19 16:04 - 2014-10-29 03:13 - 000219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll
2017-09-19 16:04 - 2014-10-29 03:12 - 001969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2017-09-19 16:04 - 2014-10-29 03:12 - 000371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2017-09-19 16:04 - 2014-10-29 03:12 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollUI.dll
2017-09-19 16:04 - 2014-10-29 03:11 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efsadu.dll
2017-09-19 16:04 - 2014-10-29 03:08 - 002174976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-09-19 16:04 - 2014-10-29 03:08 - 001478144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2017-09-19 16:04 - 2014-10-29 03:08 - 000881664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-09-19 16:04 - 2014-10-29 03:08 - 000412672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2017-09-19 16:04 - 2014-10-29 03:07 - 001197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2017-09-19 16:04 - 2014-10-29 03:07 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2017-09-19 16:04 - 2014-10-29 03:07 - 000192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unregmp2.exe
2017-09-19 16:04 - 2014-10-29 03:06 - 000301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2017-09-19 16:04 - 2014-10-29 03:06 - 000245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2017-09-19 16:04 - 2014-10-29 03:06 - 000102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2017-09-19 16:04 - 2014-10-29 03:06 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2017-09-19 16:04 - 2014-10-29 03:06 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiclnt.dll
2017-09-19 16:04 - 2014-10-29 03:06 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2017-09-19 16:04 - 2014-10-29 03:06 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapi.dll
2017-09-19 16:04 - 2014-10-29 03:06 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprext.dll
2017-09-19 16:04 - 2014-10-29 03:06 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2017-09-19 16:04 - 2014-10-29 03:06 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dabapi.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 003273216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000589824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elslad.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_G18030.DLL
2017-09-19 16:04 - 2014-10-29 03:05 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprmsg.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspatchc.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\reg.exe
2017-09-19 16:04 - 2014-10-29 03:05 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sc.exe
2017-09-19 16:04 - 2014-10-29 03:05 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2017-09-19 16:04 - 2014-10-29 03:05 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mskeyprotect.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfscli.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspatcha.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Websocket.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vidcap.ax
2017-09-19 16:04 - 2014-10-29 03:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icacls.exe
2017-09-19 16:04 - 2014-10-29 03:05 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32topl.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2017-09-19 16:04 - 2014-10-29 03:05 - 000027648 _____ (Microsoft Corporation)


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů