Rootkity,PC sa samo reštartuje.. Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 09:59

[2015.08.02 17:33:25 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmidx.dll
[2015.08.02 17:33:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msnetobj.dll
[2015.08.02 17:33:24 | 001,548,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NlsData0000.dll
[2015.08.02 17:33:24 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp60.dll
[2015.08.02 17:33:24 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\das.dll
[2015.08.02 17:33:24 | 000,348,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\verifier.dll
[2015.08.02 17:33:24 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scansetting.dll
[2015.08.02 17:33:24 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2015.08.02 17:33:24 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\itircl.dll
[2015.08.02 17:33:24 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2015.08.02 17:33:24 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\itircl.dll
[2015.08.02 17:33:24 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskpart.exe
[2015.08.02 17:33:24 | 000,132,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTWorkQ.dll
[2015.08.02 17:33:23 | 000,846,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnify.exe
[2015.08.02 17:33:23 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\localsec.dll
[2015.08.02 17:33:23 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvecpl.dll
[2015.08.02 17:33:23 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scansetting.dll
[2015.08.02 17:33:23 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2015.08.02 17:33:23 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFPlatform.dll
[2015.08.02 17:33:23 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmitomi.dll
[2015.08.02 17:33:23 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2015.08.02 17:33:23 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IDStore.dll
[2015.08.02 17:33:22 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shwebsvc.dll
[2015.08.02 17:33:22 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dxdiagn.dll
[2015.08.02 17:33:22 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TtlsCfg.dll
[2015.08.02 17:33:22 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2015.08.02 17:33:22 | 000,183,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2015.08.02 17:33:22 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2015.08.02 17:33:22 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ufat.dll
[2015.08.02 17:33:21 | 000,779,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnify.exe
[2015.08.02 17:33:21 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiadefui.dll
[2015.08.02 17:33:21 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxclu.dll
[2015.08.02 17:33:21 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DafPrintProvider.dll
[2015.08.02 17:33:21 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsadmin.exe
[2015.08.02 17:33:21 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutil.dll
[2015.08.02 17:33:21 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2015.08.02 17:33:21 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uudf.dll
[2015.08.02 17:33:21 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shacct.dll
[2015.08.02 17:33:21 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uudf.dll
[2015.08.02 17:33:20 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanui.dll
[2015.08.02 17:33:20 | 000,278,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wkspbroker.exe
[2015.08.02 17:33:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2015.08.02 17:33:20 | 000,196,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntmarta.dll
[2015.08.02 17:33:20 | 000,184,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2015.08.02 17:33:20 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.DeviceEncryptionHandlers.dll
[2015.08.02 17:33:20 | 000,145,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cabinet.dll
[2015.08.02 17:33:20 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2015.08.02 17:33:20 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmstyle.dll
[2015.08.02 17:33:20 | 000,022,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PurchaseWindowsLicense.exe
[2015.08.02 17:33:20 | 000,017,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psapi.dll
[2015.08.02 17:33:19 | 001,207,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2015.08.02 17:33:19 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll
[2015.08.02 17:33:19 | 000,216,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVol.exe
[2015.08.02 17:33:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2015.08.02 17:33:19 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fundisc.dll
[2015.08.02 17:33:19 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mibincodec.dll
[2015.08.02 17:33:19 | 000,116,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dxva2.dll
[2015.08.02 17:33:18 | 000,849,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontext.dll
[2015.08.02 17:33:18 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\psr.exe
[2015.08.02 17:33:18 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dxdiag.exe
[2015.08.02 17:33:18 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wavemsp.dll
[2015.08.02 17:33:18 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\schtasks.exe
[2015.08.02 17:33:18 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdListen.dll
[2015.08.02 17:33:18 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cic.dll
[2015.08.02 17:33:18 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devobj.dll
[2015.08.02 17:33:18 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2015.08.02 17:33:18 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\biwinrt.dll
[2015.08.02 17:33:17 | 001,296,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\connect.dll
[2015.08.02 17:33:17 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontext.dll
[2015.08.02 17:33:17 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsquery.dll
[2015.08.02 17:33:17 | 000,371,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\verifier.dll
[2015.08.02 17:33:17 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxdiag.exe
[2015.08.02 17:33:17 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlhtml.dll
[2015.08.02 17:33:17 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdiageng.dll
[2015.08.02 17:33:17 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSyncProviders.dll
[2015.08.02 17:33:17 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msched.dll
[2015.08.02 17:33:17 | 000,111,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTWorkQ.dll
[2015.08.02 17:33:16 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NAPSTAT.EXE
[2015.08.02 17:33:16 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3gpui.dll
[2015.08.02 17:33:16 | 000,275,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MPG4DECD.DLL
[2015.08.02 17:33:16 | 000,274,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP43DECD.DLL
[2015.08.02 17:33:16 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QAGENT.DLL
[2015.08.02 17:33:16 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdiageng.dll
[2015.08.02 17:33:16 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\softkbd.dll
[2015.08.02 17:33:16 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2015.08.02 17:33:16 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2015.08.02 17:33:16 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmusic.dll
[2015.08.02 17:33:16 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfui.dll
[2015.08.02 17:33:16 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2015.08.02 17:33:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Workplace.WorkplaceSettings.dll
[2015.08.02 17:33:15 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RADCUI.dll
[2015.08.02 17:33:15 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2015.08.02 17:33:15 | 000,190,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVol.exe
[2015.08.02 17:33:15 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrdc.dll
[2015.08.02 17:33:15 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PortableDeviceWiaCompat.dll
[2015.08.02 17:33:15 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SPInf.dll
[2015.08.02 17:33:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkStatus.dll
[2015.08.02 17:33:15 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\psisrndr.ax
[2015.08.02 17:33:14 | 002,118,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsCpl.dll
[2015.08.02 17:33:14 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2015.08.02 17:33:14 | 000,250,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MPG4DECD.DLL
[2015.08.02 17:33:14 | 000,248,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP43DECD.DLL
[2015.08.02 17:33:14 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionQueue.dll
[2015.08.02 17:33:14 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provthrd.dll
[2015.08.02 17:33:14 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2015.08.02 17:33:14 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.Compression.dll
[2015.08.02 17:33:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlancfg.dll
[2015.08.02 17:33:14 | 000,134,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmmbase.dll
[2015.08.02 17:33:14 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msnetobj.dll
[2015.08.02 17:33:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ufat.dll
[2015.08.02 17:33:13 | 000,601,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psr.exe
[2015.08.02 17:33:13 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shwebsvc.dll
[2015.08.02 17:33:13 | 000,382,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2015.08.02 17:33:13 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2015.08.02 17:33:13 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\elshyph.dll
[2015.08.02 17:33:13 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TetheringStation.dll
[2015.08.02 17:33:13 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssha.dll
[2015.08.02 17:33:13 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmitomi.dll
[2015.08.02 17:33:13 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imapi.dll
[2015.08.02 17:33:13 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\softkbd.dll
[2015.08.02 17:33:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnetlib.dll
[2015.08.02 17:33:13 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AltTab.dll
[2015.08.02 17:33:13 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfui.dll
[2015.08.02 17:33:12 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiadefui.dll
[2015.08.02 17:33:12 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsquery.dll
[2015.08.02 17:33:12 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\difxapi.dll
[2015.08.02 17:33:12 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esentutl.exe
[2015.08.02 17:33:12 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drt.dll
[2015.08.02 17:33:12 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowslivelogin.dll
[2015.08.02 17:33:12 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2015.08.02 17:33:12 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\auditcse.dll
[2015.08.02 17:33:12 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dskquoui.dll
[2015.08.02 17:33:12 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll
[2015.08.02 17:33:11 | 001,197,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcenter.dll
[2015.08.02 17:33:11 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxclu.dll
[2015.08.02 17:33:11 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2015.08.02 17:33:11 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\els.dll
[2015.08.02 17:33:11 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2015.08.02 17:33:11 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TtlsAuth.dll
[2015.08.02 17:33:11 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\schtasks.exe
[2015.08.02 17:33:11 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2015.08.02 17:33:11 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsprop.dll
[2015.08.02 17:33:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinSyncProviders.dll
[2015.08.02 17:33:10 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsdyn.dll
[2015.08.02 17:33:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\unattend.dll
[2015.08.02 17:33:10 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DafPrintProvider.dll
[2015.08.02 17:33:10 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll
[2015.08.02 17:33:10 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsprop.dll
[2015.08.02 17:33:10 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContent.dll
[2015.08.02 17:33:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\negoexts.dll
[2015.08.02 17:33:10 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\negoexts.dll
[2015.08.02 17:33:10 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\atl.dll
[2015.08.02 17:33:10 | 000,105,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mpr.dll
[2015.08.02 17:33:09 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveui.dll
[2015.08.02 17:33:09 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dot3gpui.dll
[2015.08.02 17:33:09 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcorehc.dll
[2015.08.02 17:33:09 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Enumeration.dll
[2015.08.02 17:33:09 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssadmin.exe
[2015.08.02 17:33:09 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqlcecompact40.dll
[2015.08.02 17:33:09 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tpmvscmgrsvr.exe
[2015.08.02 17:33:09 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rmttpmvscmgrsvr.exe
[2015.08.02 17:33:09 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmusic.dll
[2015.08.02 17:33:08 | 003,317,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2015.08.02 17:33:08 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthHFSrv.dll
[2015.08.02 17:33:08 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eudcedit.exe
[2015.08.02 17:33:08 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mycomput.dll
[2015.08.02 17:33:08 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\els.dll
[2015.08.02 17:33:08 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PortableDeviceSyncProvider.dll
[2015.08.02 17:33:08 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\immersivetpmvscmgrsvr.exe
[2015.08.02 17:33:08 | 000,120,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2015.08.02 17:33:08 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSTPager.ax
[2015.08.02 17:33:07 | 000,299,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2015.08.02 17:33:07 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndfapi.dll
[2015.08.02 17:33:07 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2015.08.02 17:33:07 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mlang.dll
[2015.08.02 17:33:07 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drt.dll
[2015.08.02 17:33:07 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSWB7.dll
[2015.08.02 17:33:07 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdWSD.dll
[2015.08.02 17:33:07 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\txflog.dll
[2015.08.02 17:33:06 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2015.08.02 17:33:06 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl
[2015.08.02 17:33:06 | 000,229,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2015.08.02 17:33:06 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PortableDeviceWMDRM.dll
[2015.08.02 17:33:06 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsadmin.exe
[2015.08.02 17:33:06 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdWSD.dll
[2015.08.02 17:33:06 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Tabbtn.dll
[2015.08.02 17:33:06 | 000,153,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2015.08.02 17:33:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhshl.dll
[2015.08.02 17:33:06 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2015.08.02 17:33:05 | 000,465,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2015.08.02 17:33:05 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spp.dll
[2015.08.02 17:33:05 | 000,246,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2015.08.02 17:33:05 | 000,210,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imm32.dll
[2015.08.02 17:33:05 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll
[2015.08.02 17:33:05 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ssText3d.scr
[2015.08.02 17:33:05 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SimCfg.dll
[2015.08.02 17:33:05 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
[2015.08.02 17:33:05 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VBICodec.ax
[2015.08.02 17:33:05 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2015.08.02 17:33:05 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cca.dll
[2015.08.02 17:33:04 | 001,157,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcenter.dll
[2015.08.02 17:33:04 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2015.08.02 17:33:04 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpdxm.dll
[2015.08.02 17:33:04 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSSync.dll
[2015.08.02 17:33:04 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2015.08.02 17:33:04 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tpmvscmgr.exe
[2015.08.02 17:33:04 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Kswdmcap.ax
[2015.08.02 17:33:04 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BrokerLib.dll
[2015.08.02 17:33:04 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\biwinrt.dll
[2015.08.02 17:33:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConfigureExpandedStorage.dll
[2015.08.02 17:33:03 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2015.08.02 17:33:03 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcpipcfg.dll
[2015.08.02 17:33:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2015.08.02 17:33:03 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tcpipcfg.dll
[2015.08.02 17:33:03 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2015.08.02 17:33:03 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSDvbNP.ax
[2015.08.02 17:33:02 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanui.dll
[2015.08.02 17:33:02 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ssText3d.scr
[2015.08.02 17:33:02 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rgb9rast.dll
[2015.08.02 17:33:02 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\imapi.dll
[2015.08.02 17:33:02 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Mpeg2Data.ax
[2015.08.02 17:33:02 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2015.08.02 17:33:02 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\amstream.dll
[2015.08.02 17:33:02 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Management.Workplace.WorkplaceSettings.dll
[2015.08.02 17:33:01 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmcbase.dll
[2015.08.02 17:33:01 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\polstore.dll
[2015.08.02 17:33:01 | 000,203,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2015.08.02 17:33:01 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmidcom.dll
[2015.08.02 17:33:01 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SSShim.dll
[2015.08.02 17:33:01 | 000,135,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2015.08.02 17:33:01 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll
[2015.08.02 17:33:01 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[2015.08.02 17:33:01 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WPDShServiceObj.dll
[2015.08.02 17:33:00 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasppp.dll
[2015.08.02 17:33:00 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cic.dll
[2015.08.02 17:33:00 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\globinputhost.dll
[2015.08.02 17:33:00 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twext.dll
[2015.08.02 17:33:00 | 000,148,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2015.08.02 17:33:00 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2015.08.02 17:33:00 | 000,111,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RestoreOptIn.exe
[2015.08.02 17:33:00 | 000,105,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2015.08.02 17:33:00 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bdaplgin.ax
[2015.08.02 17:32:59 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Vault.dll
[2015.08.02 17:32:59 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercpl.dll
[2015.08.02 17:32:59 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercpl.dll
[2015.08.02 17:32:59 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prnntfy.dll
[2015.08.02 17:32:59 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apds.dll
[2015.08.02 17:32:59 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2015.08.02 17:32:59 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prnntfy.dll
[2015.08.02 17:32:59 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dinput.dll
[2015.08.02 17:32:59 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxoci.dll
[2015.08.02 17:32:59 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdeploy.dll
[2015.08.02 17:32:59 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2015.08.02 17:32:59 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtstocom.exe
[2015.08.02 17:32:59 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2015.08.02 17:32:59 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\txflog.dll
[2015.08.02 17:32:58 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adsldpc.dll
[2015.08.02 17:32:58 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2015.08.02 17:32:58 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mimofcodec.dll
[2015.08.02 17:32:58 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll
[2015.08.02 17:32:58 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dinput.dll
[2015.08.02 17:32:58 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chartv.dll
[2015.08.02 17:32:58 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rshx32.dll
[2015.08.02 17:32:58 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comrepl.dll
[2015.08.02 17:32:58 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnetlib.dll
[2015.08.02 17:32:58 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll
[2015.08.02 17:32:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSTPager.ax
[2015.08.02 17:32:58 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\amstream.dll
[2015.08.02 17:32:57 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll
[2015.08.02 17:32:57 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbadmin.exe
[2015.08.02 17:32:57 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2015.08.02 17:32:57 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2015.08.02 17:32:57 | 000,177,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2015.08.02 17:32:57 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaatext.dll
[2015.08.02 17:32:57 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmpdxm.dll
[2015.08.02 17:32:57 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlhtml.dll
[2015.08.02 17:32:57 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtstocom.exe
[2015.08.02 17:32:57 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2015.08.02 17:32:57 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\olethk32.dll
[2015.08.02 17:32:57 | 000,089,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2015.08.02 17:32:56 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Winlangdb.dll
[2015.08.02 17:32:56 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstask.dll
[2015.08.02 17:32:56 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\elshyph.dll
[2015.08.02 17:32:56 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xwtpw32.dll
[2015.08.02 17:32:56 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rshx32.dll
[2015.08.02 17:32:56 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2015.08.02 17:32:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtfwd.dll
[2015.08.02 17:32:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comrepl.dll
[2015.08.02 17:32:56 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmcompos.dll
[2015.08.02 17:32:55 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\logoncli.dll
[2015.08.02 17:32:55 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dskquota.dll
[2015.08.02 17:32:55 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqlcecompact40.dll
[2015.08.02 17:32:55 | 000,099,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP3DMOD.DLL
[2015.08.02 17:32:55 | 000,094,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RestoreOptIn.exe
[2015.08.02 17:32:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dllhst3g.exe
[2015.08.02 17:32:54 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2015.08.02 17:32:54 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2015.08.02 17:32:54 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fde.dll
[2015.08.02 17:32:54 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtm.dll
[2015.08.02 17:32:54 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fms.dll
[2015.08.02 17:32:54 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Kswdmcap.ax
[2015.08.02 17:32:54 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.WiFiDirect.dll
[2015.08.02 17:32:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Mpeg2Data.ax
[2015.08.02 17:32:54 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cca.dll
[2015.08.02 17:32:54 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msasn1.dll
[2015.08.02 17:32:53 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\timedate.cpl
[2015.08.02 17:32:53 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmdlgs.dll
[2015.08.02 17:32:53 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\p2pnetsh.dll
[2015.08.02 17:32:53 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinRtTracing.dll
[2015.08.02 17:32:52 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2015.08.02 17:32:52 | 000,605,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2015.08.02 17:32:52 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2015.08.02 17:32:52 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiapi.dll
[2015.08.02 17:32:52 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\p2pnetsh.dll
[2015.08.02 17:32:52 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\QAGENT.DLL
[2015.08.02 17:32:52 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SimCfg.dll
[2015.08.02 17:32:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PortableDeviceWiaCompat.dll
[2015.08.02 17:32:52 | 000,089,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2015.08.02 17:32:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSDvbNP.ax
[2015.08.02 17:32:51 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmcbase.dll
[2015.08.02 17:32:51 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntprint.dll
[2015.08.02 17:32:51 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NAPSTAT.EXE
[2015.08.02 17:32:51 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mycomput.dll
[2015.08.02 17:32:51 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiapi.dll
[2015.08.02 17:32:51 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fde.dll
[2015.08.02 17:32:51 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmidcom.dll
[2015.08.02 17:32:51 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twext.dll
[2015.08.02 17:32:51 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wkspbrokerAx.dll
[2015.08.02 17:32:51 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oledlg.dll
[2015.08.02 17:32:50 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2015.08.02 17:32:50 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVolSSO.dll
[2015.08.02 17:32:50 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.HostName.dll
[2015.08.02 17:32:50 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TtlsAuth.dll
[2015.08.02 17:32:50 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiadss.dll
[2015.08.02 17:32:50 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\advpack.dll
[2015.08.02 17:32:50 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdprov.dll
[2015.08.02 17:32:50 | 000,081,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\devenum.dll
[2015.08.02 17:32:49 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\logoncli.dll
[2015.08.02 17:32:49 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmgp.dll
[2015.08.02 17:32:49 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SoundRecorder.exe
[2015.08.02 17:32:49 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtclog.dll
[2015.08.02 17:32:49 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxoci.dll
[2015.08.02 17:32:49 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CallButtons.dll
[2015.08.02 17:32:48 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmdial32.dll
[2015.08.02 17:32:48 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndfapi.dll
[2015.08.02 17:32:48 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remotepg.dll
[2015.08.02 17:32:48 | 000,165,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntasn1.dll
[2015.08.02 17:32:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advpack.dll
[2015.08.02 17:32:48 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2015.08.02 17:32:48 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll
[2015.08.02 17:32:48 | 000,089,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfvdsp.dll
[2015.08.02 17:32:47 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2015.08.02 17:32:47 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2015.08.02 17:32:47 | 000,224,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntasn1.dll
[2015.08.02 17:32:47 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscript.exe
[2015.08.02 17:32:47 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdeploy.dll
[2015.08.02 17:32:47 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmscript.dll
[2015.08.02 17:32:47 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2015.08.02 17:32:46 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2015.08.02 17:32:46 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\P2P.dll
[2015.08.02 17:32:46 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\desk.cpl
[2015.08.02 17:32:46 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdiagprv.dll
[2015.08.02 17:32:46 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\net1.exe
[2015.08.02 17:32:46 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiadss.dll
[2015.08.02 17:32:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\chartv.dll
[2015.08.02 17:32:46 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
[2015.08.02 17:32:46 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\loadperf.dll
[2015.08.02 17:32:46 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\radardt.dll
[2015.08.02 17:32:45 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionCenterCPL.dll
[2015.08.02 17:32:45 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptuiwizard.dll
[2015.08.02 17:32:45 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xwtpw32.dll
[2015.08.02 17:32:45 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rekeywiz.exe
[2015.08.02 17:32:45 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vaultcli.dll
[2015.08.02 17:32:45 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kstvtune.ax
[2015.08.02 17:32:45 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdWCN.dll
[2015.08.02 17:32:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\avifil32.dll
[2015.08.02 17:32:44 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl
[2015.08.02 17:32:44 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl
[2015.08.02 17:32:44 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WLanHC.dll
[2015.08.02 17:32:44 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlancfg.dll
[2015.08.02 17:32:44 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PortableDeviceWMDRM.dll
[2015.08.02 17:32:44 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpdMtpUS.dll
[2015.08.02 17:32:44 | 000,126,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmm.dll
[2015.08.02 17:32:44 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msoert2.dll
[2015.08.02 17:32:44 | 000,113,664 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\SMBHelperClass.dll
[2015.08.02 17:32:44 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2015.08.02 17:32:44 | 000,090,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devenum.dll
[2015.08.02 17:32:44 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Sockets.PushEnabledApplication.dll
[2015.08.02 17:32:43 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2015.08.02 17:32:43 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstask.dll
[2015.08.02 17:32:43 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsicpl.dll
[2015.08.02 17:32:43 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl
[2015.08.02 17:32:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafupnp.dll
[2015.08.02 17:32:43 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.Compression.dll
[2015.08.02 17:32:43 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dskquota.dll
[2015.08.02 17:32:43 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adsmsext.dll
[2015.08.02 17:32:42 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adsldpc.dll
[2015.08.02 17:32:42 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unregmp2.exe
[2015.08.02 17:32:42 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdiagprv.dll
[2015.08.02 17:32:42 | 000,092,672 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\VaultRoaming.dll
[2015.08.02 17:32:41 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certca.dll
[2015.08.02 17:32:41 | 000,528,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActionCenterCPL.dll
[2015.08.02 17:32:41 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dot3ui.dll
[2015.08.02 17:32:41 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2015.08.02 17:32:41 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl
[2015.08.02 17:32:41 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windowslivelogin.dll
[2015.08.02 17:32:41 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XPSSHHDR.dll
[2015.08.02 17:32:41 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TabbtnEx.dll
[2015.08.02 17:32:41 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bdaplgin.ax
[2015.08.02 17:32:41 | 000,076,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfvdsp.dll
[2015.08.02 17:32:40 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsuiext.dll
[2015.08.02 17:32:40 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RASMM.dll
[2015.08.02 17:32:40 | 000,191,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2015.08.02 17:32:40 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prncache.dll
[2015.08.02 17:32:40 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\avifil32.dll
[2015.08.02 17:32:40 | 000,116,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP3DMOD.DLL
[2015.08.02 17:32:40 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskkill.exe
[2015.08.02 17:32:40 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adsmsext.dll
[2015.08.02 17:32:40 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndishc.dll
[2015.08.02 17:32:40 | 000,093,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Credentials.UI.CredentialPicker.dll
[2015.08.02 17:32:40 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[2015.08.02 17:32:39 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsuiext.dll
[2015.08.02 17:32:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raschap.dll
[2015.08.02 17:32:39 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2015.08.02 17:32:39 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remotepg.dll
[2015.08.02 17:32:39 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icsigd.dll
[2015.08.02 17:32:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvenotify.exe
[2015.08.02 17:32:39 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\verifier.exe
[2015.08.02 17:32:39 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnshc.dll
[2015.08.02 17:32:38 | 000,898,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdclt.exe
[2015.08.02 17:32:38 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll
[2015.08.02 17:32:38 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmgp.dll
[2015.08.02 17:32:38 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2015.08.02 17:32:38 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityCommon.dll
[2015.08.02 17:32:38 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PortableDeviceClassExtension.dll
[2015.08.02 17:32:38 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBroker.dll
[2015.08.02 17:32:38 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaatext.dll
[2015.08.02 17:32:38 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SSShim.dll
[2015.08.02 17:32:38 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbccp32.dll
[2015.08.02 17:32:38 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdSSDP.dll
[2015.08.02 17:32:37 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\timedate.cpl
[2015.08.02 17:32:37 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2015.08.02 17:32:37 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceMetadataRetrievalClient.dll
[2015.08.02 17:32:37 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrahc.dll
[2015.08.02 17:32:37 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptcatsvc.dll
[2015.08.02 17:32:37 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oleprn.dll
[2015.08.02 17:32:37 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kstvtune.ax
[2015.08.02 17:32:37 | 000,080,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2015.08.02 17:32:36 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dccw.exe
[2015.08.02 17:32:36 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\P2P.dll
[2015.08.02 17:32:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvfw32.dll
[2015.08.02 17:32:36 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvc.dll
[2015.08.02 17:32:36 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndfhcdiscovery.dll
[2015.08.02 17:32:36 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2015.08.02 17:32:36 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmifw.dll
[2015.08.02 17:32:36 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wkspbrokerAx.dll
[2015.08.02 17:32:36 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmifw.dll
[2015.08.02 17:32:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AepRoam.dll
[2015.08.02 17:32:36 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ddrawex.dll
[2015.08.02 17:32:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndfetw.dll
[2015.08.02 17:32:35 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiashext.dll
[2015.08.02 17:32:35 | 000,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PortableDeviceStatus.dll
[2015.08.02 17:32:35 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MicrosoftAccountTokenProvider.dll
[2015.08.02 17:32:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleprn.dll
[2015.08.02 17:32:35 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2015.08.02 17:32:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uexfat.dll
[2015.08.02 17:32:35 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wecapi.dll
[2015.08.02 17:32:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uexfat.dll
[2015.08.02 17:32:35 | 000,073,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Credentials.UI.CredentialPicker.dll
[2015.08.02 17:32:35 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spoolss.dll
[2015.08.02 17:32:34 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiashext.dll
[2015.08.02 17:32:34 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eudcedit.exe
[2015.08.02 17:32:34 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EhStorShell.dll
[2015.08.02 17:32:34 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smbwmiv2.dll
[2015.08.02 17:32:34 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rekeywiz.exe
[2015.08.02 17:32:34 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fms.dll
[2015.08.02 17:32:34 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmstp.exe
[2015.08.02 17:32:34 | 000,084,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2015.08.02 17:32:33 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2015.08.02 17:32:33 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RstrtMgr.dll
[2015.08.02 17:32:33 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raserver.exe
Nahoru
Reklama
Top
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 09:59

[2015.08.02 17:32:33 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinMsoIrmProtector.dll
[2015.08.02 17:32:33 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinOpcIrmProtector.dll
[2015.08.02 17:32:33 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBroker.dll
[2015.08.02 17:32:33 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2015.08.02 17:32:33 | 000,097,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdll.dll
[2015.08.02 17:32:33 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shsetup.dll
[2015.08.02 17:32:33 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksxbar.ax
[2015.08.02 17:32:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ELSCore.dll
[2015.08.02 17:32:33 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devrtl.dll
[2015.08.02 17:32:33 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ssdpapi.dll
[2015.08.02 17:32:32 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Winlangdb.dll
[2015.08.02 17:32:32 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PkgMgr.exe
[2015.08.02 17:32:32 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2015.08.02 17:32:32 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSXP32.dll
[2015.08.02 17:32:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SPInf.dll
[2015.08.02 17:32:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prvdmofcomp.dll
[2015.08.02 17:32:32 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CallButtons.dll
[2015.08.02 17:32:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthRadioMedia.dll
[2015.08.02 17:32:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ELSCore.dll
[2015.08.02 17:32:31 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3ui.dll
[2015.08.02 17:32:31 | 000,197,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssenh.dll
[2015.08.02 17:32:31 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsdmo.dll
[2015.08.02 17:32:31 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Devices.dll
[2015.08.02 17:32:31 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDSAppXHelper.dll
[2015.08.02 17:32:31 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Devices.dll
[2015.08.02 17:32:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2015.08.02 17:32:31 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Custom.dll
[2015.08.02 17:32:30 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\modemui.dll
[2015.08.02 17:32:30 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\desk.cpl
[2015.08.02 17:32:30 | 000,168,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\basecsp.dll
[2015.08.02 17:32:30 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.HostName.dll
[2015.08.02 17:32:30 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raserver.exe
[2015.08.02 17:32:30 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmjpegdec.dll
[2015.08.02 17:32:30 | 000,090,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfAACEnc.dll
[2015.08.02 17:32:30 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fmapi.dll
[2015.08.02 17:32:29 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2015.08.02 17:32:29 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unimdm.tsp
[2015.08.02 17:32:29 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SNTSearch.dll
[2015.08.02 17:32:29 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlandlg.dll
[2015.08.02 17:32:29 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\manage-bde.exe
[2015.08.02 17:32:29 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PortableDeviceClassExtension.dll
[2015.08.02 17:32:29 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWCN.dll
[2015.08.02 17:32:29 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\globinputhost.dll
[2015.08.02 17:32:29 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2015.08.02 17:32:29 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinRtTracing.dll
[2015.08.02 17:32:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe
[2015.08.02 17:32:28 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PortableDeviceStatus.dll
[2015.08.02 17:32:28 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10_1.dll
[2015.08.02 17:32:28 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdart.dll
[2015.08.02 17:32:28 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fphc.dll
[2015.08.02 17:32:28 | 000,110,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2015.08.02 17:32:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinMsoIrmProtector.dll
[2015.08.02 17:32:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2015.08.02 17:32:28 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinOpcIrmProtector.dll
[2015.08.02 17:32:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.WiFiDirect.dll
[2015.08.02 17:32:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ssdpapi.dll
[2015.08.02 17:32:28 | 000,018,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll
[2015.08.02 17:32:27 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pwlauncher.dll
[2015.08.02 17:32:27 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairingFolder.dll
[2015.08.02 17:32:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msorcl32.dll
[2015.08.02 17:32:27 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3mm.dll
[2015.08.02 17:32:27 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\logagent.exe
[2015.08.02 17:32:27 | 000,101,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfAACEnc.dll
[2015.08.02 17:32:27 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtfwd.dll
[2015.08.02 17:32:27 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Background.dll
[2015.08.02 17:32:26 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2015.08.02 17:32:26 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnApi.dll
[2015.08.02 17:32:26 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdBth.dll
[2015.08.02 17:32:26 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManagerAPI.dll
[2015.08.02 17:32:26 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceElementSource.dll
[2015.08.02 17:32:26 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2015.08.02 17:32:26 | 000,098,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OpenWith.exe
[2015.08.02 17:32:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\correngine.dll
[2015.08.02 17:32:26 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\systeminfo.exe
[2015.08.02 17:32:25 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dfrgui.exe
[2015.08.02 17:32:25 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msconfig.exe
[2015.08.02 17:32:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2015.08.02 17:32:25 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmview.ocx
[2015.08.02 17:32:25 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ProximityCommon.dll
[2015.08.02 17:32:25 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systeminfo.exe
[2015.08.02 17:32:25 | 000,085,504 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\SMBHelperClass.dll
[2015.08.02 17:32:25 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchapi.dll
[2015.08.02 17:32:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchph.dll
[2015.08.02 17:32:25 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\playlistfolder.dll
[2015.08.02 17:32:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ksxbar.ax
[2015.08.02 17:32:24 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\icsigd.dll
[2015.08.02 17:32:24 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxlib.dll
[2015.08.02 17:32:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtm.dll
[2015.08.02 17:32:24 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApi.dll
[2015.08.02 17:32:24 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glu32.dll
[2015.08.02 17:32:24 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mimofcodec.dll
[2015.08.02 17:32:24 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdart.dll
[2015.08.02 17:32:24 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vssadmin.exe
[2015.08.02 17:32:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wecutil.exe
[2015.08.02 17:32:24 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConsentUX.dll
[2015.08.02 17:32:24 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersGPExt.dll
[2015.08.02 17:32:24 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Sockets.PushEnabledApplication.dll
[2015.08.02 17:32:23 | 000,788,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Bubbles.scr
[2015.08.02 17:32:23 | 000,196,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basecsp.dll
[2015.08.02 17:32:23 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winethc.dll
[2015.08.02 17:32:23 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdBth.dll
[2015.08.02 17:32:23 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbccu32.dll
[2015.08.02 17:32:23 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbccr32.dll
[2015.08.02 17:32:23 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\logagent.exe
[2015.08.02 17:32:23 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\threadpoolwinrt.dll
[2015.08.02 17:32:22 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tapi32.dll
[2015.08.02 17:32:22 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairingFolder.dll
[2015.08.02 17:32:22 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbceip.dll
[2015.08.02 17:32:22 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidfdp.dll
[2015.08.02 17:32:22 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdSSDP.dll
[2015.08.02 17:32:22 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QUTIL.DLL
[2015.08.02 17:32:22 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EAPQEC.DLL
[2015.08.02 17:32:22 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IdCtrls.dll
[2015.08.02 17:32:22 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vaultcli.dll
[2015.08.02 17:32:22 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samcli.dll
[2015.08.02 17:32:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WABSyncProvider.dll
[2015.08.02 17:32:22 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\colbact.dll
[2015.08.02 17:32:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpninprc.dll
[2015.08.02 17:32:22 | 000,033,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2015.08.02 17:32:21 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cttune.exe
[2015.08.02 17:32:21 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sethc.exe
[2015.08.02 17:32:21 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2015.08.02 17:32:21 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Mystify.scr
[2015.08.02 17:32:21 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Ribbons.scr
[2015.08.02 17:32:21 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshom.ocx
[2015.08.02 17:32:21 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApi.dll
[2015.08.02 17:32:21 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2015.08.02 17:32:21 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbccu32.dll
[2015.08.02 17:32:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbccr32.dll
[2015.08.02 17:32:21 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsiwmi.dll
[2015.08.02 17:32:21 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\g711codc.ax
[2015.08.02 17:32:21 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscapi.dll
[2015.08.02 17:32:21 | 000,054,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdusb.dll
[2015.08.02 17:32:20 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EaseOfAccessDialog.exe
[2015.08.02 17:32:20 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glu32.dll
[2015.08.02 17:32:20 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RstrtMgr.dll
[2015.08.02 17:32:20 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SimAuth.dll
[2015.08.02 17:32:20 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAMM.dll
[2015.08.02 17:32:20 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmview.ocx
[2015.08.02 17:32:20 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Utilman.exe
[2015.08.02 17:32:20 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eqossnap.dll
[2015.08.02 17:32:19 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\unimdm.tsp
[2015.08.02 17:32:19 | 000,172,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_8086.dll
[2015.08.02 17:32:19 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\verifier.exe
[2015.08.02 17:32:19 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2015.08.02 17:32:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scripto.dll
[2015.08.02 17:32:18 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\L2SecHC.dll
[2015.08.02 17:32:18 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2015.08.02 17:32:18 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll
[2015.08.02 17:32:18 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scavengeui.dll
[2015.08.02 17:32:18 | 000,106,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msacm32.dll
[2015.08.02 17:32:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlahc.dll
[2015.08.02 17:32:18 | 000,091,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OpenWith.exe
[2015.08.02 17:32:18 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe
[2015.08.02 17:32:17 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Bubbles.scr
[2015.08.02 17:32:17 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\polstore.dll
[2015.08.02 17:32:17 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthprops.cpl
[2015.08.02 17:32:17 | 000,122,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptsp.dll
[2015.08.02 17:32:17 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmpshell.dll
[2015.08.02 17:32:17 | 000,070,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profapi.dll
[2015.08.02 17:32:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\networkitemfactory.dll
[2015.08.02 17:32:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xcopy.exe
[2015.08.02 17:32:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xcopy.exe
[2015.08.02 17:32:16 | 001,678,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\networkexplorer.dll
[2015.08.02 17:32:16 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\compstui.dll
[2015.08.02 17:32:16 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\korwbrkr.dll
[2015.08.02 17:32:16 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\syncui.dll
[2015.08.02 17:32:16 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdadiag.dll
[2015.08.02 17:32:16 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mi.dll
[2015.08.02 17:32:16 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmstp.exe
[2015.08.02 17:32:16 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\colbact.dll
[2015.08.02 17:32:16 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxdm.dll
[2015.08.02 17:32:15 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dccw.exe
[2015.08.02 17:32:15 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cttune.exe
[2015.08.02 17:32:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoplay.dll
[2015.08.02 17:32:15 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2015.08.02 17:32:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmjpegdec.dll
[2015.08.02 17:32:15 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupugc.exe
[2015.08.02 17:32:15 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Mystify.scr
[2015.08.02 17:32:15 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Ribbons.scr
[2015.08.02 17:32:15 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fphc.dll
[2015.08.02 17:32:15 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmInit.exe
[2015.08.02 17:32:15 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprovisionsp.dll
[2015.08.02 17:32:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Syncreg.dll
[2015.08.02 17:32:15 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdsdwmdr.dll
[2015.08.02 17:32:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsigd.dll
[2015.08.02 17:32:15 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConfigureExpandedStorage.dll
[2015.08.02 17:32:14 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlandlg.dll
[2015.08.02 17:32:14 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SimAuth.dll
[2015.08.02 17:32:14 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oledlg.dll
[2015.08.02 17:32:14 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2015.08.02 17:32:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\secproc_ssp_isv.dll
[2015.08.02 17:32:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\secproc_ssp.dll
[2015.08.02 17:32:14 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\igdDiag.dll
[2015.08.02 17:32:14 | 000,076,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sessionmsg.exe
[2015.08.02 17:32:14 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertPolEng.dll
[2015.08.02 17:32:14 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nduprov.dll
[2015.08.02 17:32:14 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Custom.dll
[2015.08.02 17:32:14 | 000,030,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogHost.exe
[2015.08.02 17:32:13 | 001,129,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl
[2015.08.02 17:32:13 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshipsec.dll
[2015.08.02 17:32:13 | 000,277,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powrprof.dll
[2015.08.02 17:32:13 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\korwbrkr.dll
[2015.08.02 17:32:13 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profprov.dll
[2015.08.02 17:32:13 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mi.dll
[2015.08.02 17:32:13 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiascanprofiles.dll
[2015.08.02 17:32:13 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsockhc.dll
[2015.08.02 17:32:13 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertPolEng.dll
[2015.08.02 17:32:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3hc.dll
[2015.08.02 17:32:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\getmac.exe
[2015.08.02 17:32:12 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netid.dll
[2015.08.02 17:32:12 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\secproc_ssp_isv.dll
[2015.08.02 17:32:12 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\secproc_ssp.dll
[2015.08.02 17:32:12 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3api.dll
[2015.08.02 17:32:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Query.dll
[2015.08.02 17:32:12 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Syncreg.dll
[2015.08.02 17:32:12 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2015.08.02 17:32:12 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingHost.exe
[2015.08.02 17:32:12 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prvdmofcomp.dll
[2015.08.02 17:32:12 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gacinstall.dll
[2015.08.02 17:32:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sfc_os.dll
[2015.08.02 17:32:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsdmo.dll
[2015.08.02 17:32:11 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\charmap.exe
[2015.08.02 17:32:11 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpshell.dll
[2015.08.02 17:32:11 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\getmac.exe
[2015.08.02 17:32:11 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QCLIPROV.DLL
[2015.08.02 17:32:11 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanman.dll
[2015.08.02 17:32:11 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndishc.dll
[2015.08.02 17:32:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scripto.dll
[2015.08.02 17:32:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WABSyncProvider.dll
[2015.08.02 17:32:11 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\g711codc.ax
[2015.08.02 17:32:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbisurf.ax
[2015.08.02 17:32:10 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl
[2015.08.02 17:32:10 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\colorui.dll
[2015.08.02 17:32:10 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2015.08.02 17:32:10 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2015.08.02 17:32:10 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EhStorAPI.dll
[2015.08.02 17:32:10 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys
[2015.08.02 17:32:10 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WfHC.dll
[2015.08.02 17:32:10 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\synceng.dll
[2015.08.02 17:32:10 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2015.08.02 17:32:09 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\net1.exe
[2015.08.02 17:32:09 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoplay.dll
[2015.08.02 17:32:09 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\synceng.dll
[2015.08.02 17:32:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndfhcdiscovery.dll
[2015.08.02 17:32:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\olecli32.dll
[2015.08.02 17:32:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PortableDeviceConnectApi.dll
[2015.08.02 17:32:09 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\driverquery.exe
[2015.08.02 17:32:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\udhisapi.dll
[2015.08.02 17:32:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fmifs.dll
[2015.08.02 17:32:08 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\systemcpl.dll
[2015.08.02 17:32:08 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scksp.dll
[2015.08.02 17:32:08 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usbceip.dll
[2015.08.02 17:32:08 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshext.dll
[2015.08.02 17:32:08 | 000,067,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RpcRtRemote.dll
[2015.08.02 17:32:08 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbussdapi.dll
[2015.08.02 17:32:08 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wecapi.dll
[2015.08.02 17:32:08 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netprovisionsp.dll
[2015.08.02 17:32:07 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlansec.dll
[2015.08.02 17:32:07 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemcpl.dll
[2015.08.02 17:32:07 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dsui.dll
[2015.08.02 17:32:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\racpldlg.dll
[2015.08.02 17:32:07 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tasklist.exe
[2015.08.02 17:32:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WcnApi.dll
[2015.08.02 17:32:07 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Renewal.dll
[2015.08.02 17:32:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\loghours.dll
[2015.08.02 17:32:07 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Background.dll
[2015.08.02 17:32:07 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\threadpoolwinrt.dll
[2015.08.02 17:32:06 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rstrui.exe
[2015.08.02 17:32:06 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskbarcpl.dll
[2015.08.02 17:32:06 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fsutil.exe
[2015.08.02 17:32:06 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2015.08.02 17:32:06 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiascanprofiles.dll
[2015.08.02 17:32:06 | 000,086,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wkscli.dll
[2015.08.02 17:32:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cliconfg.dll
[2015.08.02 17:32:06 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\playlistfolder.dll
[2015.08.02 17:32:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConnectedAccountState.dll
[2015.08.02 17:32:06 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dssec.dll
[2015.08.02 17:32:05 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ocsetapi.dll
[2015.08.02 17:32:05 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MicrosoftAccountTokenProvider.dll
[2015.08.02 17:32:05 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2015.08.02 17:32:05 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwcfg.dll
[2015.08.02 17:32:05 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XPSSHHDR.dll
[2015.08.02 17:32:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[2015.08.02 17:32:05 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\makecab.exe
[2015.08.02 17:32:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WlanRadioManager.dll
[2015.08.02 17:32:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WwanRadioManager.dll
[2015.08.02 17:32:05 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\udhisapi.dll
[2015.08.02 17:32:05 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2015.08.02 17:32:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TapiMigPlugin.dll
[2015.08.02 17:32:04 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\L2SecHC.dll
[2015.08.02 17:32:04 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlgpclnt.dll
[2015.08.02 17:32:04 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmsynth.dll
[2015.08.02 17:32:04 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlgpclnt.dll
[2015.08.02 17:32:04 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSROUTE.dll
[2015.08.02 17:32:04 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winsockhc.dll
[2015.08.02 17:32:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pautoenr.dll
[2015.08.02 17:32:04 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Storprop.dll
[2015.08.02 17:32:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dot3hc.dll
[2015.08.02 17:32:04 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\devrtl.dll
[2015.08.02 17:32:04 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\net.exe
[2015.08.02 17:32:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vbisurf.ax
[2015.08.02 17:32:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeParserTask.exe
[2015.08.02 17:32:03 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHCPQEC.DLL
[2015.08.02 17:32:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciavi32.dll
[2015.08.02 17:32:03 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eqossnap.dll
[2015.08.02 17:32:03 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\frprov.dll
[2015.08.02 17:32:03 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.exe
[2015.08.02 17:32:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2015.08.02 17:32:03 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dot3cfg.dll
[2015.08.02 17:32:03 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcleanup.dll
[2015.08.02 17:32:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ustprov.dll
[2015.08.02 17:32:03 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbussdapi.dll
[2015.08.02 17:32:02 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scksp.dll
[2015.08.02 17:32:02 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2015.08.02 17:32:02 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\loghours.dll
[2015.08.02 17:32:02 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EAPQEC.DLL
[2015.08.02 17:32:02 | 000,064,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wtsapi32.dll
[2015.08.02 17:32:02 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\frprov.dll
[2015.08.02 17:32:02 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unimdmat.dll
[2015.08.02 17:32:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umpowmi.dll
[2015.08.02 17:32:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2015.08.02 17:32:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssign32.dll
[2015.08.02 17:32:02 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmloader.dll
[2015.08.02 17:32:02 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ustprov.dll
[2015.08.02 17:32:02 | 000,022,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksuser.dll
[2015.08.02 17:32:01 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdadiag.dll
[2015.08.02 17:32:01 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsiwmiv2.dll
[2015.08.02 17:32:01 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshext.dll
[2015.08.02 17:32:01 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mapistub.dll
[2015.08.02 17:32:01 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\makecab.exe
[2015.08.02 17:32:01 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wecutil.exe
[2015.08.02 17:32:01 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usbui.dll
[2015.08.02 17:32:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Groupinghc.dll
[2015.08.02 17:32:01 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wkscli.dll
[2015.08.02 17:32:01 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManMigrationPlugin.dll
[2015.08.02 17:32:01 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssec.dll
[2015.08.02 17:32:01 | 000,021,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsrole.dll
[2015.08.02 17:32:00 | 000,186,368 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\SysWow64\l3codecp.acm
[2015.08.02 17:32:00 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2015.08.02 17:32:00 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2015.08.02 17:32:00 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitagent.exe
[2015.08.02 17:32:00 | 000,149,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srvcli.dll
[2015.08.02 17:32:00 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidfdp.dll
[2015.08.02 17:32:00 | 000,080,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcd.dll
[2015.08.02 17:32:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingHost.exe
[2015.08.02 17:32:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energyprov.dll
[2015.08.02 17:32:00 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TapiMigPlugin.dll
[2015.08.02 17:31:59 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\colorui.dll
[2015.08.02 17:31:59 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfrgui.exe
[2015.08.02 17:31:59 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uxlib.dll
[2015.08.02 17:31:59 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Dsui.dll
[2015.08.02 17:31:59 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnpclean.dll
[2015.08.02 17:31:59 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmsynth.dll
[2015.08.02 17:31:59 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmInit.exe
[2015.08.02 17:31:59 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\driverquery.exe
[2015.08.02 17:31:59 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SMSRouter.dll
[2015.08.02 17:31:59 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2gpstore.dll
[2015.08.02 17:31:59 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2015.08.02 17:31:59 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xmlfilter.dll
[2015.08.02 17:31:59 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ftp.exe
[2015.08.02 17:31:58 | 000,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2015.08.02 17:31:58 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mydocs.dll
[2015.08.02 17:31:58 | 000,089,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2015.08.02 17:31:58 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Pnrphc.dll
[2015.08.02 17:31:58 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bootcfg.exe
[2015.08.02 17:31:58 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2015.08.02 17:31:58 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Utilman.exe
[2015.08.02 17:31:58 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvvmtransport.dll
[2015.08.02 17:31:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DfsShlEx.dll
[2015.08.02 17:31:57 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remotesp.tsp
[2015.08.02 17:31:57 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2015.08.02 17:31:57 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WfHC.dll
[2015.08.02 17:31:57 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2nacp.dll
[2015.08.02 17:31:57 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhtask.dll
[2015.08.02 17:31:57 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PortableDeviceConnectApi.dll
[2015.08.02 17:31:57 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConnectedAccountState.dll
[2015.08.02 17:31:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msisip.dll
[2015.08.02 17:31:56 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\onexui.dll
[2015.08.02 17:31:56 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gcdef.dll
[2015.08.02 17:31:56 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\isoburn.exe
[2015.08.02 17:31:56 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsiwmiv2.dll
[2015.08.02 17:31:56 | 000,085,504 | ---- | C] (Radius Inc.) -- C:\WINDOWS\SysWow64\iccvid.dll
[2015.08.02 17:31:56 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\QUTIL.DLL
[2015.08.02 17:31:56 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DfsShlEx.dll
[2015.08.02 17:31:56 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MaintenanceUI.dll
[2015.08.02 17:31:56 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vfwwdm32.dll
[2015.08.02 17:31:55 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdminst.dll
[2015.08.02 17:31:55 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2015.08.02 17:31:55 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\recovery.dll
[2015.08.02 17:31:55 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PNPXAssoc.dll
[2015.08.02 17:31:55 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remotesp.tsp
[2015.08.02 17:31:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsRdpWebAccess.dll
[2015.08.02 17:31:55 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dxof.dll
[2015.08.02 17:31:55 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\format.com
[2015.08.02 17:31:55 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmloader.dll
[2015.08.02 17:31:54 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EaseOfAccessDialog.exe
[2015.08.02 17:31:54 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credui.dll
[2015.08.02 17:31:54 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\radardt.dll
[2015.08.02 17:31:54 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netid.dll
[2015.08.02 17:31:54 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSCOM.dll
[2015.08.02 17:31:54 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\regapi.dll
[2015.08.02 17:31:54 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nslookup.exe
[2015.08.02 17:31:54 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanHC.dll
[2015.08.02 17:31:54 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\QCLIPROV.DLL
[2015.08.02 17:31:54 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Printers.Extensions.dll
[2015.08.02 17:31:53 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\onexui.dll
[2015.08.02 17:31:53 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\onex.dll
[2015.08.02 17:31:53 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\racpldlg.dll
[2015.08.02 17:31:53 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winrscmd.dll
[2015.08.02 17:31:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwcfg.dll
[2015.08.02 17:31:53 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dispdiag.exe
[2015.08.02 17:31:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DHCPQEC.DLL
[2015.08.02 17:31:53 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\avicap32.dll
[2015.08.02 17:31:53 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\net.exe
[2015.08.02 17:31:53 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xmlfilter.dll
[2015.08.02 17:31:53 | 000,044,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netutils.dll
[2015.08.02 17:31:53 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpapi.dll
[2015.08.02 17:31:52 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\keymgr.dll
[2015.08.02 17:31:52 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\McxDriv.dll
[2015.08.02 17:31:52 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2015.08.02 17:31:52 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2015.08.02 17:31:52 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbio.dll
[2015.08.02 17:31:52 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xwreg.dll
[2015.08.02 17:31:52 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\isoburn.exe
[2015.08.02 17:31:52 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcirt.dll
[2015.08.02 17:31:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BluetoothApis.dll
[2015.08.02 17:31:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SortWindows6Compat.dll
[2015.08.02 17:31:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\findnetprinters.dll
[2015.08.02 17:31:52 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAConn.dll
[2015.08.02 17:31:52 | 000,054,272 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twain_32.dll
[2015.08.02 17:31:52 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\luainstall.dll
[2015.08.02 17:31:52 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bidispl.dll
[2015.08.02 17:31:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mimefilt.dll
[2015.08.02 17:31:51 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gcdef.dll
[2015.08.02 17:31:51 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOM.dll
[2015.08.02 17:31:51 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efsadu.dll
[2015.08.02 17:31:51 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spfileq.dll
[2015.08.02 17:31:51 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserAccountControlSettings.dll
Nahoru
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 09:59

[2015.08.02 17:31:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umb.dll
[2015.08.02 17:31:51 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HelpPaneProxy.dll
[2015.08.02 17:31:51 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2nacp.dll
[2015.08.02 17:31:51 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ftp.exe
[2015.08.02 17:31:51 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdiagschd.dll
[2015.08.02 17:31:50 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mydocs.dll
[2015.08.02 17:31:50 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2015.08.02 17:31:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sendmail.dll
[2015.08.02 17:31:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RegCtrl.dll
[2015.08.02 17:31:50 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bidispl.dll
[2015.08.02 17:31:50 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmband.dll
[2015.08.02 17:31:50 | 000,034,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialUIBroker.exe
[2015.08.02 17:31:50 | 000,030,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserAccountBroker.exe
[2015.08.02 17:31:50 | 000,028,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CameraSettingsUIHost.exe
[2015.08.02 17:31:50 | 000,026,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PickerHost.exe
[2015.08.02 17:31:49 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\syncui.dll
[2015.08.02 17:31:49 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2015.08.02 17:31:49 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmcshext.dll
[2015.08.02 17:31:49 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dasHost.exe
[2015.08.02 17:31:49 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netsh.exe
[2015.08.02 17:31:49 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsiwmi.dll
[2015.08.02 17:31:49 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhlisten.dll
[2015.08.02 17:31:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stclient.dll
[2015.08.02 17:31:49 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsRdpWebAccess.dll
[2015.08.02 17:31:49 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdhui.dll
[2015.08.02 17:31:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mciqtz32.dll
[2015.08.02 17:31:48 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\irftp.exe
[2015.08.02 17:31:48 | 000,136,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2015.08.02 17:31:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiaacmgr.exe
[2015.08.02 17:31:48 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncHost.exe
[2015.08.02 17:31:48 | 000,045,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudNotifications.exe
[2015.08.02 17:31:48 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetNetworkLocation.dll
[2015.08.02 17:31:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToStatusProvider.dll
[2015.08.02 17:31:47 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uireng.dll
[2015.08.02 17:31:47 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmcshext.dll
[2015.08.02 17:31:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiaacmgr.exe
[2015.08.02 17:31:47 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
[2015.08.02 17:31:47 | 000,064,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appidapi.dll
[2015.08.02 17:31:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucmhc.dll
[2015.08.02 17:31:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\stclient.dll
[2015.08.02 17:31:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cfgbkend.dll
[2015.08.02 17:31:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RoamingSecurity.dll
[2015.08.02 17:31:47 | 000,040,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudNotifications.exe
[2015.08.02 17:31:47 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cnvfat.dll
[2015.08.02 17:31:46 | 000,921,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2015.08.02 17:31:46 | 000,700,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\elslad.dll
[2015.08.02 17:31:46 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cabview.dll
[2015.08.02 17:31:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\findnetprinters.dll
[2015.08.02 17:31:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2015.08.02 17:31:46 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RegCtrl.dll
[2015.08.02 17:31:46 | 000,038,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialUIBroker.exe
[2015.08.02 17:31:46 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vidcap.ax
[2015.08.02 17:31:45 | 000,393,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shrpubw.exe
[2015.08.02 17:31:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2015.08.02 17:31:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapistub.dll
[2015.08.02 17:31:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapi32.dll
[2015.08.02 17:31:45 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spbcd.dll
[2015.08.02 17:31:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserAccountControlSettings.dll
[2015.08.02 17:31:45 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\btpanui.dll
[2015.08.02 17:31:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sendmail.dll
[2015.08.02 17:31:45 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdPnp.dll
[2015.08.02 17:31:45 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fmifs.dll
[2015.08.02 17:31:45 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\luainstall.dll
[2015.08.02 17:31:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncHost.exe
[2015.08.02 17:31:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cnvfat.dll
[2015.08.02 17:31:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FdDevQuery.dll
[2015.08.02 17:31:45 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Printers.Extensions.dll
[2015.08.02 17:31:44 | 000,150,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmpps.dll
[2015.08.02 17:31:44 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvfw32.dll
[2015.08.02 17:31:44 | 000,131,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2015.08.02 17:31:44 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcwutl.dll
[2015.08.02 17:31:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dot3api.dll
[2015.08.02 17:31:44 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2015.08.02 17:31:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\acppage.dll
[2015.08.02 17:31:44 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelineprxy.dll
[2015.08.02 17:31:44 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdPnp.dll
[2015.08.02 17:31:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciqtz32.dll
[2015.08.02 17:31:43 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spfileq.dll
[2015.08.02 17:31:43 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\console.dll
[2015.08.02 17:31:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\keyiso.dll
[2015.08.02 17:31:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\openfiles.exe
[2015.08.02 17:31:43 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pautoenr.dll
[2015.08.02 17:31:43 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AtBroker.exe
[2015.08.02 17:31:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucmhc.dll
[2015.08.02 17:31:43 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HelpPaneProxy.dll
[2015.08.02 17:31:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rrinstaller.exe
[2015.08.02 17:31:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mimefilt.dll
[2015.08.02 17:31:43 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndfetw.dll
[2015.08.02 17:31:42 | 000,177,152 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\SysNative\l3codecp.acm
[2015.08.02 17:31:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2015.08.02 17:31:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3dlg.dll
[2015.08.02 17:31:42 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDSPnf.exe
[2015.08.02 17:31:42 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimtf.dll
[2015.08.02 17:31:42 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rrinstaller.exe
[2015.08.02 17:31:42 | 000,039,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdmo.dll
[2015.08.02 17:31:42 | 000,038,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\svchost.exe
[2015.08.02 17:31:42 | 000,038,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\utildll.dll
[2015.08.02 17:31:42 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceDisplayStatusManager.dll
[2015.08.02 17:31:41 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfmon.exe
[2015.08.02 17:31:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptext.dll
[2015.08.02 17:31:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\takeown.exe
[2015.08.02 17:31:41 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmdl32.exe
[2015.08.02 17:31:41 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bderepair.dll
[2015.08.02 17:31:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\signdrv.dll
[2015.08.02 17:31:41 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RemoveDeviceContextHandler.dll
[2015.08.02 17:31:40 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cabview.dll
[2015.08.02 17:31:40 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EhStorAuthn.exe
[2015.08.02 17:31:40 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xwreg.dll
[2015.08.02 17:31:40 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EhStorPwdMgr.dll
[2015.08.02 17:31:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\signdrv.dll
[2015.08.02 17:31:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthExt.dll
[2015.08.02 17:31:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\docprop.dll
[2015.08.02 17:31:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2015.08.02 17:31:39 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\onex.dll
[2015.08.02 17:31:39 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUTILITY.dll
[2015.08.02 17:31:39 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbio.dll
[2015.08.02 17:31:39 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2gpstore.dll
[2015.08.02 17:31:39 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcirt.dll
[2015.08.02 17:31:39 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acppage.dll
[2015.08.02 17:31:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.Fontgroups.dll
[2015.08.02 17:31:39 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mskeyprotect.dll
[2015.08.02 17:31:39 | 000,044,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2015.08.02 17:31:39 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpkinstall.exe
[2015.08.02 17:31:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnNetsh.dll
[2015.08.02 17:31:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToStatusProvider.dll
[2015.08.02 17:31:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthExt.dll
[2015.08.02 17:31:39 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceDisplayStatusManager.dll
[2015.08.02 17:31:38 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlaySndSrv.dll
[2015.08.02 17:31:38 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasmbmgr.dll
[2015.08.02 17:31:38 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsvd.dll
[2015.08.02 17:31:38 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2015.08.02 17:31:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PSModuleDiscoveryProvider.dll
[2015.08.02 17:31:38 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dataclen.dll
[2015.08.02 17:31:38 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxssrv.dll
[2015.08.02 17:31:38 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\traffic.dll
[2015.08.02 17:31:38 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguageProfileCallback.dll
[2015.08.02 17:31:37 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.ps.dll
[2015.08.02 17:31:37 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winrscmd.dll
[2015.08.02 17:31:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cngprovider.dll
[2015.08.02 17:31:37 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\capiprovider.dll
[2015.08.02 17:31:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpapiprovider.dll
[2015.08.02 17:31:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setx.exe
[2015.08.02 17:31:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hhsetup.dll
[2015.08.02 17:31:37 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincredprovider.dll
[2015.08.02 17:31:37 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FdDevQuery.dll
[2015.08.02 17:31:36 | 002,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\batmeter.dll
[2015.08.02 17:31:36 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2015.08.02 17:31:36 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2015.08.02 17:31:36 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeXmlParser.dll
[2015.08.02 17:31:36 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdchange.exe
[2015.08.02 17:31:36 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Portable.dll
[2015.08.02 17:31:36 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ThumbnailExtractionHost.exe
[2015.08.02 17:31:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vidcap.ax
[2015.08.02 17:31:35 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hdwwiz.cpl
[2015.08.02 17:31:35 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2015.08.02 17:31:35 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2015.08.02 17:31:35 | 000,080,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netapi32.dll
[2015.08.02 17:31:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll
[2015.08.02 17:31:35 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssign32.dll
[2015.08.02 17:31:35 | 000,069,120 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\SysWow64\l3codeca.acm
[2015.08.02 17:31:35 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2015.08.02 17:31:35 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeUISrv.exe
[2015.08.02 17:31:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtutils.dll
[2015.08.02 17:31:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.dll
[2015.08.02 17:31:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hcproviders.dll
[2015.08.02 17:31:34 | 002,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\batmeter.dll
[2015.08.02 17:31:34 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\main.cpl
[2015.08.02 17:31:34 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srrstr.dll
[2015.08.02 17:31:34 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2015.08.02 17:31:34 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbui.dll
[2015.08.02 17:31:34 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.dll
[2015.08.02 17:31:34 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dot3dlg.dll
[2015.08.02 17:31:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcbcp.dll
[2015.08.02 17:31:34 | 000,035,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\avrt.dll
[2015.08.02 17:31:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2015.08.02 17:31:33 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfp.dll
[2015.08.02 17:31:33 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbccp32.dll
[2015.08.02 17:31:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tcpmonui.dll
[2015.08.02 17:31:33 | 000,051,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wwapi.dll
[2015.08.02 17:31:33 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2015.08.02 17:31:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoveDeviceContextHandler.dll
[2015.08.02 17:31:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RdpSa.exe
[2015.08.02 17:31:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hid.dll
[2015.08.02 17:31:33 | 000,031,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PasswordOnWakeSettingFlyout.exe
[2015.08.02 17:31:33 | 000,029,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PasswordOnWakeSettingFlyout.exe
[2015.08.02 17:31:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msisip.dll
[2015.08.02 17:31:32 | 000,184,832 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Defrag.exe
[2015.08.02 17:31:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SCardDlg.dll
[2015.08.02 17:31:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmictimeprovider.dll
[2015.08.02 17:31:32 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Portable.dll
[2015.08.02 17:31:31 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\elslad.dll
[2015.08.02 17:31:31 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NcaSvc.dll
[2015.08.02 17:31:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdProxy.dll
[2015.08.02 17:31:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\whoami.exe
[2015.08.02 17:31:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndiscapCfg.dll
[2015.08.02 17:31:31 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pwsso.dll
[2015.08.02 17:31:30 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certCredProvider.dll
[2015.08.02 17:31:30 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdsapi.dll
[2015.08.02 17:31:30 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhmanagew.exe
[2015.08.02 17:31:30 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EhStorPwdMgr.dll
[2015.08.02 17:31:30 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efsadu.dll
[2015.08.02 17:31:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\btpanui.dll
[2015.08.02 17:31:30 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hbaapi.dll
[2015.08.02 17:31:30 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityServicePal.dll
[2015.08.02 17:31:30 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tvratings.dll
[2015.08.02 17:31:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dataclen.dll
[2015.08.02 17:31:30 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hcproviders.dll
[2015.08.02 17:31:30 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguageProfileCallback.dll
[2015.08.02 17:31:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpsapi.dll
[2015.08.02 17:31:29 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys
[2015.08.02 17:31:29 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cfgbkend.dll
[2015.08.02 17:31:29 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlrmdr.exe
[2015.08.02 17:31:29 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\auditpol.exe
[2015.08.02 17:31:29 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wwanpref.dll
[2015.08.02 17:31:29 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adprovider.dll
[2015.08.02 17:31:29 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndiscapCfg.dll
[2015.08.02 17:31:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msports.dll
[2015.08.02 17:31:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentHost.dll
[2015.08.02 17:31:29 | 000,029,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2015.08.02 17:31:29 | 000,028,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysResetErr.exe
[2015.08.02 17:31:28 | 000,139,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2015.08.02 17:31:28 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2015.08.02 17:31:28 | 000,095,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcd.dll
[2015.08.02 17:31:28 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.exe
[2015.08.02 17:31:28 | 000,082,432 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\SysNative\l3codeca.acm
[2015.08.02 17:31:28 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3cfg.dll
[2015.08.02 17:31:28 | 000,063,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwapi.dll
[2015.08.02 17:31:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\reg.exe
[2015.08.02 17:31:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintIsolationProxy.dll
[2015.08.02 17:31:28 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SortServer2003Compat.dll
[2015.08.02 17:31:28 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdchange.exe
[2015.08.02 17:31:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pwlauncher.exe
[2015.08.02 17:31:28 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceDriverRetrievalClient.dll
[2015.08.02 17:31:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\olesvr32.dll
[2015.08.02 17:31:27 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntprint.dll
[2015.08.02 17:31:27 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mciavi32.dll
[2015.08.02 17:31:27 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2015.08.02 17:31:27 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\avicap32.dll
[2015.08.02 17:31:27 | 000,073,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidapi.dll
[2015.08.02 17:31:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsidsc.dll
[2015.08.02 17:31:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf3216.dll
[2015.08.02 17:31:27 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.Fontgroups.dll
[2015.08.02 17:31:27 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSTheme.exe
[2015.08.02 17:31:27 | 000,033,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RuntimeBroker.exe
[2015.08.02 17:31:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtffilt.dll
[2015.08.02 17:31:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxsstore.dll
[2015.08.02 17:31:27 | 000,029,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\version.dll
[2015.08.02 17:31:27 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ThumbnailExtractionHost.exe
[2015.08.02 17:31:27 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dswave.dll
[2015.08.02 17:31:27 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\elsTrans.dll
[2015.08.02 17:31:26 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shrpubw.exe
[2015.08.02 17:31:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2015.08.02 17:31:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL
[2015.08.02 17:31:26 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\unimdmat.dll
[2015.08.02 17:31:26 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhautoplay.dll
[2015.08.02 17:31:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PSModuleDiscoveryProvider.dll
[2015.08.02 17:31:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmmon32.exe
[2015.08.02 17:31:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dtsh.dll
[2015.08.02 17:31:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dimsroam.dll
[2015.08.02 17:31:26 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbrand.dll
[2015.08.02 17:31:26 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshhttp.dll
[2015.08.02 17:31:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\elsTrans.dll
[2015.08.02 17:31:26 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\secur32.dll
[2015.08.02 17:31:26 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzSqlExt.dll
[2015.08.02 17:31:26 | 000,026,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfpmp.exe
[2015.08.02 17:31:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxsstore.dll
[2015.08.02 17:31:25 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2015.08.02 17:31:25 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cleanmgr.exe
[2015.08.02 17:31:25 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dot3msm.dll
[2015.08.02 17:31:25 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlaySndSrv.dll
[2015.08.02 17:31:25 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmutil.dll
[2015.08.02 17:31:25 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cttunesvr.exe
[2015.08.02 17:31:25 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprnext.dll
[2015.08.02 17:31:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cttunesvr.exe
[2015.08.02 17:31:25 | 000,033,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winnsi.dll
[2015.08.02 17:31:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll
[2015.08.02 17:31:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsCtfMonitor.dll
[2015.08.02 17:31:24 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certCredProvider.dll
[2015.08.02 17:31:24 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sethc.exe
[2015.08.02 17:31:24 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2015.08.02 17:31:24 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\joy.cpl
[2015.08.02 17:31:24 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EhStorAuthn.exe
[2015.08.02 17:31:24 | 000,069,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys
[2015.08.02 17:31:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\auditpol.exe
[2015.08.02 17:31:24 | 000,061,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys
[2015.08.02 17:31:24 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2015.08.02 17:31:24 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\feclient.dll
[2015.08.02 17:31:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uicom.dll
[2015.08.02 17:31:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\htui.dll
[2015.08.02 17:31:24 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfg.exe
[2015.08.02 17:31:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmiprop.dll
[2015.08.02 17:31:23 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\irprops.cpl
[2015.08.02 17:31:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDScanProxy.dll
[2015.08.02 17:31:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe
[2015.08.02 17:31:23 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msident.dll
[2015.08.02 17:31:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xolehlp.dll
[2015.08.02 17:31:23 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSTheme.exe
[2015.08.02 17:31:23 | 000,043,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utildll.dll
[2015.08.02 17:31:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eventcreate.exe
[2015.08.02 17:31:23 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tvratings.dll
[2015.08.02 17:31:23 | 000,027,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmbuspipe.dll
[2015.08.02 17:31:23 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mode.com
[2015.08.02 17:31:22 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptext.dll
[2015.08.02 17:31:22 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uicom.dll
[2015.08.02 17:31:22 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfctrs.dll
[2015.08.02 17:31:22 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\forfiles.exe
[2015.08.02 17:31:22 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MirrorDrvCompat.dll
[2015.08.02 17:31:22 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sfc.exe
[2015.08.02 17:31:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprnext.dll
[2015.08.02 17:31:22 | 000,031,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptbase.dll
[2015.08.02 17:31:22 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbrand.dll
[2015.08.02 17:31:22 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtffilt.dll
[2015.08.02 17:31:22 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\more.com
[2015.08.02 17:31:21 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsicli.exe
[2015.08.02 17:31:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\repair-bde.exe
[2015.08.02 17:31:21 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiarpc.dll
[2015.08.02 17:31:21 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3gpclnt.dll
[2015.08.02 17:31:21 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsnmp32.dll
[2015.08.02 17:31:21 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSEXT32.dll
[2015.08.02 17:31:21 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dimsjob.dll
[2015.08.02 17:31:21 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfos.dll
[2015.08.02 17:31:21 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hidphone.tsp
[2015.08.02 17:31:21 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dot3Conn.dll
[2015.08.02 17:31:21 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fc.exe
[2015.08.02 17:31:20 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthFWGP.dll
[2015.08.02 17:31:20 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drttransport.dll
[2015.08.02 17:31:20 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ddodiag.exe
[2015.08.02 17:31:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drttransport.dll
[2015.08.02 17:31:20 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cipher.exe
[2015.08.02 17:31:20 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RdpSa.exe
[2015.08.02 17:31:20 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\format.com
[2015.08.02 17:31:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\where.exe
[2015.08.02 17:31:20 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzSqlExt.dll
[2015.08.02 17:31:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[2015.08.02 17:31:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthMtpContextHandler.dll
[2015.08.02 17:31:20 | 000,024,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nsi.dll
[2015.08.02 17:31:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshcon.dll
[2015.08.02 17:31:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Background.TimeBroker.dll
[2015.08.02 17:31:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dswave.dll
[2015.08.02 17:31:19 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfmon.exe
[2015.08.02 17:31:19 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2015.08.02 17:31:19 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti_ci.dll
[2015.08.02 17:31:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspatchc.dll
[2015.08.02 17:31:19 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnification.dll
[2015.08.02 17:31:19 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dot3gpclnt.dll
[2015.08.02 17:31:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RotMgr.dll
[2015.08.02 17:31:19 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasphone.exe
[2015.08.02 17:31:19 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncPolicy.dll
[2015.08.02 17:31:19 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LldpNotify.dll
[2015.08.02 17:31:19 | 000,025,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsrole.dll
[2015.08.02 17:31:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi_passthru.dll
[2015.08.02 17:31:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\more.com
[2015.08.02 17:31:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comp.exe
[2015.08.02 17:31:18 | 000,423,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\irprops.cpl
[2015.08.02 17:31:18 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthFWGP.dll
[2015.08.02 17:31:18 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3msm.dll
[2015.08.02 17:31:18 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2015.08.02 17:31:18 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdrleakdiag.exe
[2015.08.02 17:31:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MirrorDrvCompat.dll
[2015.08.02 17:31:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmiprop.dll
[2015.08.02 17:31:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\choice.exe
[2015.08.02 17:31:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\timeout.exe
[2015.08.02 17:31:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comp.exe
[2015.08.02 17:31:18 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clip.exe
[2015.08.02 17:31:17 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uireng.dll
[2015.08.02 17:31:17 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdsrv.dll
[2015.08.02 17:31:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srhelper.dll
[2015.08.02 17:31:17 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\napdsnap.dll
[2015.08.02 17:31:17 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2015.08.02 17:31:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ByteCodeGenerator.exe
[2015.08.02 17:31:17 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dialer.exe
[2015.08.02 17:31:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthpanapi.dll
[2015.08.02 17:31:17 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxlegih.dll
[2015.08.02 17:31:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ByteCodeGenerator.exe
[2015.08.02 17:31:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxdm.dll
[2015.08.02 17:31:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fc.exe
[2015.08.02 17:31:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsCtfMonitor.dll
[2015.08.02 17:31:16 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\joy.cpl
[2015.08.02 17:31:16 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.ps.dll
[2015.08.02 17:31:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NcdAutoSetup.dll
[2015.08.02 17:31:16 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cngprovider.dll
[2015.08.02 17:31:16 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\radarrs.dll
[2015.08.02 17:31:16 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\capiprovider.dll
[2015.08.02 17:31:16 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapiprovider.dll
[2015.08.02 17:31:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mskeyprotect.dll
[2015.08.02 17:31:16 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincredprovider.dll
[2015.08.02 17:31:16 | 000,043,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdmo.dll
[2015.08.02 17:31:16 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxshared.dll
[2015.08.02 17:31:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\runonce.exe
[2015.08.02 17:31:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcadm.dll
[2015.08.02 17:31:16 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsDeviceAccessRevocation.dll
[2015.08.02 17:31:16 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshcon.dll
[2015.08.02 17:31:15 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RelPost.exe
[2015.08.02 17:31:15 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspatchc.dll
[2015.08.02 17:31:15 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msauserext.dll
[2015.08.02 17:31:15 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adprovider.dll
[2015.08.02 17:31:15 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\expand.exe
[2015.08.02 17:31:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnification.dll
[2015.08.02 17:31:15 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\waitfor.exe
[2015.08.02 17:31:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[2015.08.02 17:31:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Background.TimeBroker.dll
[2015.08.02 17:31:14 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cleanmgr.exe
[2015.08.02 17:31:14 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothApis.dll
[2015.08.02 17:31:14 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.ps.dll
[2015.08.02 17:31:14 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetmib1.dll
[2015.08.02 17:31:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tlscsp.dll
[2015.08.02 17:31:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pwrshplugin.dll
[2015.08.02 17:31:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cfmifs.dll
[2015.08.02 17:31:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmdmps.dll
[2015.08.02 17:31:13 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfp.dll
[2015.08.02 17:31:13 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drtprov.dll
[2015.08.02 17:31:13 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rundll32.exe
[2015.08.02 17:31:13 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scext.dll
[2015.08.02 17:31:13 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\profext.dll
[2015.08.02 17:31:13 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\docprop.dll
[2015.08.02 17:31:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcicda.dll
[2015.08.02 17:31:13 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srumapi.dll
[2015.08.02 17:31:13 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmdmlog.dll
[2015.08.02 17:31:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WPDShextAutoplay.exe
[2015.08.02 17:31:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mode.com
[2015.08.02 17:31:12 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2015.08.02 17:31:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srumapi.dll
[2015.08.02 17:31:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certenc.dll
[2015.08.02 17:31:12 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dfscli.dll
[2015.08.02 17:31:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sfc.exe
[2015.08.02 17:31:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcbcp.dll
[2015.08.02 17:31:12 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetProxyCredential.dll
[2015.08.02 17:31:12 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmlua.dll
[2015.08.02 17:31:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmcfg32.dll
[2015.08.02 17:31:12 | 000,033,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel.appcore.dll
[2015.08.02 17:31:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\crypttpmeksvc.dll
[2015.08.02 17:31:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Display.dll
[2015.08.02 17:31:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncPolicy.dll
[2015.08.02 17:31:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscisvif.dll
[2015.08.02 17:31:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmpbk32.dll
[2015.08.02 17:31:12 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ureg.dll
[2015.08.02 17:31:11 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modemui.dll
[2015.08.02 17:31:11 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\napdsnap.dll
[2015.08.02 17:31:11 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sc.exe
[2015.08.02 17:31:11 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dimsroam.dll
[2015.08.02 17:31:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winrs.exe
[2015.08.02 17:31:11 | 000,029,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kernel.appcore.dll
[2015.08.02 17:31:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2015.08.02 17:31:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32topl.dll
[2015.08.02 17:31:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll
[2015.08.02 17:31:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chkwudrv.dll
[2015.08.02 17:31:11 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easconsent.dll
[2015.08.02 17:31:10 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icm32.dll
[2015.08.02 17:31:10 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpsapi.dll
[2015.08.02 17:31:10 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PkgMgr.exe
[2015.08.02 17:31:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsutil.exe
[2015.08.02 17:31:10 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanext.exe
[2015.08.02 17:31:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pwrshplugin.dll
[2015.08.02 17:31:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\feclient.dll
[2015.08.02 17:31:10 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmocx.dll
[2015.08.02 17:31:10 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\browcli.dll
[2015.08.02 17:31:10 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfp.exe
[2015.08.02 17:31:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi_passthru.dll
Nahoru
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 10:00

[2015.08.02 17:31:09 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\unregmp2.exe
[2015.08.02 17:31:09 | 000,108,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootsect.exe
[2015.08.02 17:31:09 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srclient.dll
[2015.08.02 17:31:09 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\expand.exe
[2015.08.02 17:31:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2015.08.02 17:31:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pid.dll
[2015.08.02 17:31:09 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxstrace.exe
[2015.08.02 17:31:09 | 000,025,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\streamci.dll
[2015.08.02 17:31:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Display.dll
[2015.08.02 17:31:09 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscisvif.dll
[2015.08.02 17:31:08 | 000,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSST.dll
[2015.08.02 17:31:08 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\keymgr.dll
[2015.08.02 17:31:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmci.dll
[2015.08.02 17:31:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwancfg.dll
[2015.08.02 17:31:08 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\datusage.dll
[2015.08.02 17:31:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shutdown.exe
[2015.08.02 17:31:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dimsjob.dll
[2015.08.02 17:31:08 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdWNet.dll
[2015.08.02 17:31:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\findstr.exe
[2015.08.02 17:31:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\chkdsk.exe
[2015.08.02 17:31:08 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\serwvdrv.dll
[2015.08.02 17:31:08 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\convert.exe
[2015.08.02 17:31:07 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\charmap.exe
[2015.08.02 17:31:07 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netsh.exe
[2015.08.02 17:31:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupcln.dll
[2015.08.02 17:31:07 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XInput1_4.dll
[2015.08.02 17:31:07 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2015.08.02 17:31:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsepno.dll
[2015.08.02 17:31:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tbs.dll
[2015.08.02 17:31:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efsutil.dll
[2015.08.02 17:31:07 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WPDShextAutoplay.exe
[2015.08.02 17:31:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tbs.dll
[2015.08.02 17:31:07 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Profile.SystemManufacturers.dll
[2015.08.02 17:31:06 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptuiwizard.dll
[2015.08.02 17:31:06 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MuiUnattend.exe
[2015.08.02 17:31:06 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SrTasks.exe
[2015.08.02 17:31:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profext.dll
[2015.08.02 17:31:06 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AtBroker.exe
[2015.08.02 17:31:06 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Websocket.dll
[2015.08.02 17:31:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\delegatorprovider.dll
[2015.08.02 17:31:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsldr.exe
[2015.08.02 17:31:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsdchngr.dll
[2015.08.02 17:31:06 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll
[2015.08.02 17:31:05 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdboot.exe
[2015.08.02 17:31:05 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certenc.dll
[2015.08.02 17:31:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deskmon.dll
[2015.08.02 17:31:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspatcha.dll
[2015.08.02 17:31:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cfmifs.dll
[2015.08.02 17:31:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NETSTAT.EXE
[2015.08.02 17:31:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsdchngr.dll
[2015.08.02 17:31:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shgina.dll
[2015.08.02 17:31:05 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Profile.SystemManufacturers.dll
[2015.08.02 17:31:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapprovp.dll
[2015.08.02 17:31:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsperf.dll
[2015.08.02 17:31:05 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DefaultPrinterProvider.dll
[2015.08.02 17:31:04 | 001,497,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskcopy.dll
[2015.08.02 17:31:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\whoami.exe
[2015.08.02 17:31:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\findstr.exe
[2015.08.02 17:31:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sscore.dll
[2015.08.02 17:31:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll
[2015.08.02 17:31:04 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NcdProp.dll
[2015.08.02 17:31:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimgvw.dll
[2015.08.02 17:31:04 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tree.com
[2015.08.02 17:31:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmocx.dll
[2015.08.02 17:31:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsiCofire.dll
[2015.08.02 17:31:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmiclnt.dll
[2015.08.02 17:31:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\icacls.exe
[2015.08.02 17:31:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapprovp.dll
[2015.08.02 17:31:03 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsium.dll
[2015.08.02 17:31:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DefaultPrinterProvider.dll
[2015.08.02 17:31:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\serwvdrv.dll
[2015.08.02 17:31:03 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RdpSaProxy.exe
[2015.08.02 17:31:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tree.com
[2015.08.02 17:31:02 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cngcredui.dll
[2015.08.02 17:31:02 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscore.dll
[2015.08.02 17:31:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2015.08.02 17:31:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tcpmib.dll
[2015.08.02 17:31:02 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\userinit.exe
[2015.08.02 17:31:02 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\encapi.dll
[2015.08.02 17:31:02 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\replace.exe
[2015.08.02 17:31:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hnetmon.dll
[2015.08.02 17:31:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deskmon.dll
[2015.08.02 17:31:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\runonce.exe
[2015.08.02 17:31:01 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmdmlog.dll
[2015.08.02 17:31:01 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetEvtFwdr.exe
[2015.08.02 17:31:01 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SecEdit.exe
[2015.08.02 17:31:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\witnesswmiv2provider.dll
[2015.08.02 17:31:01 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfdisk.dll
[2015.08.02 17:31:01 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rpcnsh.dll
[2015.08.02 17:31:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\brdgcfg.dll
[2015.08.02 17:31:01 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsparse.dll
[2015.08.02 17:31:01 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\icmui.dll
[2015.08.02 17:31:01 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convert.exe
[2015.08.02 17:31:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shimgvw.dll
[2015.08.02 17:31:00 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hbaapi.dll
[2015.08.02 17:31:00 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hhsetup.dll
[2015.08.02 17:31:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmlua.dll
[2015.08.02 17:31:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cacls.exe
[2015.08.02 17:31:00 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.RemoteDesktop.dll
[2015.08.02 17:31:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmutil.dll
[2015.08.02 17:31:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsperf.dll
[2015.08.02 17:31:00 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\attrib.exe
[2015.08.02 17:31:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\doskey.exe
[2015.08.02 17:30:59 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vds_ps.dll
[2015.08.02 17:30:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintIsolationHost.exe
[2015.08.02 17:30:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcpmonui.dll
[2015.08.02 17:30:59 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fsutilext.dll
[2015.08.02 17:30:59 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ddodiag.exe
[2015.08.02 17:30:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2015.08.02 17:30:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XInput1_4.dll
[2015.08.02 17:30:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shgina.dll
[2015.08.02 17:30:59 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icsunattend.exe
[2015.08.02 17:30:58 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cngcredui.dll
[2015.08.02 17:30:58 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\regapi.dll
[2015.08.02 17:30:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidnsp.dll
[2015.08.02 17:30:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esentprf.dll
[2015.08.02 17:30:58 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Websocket.dll
[2015.08.02 17:30:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll
[2015.08.02 17:30:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bridgeunattend.exe
[2015.08.02 17:30:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shpafact.dll
[2015.08.02 17:30:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\delegatorprovider.dll
[2015.08.02 17:30:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shpafact.dll
[2015.08.02 17:30:57 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompMgmtLauncher.exe
[2015.08.02 17:30:57 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupcln.dll
[2015.08.02 17:30:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drtprov.dll
[2015.08.02 17:30:57 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcicda.dll
[2015.08.02 17:30:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NcdProp.dll
[2015.08.02 17:30:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chkdsk.exe
[2015.08.02 17:30:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winrshost.exe
[2015.08.02 17:30:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnmpntw.dll
[2015.08.02 17:30:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\compact.exe
[2015.08.02 17:30:57 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiatrace.dll
[2015.08.02 17:30:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfos.dll
[2015.08.02 17:30:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcpmib.dll
[2015.08.02 17:30:56 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\proquota.exe
[2015.08.02 17:30:56 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2015.08.02 17:30:56 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\httpapi.dll
[2015.08.02 17:30:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\encapi.dll
[2015.08.02 17:30:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CheckNetIsolation.exe
[2015.08.02 17:30:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiougc.exe
[2015.08.02 17:30:56 | 000,021,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tbs.sys
[2015.08.02 17:30:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\chkntfs.exe
[2015.08.02 17:30:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.RemoteDesktop.dll
[2015.08.02 17:30:56 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\find.exe
[2015.08.02 17:30:55 | 000,146,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2015.08.02 17:30:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xwizard.exe
[2015.08.02 17:30:55 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tlscsp.dll
[2015.08.02 17:30:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmprovhost.exe
[2015.08.02 17:30:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ipconfig.exe
[2015.08.02 17:30:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinFax.dll
[2015.08.02 17:30:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\snmpapi.dll
[2015.08.02 17:30:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2015.08.02 17:30:55 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifmon.dll
[2015.08.02 17:30:55 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dvdupgrd.exe
[2015.08.02 17:30:55 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\replace.exe
[2015.08.02 17:30:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prevhost.exe
[2015.08.02 17:30:54 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2015.08.02 17:30:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xwizard.exe
[2015.08.02 17:30:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efslsaext.dll
[2015.08.02 17:30:54 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deskadp.dll
[2015.08.02 17:30:54 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qmgrprxy.dll
[2015.08.02 17:30:54 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deskadp.dll
[2015.08.02 17:30:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\lodctr.exe
[2015.08.02 17:30:54 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32topl.dll
[2015.08.02 17:30:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\linkinfo.dll
[2015.08.02 17:30:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsauth.dll
[2015.08.02 17:30:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ureg.dll
[2015.08.02 17:30:54 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2015.08.02 17:30:54 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prevhost.exe
[2015.08.02 17:30:54 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hnetmon.dll
[2015.08.02 17:30:54 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\icsunattend.exe
[2015.08.02 17:30:53 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hidphone.tsp
[2015.08.02 17:30:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfproc.dll
[2015.08.02 17:30:53 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcsubs.dll
[2015.08.02 17:30:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnpui.dll
[2015.08.02 17:30:53 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BackgroundTransferHost.exe
[2015.08.02 17:30:53 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credwiz.exe
[2015.08.02 17:30:53 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EventAggregation.dll
[2015.08.02 17:30:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RpcPing.exe
[2015.08.02 17:30:53 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2015.08.02 17:30:53 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.exe
[2015.08.02 17:30:52 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsidsc.dll
[2015.08.02 17:30:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmdl32.exe
[2015.08.02 17:30:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfdts.dll
[2015.08.02 17:30:52 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmmon32.exe
[2015.08.02 17:30:52 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\regini.exe
[2015.08.02 17:30:52 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxstrace.exe
[2015.08.02 17:30:52 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xmlprovi.dll
[2015.08.02 17:30:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[2015.08.02 17:30:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hotplug.dll
[2015.08.02 17:30:51 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msports.dll
[2015.08.02 17:30:51 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FwRemoteSvr.dll
[2015.08.02 17:30:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vds_ps.dll
[2015.08.02 17:30:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\traffic.dll
[2015.08.02 17:30:51 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\napipsec.dll
[2015.08.02 17:30:51 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcsubs.dll
[2015.08.02 17:30:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netbtugc.exe
[2015.08.02 17:30:51 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sisbkup.dll
[2015.08.02 17:30:51 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chkntfs.exe
[2015.08.02 17:30:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2015.08.02 17:30:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FileAppxStreamingDataSource.dll
[2015.08.02 17:30:50 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\loadperf.dll
[2015.08.02 17:30:50 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\djoin.exe
[2015.08.02 17:30:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tapilua.dll
[2015.08.02 17:30:50 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmprovhost.exe
[2015.08.02 17:30:50 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2015.08.02 17:30:50 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsparse.dll
[2015.08.02 17:30:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysntfy.dll
[2015.08.02 17:30:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RdpSaProxy.exe
[2015.08.02 17:30:50 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\attrib.exe
[2015.08.02 17:30:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshqos.dll
[2015.08.02 17:30:50 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshqos.dll
[2015.08.02 17:30:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IconCodecService.dll
[2015.08.02 17:30:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2015.08.02 17:30:49 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceAgent.exe
[2015.08.02 17:30:49 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontview.exe
[2015.08.02 17:30:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winipsec.dll
[2015.08.02 17:30:49 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browcli.dll
[2015.08.02 17:30:49 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidnsp.dll
[2015.08.02 17:30:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\extrac32.exe
[2015.08.02 17:30:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmpbk32.dll
[2015.08.02 17:30:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\regsvr32.exe
[2015.08.02 17:30:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StorSvc.dll
[2015.08.02 17:30:49 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xmlprovi.dll
[2015.08.02 17:30:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ocsetapi.dll
[2015.08.02 17:30:48 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cipher.exe
[2015.08.02 17:30:48 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypttpmeksvc.dll
[2015.08.02 17:30:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofTasks.dll
[2015.08.02 17:30:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MemoryDiagnostic.dll
[2015.08.02 17:30:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mgmtapi.dll
[2015.08.02 17:30:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityCommonPal.dll
[2015.08.02 17:30:47 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXST30.dll
[2015.08.02 17:30:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Storprop.dll
[2015.08.02 17:30:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmutil.dll
[2015.08.02 17:30:47 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efsutil.dll
[2015.08.02 17:30:47 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmcfg32.dll
[2015.08.02 17:30:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ARP.EXE
[2015.08.02 17:30:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdiagnhost.exe
[2015.08.02 17:30:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\davhlpr.dll
[2015.08.02 17:30:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlaninst.dll
[2015.08.02 17:30:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mskeyprotcli.dll
[2015.08.02 17:30:46 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnppolicy.dll
[2015.08.02 17:30:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinFax.dll
[2015.08.02 17:30:46 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\syskey.exe
[2015.08.02 17:30:46 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BackgroundTransferHost.exe
[2015.08.02 17:30:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winrshost.exe
[2015.08.02 17:30:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\capisp.dll
[2015.08.02 17:30:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshelper.dll
[2015.08.02 17:30:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pstask.dll
[2015.08.02 17:30:45 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2015.08.02 17:30:45 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DFDWiz.exe
[2015.08.02 17:30:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsutilext.dll
[2015.08.02 17:30:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Apphlpdm.dll
[2015.08.02 17:30:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnsruprov.dll
[2015.08.02 17:30:45 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ARP.EXE
[2015.08.02 17:30:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxshared.dll
[2015.08.02 17:30:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmstplua.dll
[2015.08.02 17:30:45 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskcomp.com
[2015.08.02 17:30:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[2015.08.02 17:30:45 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ProximityCommonPal.dll
[2015.08.02 17:30:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskcopy.com
[2015.08.02 17:30:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasphone.exe
[2015.08.02 17:30:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bdeui.dll
[2015.08.02 17:30:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RdpSaUacHelper.exe
[2015.08.02 17:30:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\find.exe
[2015.08.02 17:30:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\regsvr32.exe
[2015.08.02 17:30:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\print.exe
[2015.08.02 17:30:43 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsmproxy.dll
[2015.08.02 17:30:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertEnrollCtrl.exe
[2015.08.02 17:30:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srwmi.dll
[2015.08.02 17:30:43 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\at.exe
[2015.08.02 17:30:43 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RdpSaUacHelper.exe
[2015.08.02 17:30:43 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nci.dll
[2015.08.02 17:30:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernelceip.dll
[2015.08.02 17:30:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fixmapi.exe
[2015.08.02 17:30:42 | 015,784,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DDORes.dll
[2015.08.02 17:30:42 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2015.08.02 17:30:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SubscriptionMgr.dll
[2015.08.02 17:30:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wephostsvc.dll
[2015.08.02 17:30:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qmgrprxy.dll
[2015.08.02 17:30:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fixmapi.exe
[2015.08.02 17:30:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmstplua.dll
[2015.08.02 17:30:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\userinitext.dll
[2015.08.02 17:30:42 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DefaultDeviceManager.dll
[2015.08.02 17:30:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifmon.dll
[2015.08.02 17:30:41 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\virtdisk.dll
[2015.08.02 17:30:41 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthSQM.dll
[2015.08.02 17:30:41 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\upnpcont.exe
[2015.08.02 17:30:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\doskey.exe
[2015.08.02 17:30:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntlanui2.dll
[2015.08.02 17:30:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentTask.dll
[2015.08.02 17:30:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeSyncTask.dll
[2015.08.02 17:30:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\label.exe
[2015.08.02 17:30:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\regidle.dll
[2015.08.02 17:30:40 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskcopy.dll
[2015.08.02 17:30:40 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\main.cpl
[2015.08.02 17:30:40 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdminst.dll
[2015.08.02 17:30:40 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GlobCollationHost.dll
[2015.08.02 17:30:40 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthci.dll
[2015.08.02 17:30:40 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxproxy.dll
[2015.08.02 17:30:40 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eventvwr.exe
[2015.08.02 17:30:40 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\htui.dll
[2015.08.02 17:30:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmutil.dll
[2015.08.02 17:30:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uniplat.dll
[2015.08.02 17:30:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energytask.dll
[2015.08.02 17:30:40 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskcomp.com
[2015.08.02 17:30:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\slpts.dll
[2015.08.02 17:30:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clb.dll
[2015.08.02 17:30:39 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsnmp32.dll
[2015.08.02 17:30:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\napipsec.dll
[2015.08.02 17:30:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2015.08.02 17:30:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceassociation.dll
[2015.08.02 17:30:39 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2015.08.02 17:30:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapAuthProxy.dll
[2015.08.02 17:30:39 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userinitext.dll
[2015.08.02 17:30:39 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\schedcli.dll
[2015.08.02 17:30:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uniplat.dll
[2015.08.02 17:30:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasctrs.dll
[2015.08.02 17:30:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TtlsExt.dll
[2015.08.02 17:30:38 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GlobCollationHost.dll
[2015.08.02 17:30:38 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hdwwiz.cpl
[2015.08.02 17:30:38 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\openfiles.exe
[2015.08.02 17:30:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfscli.dll
[2015.08.02 17:30:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pid.dll
[2015.08.02 17:30:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aecache.dll
[2015.08.02 17:30:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsium.dll
[2015.08.02 17:30:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mskeyprotcli.dll
[2015.08.02 17:30:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wksprtPS.dll
[2015.08.02 17:30:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutilx.dll
[2015.08.02 17:30:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CHxReadingStringIME.dll
[2015.08.02 17:30:37 | 015,789,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDORes.dll
[2015.08.02 17:30:37 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\console.dll
[2015.08.02 17:30:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pots.dll
[2015.08.02 17:30:37 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CHxReadingStringIME.dll
[2015.08.02 17:30:36 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbctrac.dll
[2015.08.02 17:30:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MuiUnattend.exe
[2015.08.02 17:30:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PnPUnattend.exe
[2015.08.02 17:30:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umpoext.dll
[2015.08.02 17:30:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmiclnt.dll
[2015.08.02 17:30:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnikeapi.dll
[2015.08.02 17:30:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2015.08.02 17:30:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dispex.dll
[2015.08.02 17:30:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2015.08.02 17:30:36 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msiltcfg.dll
[2015.08.02 17:30:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\print.exe
[2015.08.02 17:30:35 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spbcd.dll
[2015.08.02 17:30:35 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll
[2015.08.02 17:30:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetVscCoinstall.dll
[2015.08.02 17:30:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2015.08.02 17:30:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dispci.dll
[2015.08.02 17:30:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wdiasqmmodule.dll
[2015.08.02 17:30:35 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxproxy.dll
[2015.08.02 17:30:35 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiougc.exe
[2015.08.02 17:30:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shunimpl.dll
[2015.08.02 17:30:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcacli.dll
[2015.08.02 17:30:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ROUTE.EXE
[2015.08.02 17:30:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanui2.dll
[2015.08.02 17:30:35 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PING.EXE
[2015.08.02 17:30:35 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spopk.dll
[2015.08.02 17:30:35 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2015.08.02 17:30:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TtlsExt.dll
[2015.08.02 17:30:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll
[2015.08.02 17:30:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifsutilx.dll
[2015.08.02 17:30:34 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbctrac.dll
[2015.08.02 17:30:34 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sc.exe
[2015.08.02 17:30:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vss_ps.dll
[2015.08.02 17:30:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnscacheugc.exe
[2015.08.02 17:30:34 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wcmapi.dll
[2015.08.02 17:30:34 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerClient.dll
[2015.08.02 17:30:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CSystemEventsBrokerClient.dll
[2015.08.02 17:30:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\irclass.dll
[2015.08.02 17:30:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ktmutil.exe
[2015.08.02 17:30:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\finger.exe
[2015.08.02 17:30:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcmonitor.dll
[2015.08.02 17:30:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HOSTNAME.EXE
[2015.08.02 17:30:33 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2015.08.02 17:30:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cliconfg.dll
[2015.08.02 17:30:33 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winipsec.dll
[2015.08.02 17:30:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tpmcompc.dll
[2015.08.02 17:30:33 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NETSTAT.EXE
[2015.08.02 17:30:33 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\snmpapi.dll
[2015.08.02 17:30:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll
[2015.08.02 17:30:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdiagnhost.exe
[2015.08.02 17:30:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gptext.dll
[2015.08.02 17:30:33 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WINSRPC.DLL
[2015.08.02 17:30:33 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vdmdbg.dll
[2015.08.02 17:30:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\syssetup.dll
[2015.08.02 17:30:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\subst.exe
[2015.08.02 17:30:32 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dramp.dll
[2015.08.02 17:30:32 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootcfg.exe
[2015.08.02 17:30:32 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogonext.dll
[2015.08.02 17:30:32 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspatcha.dll
[2015.08.02 17:30:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceassociation.dll
[2015.08.02 17:30:32 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapPeerProxy.dll
[2015.08.02 17:30:32 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dvdupgrd.exe
[2015.08.02 17:30:32 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciwave.dll
[2015.08.02 17:30:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2015.08.02 17:30:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasctrs.dll
[2015.08.02 17:30:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\grpconv.exe
[2015.08.02 17:30:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TimeBrokerClient.dll
[2015.08.02 17:30:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sscoreext.dll
[2015.08.02 17:30:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\panmap.dll
[2015.08.02 17:30:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2015.08.02 17:30:31 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSTIFF.dll
[2015.08.02 17:30:31 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mobsync.exe
[2015.08.02 17:30:31 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdhui.dll
[2015.08.02 17:30:31 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSMON.dll
[2015.08.02 17:30:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\idndl.dll
[2015.08.02 17:30:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsprx5.dll
[2015.08.02 17:30:31 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscdll.dll
[2015.08.02 17:30:31 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vpnikeapi.dll
[2015.08.02 17:30:31 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Nlsdl.dll
[2015.08.02 17:30:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WINSRPC.DLL
[2015.08.02 17:30:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncuprov.dll
[2015.08.02 17:30:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\grpconv.exe
[2015.08.02 17:30:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slpts.dll
[2015.08.02 17:30:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dispex.dll
[2015.08.02 17:30:30 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsicpl.dll
[2015.08.02 17:30:30 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mobsync.exe
[2015.08.02 17:30:30 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2015.08.02 17:30:30 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvps.dll
[2015.08.02 17:30:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxpps.dll
[2015.08.02 17:30:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SortWindows61.dll
[2015.08.02 17:30:30 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncInfrastructureps.dll
[2015.08.02 17:30:30 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmapi.dll
[2015.08.02 17:30:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osbaseln.dll
[2015.08.02 17:30:30 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DDACLSys.dll
[2015.08.02 17:30:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\serialui.dll
[2015.08.02 17:30:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpapi.dll
[2015.08.02 17:30:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmcico.dll
[2015.08.02 17:30:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\raschapext.dll
[2015.08.02 17:30:30 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastlsext.dll
[2015.08.02 17:30:29 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\virtdisk.dll
[2015.08.02 17:30:29 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksetup.exe
[2015.08.02 17:30:29 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RpcPing.exe
[2015.08.02 17:30:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.exe
[2015.08.02 17:30:29 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\catsrvps.dll
[2015.08.02 17:30:29 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NcaApi.dll
[2015.08.02 17:30:29 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsprx5.dll
[2015.08.02 17:30:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscpxl32.dLL
[2015.08.02 17:30:29 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsprx6.dll
[2015.08.02 17:30:29 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsprx2.dll
[2015.08.02 17:30:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsprx7.dll
[2015.08.02 17:30:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsprx3.dll
[2015.08.02 17:30:29 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bitsprx4.dll
[2015.08.02 17:30:28 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KdsCli.dll
[2015.08.02 17:30:28 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpapimig.exe
[2015.08.02 17:30:28 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmdCoinstall.dll
[2015.08.02 17:30:28 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetmib1.dll
[2015.08.02 17:30:28 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdown.exe
[2015.08.02 17:30:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\schedcli.dll
[2015.08.02 17:30:28 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll
[2015.08.02 17:30:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mountvol.exe
[2015.08.02 17:30:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\recover.exe
[2015.08.02 17:30:28 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smphost.dll
[2015.08.02 17:30:27 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\control.exe
[2015.08.02 17:30:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairingWizard.exe
[2015.08.02 17:30:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hwrcomp.exe
[2015.08.02 17:30:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userinit.exe
[2015.08.02 17:30:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\umdmxfrm.dll
[2015.08.02 17:30:27 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpupdate.exe
[2015.08.02 17:30:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RmClient.exe
[2015.08.02 17:30:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\muifontsetup.dll
[2015.08.02 17:30:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.exe
[2015.08.02 17:30:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndadmin.exe
[2015.08.02 17:30:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efssvc.dll
[2015.08.02 17:30:26 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfdisk.dll
[2015.08.02 17:30:26 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drprov.dll
[2015.08.02 17:30:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icmui.dll
[2015.08.02 17:30:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winusb.dll
[2015.08.02 17:30:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnmpntw.dll
[2015.08.02 17:30:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasadhlp.dll
[2015.08.02 17:30:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\subst.exe
[2015.08.02 17:30:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Startupscan.dll
[2015.08.02 17:30:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Register-CimProvider.exe
[2015.08.02 17:30:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\verclsid.exe
[2015.08.02 17:30:25 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FwRemoteSvr.dll
[2015.08.02 17:30:25 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esentprf.dll
[2015.08.02 17:30:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskSchdPS.dll
[2015.08.02 17:30:25 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umdmxfrm.dll
[2015.08.02 17:30:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wksprtPS.dll
[2015.08.02 17:30:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PATHPING.EXE
[2015.08.02 17:30:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasautou.exe
[2015.08.02 17:30:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmsgapi.dll
[2015.08.02 17:30:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscat32.dll
[2015.08.02 17:30:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\softpub.dll
[2015.08.02 17:30:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmdext.dll
[2015.08.02 17:30:25 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssip32.dll
[2015.08.02 17:30:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\klist.exe
[2015.08.02 17:30:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\at.exe
[2015.08.02 17:30:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvecerts.dll
[2015.08.02 17:30:24 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sisbkup.dll
[2015.08.02 17:30:24 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll
[2015.08.02 17:30:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\label.exe
[2015.08.02 17:30:24 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcwrun.exe
[2015.08.02 17:30:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\verclsid.exe
[2015.08.02 17:30:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DefaultDeviceManager.dll
[2015.08.02 17:30:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TapiSysprep.dll
[2015.08.02 17:30:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\blb_ps.dll
[2015.08.02 17:30:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcacli.dll
[2015.08.02 17:30:23 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VscMgrPS.dll
[2015.08.02 17:30:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wininitext.dll
[2015.08.02 17:30:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Background.ps.dll
[2015.08.02 17:30:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncInfrastructureps.dll
[2015.08.02 17:30:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\keepaliveprovider.dll
[2015.08.02 17:30:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tcmsetup.exe
[2015.08.02 17:30:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnpts.dll
[2015.08.02 17:30:23 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndproxystub.dll
[2015.08.02 17:30:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Register-CimProvider.exe
[2015.08.02 17:30:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\whhelper.dll
[2015.08.02 17:30:22 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nslookup.exe
[2015.08.02 17:30:22 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.exe
[2015.08.02 17:30:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmintf.dll
[2015.08.02 17:30:22 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setx.exe
[2015.08.02 17:30:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tpmcompc.dll
[2015.08.02 17:30:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfproc.dll
[2015.08.02 17:30:22 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll
[2015.08.02 17:30:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osbaseln.dll
[2015.08.02 17:30:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll
[2015.08.02 17:30:22 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upnpcont.exe
[2015.08.02 17:30:22 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndproxystub.dll
[2015.08.02 17:30:22 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netbios.dll
[2015.08.02 17:30:22 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsprx6.dll
[2015.08.02 17:30:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmdext.dll
[2015.08.02 17:30:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwinsat.dll
[2015.08.02 17:30:21 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tabcal.exe
[2015.08.02 17:30:21 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairingWizard.exe
Nahoru
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 10:00

[2015.08.02 17:30:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\takeown.exe
[2015.08.02 17:30:21 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmdmps.dll
[2015.08.02 17:30:21 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unlodctr.exe
[2015.08.02 17:30:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davhlpr.dll
[2015.08.02 17:30:21 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmintf.dll
[2015.08.02 17:30:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\montr_ci.dll
[2015.08.02 17:30:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\defragproxy.dll
[2015.08.02 17:30:21 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHostProxy.dll
[2015.08.02 17:30:21 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofUtil.dll
[2015.08.02 17:30:21 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshrm.dll
[2015.08.02 17:30:21 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RdpSaPs.dll
[2015.08.02 17:30:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfts.dll
[2015.08.02 17:30:20 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\C_G18030.DLL
[2015.08.02 17:30:20 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserAccountControlSettings.exe
[2015.08.02 17:30:20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icacls.exe
[2015.08.02 17:30:20 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmproxy.dll
[2015.08.02 17:30:20 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mgmtapi.dll
[2015.08.02 17:30:20 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\lsmproxy.dll
[2015.08.02 17:30:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwaninst.dll
[2015.08.02 17:30:20 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshelper.dll
[2015.08.02 17:30:20 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2015.08.02 17:30:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VscMgrPS.dll
[2015.08.02 17:30:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\chcp.com
[2015.08.02 17:30:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oleacchooks.dll
[2015.08.02 17:30:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tapiperf.dll
[2015.08.02 17:30:19 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hdwwiz.exe
[2015.08.02 17:30:19 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winrs.exe
[2015.08.02 17:30:19 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cofiredm.dll
[2015.08.02 17:30:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nci.dll
[2015.08.02 17:30:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEject.exe
[2015.08.02 17:30:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nrpsrv.dll
[2015.08.02 17:30:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdial.exe
[2015.08.02 17:30:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\chcp.com
[2015.08.02 17:30:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msidle.dll
[2015.08.02 17:30:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nddeapi.dll
[2015.08.02 17:30:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pots.dll
[2015.08.02 17:30:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vss_ps.dll
[2015.08.02 17:30:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CheckNetIsolation.exe
[2015.08.02 17:30:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NcaApi.dll
[2015.08.02 17:30:18 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fltMC.exe
[2015.08.02 17:30:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spopk.dll
[2015.08.02 17:30:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nbtstat.exe
[2015.08.02 17:30:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoveDeviceElevated.dll
[2015.08.02 17:30:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSChannel.dll
[2015.08.02 17:30:18 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msidle.dll
[2015.08.02 17:30:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdRes.exe
[2015.08.02 17:30:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairingProxy.dll
[2015.08.02 17:30:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll
[2015.08.02 17:30:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairingProxy.dll
[2015.08.02 17:30:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmplpxy.dll
[2015.08.02 17:30:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncHostps.dll
[2015.08.02 17:30:17 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d8thk.dll
[2015.08.02 17:30:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmApplicationHealthMonitorProxy.dll
[2015.08.02 17:30:17 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usbperf.dll
[2015.08.02 17:30:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wshirda.dll
[2015.08.02 17:30:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RdpSaPs.dll
[2015.08.02 17:30:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncHostps.dll
[2015.08.02 17:30:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RemoveDeviceElevated.dll
[2015.08.02 17:30:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmcodecdspps.dll
[2015.08.02 17:30:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LAPRXY.DLL
[2015.08.02 17:30:16 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncpa.cpl
[2015.08.02 17:30:16 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhapi.dll
[2015.08.02 17:30:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasautou.exe
[2015.08.02 17:30:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemEventsBrokerClient.dll
[2015.08.02 17:30:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsprx2.dll
[2015.08.02 17:30:16 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsext.dll
[2015.08.02 17:30:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskcopy.com
[2015.08.02 17:30:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprext.dll
[2015.08.02 17:30:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmplpxy.dll
[2015.08.02 17:30:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ProximityRtapiPal.dll
[2015.08.02 17:30:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cfmifsproxy.dll
[2015.08.02 17:30:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winrssrv.dll
[2015.08.02 17:30:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fdBthProxy.dll
[2015.08.02 17:30:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\radarrs.dll
[2015.08.02 17:30:15 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MultiDigiMon.exe
[2015.08.02 17:30:15 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsauth.dll
[2015.08.02 17:30:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsprx7.dll
[2015.08.02 17:30:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\secinit.exe
[2015.08.02 17:30:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efsui.exe
[2015.08.02 17:30:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XInput9_1_0.dll
[2015.08.02 17:30:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spnet.dll
[2015.08.02 17:30:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ir50_32.dll
[2015.08.02 17:30:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ir41_32.ax
[2015.08.02 17:30:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\acledit.dll
[2015.08.02 17:30:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OskSupport.dll
[2015.08.02 17:30:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ir41_qc.dll
[2015.08.02 17:30:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ir32_32.dll
[2015.08.02 17:30:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\getuname.dll
[2015.08.02 17:30:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxex.dll
[2015.08.02 17:30:14 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncpa.cpl
[2015.08.02 17:30:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininitext.dll
[2015.08.02 17:30:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSChannel.dll
[2015.08.02 17:30:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cfmifsproxy.dll
[2015.08.02 17:30:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcmonitor.dll
[2015.08.02 17:30:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsprx4.dll
[2015.08.02 17:30:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmcodecdspps.dll
[2015.08.02 17:30:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smphost.dll
[2015.08.02 17:30:14 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\C_IS2022.DLL
[2015.08.02 17:30:14 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscproxystub.dll
[2015.08.02 17:30:14 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WlS0WndH.dll
[2015.08.02 17:30:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TimeDateMUICallback.dll
[2015.08.02 17:30:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ir50_qcx.dll
[2015.08.02 17:30:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ir50_qc.dll
[2015.08.02 17:30:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ir41_qcx.dll
[2015.08.02 17:30:13 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserAccountControlSettings.exe
[2015.08.02 17:30:13 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PNPXAssocPrx.dll
[2015.08.02 17:30:13 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf3216.dll
[2015.08.02 17:30:13 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfctrs.dll
[2015.08.02 17:30:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapi.dll
[2015.08.02 17:30:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscproxystub.dll
[2015.08.02 17:30:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshirda.dll
[2015.08.02 17:30:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\svsvc.dll
[2015.08.02 17:30:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LAPRXY.DLL
[2015.08.02 17:30:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sas.dll
[2015.08.02 17:30:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtprio.dll
[2015.08.02 17:30:12 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\telephon.cpl
[2015.08.02 17:30:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsUsbGDCoInstaller.dll
[2015.08.02 17:30:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netbtugc.exe
[2015.08.02 17:30:12 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sort.exe
[2015.08.02 17:30:12 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compact.exe
[2015.08.02 17:30:12 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tapiperf.dll
[2015.08.02 17:30:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XInput9_1_0.dll
[2015.08.02 17:30:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcji32.dll
[2015.08.02 17:30:11 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdSched.exe
[2015.08.02 17:30:11 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndadmin.exe
[2015.08.02 17:30:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Nlsdl.dll
[2015.08.02 17:30:11 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnpinst.exe
[2015.08.02 17:30:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgwdi.dll
[2015.08.02 17:30:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsock32.dll
[2015.08.02 17:30:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winrssrv.dll
[2015.08.02 17:30:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bitsprx3.dll
[2015.08.02 17:30:11 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdBthProxy.dll
[2015.08.02 17:30:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\recover.exe
[2015.08.02 17:30:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WlS0WndH.dll
[2015.08.02 17:30:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nddeapi.dll
[2015.08.02 17:30:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\riched32.dll
[2015.08.02 17:30:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc63.sys
[2015.08.02 17:30:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntprint.exe
[2015.08.02 17:30:10 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshhttp.dll
[2015.08.02 17:30:10 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TaskSchdPS.dll
[2015.08.02 17:30:10 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appsruprov.dll
[2015.08.02 17:30:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fltLib.dll
[2015.08.02 17:30:10 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\serialui.dll
[2015.08.02 17:30:10 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\runas.exe
[2015.08.02 17:30:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wowreg32.exe
[2015.08.02 17:30:10 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensApi.dll
[2015.08.02 17:30:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsied.dll
[2015.08.02 17:30:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\telephon.cpl
[2015.08.02 17:30:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertEnrollCtrl.exe
[2015.08.02 17:30:09 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecEdit.exe
[2015.08.02 17:30:09 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ipconfig.exe
[2015.08.02 17:30:09 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcnsh.dll
[2015.08.02 17:30:09 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerClient.dll
[2015.08.02 17:30:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshrm.dll
[2015.08.02 17:30:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmsgapi.dll
[2015.08.02 17:30:08 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprmsg.dll
[2015.08.02 17:30:08 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontview.exe
[2015.08.02 17:30:08 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Fondue.exe
[2015.08.02 17:30:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fthsvc.dll
[2015.08.02 17:30:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setspn.exe
[2015.08.02 17:30:08 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetppui.dll
[2015.08.02 17:30:08 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDACLSys.dll
[2015.08.02 17:30:08 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MRINFO.EXE
[2015.08.02 17:30:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Eap3Host.exe
[2015.08.02 17:30:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacchooks.dll
[2015.08.02 17:30:07 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\miguiresource.dll
[2015.08.02 17:30:07 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Narrator.exe
[2015.08.02 17:30:07 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmci.dll
[2015.08.02 17:30:07 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SortServer2003Compat.dll
[2015.08.02 17:30:07 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clb.dll
[2015.08.02 17:30:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PATHPING.EXE
[2015.08.02 17:30:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sas.dll
[2015.08.02 17:30:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msiwer.dll
[2015.08.02 17:30:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acledit.dll
[2015.08.02 17:30:06 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwmp.dll
[2015.08.02 17:30:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odtext32.dll
[2015.08.02 17:30:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odpdx32.dll
[2015.08.02 17:30:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odfox32.dll
[2015.08.02 17:30:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comcat.dll
[2015.08.02 17:30:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odexl32.dll
[2015.08.02 17:30:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hwrreg.exe
[2015.08.02 17:30:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SortWindows61.dll
[2015.08.02 17:30:05 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\waitfor.exe
[2015.08.02 17:30:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\choice.exe
[2015.08.02 17:30:05 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\capisp.dll
[2015.08.02 17:30:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\finger.exe
[2015.08.02 17:30:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msidcrl40.dll
[2015.08.02 17:30:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oddbse32.dll
[2015.08.02 17:30:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfime.ime
[2015.08.02 17:30:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osuninst.dll
[2015.08.02 17:30:04 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SortWindows6Compat.dll
[2015.08.02 17:30:04 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hdwwiz.exe
[2015.08.02 17:30:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.exe
[2015.08.02 17:30:04 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\forfiles.exe
[2015.08.02 17:30:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\where.exe
[2015.08.02 17:30:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eventcreate.exe
[2015.08.02 17:30:04 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\extrac32.exe
[2015.08.02 17:30:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\timeout.exe
[2015.08.02 17:30:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gptext.dll
[2015.08.02 17:30:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PING.EXE
[2015.08.02 17:30:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\muifontsetup.dll
[2015.08.02 17:30:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmcico.dll
[2015.08.02 17:30:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcfgex.dll
[2015.08.02 17:30:03 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SmartScreenSettings.exe
[2015.08.02 17:30:03 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysclass.dll
[2015.08.02 17:30:03 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprmsg.dll
[2015.08.02 17:30:03 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sccls.dll
[2015.08.02 17:30:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clip.exe
[2015.08.02 17:30:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\irclass.dll
[2015.08.02 17:30:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\syssetup.dll
[2015.08.02 17:30:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MUILanguageCleanup.dll
[2015.08.02 17:30:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshnetbs.dll
[2015.08.02 17:30:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\whhelper.dll
[2015.08.02 17:30:03 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtprio.dll
[2015.08.02 17:30:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfime.ime
[2015.08.02 17:30:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shfolder.dll
[2015.08.02 17:30:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comcat.dll
[2015.08.02 17:30:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AutoWorkplaceN.dll
[2015.08.02 17:30:03 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osuninst.dll
[2015.08.02 17:30:02 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFCoinstaller.dll
[2015.08.02 17:30:02 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tzutil.exe
[2015.08.02 17:30:02 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Apphlpdm.dll
[2015.08.02 17:30:02 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sort.exe
[2015.08.02 17:30:02 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpupdate.exe
[2015.08.02 17:30:02 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localui.dll
[2015.08.02 17:30:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TRACERT.EXE
[2015.08.02 17:30:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbperf.dll
[2015.08.02 17:30:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\txfw32.dll
[2015.08.02 17:30:02 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TetheringIeProvider.dll
[2015.08.02 17:30:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\regedt32.exe
[2015.08.02 17:30:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OskSupport.dll
[2015.08.02 17:30:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxex.dll
[2015.08.02 17:30:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimg32.dll
[2015.08.02 17:30:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reg.exe
[2015.08.02 17:30:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdhcinst.dll
[2015.08.02 17:30:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDOIProxy.dll
[2015.08.02 17:30:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\syskey.exe
[2015.08.02 17:30:01 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlaninst.dll
[2015.08.02 17:30:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Startupscan.dll
[2015.08.02 17:30:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_IS2022.DLL
[2015.08.02 17:30:01 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityRtapiPal.dll
[2015.08.02 17:30:01 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\txfw32.dll
[2015.08.02 17:30:01 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msiwer.dll
[2015.08.02 17:30:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeDateMUICallback.dll
[2015.08.02 17:30:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsied.dll
[2015.08.02 17:30:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InfDefaultInstall.exe
[2015.08.02 17:30:00 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_G18030.DLL
[2015.08.02 17:30:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cliconfg.exe
[2015.08.02 17:30:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Netplwiz.exe
[2015.08.02 17:30:00 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mpnotify.exe
[2015.08.02 17:30:00 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ktmutil.exe
[2015.08.02 17:30:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LangCleanupSysprepAction.dll
[2015.08.02 17:30:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TapiSysprep.dll
[2015.08.02 17:30:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastlsext.dll
[2015.08.02 17:30:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonUI.exe
[2015.08.02 17:30:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwmp.dll
[2015.08.02 17:30:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\getuname.dll
[2015.08.02 17:30:00 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRUM.DLL
[2015.08.02 17:29:59 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Narrator.exe
[2015.08.02 17:29:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfts.dll
[2015.08.02 17:29:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msidcrl40.dll
[2015.08.02 17:29:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spnet.dll
[2015.08.02 17:29:58 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eventvwr.exe
[2015.08.02 17:29:58 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ComputerDefaults.exe
[2015.08.02 17:29:58 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidcertstorecheck.exe
[2015.08.02 17:29:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmsprep.dll
[2015.08.02 17:29:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwinsat.dll
[2015.08.02 17:29:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\raschapext.dll
[2015.08.02 17:29:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acproxy.dll
[2015.08.02 17:29:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CIRCoInst.dll
[2015.08.02 17:29:57 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\miguiresource.dll
[2015.08.02 17:29:57 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iscsicpl.exe
[2015.08.02 17:29:57 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationNotifications.exe
[2015.08.02 17:29:57 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RunLegacyCPLElevated.exe
[2015.08.02 17:29:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Custom.ps.dll
[2015.08.02 17:29:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\panmap.dll
[2015.08.02 17:29:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TapiUnattend.exe
[2015.08.02 17:29:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spmpm.dll
[2015.08.02 17:29:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\procinst.dll
[2015.08.02 17:29:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\regedt32.exe
[2015.08.02 17:29:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DpiScaling.exe
[2015.08.02 17:29:56 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapimig.exe
[2015.08.02 17:29:56 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcad32.exe
[2015.08.02 17:29:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciseq.dll
[2015.08.02 17:29:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUNATD.exe
[2015.08.02 17:29:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hh.exe
[2015.08.02 17:29:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mscat32.dll
[2015.08.02 17:29:56 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\softpub.dll
[2015.08.02 17:29:56 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssip32.dll
[2015.08.02 17:29:55 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsicpl.exe
[2015.08.02 17:29:55 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DpiScaling.exe
[2015.08.02 17:29:55 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.exe
[2015.08.02 17:29:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzutil.exe
[2015.08.02 17:29:55 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winver.exe
[2015.08.02 17:29:55 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Enumeration.ps.dll
[2015.08.02 17:29:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdial.exe
[2015.08.02 17:29:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wowreg32.exe
[2015.08.02 17:29:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsavailux.exe
[2015.08.02 17:29:55 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TCPSVCS.EXE
[2015.08.02 17:29:55 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dvdplay.exe
[2015.08.02 17:29:54 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2015.08.02 17:29:54 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntprint.exe
[2015.08.02 17:29:54 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AxInstUI.exe
[2015.08.02 17:29:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credwiz.exe
[2015.08.02 17:29:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cliconfg.exe
[2015.08.02 17:29:54 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CallButtons.ProxyStub.dll
[2015.08.02 17:29:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\secinit.exe
[2015.08.02 17:29:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprext.dll
[2015.08.02 17:29:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Background.ps.dll
[2015.08.02 17:29:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\backgroundTaskHost.exe
[2015.08.02 17:29:53 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmartScreenSettings.exe
[2015.08.02 17:29:53 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msra.exe
[2015.08.02 17:29:53 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemPropertiesRemote.exe
[2015.08.02 17:29:53 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.proxystub.dll
[2015.08.02 17:29:52 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resmon.exe
[2015.08.02 17:29:52 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\colorcpl.exe
[2015.08.02 17:29:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemPropertiesProtection.exe
[2015.08.02 17:29:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemPropertiesHardware.exe
[2015.08.02 17:29:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemPropertiesDataExecutionPrevention.exe
[2015.08.02 17:29:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemPropertiesComputerName.exe
[2015.08.02 17:29:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SystemPropertiesAdvanced.exe
[2015.08.02 17:29:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcad32.exe
[2015.08.02 17:29:52 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Netplwiz.exe
[2015.08.02 17:29:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Custom.ps.dll
[2015.08.02 17:29:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\systray.exe
[2015.08.02 17:29:51 | 005,120,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthFWSnapin.dll
[2015.08.02 17:29:51 | 005,120,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthFWSnapin.dll
[2015.08.02 17:29:51 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsicli.exe
[2015.08.02 17:29:51 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Fondue.exe
[2015.08.02 17:29:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\regini.exe
[2015.08.02 17:29:51 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthudtask.exe
[2015.08.02 17:29:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cacls.exe
[2015.08.02 17:29:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DsmUserTask.exe
[2015.08.02 17:29:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrnsave.scr
[2015.08.02 17:29:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\write.exe
[2015.08.02 17:29:50 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OptionalFeatures.exe
[2015.08.02 17:29:50 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sigverif.exe
[2015.08.02 17:29:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winver.exe
[2015.08.02 17:29:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdrleakdiag.exe
[2015.08.02 17:29:50 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ComputerDefaults.exe
[2015.08.02 17:29:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialer.exe
[2015.08.02 17:29:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fltMC.exe
[2015.08.02 17:29:50 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VaultCmd.exe
[2015.08.02 17:29:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe
[2015.08.02 17:29:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WallpaperHost.exe
[2015.08.02 17:29:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TCPSVCS.EXE
[2015.08.02 17:29:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\plasrv.exe
[2015.08.02 17:29:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRUM.DLL
[2015.08.02 17:29:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RunLegacyCPLElevated.exe
[2015.08.02 17:29:49 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\unlodctr.exe
[2015.08.02 17:29:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRINFO.EXE
[2015.08.02 17:29:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmdkey.exe
[2015.08.02 17:29:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DDOIProxy.dll
[2015.08.02 17:29:49 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrnsave.scr
[2015.08.02 17:29:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\backgroundTaskHost.exe
[2015.08.02 17:29:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceProperties.exe
[2015.08.02 17:29:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\colorcpl.exe
[2015.08.02 17:29:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemPropertiesRemote.exe
[2015.08.02 17:29:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemPropertiesProtection.exe
[2015.08.02 17:29:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemPropertiesHardware.exe
[2015.08.02 17:29:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemPropertiesDataExecutionPrevention.exe
[2015.08.02 17:29:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemPropertiesAdvanced.exe
[2015.08.02 17:29:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSchedExe.exe
[2015.08.02 17:29:48 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lodctr.exe
[2015.08.02 17:29:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mciseq.dll
[2015.08.02 17:29:48 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ktmw32.dll
[2015.08.02 17:29:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\write.exe
[2015.08.02 17:29:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\write.exe
[2015.08.02 17:29:47 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2015.08.02 17:29:47 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resmon.exe
[2015.08.02 17:29:47 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceProperties.exe
[2015.08.02 17:29:47 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemPropertiesComputerName.exe
[2015.08.02 17:29:47 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\proquota.exe
[2015.08.02 17:29:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PnPutil.exe
[2015.08.02 17:29:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\runas.exe
[2015.08.02 17:29:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RmClient.exe
[2015.08.02 17:29:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cmdkey.exe
[2015.08.02 17:29:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootim.exe
[2015.08.02 17:29:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CallButtons.ProxyStub.dll
[2015.08.02 17:29:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRU1.DLL
[2015.08.02 17:29:46 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerWizardElev.exe
[2015.08.02 17:29:46 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationNotifications.exe
[2015.08.02 17:29:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cofire.exe
[2015.08.02 17:29:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcmsetup.exe
[2015.08.02 17:29:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TapiUnattend.exe
[2015.08.02 17:29:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dvdplay.exe
[2015.08.02 17:29:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dllhst3g.exe
[2015.08.02 17:29:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDYAK.DLL
[2015.08.02 17:29:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDBASH.DLL
[2015.08.02 17:29:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRU.DLL
[2015.08.02 17:29:45 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ROUTE.EXE
[2015.08.02 17:29:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TRACERT.EXE
[2015.08.02 17:29:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mountvol.exe
[2015.08.02 17:29:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HOSTNAME.EXE
[2015.08.02 17:29:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\help.exe
[2015.08.02 17:29:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomcnfg.exe
[2015.08.02 17:29:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systray.exe
[2015.08.02 17:29:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ctfmon.exe
[2015.08.02 17:29:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\help.exe
[2015.08.02 17:29:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomcnfg.exe
[2015.08.02 17:29:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDTAT.DLL
[2015.08.02 17:29:44 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthFWWizFwk.dll
[2015.08.02 17:29:44 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthFWWizFwk.dll
[2015.08.02 17:29:44 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthudtask.exe
[2015.08.02 17:29:44 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ktmw32.dll
[2015.08.02 17:29:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efsui.exe
[2015.08.02 17:29:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TcpipSetup.dll
[2015.08.02 17:29:43 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxStreamingDataSourcePS.dll
[2015.08.02 17:29:43 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InfDefaultInstall.exe
[2015.08.02 17:29:43 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll
[2015.08.02 17:29:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mciwave.dll
[2015.08.02 17:29:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2015.08.02 17:29:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSHTCPIP.DLL
[2015.08.02 17:29:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wship6.dll
[2015.08.02 17:29:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDYAK.DLL
[2015.08.02 17:29:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRU1.DLL
[2015.08.02 17:29:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDBASH.DLL
[2015.08.02 17:29:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRU.DLL
[2015.08.02 17:29:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usp10.dll
[2015.08.02 17:29:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dabapi.dll
[2015.08.02 17:29:41 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RpcNs4.dll
[2015.08.02 17:29:41 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dabapi.dll
[2015.08.02 17:29:40 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OobeFldr.dll
[2015.08.02 17:29:39 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OobeFldr.dll
[2015.08.02 17:29:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pstorec.dll
[2015.08.02 17:29:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_ISCII.DLL
[2015.08.02 17:29:39 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RpcNs4.dll
[2015.08.02 17:29:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\normaliz.dll
[2015.08.02 17:29:37 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\C_ISCII.DLL
[2015.08.02 17:29:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDTAT.DLL
[2015.08.02 17:29:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx
[2015.08.02 17:29:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll
[2015.08.02 17:29:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceUxRes.dll
[2015.08.02 17:29:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll
[2015.08.02 17:29:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Firewall.cpl
[2015.08.02 17:29:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys
[2015.08.02 17:29:35 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mslldp.sys
[2015.08.02 17:29:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceUxRes.dll
[2015.08.02 17:29:34 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdxm.ocx
[2015.08.02 17:29:34 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dxmasf.dll
[2015.08.02 17:29:32 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys
[2015.08.02 17:29:32 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys
[2015.08.02 17:29:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rootmdm.sys
[2015.08.02 17:29:31 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2015.08.02 17:29:30 | 002,628,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsLexicons0009.dll
[2015.08.02 17:29:29 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ws2help.dll
[2015.08.02 17:29:29 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ws2help.dll
[2015.08.02 17:29:29 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprop.dll
[2015.08.02 17:29:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rnr20.dll
[2015.08.02 17:29:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rnr20.dll
[2015.08.02 17:29:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDTT102.DLL
[2015.08.02 17:29:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDTT102.DLL
[2015.08.02 17:29:28 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll
[2015.08.02 17:08:12 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2015.08.02 17:07:25 | 002,880,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2015.08.02 17:07:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2015.08.02 17:07:24 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015.08.02 17:07:24 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2015.08.02 17:07:23 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2015.08.02 17:07:22 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2015.08.02 17:07:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2015.08.02 17:07:21 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015.08.02 17:07:21 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2015.08.02 17:07:21 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2015.08.02 17:07:20 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2015.08.02 17:07:19 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015.08.02 17:07:19 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2015.08.02 17:07:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015.08.02 17:07:17 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015.08.02 17:07:15 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2015.08.02 17:07:14 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2015.08.02 17:07:13 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2015.08.02 17:07:13 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015.08.02 17:07:13 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015.08.02 17:07:12 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015.08.02 17:07:12 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2015.08.02 17:07:11 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2015.08.02 17:07:10 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2015.08.02 17:07:10 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2015.08.02 17:07:10 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2015.08.02 17:07:09 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2015.08.02 17:07:09 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2015.08.02 17:07:09 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2015.08.02 17:07:09 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2015.08.02 17:07:09 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2015.08.02 17:07:09 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2015.08.02 17:07:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2015.08.02 17:07:09 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2015.08.02 17:07:09 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2015.08.02 17:07:09 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2015.08.02 17:07:08 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2015.08.02 17:07:08 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2015.08.02 17:07:08 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2015.08.02 17:07:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2015.08.02 17:07:08 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2015.08.02 17:07:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2015.08.02 17:07:08 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2015.08.02 17:07:08 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2015.08.02 17:07:08 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2015.08.02 17:07:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2015.08.02 17:07:08 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2015.08.02 17:07:07 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2015.08.02 17:07:07 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2015.08.02 17:07:07 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2015.08.02 17:07:07 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2015.08.02 17:07:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2015.08.02 17:07:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2015.08.02 17:07:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2015.08.02 17:07:06 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2015.08.02 17:07:06 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2015.08.02 17:07:06 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2015.08.02 17:07:06 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2015.08.02 17:07:06 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2015.08.02 17:07:05 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2015.08.02 17:07:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2015.08.02 17:07:05 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2015.08.02 17:07:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2015.08.02 16:49:37 | 003,109,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2015.08.02 16:49:37 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2015.08.02 16:49:11 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2015.08.02 16:49:11 | 002,774,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2015.08.02 16:49:11 | 002,460,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2015.08.02 16:48:16 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
Nahoru
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 10:00

[2015.08.02 16:48:16 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015.08.02 16:48:15 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2015.08.02 16:48:15 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2015.08.02 16:48:15 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2015.08.02 16:48:15 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2015.08.02 16:48:15 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015.08.02 16:48:15 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015.08.02 16:48:15 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2015.08.02 16:48:15 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\logman.exe
[2015.08.02 16:48:15 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\logman.exe
[2015.08.02 16:48:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\typeperf.exe
[2015.08.02 16:48:15 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\relog.exe
[2015.08.02 16:48:14 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\typeperf.exe
[2015.08.02 16:48:14 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\relog.exe
[2015.08.02 16:48:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskperf.exe
[2015.08.02 16:48:14 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskperf.exe
[2015.08.02 16:48:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015.08.02 16:48:00 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2015.08.02 16:47:59 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2015.08.02 16:47:55 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2015.08.02 16:47:45 | 000,440,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2015.08.02 16:47:44 | 000,423,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2015.08.02 16:47:44 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2015.08.02 16:47:15 | 000,723,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2015.08.02 16:47:14 | 000,560,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2015.08.02 16:46:34 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2015.08.02 16:46:34 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2015.08.02 16:46:34 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2015.08.02 16:46:34 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2015.08.02 16:45:38 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015.08.02 16:45:37 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workerdd.dll
[2015.08.02 16:44:51 | 003,633,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2015.08.02 16:44:50 | 002,749,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2015.08.02 16:44:50 | 002,551,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2015.08.02 16:44:49 | 001,920,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2015.08.02 16:44:49 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2015.08.02 16:44:49 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2015.08.02 16:44:49 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2015.08.02 16:44:49 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2015.08.02 16:44:49 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2015.08.02 16:44:48 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll
[2015.08.02 16:44:48 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2015.08.02 16:44:48 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2015.08.02 16:44:48 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2015.08.02 16:44:48 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2015.08.02 16:44:48 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2015.08.02 16:44:48 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2015.08.02 16:44:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2015.08.02 16:44:47 | 001,661,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2015.08.02 16:44:47 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2015.08.02 16:42:11 | 002,229,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015.08.02 16:42:11 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015.08.02 16:42:11 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015.08.02 16:42:11 | 000,136,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015.08.02 16:42:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015.08.02 16:42:11 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015.08.02 16:42:10 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015.08.02 16:42:10 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015.08.02 16:42:10 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015.08.02 16:42:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015.08.02 16:42:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015.08.02 16:42:10 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015.08.02 16:42:10 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015.08.02 16:42:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015.08.02 16:42:10 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015.08.02 16:42:10 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015.08.02 16:40:42 | 004,417,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2015.08.02 16:40:42 | 002,985,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2015.08.02 16:40:42 | 001,491,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2015.08.02 16:40:41 | 001,207,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2015.08.02 16:39:41 | 000,264,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2015.08.02 16:39:41 | 000,044,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2015.08.02 16:39:40 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2015.08.02 16:39:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2015.08.02 16:39:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2015.08.02 16:39:11 | 000,788,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2015.08.02 16:39:04 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2015.08.02 16:39:03 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2015.08.02 16:39:03 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2015.08.02 16:39:03 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2015.08.02 16:38:49 | 001,996,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2015.08.02 16:38:37 | 000,026,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2015.08.02 16:38:36 | 001,084,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015.08.02 16:38:36 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015.08.02 16:38:36 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015.08.02 16:38:36 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015.08.02 16:38:36 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015.08.02 16:38:36 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2015.08.02 16:38:36 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015.08.02 16:38:35 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015.08.02 16:38:10 | 004,298,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2015.08.02 16:38:10 | 003,551,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2015.08.02 16:38:10 | 001,488,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42u.dll
[2015.08.02 16:38:10 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc42u.dll
[2015.08.02 16:38:10 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc42.dll
[2015.08.02 16:38:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\atlthunk.dll
[2015.08.02 16:38:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\atlthunk.dll
[2015.08.02 16:38:09 | 001,464,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42.dll
[2015.08.02 16:38:01 | 002,256,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2015.08.02 16:38:01 | 001,943,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2015.08.02 16:38:00 | 002,501,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2015.08.02 16:38:00 | 002,207,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2015.08.02 16:37:59 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015.08.02 16:37:45 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GeofenceMonitorService.dll
[2015.08.02 16:37:44 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll
[2015.08.02 16:37:43 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\photowiz.dll
[2015.08.02 16:37:43 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\photowiz.dll
[2015.08.02 16:37:40 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2015.08.02 16:37:40 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2015.08.02 16:37:40 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2015.08.02 16:37:39 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSReset.exe
[2015.08.02 16:37:38 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappcfg.dll
[2015.08.02 16:37:38 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapp3hst.dll
[2015.08.02 16:37:37 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapphost.dll
[2015.08.02 16:37:37 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappcfg.dll
[2015.08.02 16:37:37 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapphost.dll
[2015.08.02 16:37:37 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapp3hst.dll
[2015.08.02 16:37:37 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappgnui.dll
[2015.08.02 16:37:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappgnui.dll
[2015.08.02 16:37:37 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappprxy.dll
[2015.08.02 16:37:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappprxy.dll
[2015.08.02 16:37:30 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2015.08.02 16:37:30 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2015.08.02 16:37:17 | 002,819,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2015.08.02 16:37:17 | 001,380,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2015.08.02 16:37:16 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2015.08.02 16:37:15 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2015.08.02 16:37:15 | 000,086,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mrt_map.dll
[2015.08.02 16:37:15 | 000,080,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mrt_map.dll
[2015.08.02 16:37:15 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2015.08.02 16:37:15 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2015.08.02 16:37:15 | 000,028,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mrt100.dll
[2015.08.02 16:37:15 | 000,026,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mrt100.dll
[2015.08.02 16:37:11 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2015.08.02 16:37:07 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll
[2015.08.02 16:37:05 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2015.08.02 16:37:04 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2015.08.02 16:37:04 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2015.08.02 16:37:04 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2015.08.02 16:37:04 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2015.08.02 16:37:02 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rgb9rast.dll
[2015.08.02 16:37:01 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupStatusProvider.dll
[2015.08.02 16:37:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceSetupStatusProvider.dll
[2015.08.02 16:36:59 | 000,358,912 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2015.08.02 16:36:58 | 000,301,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2015.08.02 16:36:58 | 000,044,032 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2015.08.02 16:36:58 | 000,035,840 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2015.08.02 16:36:53 | 001,091,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2015.08.02 16:36:53 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2015.08.02 16:36:53 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2015.08.02 16:36:53 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2015.08.02 16:36:52 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compstui.dll
[2015.08.02 16:36:47 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll
[2015.08.02 16:36:47 | 000,393,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll
[2015.08.02 16:36:36 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2015.08.02 16:36:20 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastapi.dll
[2015.08.02 16:36:20 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastapi.dll
[2015.08.02 16:36:18 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2015.08.02 16:36:18 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2015.08.02 16:36:18 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2015.08.02 16:36:17 | 002,162,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2015.08.02 16:36:17 | 001,812,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2015.08.02 16:36:17 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2015.08.02 16:36:17 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2015.08.02 16:36:16 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcpl.dll
[2015.08.02 16:36:14 | 000,239,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2015.08.02 16:36:14 | 000,154,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2015.08.02 16:36:10 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2015.08.02 16:36:10 | 001,018,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2015.08.02 16:36:10 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2015.08.02 16:36:10 | 000,189,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2015.08.02 16:36:09 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys
[2015.08.02 16:35:57 | 000,410,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2015.08.02 16:35:55 | 000,971,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2015.08.02 16:35:55 | 000,811,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2015.08.02 16:35:55 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2015.08.02 16:35:55 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2015.08.02 16:35:51 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2015.08.02 16:35:51 | 000,467,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2015.08.02 16:35:48 | 003,084,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2015.08.02 16:35:48 | 002,471,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2015.08.02 16:35:43 | 000,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2015.08.02 16:35:42 | 001,763,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2015.08.02 16:35:42 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoMetadataHandler.dll
[2015.08.02 16:35:42 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
[2015.08.02 16:35:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys
[2015.08.02 16:35:36 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2015.08.02 16:35:36 | 001,311,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2015.08.02 16:35:35 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2015.08.02 16:35:35 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2015.08.02 16:35:26 | 000,448,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2015.08.02 16:35:26 | 000,038,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2015.08.02 16:35:26 | 000,033,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2015.08.02 16:35:25 | 000,535,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2015.08.02 16:35:25 | 000,413,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2015.08.02 16:35:25 | 000,372,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2015.08.02 16:35:24 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2015.08.02 16:35:23 | 000,531,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2015.08.02 16:35:23 | 000,108,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2015.08.02 16:35:23 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2015.08.02 16:35:22 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageContextHandler.dll
[2015.08.02 16:35:22 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StorageContextHandler.dll
[2015.08.02 16:35:09 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\calc.exe
[2015.08.02 16:35:08 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\calc.exe
[2015.08.02 16:35:07 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2015.08.02 16:35:07 | 000,791,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2015.08.02 16:35:04 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWbPrxy.exe
[2015.08.02 16:34:58 | 000,046,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentServer.exe
[2015.08.02 16:33:18 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015.08.02 16:32:37 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2015.08.02 16:32:23 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr120_clr0400.dll
[2015.08.02 16:32:23 | 000,869,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr120_clr0400.dll
[2015.08.02 16:31:51 | 005,264,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2015.08.02 16:31:50 | 007,784,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2015.08.02 16:31:47 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InkEd.dll
[2015.08.02 16:31:47 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InkEd.dll
[2015.08.02 16:31:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jnwmon.dll
[2015.08.02 16:31:14 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2015.08.02 16:31:14 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2015.08.02 16:31:14 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2014.08.04 15:46:26 | 000,236,488 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Program Files\package_inst.exe
[2014.08.04 15:46:24 | 000,204,232 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Program Files\error_report.exe
[2014.08.04 15:46:06 | 000,824,296 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Program Files\update.exe
[2014.08.04 15:45:48 | 010,725,320 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Program Files\ts3client_win64.exe
[2014.06.05 15:48:20 | 001,653,248 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\libeay32.dll
[2014.06.05 15:48:20 | 000,345,088 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\ssleay32.dll
[2014.05.19 13:15:52 | 001,313,056 | ---- | C] (Overwolf) -- C:\Program Files\OverwolfTeamSpeakInstaller.exe
[2014.02.27 16:50:40 | 005,336,064 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Program Files\Qt5Widgets.dll
[2014.02.27 16:48:40 | 003,573,760 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Program Files\Qt5Gui.dll
[2014.02.27 16:47:52 | 001,068,032 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Program Files\Qt5Network.dll
[2014.02.27 16:47:32 | 000,214,528 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Program Files\Qt5Sql.dll
[2014.02.27 16:47:20 | 005,459,968 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Program Files\Qt5Core.dll
[2012.11.05 22:26:22 | 000,849,360 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr110.dll
[2012.11.05 22:26:22 | 000,661,456 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp110.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.08.04 09:43:48 | 001,745,984 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015.08.04 09:43:48 | 000,730,536 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2015.08.04 09:43:48 | 000,722,278 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015.08.04 09:43:48 | 000,151,282 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2015.08.04 09:43:48 | 000,135,394 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015.08.04 09:40:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hanus\Desktop\OTL.exe
[2015.08.04 09:38:49 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015.08.04 09:37:37 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015.08.04 09:36:43 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015.08.04 09:36:38 | 3385,065,472 | -HS- | M] () -- C:\hiberfil.sys
[2015.08.04 09:33:01 | 002,169,856 | ---- | M] (Farbar) -- C:\Users\Hanus\Desktop\FRST64.exe
[2015.08.04 08:58:01 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job
[2015.08.04 08:58:01 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.04 08:32:21 | 000,000,603 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2015.08.03 18:39:26 | 000,015,201 | ---- | M] () -- C:\Users\Hanus\Desktop\MemTest.zip
[2015.08.03 17:08:49 | 000,126,290 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files\Uninstall.exe
[2015.08.03 17:08:47 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2015.08.03 15:25:36 | 000,337,760 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2015.08.03 13:30:44 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msclmd.dll
[2015.08.03 13:30:43 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msclmd.dll
[2015.08.03 11:22:39 | 000,002,219 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.08.03 11:19:18 | 000,000,199 | ---- | M] () -- C:\Users\Hanus\Desktop\Counter-Strike Global Offensive.url
[2015.08.03 10:51:08 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2015.08.03 10:18:54 | 000,001,397 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015.08.03 05:58:41 | 000,000,614 | ---- | M] () -- C:\Users\Public\Desktop\WarThunder.lnk
[2015.08.03 01:14:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2015.08.03 00:51:46 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
[2015.08.03 00:28:58 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2015.08.02 20:13:13 | 000,000,524 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2015.08.02 20:08:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2015.07.25 15:34:01 | 001,084,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015.07.25 01:28:44 | 001,567,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2015.07.25 01:28:44 | 000,204,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2015.07.25 01:28:44 | 000,040,280 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2015.07.24 06:21:23 | 001,423,304 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2015.07.24 06:21:23 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspbridge.dll
[2015.07.24 06:21:14 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspbridge64.dll
[2015.07.24 06:21:14 | 001,710,568 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2015.07.23 06:06:23 | 042,730,128 | ---- | M] () -- C:\WINDOWS\SysNative\nvcompiler.dll
[2015.07.23 06:06:23 | 037,748,880 | ---- | M] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2015.07.23 06:06:23 | 030,487,880 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2015.07.23 06:06:23 | 022,950,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2015.07.23 06:06:23 | 017,615,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2015.07.23 06:06:23 | 016,151,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2015.07.23 06:06:23 | 015,892,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2015.07.23 06:06:23 | 015,129,192 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2015.07.23 06:06:23 | 014,503,880 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2015.07.23 06:06:23 | 013,268,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2015.07.23 06:06:23 | 012,876,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2015.07.23 06:06:23 | 011,836,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2015.07.23 06:06:23 | 003,407,144 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2015.07.23 06:06:23 | 003,008,880 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2015.07.23 06:06:23 | 002,933,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2015.07.23 06:06:23 | 002,600,592 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2015.07.23 06:06:23 | 001,898,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6435362.dll
[2015.07.23 06:06:23 | 001,557,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmcvadgenco64.dll
[2015.07.23 06:06:23 | 001,557,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6435362.dll
[2015.07.23 06:06:23 | 001,101,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2015.07.23 06:06:23 | 001,061,008 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2015.07.23 06:06:23 | 001,053,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2015.07.23 06:06:23 | 000,983,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2015.07.23 06:06:23 | 000,976,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2015.07.23 06:06:23 | 000,940,104 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2015.07.23 06:06:23 | 000,879,000 | ---- | M] () -- C:\WINDOWS\SysNative\nvmcumd.dll
[2015.07.23 06:06:23 | 000,503,592 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2015.07.23 06:06:23 | 000,408,208 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2015.07.23 06:06:23 | 000,407,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2015.07.23 06:06:23 | 000,364,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2015.07.23 06:06:23 | 000,176,904 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2015.07.23 06:06:23 | 000,155,280 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2015.07.23 06:06:23 | 000,150,832 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2015.07.23 06:06:23 | 000,128,512 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2015.07.23 06:06:23 | 000,117,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcaparm.dll
[2015.07.23 06:06:23 | 000,112,968 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2015.07.23 06:06:23 | 000,105,288 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2015.07.23 06:06:23 | 000,039,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvadarm.sys
[2015.07.23 06:06:23 | 000,030,966 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2015.07.23 03:31:29 | 002,558,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2015.07.23 03:31:29 | 000,385,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2015.07.23 03:31:29 | 000,062,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2015.07.23 03:31:28 | 006,873,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2015.07.23 03:31:28 | 003,493,008 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2015.07.23 02:46:35 | 000,572,232 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2015.07.20 16:16:26 | 005,121,613 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2015.07.14 23:59:47 | 000,487,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2015.07.14 23:59:23 | 000,393,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2015.07.14 16:14:06 | 000,301,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2015.07.14 16:14:02 | 000,035,840 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2015.07.14 16:14:00 | 000,358,912 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2015.07.14 16:13:55 | 000,044,032 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2015.07.13 23:10:13 | 000,792,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015.07.13 23:10:13 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015.07.09 21:51:16 | 000,136,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015.07.09 20:40:34 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015.07.09 17:54:39 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015.07.09 17:53:47 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015.07.09 17:50:26 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015.07.09 17:50:06 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015.07.09 17:48:47 | 000,891,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015.07.09 17:46:59 | 002,229,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015.07.09 17:38:21 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015.07.09 17:37:44 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015.07.09 17:35:19 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015.07.09 17:34:40 | 000,721,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.08.04 08:32:21 | 000,000,603 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2015.08.03 18:39:25 | 000,015,201 | ---- | C] () -- C:\Users\Hanus\Desktop\MemTest.zip
[2015.08.03 17:08:47 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2015.08.03 12:50:49 | 000,411,133 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015.08.03 11:19:17 | 000,000,199 | ---- | C] () -- C:\Users\Hanus\Desktop\Counter-Strike Global Offensive.url
[2015.08.03 10:51:08 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2015.08.03 10:47:53 | 042,730,128 | ---- | C] () -- C:\WINDOWS\SysNative\nvcompiler.dll
[2015.08.03 10:47:53 | 037,748,880 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2015.08.03 10:47:53 | 000,879,000 | ---- | C] () -- C:\WINDOWS\SysNative\nvmcumd.dll
[2015.08.03 05:58:41 | 000,000,614 | ---- | C] () -- C:\Users\Public\Desktop\WarThunder.lnk
[2015.08.03 05:53:30 | 000,000,962 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job
[2015.08.03 01:14:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2015.08.03 00:51:46 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
[2015.08.03 00:51:26 | 000,001,397 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015.08.03 00:48:42 | 000,030,966 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2015.08.03 00:44:15 | 000,002,219 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.08.03 00:44:05 | 000,000,962 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.03 00:44:04 | 000,000,958 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015.08.03 00:38:40 | 000,002,161 | ---- | C] () -- C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[2015.08.03 00:38:33 | 000,002,315 | ---- | C] () -- C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[2015.08.03 00:35:50 | 000,001,446 | ---- | C] () -- C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015.08.03 00:35:05 | 000,000,369 | ---- | C] () -- C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2015.08.03 00:35:05 | 000,000,369 | ---- | C] () -- C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2015.08.03 00:28:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2015.08.03 00:28:36 | 3385,065,472 | -HS- | C] () -- C:\hiberfil.sys
[2015.08.03 00:28:36 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2015.08.02 20:13:13 | 000,000,524 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2015.08.02 20:08:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2015.08.02 17:32:55 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2015.08.02 17:32:55 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2015.08.02 17:32:30 | 000,096,256 | ---- | C] () -- C:\WINDOWS\SysNative\BthpanContextHandler.dll
[2015.08.02 17:31:54 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysNative\BWContextHandler.dll
[2015.08.02 17:31:53 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015.08.02 17:29:28 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2015.08.02 17:07:04 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015.08.02 17:07:03 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2014.08.04 10:29:42 | 000,000,321 | ---- | C] () -- C:\Program Files\plugin_sdk.html
[2014.06.20 09:44:40 | 000,520,934 | ---- | C] () -- C:\Program Files\usb.ids
[2014.03.06 09:13:23 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014.02.28 11:14:02 | 000,173,568 | ---- | C] () -- C:\Program Files\quazip.dll
[2013.11.13 14:36:16 | 000,110,106 | ---- | C] () -- C:\Program Files\createfileassoc.exe
[2013.08.27 23:00:08 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2013.08.22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2015.08.03 11:24:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.05.07 19:50:50 | 022,292,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.05.07 18:53:12 | 019,734,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014.10.29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014.10.29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014.10.29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.08.03 12:42:04 | 000,000,000 | ---D | M] -- C:\Users\Hanus\AppData\Roaming\Firefly Studios
[2015.08.03 17:10:28 | 000,000,000 | ---D | M] -- C:\Users\Hanus\AppData\Roaming\TS3Client

========== Purity Check ==========



< End of report >
Nahoru
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 10:01

OTL Extras logfile created on: 4.8.2015 9:42:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hanus\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17905)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 69,15% Memory free
5,32 Gb Paging File | 4,10 Gb Available in Paging File | 77,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,88 Gb Total Space | 185,67 Gb Free Space | 82,93% Space Free | Partition Type: NTFS
Drive D: | 223,88 Gb Total Space | 207,23 Gb Free Space | 92,56% Space Free | Partition Type: NTFS

Computer Name: HANUS-PC | User Name: Hanus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14DFC6B9-1FB6-4223-B1D7-199116D8C0D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{16FFB7F0-5812-44C7-AF4A-6704497BF558}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{1FB64274-265C-4740-9A98-0A0C79914E94}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{374023FA-CCBA-4A2A-AF38-9D81066191D6}" = rport=445 | protocol=6 | dir=out | app=system |
"{37FF8586-9152-46D4-A932-A6F54EDF00CB}" = rport=137 | protocol=17 | dir=out | app=system |
"{4413393F-7A01-45C5-91ED-D087C396BB4B}" = rport=139 | protocol=6 | dir=out | app=system |
"{5A98463C-8F97-4223-8939-E1B0FCF06EC3}" = rport=138 | protocol=17 | dir=out | app=system |
"{5D119406-2BBF-42BE-AE18-F4B8A6DED6D1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6E58A218-5669-43F8-9E01-AA54ED1D052E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7BA77CB6-62F7-4815-85AD-F87FE2A5B8F3}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7F2DDFC0-610C-48AB-BBDF-E09B62855925}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{864632BF-EF32-41DD-BA3A-B262BD4498D6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D97166D-C7AE-42B2-9A58-579E77DF1CEF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{99A46D91-F7A8-4D6B-91F6-A06BD48978F6}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{9F1DD710-12A6-412D-8400-079E227F6A98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{AC061E0B-5AF9-47C5-A016-0CEAC0038879}" = lport=137 | protocol=17 | dir=in | app=system |
"{AD2BBEE0-56A6-47C3-946C-0A5AC0F5B28B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB5185CE-1575-41F8-931F-4FB56B0199ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BCA7F8B3-8E2D-4960-905B-5BFC63DD40A3}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{BCDE8195-7891-4114-8E30-F232932077E7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C398D1AB-1D0E-4E78-90AD-8C18495D0A9D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCD2C83C-9E0E-43B5-B4B0-7DDD94066BA6}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{D0127760-FD4B-472C-B56F-9470819B7D29}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D3D4C191-18B7-46CB-9D53-2C0F01933BF5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7DC53B4-2D94-48EB-96D7-D5C20F384129}" = lport=139 | protocol=6 | dir=in | app=system |
"{DBDF8369-75CA-412D-BEE2-8967E006DEB8}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E2548B9A-A421-4555-876D-F4A4189CE897}" = lport=138 | protocol=17 | dir=in | app=system |
"{ED8E9116-8962-46EA-BA10-47D006538D3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EEF8E131-4943-4BB5-8D53-E94358A37098}" = lport=445 | protocol=6 | dir=in | app=system |
"{FF7A62D5-417E-4F29-9458-86EF5A8BDAB9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009C5EC0-15D9-4B16-9F72-43D96D339165}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{03AB64B0-FFB8-4DD5-AA2B-A97B87E55CA3}" = dir=out | name=evernote touch |
"{03C0E3AB-3F3B-49F4-B88E-19432CEE6A79}" = dir=out | name=skype |
"{067A6DBF-E953-4278-AA0D-16355FE575F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{083A5A4A-7995-4D1D-A1C6-EED7EEBA28F7}" = dir=in | name=accuweather for windows 8 |
"{083F2920-6F5B-4515-8FDA-9746D7FA4135}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{0CEE9708-BE4F-49D7-A586-CCF23DC15174}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{0F0C96A0-EC93-41EF-8FED-058A5C57ABEE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\sdd.exe |
"{0F338CDE-B892-41B0-B792-D972870C9147}" = dir=out | name=@{microsoft.zunevideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{13CFA98B-CCFD-4680-A168-919EE8FD3293}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{13E0581D-964C-46B9-9A07-98F6CFDB8926}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{19A71A36-BD7D-4589-8B9F-A5BE4C4AC007}" = dir=in | name=evernote touch |
"{1C25DD4E-1C1A-45BC-8261-33DC8091E354}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1C4C53D7-C3D3-4DBC-8E52-C54A19E211C1}" = dir=out | name=- games app - |
"{1F32A5EF-18FD-4840-A49B-8F4EABE5A2CB}" = dir=out | name=@{microsoft.bingnews_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{24DA2003-C046-4E54-9979-197D21312922}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{280B0737-D44C-4A73-979E-F1C8CB4C596A}" = dir=in | name=skype |
"{2A5DEC40-61B1-4BD3-A67D-FE9657943A3D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\stronghold kingdoms\strongholdkingdoms.exe |
"{33156252-D3C0-4E7A-8CC4-C5B7BA8E06EB}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{34A451E3-8AD3-49C4-9B81-1B743911676B}" = dir=out | name=kindle |
"{36AE0A00-9940-4852-BC99-4833108176D4}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{3C3DB117-B8AA-487B-B33C-943735CC9370}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{3FC56E80-8B74-4BB8-AE6F-09C7A51595BD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{47DE4160-9A9B-4A1C-8DD4-6ACB46EE8037}" = dir=in | name=onenote |
"{4AAF29B6-2414-4F99-B4FE-51B6B65E1974}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4BD4D30C-37D5-4025-8106-55613EE5EA96}" = dir=in | name=zinio |
"{4C3BCB25-F701-405C-A13A-B914964B9EA0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\virtualdrive.exe |
"{4CAE06F9-06E8-4AC7-AEED-F5F819AACDB2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4CFD343D-14D0-4CFA-91E2-63F206A4847F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{4D06981C-B7DE-4263-930E-4BE64B40A58B}" = dir=out | name=@{microsoft.bingsports_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{4DC7970B-589C-4627-A68A-E265C90D6E7E}" = protocol=6 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{4E17AA99-C970-438F-99D0-2FE371B2E841}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4E8B47B6-D1A5-4447-B728-79F6765F74A0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{523154D1-2C6C-486A-B2DA-1DD7CA347486}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55EADAA0-FA56-4227-89A8-1AE8C9660F8A}" = dir=out | name=onenote |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{571025CA-8060-4ED7-970D-EA2ECBF0E0E6}" = protocol=17 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{5B7AC144-4CF8-473A-A789-B3D70819D30C}" = dir=out | name=@{microsoft.bingweather_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{5BCD5C63-6890-44D6-92E6-7790EF464EBF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd.exe |
"{5E5EE3F6-C6B6-4551-A0C9-40D99A7A7D82}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5FAF2E35-8BEA-40F2-9B4D-7209CCC743C8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\sdd.exe |
"{60E04E65-B9A7-4399-BA01-221CC4B81CBE}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{6A934A80-296C-4D91-BCCE-71A4C878BFAA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{6D72555D-00AD-4F8A-8CF1-C5AF3D188957}" = dir=out | name=acer explorer |
"{6DBA8A07-FAB7-4E4F-A07A-AF98FD9D612F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{73FE9000-F346-4724-B27D-B73F44700D3B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{7677F41E-AA7B-4ADD-BAD2-7BCA75CFA899}" = dir=in | name=microsoft solitaire collection |
"{76C3E281-5758-430B-8A53-9B905B9BC386}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{77AA6952-28EE-4C46-9033-A6ADFA8945E3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{7FAE1BB1-C253-44D1-AD50-EFD5753EE1CA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{82320995-F1CA-493A-9761-17FCC32BA0FE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{828C2343-D255-4B70-B092-B8F58E82A709}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{82925EBD-5194-44DC-BC3B-0D20F304F4E1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{840A1A53-9A7C-4316-A698-9AFAE1809D1B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{847E003F-5067-4816-B4C7-69D02FD61C4A}" = dir=in | name=acer explorer |
"{871BEECF-FFD0-440E-8C28-1EE85220EF51}" = protocol=6 | dir=in | app=d:\warthunder\launcher.exe |
"{87B85081-3E32-4106-9D74-D19C4CE201BF}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{87D08164-0BF5-4D99-8C16-01FF7A20FCC8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{887A1D4D-0EC4-4B14-8DD6-49B4B88D835E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{88B236BE-2367-4B62-AF14-CAC13BA6F47C}" = dir=in | name=evernote touch |
"{89A2D963-DFAD-4F57-A3BC-0BB1239AB754}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{8A42860D-92AC-41D7-BAC7-00A8E8132350}" = dir=out | name=booking.com partner edition |
"{9303AF6C-AEFD-4DFD-864D-A73602A9B920}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{9A150517-8C74-45D8-8643-CEA93BE7AA0F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B923312-5251-45B6-887B-257A3B8181DE}" = protocol=17 | dir=in | app=d:\warthunder\launcher.exe |
"{9BC65F97-9A38-4D34-B342-8A54D64E36C1}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A374980F-FEAF-465C-AFAF-048255955051}" = protocol=6 | dir=in | app=d:\warthunder\bpreport.exe |
"{A4E38B32-85C4-4975-BB1B-949EE20D71A7}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{AB8C0D5D-AEAB-4E21-89F9-D83C426093FE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{ACAEE131-A02F-4094-B49B-BCCDC3C8F0B0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ACE53969-102B-4392-A076-8D2C251E1C98}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{AF499CCD-B193-40E5-8C08-BAB198F759CB}" = dir=out | name=microsoft solitaire collection |
"{AF6E177A-B050-4108-89B7-A175C681A5AF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{B09C0B11-A947-4F43-AC28-CA0A5568C7C5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B4C0D9F4-F9F0-41E0-B646-E614EAC68DA7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BB7884FD-15CD-4216-B64E-1EA78ADD4E68}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{BBEA9252-ECBB-4F32-A734-B4AA42923705}" = dir=out | name=tunein radio |
"{C001D7F0-FF53-4A0F-8DF7-C2E24E55D977}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{C3C5B654-867F-4BBA-92AE-3D7322E96698}" = dir=out | name=windows_ie_ac_001 |
"{C46D24EE-8041-4A2B-BCCC-0C4C882FEEA2}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{C54167DC-68FC-42E0-9AD7-636AE3CBF667}" = protocol=17 | dir=in | app=d:\warthunder\bpreport.exe |
"{C6E0AE82-0106-4C78-A1C0-F1E0C99DF4C3}" = dir=out | name=evernote touch |
"{C7DD8012-942C-4909-BBC6-14EAE174B5F2}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{C85D64F8-D4B4-4017-BA02-B2512ECAE32E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C98D4E03-FAE9-4C60-8B98-59FA7BFBD42D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{CC350341-4A3F-4022-BB99-1AB8F233BF86}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{CF548BE1-0BD0-4A38-9E59-E7494098E666}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{D16B4F5D-531E-47C0-8592-515811A5705A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\stronghold kingdoms\strongholdkingdoms.exe |
"{D4CC9B98-88BB-4338-86DD-FBFD604C05C8}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{D620D54A-D010-4787-A7ED-12DBFA71E9E2}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6A6E270-944D-41C4-A4DD-C5AF8CF3DD8D}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{D74922EC-327F-483F-A2D8-21E9FC906478}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{D7B4DAD8-D68A-479F-93BA-10B85078D4FE}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DB6ABA11-6990-44F6-BEBE-02E5D30CB4F5}" = dir=out | name=zinio |
"{E0E60FCE-FF8C-412E-9E39-1D8072B9078B}" = dir=in | name=evernote touch |
"{E3591BA6-5931-488A-B22B-1FD98CA39588}" = protocol=6 | dir=out | app=system |
"{E43C3BB0-0F50-4703-B5C2-4E4944A4BF3A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA48FB27-9BC9-4E3C-A16E-B9FA6CDC3BEB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{EA789DCF-8BED-451E-AEA4-07FD6B5372D6}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{EB1C4976-7281-42E9-8B39-74EF237E79CA}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{EB376606-4702-400D-86E5-3430F43362AF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\virtualdrive.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ED7B7A90-BF28-4404-BFBF-1CFF1CAB75B7}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{ED92C300-A2A8-4D9D-A67F-2D3C9DCDE145}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{EFD1FB78-9CEB-4B9D-89B3-7332F8F1C81D}" = dir=out | name=ebay |
"{EFDF5330-8A17-4F28-8ED5-2BCC6D5C8EA6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8D65418-EE7F-43A3-80EC-24EE62F5F953}" = dir=out | name=accuweather for windows 8 |
"{F8E57FFC-0A17-4CAD-A067-0AC4D3FBB307}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{FBE315EC-1612-4BA4-8788-4118748BBAAF}" = dir=out | name=@{microsoft.bingfinance_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{FC657617-DD88-4EEB-B141-0A038480CF08}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{FF1A99D7-20FC-485B-B2E1-54BC4D88701C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{12A718F2-2357-4D41-9E1F-18583A4745F7}" = Acer User Experience Improvement Program Framework
"{13885028-098C-4799-9B71-27DAC96502D5}" = Acer Remote Files
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4D0F42CF-1693-43D9-BDC8-19141D023EE0}" = Acer Explorer Agent
"{978724F6-1863-4DD5-9E66-FB77F5AB5613}" = Acer User Experience Improvement Program App Monitor Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 353.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 353.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 353.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.34.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio" = NVIDIA Virtuálny zvuk Miracast 353.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.30
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee WebAdvisor
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}" = Nero BackItUp 12 Essentials OEM.a01
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = Acer Portal
"{A6DC88AD-501A-44BC-884D-57435F972E2C}" = Hotkey Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-FFFF-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) MUI
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = Acer Photo
"{B6846F20-4821-11E3-8F96-0800200C9A66}" = Acer Video Player
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = Acer Docs
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{DCBF3379-246B-47E1-8173-639B63940838}" = Acer Docs Office AddIn
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = Acer Media
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.538
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Google Chrome" = Google Chrome
"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"MSC" = McAfee LiveSafe – Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Spotify" = Spotify
"Steam" = Steam
"Steam App 47410" = Stronghold Kingdoms
"Steam App 730" = Counter-Strike: Global Offensive
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-1157fb6e-1d0a-4eed-ae6c-e37598c5d096" = Peggle Nights
"WTA-1f3cfe86-6367-4fc3-92b4-3a2516780d20" = Magic Academy
"WTA-3415b67f-0e11-491d-b58a-5135ce2bc264" = Cradle Of Egypt Collector's Edition
"WTA-38f1eb51-52ed-4ccf-a6b2-ef3b1e728e1b" = Plants vs. Zombies - Game of the Year
"WTA-40283442-c62f-4a4a-bd3c-e2f5239608b8" = The Chronicles of Emerland Solitaire
"WTA-68d07ef8-ff6d-4217-b685-16b32e3124f2" = Aloha TriPeaks
"WTA-a0d25755-3b71-499e-bd31-d175bb1a21c2" = Governor of Poker 2 Premium Edition
"WTA-dbbe117b-f22b-4e3a-9552-4c19f8bef91a" = Luxor Evolved
"WTA-e76b3226-e24d-48c2-897b-d0332e034c79" = Trinklit Supreme

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1" = World of Tanks
"Pokki" = Host App Service
"Pokki_Start_Menu" = Pokki Start Menu

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.8.2015 18:50:39 | Computer Name = Hanus-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 2.8.2015 18:50:39 | Computer Name = Hanus-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 2.8.2015 18:54:01 | Computer Name = Hanus-PC | Source = Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x80072EE7

Error - 2.8.2015 18:54:01 | Computer Name = Hanus-PC | Source = Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0x80072EE7 Sku Id=c7c00280-b24d-4e82-89ca-4f1288eb1d9e

Error - 2.8.2015 18:54:01 | Computer Name = Hanus-PC | Source = Software Protection Platform Service | ID = 8198
Description = License Activation (slui.exe) failed with the following error code:
hr=0x80072EE7
Command-line
arguments: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c7c00280-b24d-4e82-89ca-4f1288eb1d9e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error - 2.8.2015 18:59:23 | Computer Name = Hanus-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 2.8.2015 18:59:24 | Computer Name = Hanus-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 2.8.2015 19:12:06 | Computer Name = Hanus-PC | Source = Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x8004FE93

Error - 2.8.2015 19:12:06 | Computer Name = Hanus-PC | Source = Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0x8004FE93 Sku Id=c7c00280-b24d-4e82-89ca-4f1288eb1d9e

Error - 2.8.2015 10:56:27 | Computer Name = Hanus-PC | Source = MsiInstaller | ID = 1021
Description =

[ System Events ]
Error - 2.8.2015 18:28:28 | Computer Name = Hanus-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 2.8.2015 18:51:40 | Computer Name = Hanus-PC | Source = DCOM | ID = 10001
Description =

Error - 2.8.2015 18:51:46 | Computer Name = Hanus-PC | Source = Service Control Manager | ID = 7030
Description = Služba ASGT je označená ako interaktívna služba. Systém je však nakonfigurovaný
tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error - 2.8.2015 19:20:38 | Computer Name = Hanus-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
C:\WINDOWS\system32\athExt.dll Kód chyby: 126


< End of report >
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod jaro3 » 04 srp 2015 10:22

nainstaluj javu:
[url= http://www.oracle.com/technetwork/java/ ... 33155.html
]Java SE Runtime Environment 8[/url]

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-8-windows-i586-p.exe nebo
jre-8-windows-x64.exe
Stáhni ( download) a nainstaluj.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{119C8353-89CD-4A2D-A710-CBEF21819D31}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{119C8353-89CD-4A2D-A710-CBEF21819D31}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_0\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 14:07

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{119C8353-89CD-4A2D-A710-CBEF21819D31}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{119C8353-89CD-4A2D-A710-CBEF21819D31}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{119C8353-89CD-4A2D-A710-CBEF21819D31}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{119C8353-89CD-4A2D-A710-CBEF21819D31}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll not found.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_0\_metadata folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_0\Resources folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_0 folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_metadata folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\zh_TW folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\zh_CN folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\vi folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\uk folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\tr folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\th folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\sv folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\sr folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\sl folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\sk folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\ru folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\ro folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\pt_PT folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\pt_BR folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\pl folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\nl folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\nb folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\lv folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\lt folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\ko folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\ja folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\it folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\id folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\hu folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\hr folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\hi folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\fr folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\fil folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\fi folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\et folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\es_419 folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\es folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\en_GB folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\en folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\el folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\de folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\da folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\cs folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\ca folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales\bg folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\_locales folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\images folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\html folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\css folder moved successfully.
C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1 folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job not found.
File\Folder C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job not found.
File\Folder C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Hanus
->Temp folder emptied: 426353003 bytes
->Temporary Internet Files folder emptied: 8547584 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 362567426 bytes
->Flash cache emptied: 806 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6585695 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 767,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08042015_135858

Files\Folders moved on Reboot...
C:\Users\Hanus\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 14:07

Našli ste niečo ??
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod jaro3 » 04 srp 2015 15:44

Spusť OTL a klikni na Vyčisti.

co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Roy703
Level 2.5
Level 2.5
Příspěvky: 283
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Rootkity,PC sa samo reštartuje..

Příspěvekod Roy703 » 04 srp 2015 16:52

No zatial ide..potom ešte napíšem
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 78 hostů