Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015 Ran by Gr (administrator) on MATEUSZ on 19-11-2017 21:18:22 Running from C:\Users\Gr\Desktop Loaded Profiles: Gr & ReportServer & MSSQLFDLauncher & MSSQLSERVER (Available Profiles: Gr & ReportServer & MSSQLFDLauncher & MSSQLSERVER) Platform: Windows 10 Home (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe (Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe Failed to access process -> Memory Compression () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\sihost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\taskhostw.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (Corey) C:\Program Files (x86)\Seer\Seer.exe (BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.39\opera.exe (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.39\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.39\opera.exe (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.39\opera.exe (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.39\opera.exe (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.39\opera.exe (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.39\opera.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\taskhostw.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-09-17] (Realtek Semiconductor) HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [196824 2015-01-13] (Realtek Semiconductor Corp.) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation) HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3709896 2015-11-04] (Napisy24.pl) HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-11-03] (Glarysoft Ltd) HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\Run: [Seer] => C:\Program Files (x86)\Seer\Seer.exe [3219456 2016-10-17] (Corey) HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2015-05-26] (BitTorrent, Inc.) HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\MountPoints2: G - "G:\setup.exe" HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\MountPoints2: {48937eac-bde9-11e7-8306-c8f7334ad3b8} - "E:\AutoRun.exe" HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\MountPoints2: {96400899-aea0-11e7-8305-c8f7334ad3b8} - "E:\AutoRun.exe" HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\MountPoints2: {c7b0eba6-3d4e-11e7-bc04-861732f9b147} - "E:\AutoRun.exe" HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation) HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation) HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation) HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation) HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation) HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll [2017-11-07] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Gr\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\FileSyncShell.dll [2017-11-07] (Microsoft Corporation) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-1946104158-849987808-3721883152-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1946104158-849987808-3721883152-1001 -> DefaultScope {5FD446F9-67A5-4242-B780-AA7660820338} URL = SearchScopes: HKU\S-1-5-21-1946104158-849987808-3721883152-1001 -> {5FD446F9-67A5-4242-B780-AA7660820338} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-29] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-29] (Oracle Corporation) Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2017-03-18] (Microsoft Corporation) Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2017-03-18] (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{0d62c782-b8ca-41d7-9d66-0740a353bea0}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{110ba7e7-cec2-4711-9f99-1c9a74680afd}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{248b7f4c-bfaa-463e-8c98-566f167f4264}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{3c17d204-af12-40ad-81b7-f339a61f858f}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{633caea2-2bac-491b-8694-68909a8f0fd3}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{a367a732-3087-4f06-b98b-4e89424f2487}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{b6a73a68-5a7f-4f40-8e52-6625218d8b29}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{b9f9ff7e-10f7-4dda-859e-a0cd02799af4}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{cbf98bca-8df3-4712-aaec-3964da72f7d7}: [DhcpNameServer] 212.2.96.51 212.2.96.52 Tcpip\..\Interfaces\{d2823e70-06c2-4d23-b8f9-9c16de98703c}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{f57f1e74-e30c-4c57-9ae4-afdbc8fc023f}: [DhcpNameServer] 212.2.96.51 212.2.96.52 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-05-26] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-05-26] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-29] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1946104158-849987808-3721883152-1001: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Gr\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies) FF HKU\S-1-5-21-1946104158-849987808-3721883152-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Gr\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: Ace Script - C:\Users\Gr\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2015-12-18] Chrome: ======= CHR HKU\S-1-5-21-1946104158-849987808-3721883152-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2017-03-18] (Microsoft Corporation) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [431616 2017-09-05] (Microsoft Corporation) R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [970240 2017-05-20] (Microsoft Corporation) R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [872464 2017-10-15] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [923040 2017-10-15] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [583160 2017-10-15] (Microsoft Corporation) S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2017-03-18] (Microsoft Corporation) S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [86528 2017-03-18] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [536064 2017-07-28] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [394240 2017-08-01] (Microsoft Corporation) S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [55296 2017-03-18] (Microsoft Corporation) S2 DoSvc; C:\Windows\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) S2 DoSvc; C:\Windows\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) S3 DsSvc; C:\Windows\System32\DsSvc.dll [149504 2017-03-18] (Microsoft Corporation) R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [304640 2017-09-29] (Microsoft Corporation) S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [149504 2017-05-20] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [301056 2017-05-20] (Microsoft Corporation) S3 FrameServer; C:\Windows\system32\FrameServer.dll [600576 2017-07-28] (Microsoft Corporation) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [245312 2016-06-08] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-06-08] (GOG.com) S3 HvHost; C:\Windows\System32\hvhostsvc.dll [59800 2017-03-18] (Microsoft Corporation) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S3 icssvc; C:\Windows\System32\tetheringservice.dll [210432 2017-09-18] (Microsoft Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2015-05-26] (Intel Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation) S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [64000 2017-03-18] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2015-05-26] (Intel Corporation) R3 lfsvc; C:\Windows\System32\lfsvc.dll [43520 2017-03-18] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26624 2017-03-18] (Microsoft Corporation) S2 MapsBroker; C:\Windows\System32\moshost.dll [90624 2017-03-18] (Microsoft Corporation) S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] () R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation) R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation) S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [723968 2017-03-18] (Microsoft Corporation) S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [261632 2017-03-18] (Microsoft Corporation) R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [491520 2017-09-05] (Microsoft Corporation) R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [1046016 2017-09-05] (Microsoft Corporation) S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-11-14] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-11-14] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-11-14] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460920 2017-11-14] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-02] (Electronic Arts) S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-02] (Electronic Arts) S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [773120 2017-09-05] (Microsoft Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2016-01-18] () R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2450112 2014-02-21] (Microsoft Corporation) S3 RetailDemo; C:\Windows\system32\RDXService.dll [647168 2017-09-29] (Microsoft Corporation) R3 RmSvc; C:\Windows\System32\RMapi.dll [153088 2017-11-02] (Microsoft Corporation) R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [336320 2017-09-30] (Microsoft Corporation) S3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1191424 2017-03-18] (Microsoft Corporation) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation) S3 SensorService; C:\Windows\system32\SensorService.dll [548864 2017-07-07] (Microsoft Corporation) S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [192512 2017-05-20] (Microsoft Corporation) S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [582656 2017-08-01] (Microsoft Corporation) S3 spectrum; C:\Windows\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation) S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [5304496 2017-09-30] (Microsoft Corporation) R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4215184 2017-09-30] (Microsoft Corporation) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3196768 2015-09-25] (Samsung Electronics CO., LTD.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256120 2016-02-01] (Synaptics Incorporated) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed] S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH) S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation) R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [632832 2017-06-20] (Microsoft Corporation) R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [165888 2017-03-18] (Microsoft Corporation) R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1052672 2017-09-29] (Microsoft Corporation) R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [798720 2017-09-29] (Microsoft Corporation) S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95744 2017-03-18] (Microsoft Corporation) R2 UserManager; C:\Windows\System32\usermgr.dll [877568 2017-03-18] (Microsoft Corporation) S3 UsoSvc; C:\Windows\system32\usocore.dll [684544 2017-11-02] (Microsoft Corporation) S3 vmicrdv; C:\Windows\System32\icsvcext.dll [307712 2017-03-18] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\icsvc.dll [283648 2017-03-18] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\icsvcext.dll [307712 2017-03-18] (Microsoft Corporation) S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [129144 2017-08-23] (Microsoft Corporation) S3 WalletService; C:\Windows\system32\WalletService.dll [428032 2017-03-18] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [555008 2017-06-20] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) S3 wisvc; C:\Windows\system32\flightsettings.dll [719872 2017-11-02] (Microsoft Corporation) S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1298432 2017-07-28] (Microsoft Corporation) R2 WpnService; C:\Windows\system32\WpnService.dll [276480 2017-03-18] (Microsoft Corporation) S3 xbgm; C:\Windows\System32\xbgmsvc.dll [301216 2017-03-18] (Microsoft Corporation) S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1015296 2017-07-28] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1135104 2017-03-18] (Microsoft Corporation) S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [18944 2017-03-18] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1067008 2017-05-20] (Microsoft Corporation) S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2017-03-18] (Microsoft Corporation) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [17920 2017-03-18] (Microsoft Corporation) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533920 2017-03-18] (QLogic Corporation) R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2016-06-23] (Glarysoft Ltd) R3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [97280 2017-07-28] (Microsoft Corporation) S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39424 2017-09-05] (Microsoft Corporation) R3 CAD; C:\Windows\System32\drivers\CAD.sys [53664 2017-03-18] (Microsoft Corporation) S3 CapImg; C:\Windows\System32\drivers\capimg.sys [122880 2017-03-18] (Microsoft Corporation) S2 CDPUserSvc; No ImagePath R2 CDPUserSvc_b5538; No ImagePath S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [347032 2017-03-18] (Chelsio Communications) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104224 2017-03-18] (Chelsio Communications) S2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [12288 2017-03-18] (Microsoft Corporation) R2 clreg; C:\Windows\System32\drivers\registry.sys [14336 2017-03-18] (Microsoft Corporation) S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39840 2017-03-18] (Microsoft Corporation) R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys [40448 2017-03-18] (Microsoft Corporation) S3 DevicesFlowUserSvc; No ImagePath S3 DevicesFlowUserSvc_b5538; No ImagePath S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419040 2017-03-18] (QLogic Corporation) R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [54272 2017-03-18] (Microsoft Corporation) S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [21504 2017-03-18] (Microsoft Corporation) R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2017-03-18] (Microsoft Corporation) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2017-11-08] (Glarysoft Ltd) S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [51104 2017-03-18] (Microsoft Corporation) S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [74648 2017-03-18] (Microsoft Corporation) S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2017-03-18] (Intel(R) Corporation) S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2017-03-18] (Intel(R) Corporation) S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [70656 2017-03-18] (Intel Corporation) S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation) S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165376 2017-03-18] (Intel Corporation) S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation) S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526240 2017-03-18] (Mellanox) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [36864 2017-03-18] (Microsoft Corporation) R0 iorate; C:\Windows\System32\drivers\iorate.sys [49568 2017-03-18] (Microsoft Corporation) S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [123808 2017-03-18] (LSI Corporation) S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [103328 2017-03-18] (Avago Technologies) S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [405408 2017-03-18] (Microsoft Corporation) S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [51104 2017-03-18] (Microsoft Corporation) S0 megasas; C:\Windows\System32\drivers\megasas.sys [59808 2017-03-18] (Avago Technologies) S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64416 2017-03-18] (Avago Technologies) S3 MessagingService; No ImagePath S3 MessagingService_b5538; No ImagePath S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842656 2017-03-18] (Mellanox) R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [50688 2017-03-18] (Microsoft Corporation) S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108960 2017-03-18] (Mellanox) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [122368 2017-03-18] (Microsoft Corporation) S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [118784 2017-05-20] (Microsoft Corporation) R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2017-03-18] (Intel Corporation) S3 nvdimmn; C:\Windows\System32\drivers\nvdimmn.sys [80896 2017-03-18] (Microsoft Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvsmi.inf_amd64_ed7b6fe93f0828b7\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation) R0 nvpciflt; C:\Windows\System32\DriverStore\FileRepository\nvsmi.inf_amd64_ed7b6fe93f0828b7\nvpciflt.sys [47208 2017-11-15] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-11-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50808 2017-11-14] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-11-14] (NVIDIA Corporation) S2 OneSyncSvc; No ImagePath R2 OneSyncSvc_b5538; No ImagePath S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58784 2017-03-18] (Avago Technologies) S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2017-03-18] (Avago Technologies) S3 PimIndexMaintenanceSvc; No ImagePath R3 PimIndexMaintenanceSvc_b5538; No ImagePath S3 pmem; C:\Windows\System32\drivers\pmem.sys [101376 2017-03-18] (Microsoft Corporation) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [936864 2017-03-18] (Microsoft Corporation) S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek ) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2584792 2015-01-13] (Realtek Semiconductor Corp.) S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [91040 2017-03-18] (Microsoft Corporation) S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 SensorsSimulatorDriver; C:\Windows\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation) S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [40352 2017-03-20] (Microsoft Corporation) R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [79872 2017-03-18] (Microsoft Corporation) S0 storufs; C:\Windows\System32\drivers\storufs.sys [36760 2017-03-18] (Microsoft Corporation) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [104960 2017-09-05] (Microsoft Corporation) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [179200 2017-03-18] (Microsoft Corporation) S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [51712 2017-07-28] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2017-03-18] (Microsoft Corporation) S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263584 2017-03-18] (Microsoft Corporation) S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98712 2017-03-18] (Microsoft Corporation) S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [138656 2017-03-18] (Microsoft Corporation) S3 UnistoreSvc; No ImagePath R3 UnistoreSvc_b5538; No ImagePath S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29600 2017-03-18] (Microsoft Corporation) S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [59288 2017-03-18] (Microsoft Corporation) S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2017-03-18] (Microsoft Corporation) S3 UserDataSvc; No ImagePath R3 UserDataSvc_b5538; No ImagePath S3 vhf; C:\Windows\System32\drivers\vhf.sys [35328 2017-03-18] (Microsoft Corporation) S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2017-03-18] (Microsoft Corporation) R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2017-03-18] (Microsoft Corporation) R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [142752 2017-06-20] (Microsoft Corporation) S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [72192 2017-03-18] (Microsoft Corporation) S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [757248 2017-11-02] (Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [70232 2017-03-18] (Microsoft Corporation) R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18520 2017-03-18] (Microsoft Corporation) S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32160 2017-03-18] (Mellanox) S3 WinNat; C:\Windows\System32\drivers\winnat.sys [217088 2017-03-18] (Microsoft Corporation) S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2017-03-18] (Mellanox) S2 WpnUserService; No ImagePath R2 WpnUserService_b5538; No ImagePath S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [277504 2017-05-20] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2017-03-18] (Microsoft Corporation) S3 esgiguard; \??\C:\Program Files (x86)\Malware Hunter Suite\esgiguard.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) NETSVC: dosvc -> No ServiceDLL Path. NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation) NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation) NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation) NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation) NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation) NETSVC: xbgm -> C:\Windows\System32\xbgmsvc.dll (Microsoft Corporation) NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation) NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation) NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation) NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation) NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation) NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation) NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation) NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation) NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-19 21:18 - 2017-11-19 21:19 - 00037780 _____ C:\Users\Gr\Desktop\FRST.txt 2017-11-19 20:03 - 2017-11-19 20:03 - 08261584 _____ (Malwarebytes) C:\Users\Gr\Desktop\adwcleaner_7.0.4.0.exe 2017-11-19 12:16 - 2017-11-19 12:23 - 15287969 _____ C:\Users\Gr\Downloads\popkern-sagit-nougat-20171118-r17.zip 2017-11-19 12:13 - 2017-11-19 12:13 - 00001647 _____ C:\Users\Gr\Downloads\Peaky.Blinders.S04E01.720p.HDTV.x264-BRISK.torrent 2017-11-19 12:12 - 2017-11-19 12:12 - 00016792 _____ C:\Users\Gr\Downloads\Gomorra.La.Serie.S03E02.HDTV.720P.ITA.AC3.x264-Prometheus.torrent 2017-11-19 12:12 - 2017-11-19 12:12 - 00015952 _____ C:\Users\Gr\Downloads\Gomorra.La.Serie.S03E01.HDTV.720P.ITA.AC3.x264-Prometheus.torrent 2017-11-18 19:50 - 2017-11-18 19:50 - 04482048 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2017-11-15 21:50 - 2017-11-15 21:50 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-15 21:50 - 2017-11-15 21:50 - 00003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-15 21:50 - 2017-11-15 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-11-15 21:50 - 2017-11-14 23:48 - 01796216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-11-15 21:50 - 2017-11-14 23:48 - 01578104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-11-15 21:50 - 2017-11-14 23:48 - 00919160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-11-15 21:49 - 2017-11-15 21:49 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-15 21:48 - 2017-11-15 21:48 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-15 21:48 - 2017-11-15 21:48 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-15 21:48 - 2017-11-15 21:48 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-15 21:48 - 2017-11-15 21:48 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-15 21:48 - 2017-11-15 21:48 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-15 21:48 - 2017-11-15 21:48 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-11-15 21:48 - 2017-11-15 21:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-11-15 21:48 - 2017-11-14 23:48 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-11-15 21:48 - 2017-09-14 00:20 - 00798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-11-15 21:48 - 2017-09-14 00:20 - 00490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-11-15 21:48 - 2017-09-14 00:19 - 00927544 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-11-15 21:48 - 2017-09-14 00:19 - 00591160 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-11-15 21:47 - 2017-11-14 23:48 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-11-15 21:47 - 2017-11-14 20:56 - 05960640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-11-15 21:47 - 2017-11-14 20:56 - 02587584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-11-15 21:47 - 2017-11-14 20:56 - 01766336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-11-15 21:47 - 2017-11-14 20:56 - 00607352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-11-15 21:47 - 2017-11-14 20:56 - 00449472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-11-15 21:47 - 2017-11-14 20:56 - 00123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-11-15 21:47 - 2017-11-14 20:56 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-11-15 21:47 - 2017-11-10 07:09 - 07855841 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-11-15 21:37 - 2017-11-14 23:48 - 40237504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 36239480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 35156600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 29272000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 23264864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 19038976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 13865256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 13255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 11780376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 10883928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 04484864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 04201592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 03817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 03614328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 01989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438831.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 01673664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438831.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 01321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 01135280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 01099712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 01038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 01031288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 00980928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 00932288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 00885496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 00794576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 00634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 00615544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 00505976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-11-15 21:37 - 2017-11-14 23:48 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-11-15 21:37 - 2017-11-14 23:48 - 00048442 _____ C:\WINDOWS\system32\nvinfo.pb 2017-11-15 21:37 - 2017-11-14 23:48 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-11-15 21:37 - 2017-11-14 23:48 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-11-15 21:33 - 2017-11-15 21:33 - 00000000 ____D C:\NVIDIA 2017-11-15 21:19 - 2017-11-15 21:33 - 459557792 _____ (NVIDIA Corporation) C:\Users\Gr\Desktop\388.31-notebook-win10-64bit-international-whql.exe 2017-11-15 21:02 - 2017-11-15 21:02 - 00001684 _____ C:\Users\Public\Desktop\Call of Duty WWII.lnk 2017-11-15 21:02 - 2017-11-15 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty WWII 2017-11-15 15:20 - 2017-11-02 06:04 - 01292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-11-15 15:20 - 2017-11-02 05:49 - 01838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-11-15 15:20 - 2017-11-02 05:45 - 00703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-11-15 15:20 - 2017-11-02 05:45 - 00613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-11-15 15:20 - 2017-11-02 05:45 - 00362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-11-15 15:20 - 2017-11-02 05:45 - 00283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-11-15 15:20 - 2017-11-02 05:45 - 00172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-11-15 15:20 - 2017-11-02 05:45 - 00133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2017-11-15 15:20 - 2017-11-02 05:44 - 05808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-11-15 15:20 - 2017-11-02 05:43 - 20372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-11-15 15:20 - 2017-11-02 05:31 - 20512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-11-15 15:20 - 2017-11-02 05:30 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-11-15 15:20 - 2017-11-02 05:30 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-11-15 15:20 - 2017-11-02 05:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-11-15 15:20 - 2017-11-02 05:29 - 19338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-11-15 15:20 - 2017-11-02 05:28 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-11-15 15:20 - 2017-11-02 05:27 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-11-15 15:20 - 2017-11-02 05:27 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-11-15 15:20 - 2017-11-02 05:27 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll 2017-11-15 15:20 - 2017-11-02 05:26 - 05963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-11-15 15:20 - 2017-11-02 05:26 - 02671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-11-15 15:20 - 2017-11-02 05:26 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2017-11-15 15:20 - 2017-11-02 05:25 - 12227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-11-15 15:20 - 2017-11-02 05:25 - 11888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-11-15 15:20 - 2017-11-02 05:25 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2017-11-15 15:20 - 2017-11-02 05:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-11-15 15:20 - 2017-11-02 05:25 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-11-15 15:20 - 2017-11-02 05:24 - 07598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-11-15 15:20 - 2017-11-02 05:24 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-11-15 15:20 - 2017-11-02 05:24 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-11-15 15:20 - 2017-11-02 05:24 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll 2017-11-15 15:20 - 2017-11-02 05:24 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-11-15 15:20 - 2017-11-02 05:23 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-11-15 15:20 - 2017-11-02 05:23 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-11-15 15:20 - 2017-11-02 05:23 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-11-15 15:20 - 2017-11-02 05:22 - 06254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-11-15 15:20 - 2017-11-02 05:22 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-11-15 15:20 - 2017-11-02 05:22 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-11-15 15:20 - 2017-11-02 05:22 - 01884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2017-11-15 15:20 - 2017-11-02 05:22 - 01494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2017-11-15 15:20 - 2017-11-02 05:21 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-11-15 15:20 - 2017-11-02 05:21 - 03653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-11-15 15:20 - 2017-11-02 05:21 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-11-15 15:20 - 2017-11-02 05:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-11-15 15:20 - 2017-10-25 08:40 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-11-15 15:20 - 2017-10-15 16:09 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-11-15 15:20 - 2017-10-15 16:03 - 06765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-11-15 15:20 - 2017-10-15 15:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-11-15 15:20 - 2017-10-15 15:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-11-15 15:20 - 2017-10-15 15:46 - 04544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe 2017-11-15 15:20 - 2017-10-15 15:45 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-11-15 15:20 - 2017-10-15 15:45 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-11-15 15:20 - 2017-10-15 15:44 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-11-15 15:20 - 2017-10-15 15:44 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-11-15 15:20 - 2017-10-15 15:42 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-11-15 15:20 - 2017-10-15 15:42 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-11-15 15:20 - 2017-10-15 15:41 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-11-15 15:20 - 2017-10-15 15:41 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-11-15 15:20 - 2017-10-15 15:38 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-11-15 15:19 - 2017-11-02 06:03 - 00223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-11-15 15:19 - 2017-11-02 05:45 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-11-15 15:19 - 2017-11-02 05:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-11-15 15:19 - 2017-11-02 05:26 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-11-15 15:19 - 2017-11-02 05:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-11-15 15:19 - 2017-10-15 16:01 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-11-15 15:15 - 2017-11-02 05:35 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2017-11-15 15:15 - 2017-11-02 05:35 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-11-15 15:15 - 2017-11-02 05:30 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll 2017-11-15 15:15 - 2017-11-02 05:25 - 03377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-11-15 15:14 - 2017-11-02 06:20 - 00469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2017-11-15 15:14 - 2017-11-02 06:13 - 01345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-11-15 15:14 - 2017-11-02 06:13 - 00095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2017-11-15 15:14 - 2017-11-02 06:12 - 00026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-11-15 15:14 - 2017-11-02 06:05 - 00871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-11-15 15:14 - 2017-11-02 05:37 - 03668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-11-15 15:14 - 2017-11-02 05:35 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-11-15 15:14 - 2017-11-02 05:34 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-11-15 15:14 - 2017-11-02 05:34 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-11-15 15:14 - 2017-11-02 05:34 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2017-11-15 15:14 - 2017-11-02 05:33 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-11-15 15:14 - 2017-11-02 05:33 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll 2017-11-15 15:14 - 2017-11-02 05:30 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-11-15 15:14 - 2017-11-02 05:28 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-11-15 15:14 - 2017-11-02 05:27 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-11-15 15:14 - 2017-11-02 05:26 - 01937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2017-11-15 15:14 - 2017-11-02 05:26 - 00986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-11-15 15:14 - 2017-11-02 05:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-11-15 15:14 - 2017-11-02 05:25 - 00972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-11-15 15:14 - 2017-11-02 05:23 - 02449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-11-15 15:14 - 2017-11-02 05:23 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-11-15 15:14 - 2017-10-15 15:55 - 07910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-11-15 15:14 - 2017-10-15 15:08 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-11-15 15:14 - 2017-10-15 15:04 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-11-15 15:14 - 2017-10-15 15:00 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-11-15 15:13 - 2017-11-02 06:13 - 00546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-11-15 15:13 - 2017-11-02 06:12 - 00714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-11-15 15:13 - 2017-11-02 06:11 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-11-15 15:13 - 2017-11-02 06:10 - 06557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-11-15 15:13 - 2017-11-02 05:37 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-11-15 15:13 - 2017-11-02 05:36 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2017-11-15 15:13 - 2017-11-02 05:34 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll 2017-11-15 15:13 - 2017-11-02 05:34 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-11-15 15:13 - 2017-11-02 05:34 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-11-15 15:13 - 2017-11-02 05:34 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe 2017-11-15 15:13 - 2017-11-02 05:34 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-11-15 15:13 - 2017-11-02 05:33 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll 2017-11-15 15:13 - 2017-11-02 05:32 - 08213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-11-15 15:13 - 2017-11-02 05:32 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2017-11-15 15:13 - 2017-11-02 05:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll 2017-11-15 15:13 - 2017-11-02 05:31 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-11-15 15:13 - 2017-11-02 05:31 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2017-11-15 15:13 - 2017-11-02 05:30 - 00635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-11-15 15:13 - 2017-11-02 05:30 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-11-15 15:13 - 2017-11-02 05:29 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-11-15 15:13 - 2017-11-02 05:29 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-11-15 15:13 - 2017-11-02 05:27 - 00537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2017-11-15 15:13 - 2017-11-02 05:26 - 08197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-11-15 15:13 - 2017-11-02 05:26 - 04445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-11-15 15:13 - 2017-11-02 05:26 - 03060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-11-15 15:13 - 2017-11-02 05:26 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-11-15 15:13 - 2017-11-02 05:25 - 04727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-11-15 15:13 - 2017-11-02 05:25 - 00877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2017-11-15 15:13 - 2017-11-02 05:25 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-11-15 15:13 - 2017-11-02 05:23 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-11-15 15:13 - 2017-10-15 15:49 - 00094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-11-15 15:13 - 2017-10-15 15:15 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-11-15 15:13 - 2017-10-15 15:09 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-11-15 15:13 - 2017-10-15 15:09 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-11-15 15:13 - 2017-10-15 15:05 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-11-15 15:12 - 2017-11-02 06:16 - 08319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-11-15 15:12 - 2017-11-02 06:16 - 02398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-11-15 15:12 - 2017-11-02 06:16 - 02327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-11-15 15:12 - 2017-11-02 06:15 - 01239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-11-15 15:12 - 2017-11-02 06:13 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-11-15 15:12 - 2017-11-02 06:13 - 02443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-11-15 15:12 - 2017-11-02 06:12 - 00643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-11-15 15:12 - 2017-11-02 05:44 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-11-15 15:12 - 2017-11-02 05:34 - 12803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-11-15 15:12 - 2017-11-02 05:33 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2017-11-15 15:12 - 2017-11-02 05:31 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-11-15 15:12 - 2017-11-02 05:30 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-11-15 15:12 - 2017-11-02 05:30 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-11-15 15:12 - 2017-11-02 05:30 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-11-15 15:12 - 2017-11-02 05:29 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-11-15 15:12 - 2017-11-02 05:29 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-11-15 15:12 - 2017-11-02 05:29 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-11-15 15:12 - 2017-11-02 05:28 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-11-15 15:12 - 2017-11-02 05:25 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-11-15 15:12 - 2017-11-02 05:25 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2017-11-15 15:12 - 2017-11-02 05:19 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2017-11-15 15:12 - 2017-10-15 15:57 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-11-15 15:12 - 2017-10-15 15:57 - 00409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-11-15 15:12 - 2017-10-15 15:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-11-15 15:12 - 2017-10-15 15:14 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll 2017-11-15 15:12 - 2017-10-15 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-11-15 15:12 - 2017-10-15 15:10 - 01303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-11-15 15:12 - 2017-10-15 15:07 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-11-15 15:11 - 2017-11-02 06:21 - 01578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-11-15 15:11 - 2017-11-02 06:21 - 00678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-11-15 15:11 - 2017-11-02 06:21 - 00190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-11-15 15:11 - 2017-11-02 06:21 - 00136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-11-15 15:11 - 2017-11-02 06:20 - 00484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-11-15 15:11 - 2017-11-02 06:20 - 00034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-11-15 15:11 - 2017-11-02 06:14 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-11-15 15:11 - 2017-11-02 06:13 - 00212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-11-15 15:11 - 2017-11-02 06:12 - 00727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-11-15 15:11 - 2017-11-02 06:12 - 00430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-11-15 15:11 - 2017-11-02 06:12 - 00412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-11-15 15:11 - 2017-11-02 06:12 - 00319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-11-15 15:11 - 2017-11-02 06:12 - 00144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2017-11-15 15:11 - 2017-11-02 06:12 - 00038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys 2017-11-15 15:11 - 2017-11-02 06:05 - 00187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-11-15 15:11 - 2017-11-02 05:37 - 01278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-11-15 15:11 - 2017-11-02 05:37 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-11-15 15:11 - 2017-11-02 05:37 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-11-15 15:11 - 2017-11-02 05:36 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-11-15 15:11 - 2017-11-02 05:35 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys 2017-11-15 15:11 - 2017-11-02 05:35 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-11-15 15:11 - 2017-11-02 05:30 - 07339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-11-15 15:11 - 2017-11-02 05:30 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-11-15 15:11 - 2017-11-02 05:28 - 23684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-11-15 15:11 - 2017-11-02 05:27 - 02078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-11-15 15:11 - 2017-11-02 05:27 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-11-15 15:11 - 2017-11-02 05:24 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-11-15 15:11 - 2017-10-15 15:53 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-11-15 15:11 - 2017-10-15 15:08 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-11-15 15:11 - 2017-10-15 15:07 - 05776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe 2017-11-15 15:11 - 2017-10-15 15:05 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-11-15 15:11 - 2017-10-15 15:02 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2017-11-15 15:10 - 2017-11-02 06:21 - 00612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-11-15 15:10 - 2017-11-02 06:21 - 00379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-11-15 15:10 - 2017-11-02 06:20 - 02032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2017-11-15 15:10 - 2017-11-02 06:20 - 01144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-11-15 15:10 - 2017-11-02 06:20 - 01015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-11-15 15:10 - 2017-11-02 06:20 - 00965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-11-15 15:10 - 2017-11-02 06:20 - 00821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-11-15 15:10 - 2017-11-02 06:20 - 00613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-11-15 15:10 - 2017-11-02 06:20 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-11-15 15:10 - 2017-11-02 06:20 - 00259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-11-15 15:10 - 2017-11-02 06:15 - 00503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2017-11-15 15:10 - 2017-11-02 06:14 - 00067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2017-11-15 15:10 - 2017-11-02 06:12 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-11-15 15:10 - 2017-11-02 05:33 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-11-15 15:10 - 2017-11-02 05:28 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-11-15 15:10 - 2017-11-02 05:28 - 00939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-11-15 15:10 - 2017-11-02 05:26 - 02809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-11-15 15:10 - 2017-11-02 05:25 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-11-15 15:10 - 2017-10-15 15:59 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-11-15 15:10 - 2017-10-15 15:56 - 00872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-11-15 13:46 - 2017-11-15 13:46 - 00000904 _____ C:\Users\Public\Desktop\StarCraft II.lnk 2017-11-15 13:46 - 2017-11-15 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II 2017-11-15 13:31 - 2017-11-15 15:15 - 00000000 ____D C:\Program Files (x86)\StarCraft II 2017-11-15 13:31 - 2017-11-15 13:31 - 00000000 ____D C:\Users\Gr\Documents\StarCraft II 2017-11-15 13:30 - 2017-11-15 13:30 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2017-11-15 13:28 - 2017-11-15 15:18 - 00000000 ____D C:\Users\Gr\AppData\Local\Battle.net 2017-11-15 13:28 - 2017-11-15 13:30 - 00000000 ____D C:\Users\Gr\AppData\Roaming\Battle.net 2017-11-15 13:28 - 2017-11-15 13:28 - 00000972 _____ C:\Users\Public\Desktop\Battle.net.lnk 2017-11-15 13:28 - 2017-11-15 13:28 - 00000000 ____D C:\Users\Gr\AppData\Local\Blizzard Entertainment 2017-11-15 13:28 - 2017-11-15 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2017-11-15 13:27 - 2017-11-15 13:28 - 00000000 ____D C:\Program Files (x86)\Battle.net 2017-11-15 13:26 - 2017-11-15 13:26 - 00000000 ____D C:\Users\Gr\AppData\Local\Blizzard 2017-11-15 13:26 - 2017-11-15 13:26 - 00000000 ____D C:\ProgramData\Battle.net 2017-11-15 13:25 - 2017-11-15 13:26 - 04215792 _____ (Blizzard Entertainment) C:\Users\Gr\Desktop\StarCraft-II-Setup.exe 2017-11-13 19:39 - 2017-11-13 19:40 - 00010775 _____ C:\Users\Gr\Downloads\The_Walking_Dead_08x04_Some_Guy.zip 2017-11-13 16:56 - 2017-11-13 16:56 - 00003674 _____ C:\WINDOWS\System32\Tasks\GlaryUpdate 5 2017-11-13 15:08 - 2017-11-13 15:08 - 00001245 _____ C:\Users\Gr\Downloads\The.Walking.Dead.S08E04.HDTV.x264-SVA.torrent 2017-11-12 22:48 - 2017-11-15 21:48 - 00000723 _____ C:\WINDOWS\setupact.log 2017-11-12 22:48 - 2017-11-12 22:48 - 00000000 _____ C:\WINDOWS\setuperr.log 2017-11-12 17:57 - 2017-11-12 17:57 - 00086016 _____ C:\WINDOWS\system32\config\SYSTEM.gu 2017-11-12 17:56 - 2017-11-03 09:07 - 00035832 _____ (Glarysoft Ltd) C:\WINDOWS\system32\RegBootDefrag.exe 2017-11-12 09:47 - 2017-11-12 09:47 - 00039388 _____ C:\Users\Gr\Downloads\19256-UFC.Fight.Night.120.WEB-DL.H264.Fight-BB.mp4.torrent 2017-11-11 19:52 - 2017-11-19 20:12 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2017-11-11 17:21 - 2017-11-03 09:06 - 00124920 _____ (Glarysoft Ltd) C:\WINDOWS\system32\BootDefrag.exe 2017-11-11 17:21 - 2016-06-23 02:45 - 00017600 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\BootDefragDriver.sys 2017-11-10 15:02 - 2017-11-10 15:43 - 1275709308 _____ C:\Users\Gr\Downloads\xiaomi.eu_multi_MI6_7.11.9_v9-7.1.zip 2017-11-08 21:47 - 2017-11-08 21:47 - 00000000 ____D C:\ProgramData\GlarySoft 2017-11-08 21:21 - 2017-11-08 21:29 - 00000000 ____D C:\Program Files (x86)\Malware Hunter Suite 2017-11-08 21:18 - 2017-11-08 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot 2017-11-08 21:18 - 2017-11-08 21:18 - 00000000 ____D C:\Program Files\Greenshot 2017-11-08 21:08 - 2017-11-08 21:08 - 00001020 _____ C:\Users\Gr\Desktop\Seer.lnk 2017-11-08 21:07 - 2017-11-08 21:08 - 00000000 ____D C:\Program Files (x86)\Seer 2017-11-08 21:06 - 2017-11-08 21:06 - 00009058 _____ C:\Users\Gr\Downloads\SpyHunter Malware Security Suite.rar.torrent 2017-11-08 16:53 - 2017-11-13 16:56 - 00000000 ____D C:\Users\Gr\AppData\Roaming\GlarySoft 2017-11-08 16:53 - 2017-11-12 17:02 - 00000000 ____D C:\Users\Gr\AppData\Roaming\DiskDefrag 2017-11-08 16:53 - 2017-11-08 20:50 - 00003372 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5 2017-11-08 16:53 - 2017-11-08 20:50 - 00003020 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC 2017-11-08 16:53 - 2017-11-08 20:50 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2017-11-08 16:53 - 2017-11-08 20:50 - 00001149 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk 2017-11-08 16:53 - 2017-11-08 16:53 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys 2017-11-08 16:53 - 2017-11-08 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2017-11-08 16:52 - 2017-11-13 12:25 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5 2017-11-08 12:31 - 2017-11-08 12:31 - 00067930 _____ C:\Users\Gr\Downloads\Glary.Utilities.Pro.5.71.0.92.Final+portable.torrent 2017-11-08 09:22 - 2017-11-08 17:01 - 00000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2017-11-08 09:22 - 2017-11-08 12:23 - 00000000 ____D C:\ProgramData\AomeiBR 2017-11-08 09:22 - 2017-11-08 09:22 - 00001024 ____H C:\SYSTAG.BIN 2017-11-08 09:22 - 2017-09-01 18:12 - 00038320 _____ C:\WINDOWS\system32\amwrtdrv.sys 2017-11-08 09:22 - 2016-12-21 22:54 - 00051120 _____ C:\WINDOWS\system32\ambakdrv.sys 2017-11-08 09:22 - 2016-12-21 22:52 - 00171952 _____ C:\WINDOWS\system32\ammntdrv.sys 2017-11-07 22:54 - 2017-11-08 08:40 - 00000000 ____D C:\Users\Gr\AppData\Roaming\Genie9 2017-11-07 22:50 - 2017-11-07 22:50 - 00000000 ____D C:\Users\Gr\Downloads\LaCie_Private-Public_Win_1.0.0 2017-11-07 22:49 - 2017-11-07 22:49 - 00000000 ____D C:\Users\Gr\AppData\Roaming\Genie-Soft 2017-11-07 22:45 - 2017-11-07 22:46 - 01440424 _____ C:\Users\Gr\Downloads\LaCie_Private-Public_Win_1.0.0.zip 2017-11-06 16:09 - 2017-11-06 16:09 - 00024216 _____ C:\Users\Gr\Downloads\The_Walking_Dead_08x03_Monsters.zip 2017-11-06 13:31 - 2017-11-06 13:31 - 00001165 _____ C:\Users\Gr\Downloads\The.Walking.Dead.S08E03.HDTV.x264-SVA.torrent 2017-11-06 10:45 - 2017-11-06 16:10 - 00015788 _____ C:\Users\Gr\Desktop\The.Walking.Dead.S08E03.HDTV.x264-SVA.txt 2017-11-06 01:24 - 2017-11-06 01:24 - 00061050 _____ C:\Users\Gr\Downloads\Call.of.Duty.WWII.Deluxe.Edition.2017.MULTi10-ElAmigos.torrent 2017-11-05 14:48 - 2017-11-05 14:48 - 00178848 _____ C:\Users\Gr\Downloads\19256-UFC.217.PPV.Bisping.vs.St.Pierre.HDTV.x264-Ebi.mp4.torrent 2017-11-04 13:50 - 2017-11-04 13:50 - 00000000 ____D C:\Users\Gr\AppData\Roaming\Obsidium 2017-11-04 10:37 - 2017-11-04 10:37 - 00019831 _____ C:\Users\Gr\Downloads\Malwarebytes Anti-Malware Premium 3.1.2.1733.rar.torrent 2017-11-04 10:37 - 2017-11-04 10:37 - 00015354 _____ C:\Users\Gr\Downloads\Wind.River.2017.720p.WEB-DL.x264.DD5.1-R2D2.torrent 2017-11-03 19:26 - 2017-11-03 20:07 - 1273942236 _____ C:\Users\Gr\Downloads\xiaomi.eu_multi_MI6_7.11.2_v9-7.1.zip 2017-11-02 21:04 - 2014-02-21 05:20 - 00248512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SQSRVRES.DLL 2017-11-02 20:57 - 2017-11-02 20:57 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010 2017-11-02 20:57 - 2017-11-02 20:57 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010 2017-11-02 18:42 - 2017-11-18 19:51 - 00000000 ____D C:\Users\MSSQLFDLauncher 2017-11-02 18:42 - 2017-11-18 19:49 - 00000000 ____D C:\Users\ReportServer 2017-11-02 18:42 - 2017-11-02 18:44 - 00000000 ____D C:\Users\Gr\Documents\SQL Server Management Studio 2017-11-02 18:42 - 2017-11-02 18:42 - 00000020 ___SH C:\Users\ReportServer\ntuser.ini 2017-11-02 18:42 - 2017-11-02 18:42 - 00000020 ___SH C:\Users\MSSQLFDLauncher\ntuser.ini 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\Ustawienia lokalne 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\Szablony 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\Moje dokumenty 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\Menu Start 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\Documents\Moje wideo 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\Documents\Moje obrazy 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\Documents\Moja muzyka 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\Dane aplikacji 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\AppData\Local\Historia 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\ReportServer\AppData\Local\Dane aplikacji 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\Ustawienia lokalne 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\Szablony 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\Moje dokumenty 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\Menu Start 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\Documents\Moje wideo 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\Documents\Moje obrazy 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\Documents\Moja muzyka 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\Dane aplikacji 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\AppData\Local\Historia 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 _SHDL C:\Users\MSSQLFDLauncher\AppData\Local\Dane aplikacji 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 ____D C:\Users\ReportServer\AppData\Local\TileDataLayer 2017-11-02 18:42 - 2017-11-02 18:42 - 00000000 ____D C:\Users\MSSQLFDLauncher\AppData\Local\TileDataLayer 2017-11-02 18:42 - 2017-07-12 00:43 - 00000000 ___RD C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2017-11-02 18:42 - 2017-07-12 00:43 - 00000000 ___RD C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2017-11-02 18:42 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2017-11-02 18:42 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2017-11-02 18:42 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2017-11-02 18:42 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2017-11-02 18:42 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2017-11-02 18:42 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2017-11-02 18:42 - 2017-03-18 22:03 - 00000000 ____D C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2017-11-02 18:42 - 2017-03-18 22:03 - 00000000 ____D C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2017-11-02 18:42 - 2016-10-06 18:54 - 00000000 ____D C:\Users\ReportServer\AppData\Local\Microsoft Help 2017-11-02 18:42 - 2016-10-06 18:54 - 00000000 ____D C:\Users\MSSQLFDLauncher\AppData\Local\Microsoft Help 2017-11-02 18:41 - 2014-02-21 05:20 - 00052416 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-ReportServer-rsctr12.0.2000.8.dll 2017-11-02 18:41 - 2014-02-21 05:20 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-ReportServer-rsctr12.0.2000.8.dll 2017-11-02 18:39 - 2017-11-02 18:39 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2017-11-02 18:39 - 2017-11-02 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2017-11-02 18:37 - 2017-11-02 18:37 - 00000000 ____D C:\Users\Gr\Documents\Visual Studio 2010 2017-11-02 18:36 - 2017-11-02 18:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0 2017-11-02 18:35 - 2017-11-02 18:35 - 00000000 ____D C:\WINDOWS\symbols 2017-11-02 18:35 - 2017-11-02 18:35 - 00000000 ____D C:\WINDOWS\PCHEALTH 2017-11-02 18:35 - 2017-11-02 18:35 - 00000000 ____D C:\Program Files\Microsoft Help Viewer 2017-11-02 16:53 - 2017-11-02 16:53 - 00000000 ____D C:\Users\Gr\AppData\Local\Microsoft_Corporation 2017-11-02 16:52 - 2017-11-18 19:49 - 00000000 ____D C:\Users\MSSQLSERVER 2017-11-02 16:52 - 2017-11-02 16:52 - 00000020 ___SH C:\Users\MSSQLSERVER\ntuser.ini 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\Ustawienia lokalne 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\Szablony 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\Moje dokumenty 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\Menu Start 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\Documents\Moje wideo 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\Documents\Moje obrazy 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\Documents\Moja muzyka 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\Dane aplikacji 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\AppData\Local\Historia 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 _SHDL C:\Users\MSSQLSERVER\AppData\Local\Dane aplikacji 2017-11-02 16:52 - 2017-11-02 16:52 - 00000000 ____D C:\Users\MSSQLSERVER\AppData\Local\TileDataLayer 2017-11-02 16:52 - 2017-07-12 00:43 - 00000000 ___RD C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2017-11-02 16:52 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2017-11-02 16:52 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2017-11-02 16:52 - 2017-03-18 22:03 - 00000000 ___RD C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2017-11-02 16:52 - 2017-03-18 22:03 - 00000000 ____D C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2017-11-02 16:52 - 2016-10-06 18:54 - 00000000 ____D C:\Users\MSSQLSERVER\AppData\Local\Microsoft Help 2017-11-02 16:51 - 2014-02-21 05:27 - 00172224 _____ (Microsoft Corporation) C:\WINDOWS\system32\hadrres.dll 2017-11-02 16:51 - 2014-02-21 05:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fssres.dll 2017-11-02 16:51 - 2014-02-21 05:20 - 00103104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-MSSQLSERVER-sqlctr12.0.2000.8.dll 2017-11-02 16:51 - 2014-02-21 05:20 - 00088768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-MSSQLSERVER-sqlctr12.0.2000.8.dll 2017-11-02 16:51 - 2014-02-21 05:20 - 00056000 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-MSSQL12.MSSQLSERVER-sqlagtctr.dll 2017-11-02 16:51 - 2014-02-21 05:20 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-MSSQL12.MSSQLSERVER-sqlagtctr.dll 2017-11-02 16:50 - 2017-11-02 16:50 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0 2017-11-02 16:49 - 2017-11-02 16:49 - 00000000 ____D C:\WINDOWS\system32\RsFx 2017-11-02 16:49 - 2017-11-02 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 2017-11-02 16:48 - 2017-11-02 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014 2017-11-02 15:02 - 2017-11-02 15:02 - 00000000 ____D C:\Users\Gr\Documents\Visual Studio 2017 2017-11-02 14:58 - 2017-11-02 14:58 - 00000000 ____D C:\Program Files (x86)\Entity Framework Tools 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\3082 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\2052 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1055 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1049 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1046 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1045 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1042 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1041 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1040 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1036 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1031 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1029 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\SysWOW64\1028 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\3082 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\2052 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1055 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1049 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1046 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1045 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1042 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1041 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1040 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1036 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1031 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1029 2017-11-02 14:57 - 2017-11-02 14:58 - 00000000 ____D C:\WINDOWS\system32\1028 2017-11-02 14:47 - 2017-11-02 14:47 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits 2017-11-02 14:42 - 2017-11-02 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2017-11-02 14:42 - 2017-11-02 14:42 - 00000000 ____D C:\ProgramData\Windows App Certification Kit 2017-11-02 14:42 - 2017-11-02 14:42 - 00000000 ____D C:\Program Files\Application Verifier 2017-11-02 14:42 - 2017-11-02 14:42 - 00000000 ____D C:\Program Files (x86)\Application Verifier 2017-11-02 13:46 - 2017-11-02 13:46 - 00001796 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk 2017-11-02 13:46 - 2017-11-02 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017 2017-11-02 13:43 - 2017-11-02 13:43 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk 2017-11-02 13:41 - 2017-11-02 13:41 - 00001355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2017-11-02 13:40 - 2017-11-02 15:34 - 00000000 ____D C:\Users\Gr\AppData\Roaming\Visual Studio Setup 2017-11-02 13:40 - 2017-11-02 14:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2017-11-02 13:40 - 2017-11-02 13:41 - 00000000 ____D C:\Users\Gr\AppData\Roaming\vstelemetry 2017-11-02 13:40 - 2017-11-02 13:40 - 00000000 ____D C:\Users\Gr\AppData\Local\ServiceHub 2017-10-30 15:14 - 2017-10-30 15:14 - 00001105 _____ C:\Users\Gr\Downloads\The.Walking.Dead.S08E02.HDTV.x264-SVA.torrent 2017-10-23 18:58 - 2017-10-23 20:28 - 2511582108 _____ C:\Users\Gr\Downloads\The.Walking.Dead.S08E01.720p.HDTV.x264-AVS.mkv 2017-10-20 11:32 - 2017-10-20 11:39 - 1269955255 _____ C:\Users\Gr\Downloads\xiaomi.eu_multi_MI6_7.10.19_v9-7.1.zip 2017-10-20 10:59 - 2017-10-20 10:59 - 00622789 _____ C:\Users\Gr\Downloads\ticketdirect-1.zip ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-19 21:18 - 2015-07-08 11:32 - 00000000 ____D C:\FRST 2017-11-19 21:14 - 2015-05-26 20:09 - 00000000 ____D C:\Users\Gr\AppData\Roaming\uTorrent 2017-11-19 21:10 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\sru 2017-11-19 21:08 - 2017-05-20 12:11 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{678E6168-DA67-4E4C-BC0D-F53E803392DE} 2017-11-19 21:06 - 2017-05-20 11:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-11-19 20:15 - 2017-09-16 10:58 - 00000000 ____D C:\Users\Gr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software 2017-11-19 20:09 - 2017-05-20 12:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-11-19 20:09 - 2016-10-06 18:39 - 00000000 ____D C:\ProgramData\NVIDIA 2017-11-19 20:08 - 2017-03-18 12:40 - 01572864 _____ C:\WINDOWS\system32\config\BBI 2017-11-19 20:03 - 2015-06-09 16:32 - 00000000 ____D C:\AdwCleaner 2017-11-19 19:34 - 2016-01-21 16:26 - 00000000 ____D C:\Users\Gr\AppData\Local\CrashDumps 2017-11-19 19:31 - 2017-05-20 11:33 - 03066054 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-11-19 19:31 - 2017-03-20 04:59 - 01362146 _____ C:\WINDOWS\system32\perfh015.dat 2017-11-19 19:31 - 2017-03-20 04:59 - 00344388 _____ C:\WINDOWS\system32\perfc015.dat 2017-11-19 18:52 - 2017-05-20 12:11 - 00003996 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1432666121 2017-11-19 18:52 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-11-19 18:52 - 2015-05-26 19:41 - 00000000 ____D C:\Program Files (x86)\Opera 2017-11-18 19:54 - 2017-05-20 11:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-11-18 19:54 - 2015-05-27 17:44 - 00000000 ____D C:\Users\Gr\AppData\Local\NVIDIA Corporation 2017-11-18 19:50 - 2017-05-20 12:11 - 00004700 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-11-18 19:50 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-11-18 19:50 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-11-15 21:50 - 2017-05-20 11:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-11-15 21:50 - 2017-05-20 11:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-11-15 21:47 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\Help 2017-11-15 21:38 - 2017-05-20 11:34 - 00000000 ____D C:\Users\Gr 2017-11-15 21:37 - 2016-08-14 15:11 - 00000000 ____D C:\Users\Gr\AppData\Roaming\NVIDIA 2017-11-15 21:37 - 2015-05-27 17:43 - 00000000 ____D C:\Users\Gr\AppData\Local\NVIDIA 2017-11-15 20:25 - 2016-03-21 19:30 - 00000000 ____D C:\Games 2017-11-15 20:24 - 2015-05-26 19:56 - 00000000 ____D C:\Program Files (x86)\Steam 2017-11-15 19:50 - 2016-06-24 19:00 - 00000000 ____D C:\Users\Gr\AppData\Local\Greenshot 2017-11-15 19:00 - 2017-05-20 11:25 - 00467936 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-11-15 15:59 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-11-15 15:59 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-11-15 15:59 - 2017-03-18 22:03 - 00000000 ____D C:\WINDOWS\Provisioning 2017-11-15 15:59 - 2017-03-18 22:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-11-15 15:59 - 2017-03-18 22:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-11-15 15:46 - 2017-03-18 21:51 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-11-15 13:42 - 2015-05-26 19:57 - 00000000 ____D C:\Users\Gr\AppData\Roaming\Origin 2017-11-15 13:42 - 2015-05-26 19:35 - 00000000 ____D C:\ProgramData\Origin 2017-11-15 13:00 - 2017-05-20 12:11 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-11-15 13:00 - 2015-11-11 10:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-11-15 12:08 - 2015-05-30 10:50 - 00000000 ____D C:\Users\Gr\AppData\Roaming\vlc 2017-11-14 23:48 - 2017-05-20 11:31 - 00532088 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2017-11-14 23:48 - 2017-05-20 11:31 - 00437880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2017-11-14 23:48 - 2016-05-20 10:38 - 00186488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-11-14 23:48 - 2016-05-20 10:38 - 00152696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-11-14 23:48 - 2016-05-20 10:38 - 00050808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-11-12 17:57 - 2017-03-20 04:57 - 172228608 _____ C:\WINDOWS\system32\config\SOFTWARE.gu.bak 2017-11-12 17:57 - 2017-03-18 12:40 - 20971520 _____ C:\WINDOWS\system32\config\SYSTEM.gu.bak 2017-11-12 17:57 - 2017-03-18 12:40 - 00065536 _____ C:\WINDOWS\system32\config\SECURITY.gu.bak 2017-11-12 17:56 - 2017-03-18 12:40 - 13369344 _____ C:\WINDOWS\system32\config\DEFAULT.gu.bak 2017-11-11 14:33 - 2015-11-22 20:50 - 00000887 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2017-11-10 15:08 - 2015-11-03 20:14 - 00000000 ____D C:\Users\Gr\AppData\Local\JDownloader v2.0 2017-11-09 21:06 - 2016-03-20 21:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-11-08 21:36 - 2015-05-26 04:07 - 00000000 ____D C:\ProgramData\Samsung 2017-11-08 21:30 - 2015-06-11 16:22 - 00000000 ____D C:\Program Files\Autodesk 2017-11-08 21:29 - 2015-06-11 16:15 - 00000000 ____D C:\Program Files (x86)\Autodesk 2017-11-08 21:29 - 2012-11-09 17:22 - 00000000 ____D C:\Program Files (x86)\Samsung 2017-11-08 21:15 - 2015-08-31 12:44 - 00000000 ____D C:\Users\Gr\AppData\Local\Spotify 2017-11-08 21:13 - 2015-08-31 12:44 - 00000000 ____D C:\Users\Gr\AppData\Roaming\Spotify 2017-11-08 21:10 - 2016-10-15 19:19 - 00000000 ____D C:\Program Files (x86)\ipla 2017-11-08 21:00 - 2016-01-18 23:17 - 00000000 ____D C:\Users\Gr\AppData\Roaming\TeamViewer 2017-11-08 08:40 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated 2017-11-07 18:45 - 2017-07-30 21:00 - 00003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1946104158-849987808-3721883152-1001 2017-11-07 18:45 - 2015-08-01 11:32 - 00002435 _____ C:\Users\Gr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-11-07 18:45 - 2015-06-09 16:09 - 00000000 ___RD C:\Users\Gr\OneDrive 2017-11-05 16:56 - 2016-11-23 21:19 - 00000000 ____D C:\Users\Gr\AppData\Roaming\.ACEStream 2017-11-05 16:52 - 2016-11-23 21:20 - 00000000 ___HD C:\_acestream_cache_ 2017-11-05 02:40 - 2017-03-18 22:06 - 00835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-11-05 02:40 - 2017-03-18 22:06 - 00177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-11-04 14:03 - 2015-05-30 11:52 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-11-03 18:44 - 2015-05-26 19:34 - 00000000 ____D C:\Program Files (x86)\Origin 2017-11-02 21:01 - 2016-10-08 19:11 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2017-11-02 21:01 - 2016-10-08 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-11-02 16:48 - 2016-10-08 19:11 - 00000000 ____D C:\WINDOWS\SysWOW64\1033 2017-11-02 16:48 - 2016-10-08 19:09 - 00000000 ____D C:\WINDOWS\system32\1033 2017-11-02 16:03 - 2015-05-27 16:23 - 00000000 ____D C:\Program Files (x86)\Origin Games 2017-11-02 15:01 - 2015-05-26 08:25 - 00000000 ____D C:\ProgramData\Package Cache 2017-11-02 14:46 - 2016-10-08 19:06 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2017-11-02 14:42 - 2016-10-08 19:06 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2017-11-02 14:38 - 2016-10-08 19:23 - 00000000 ____D C:\Program Files (x86)\NuGet 2017-11-02 13:46 - 2017-05-20 11:59 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-10-31 16:46 - 2015-05-24 08:24 - 00000000 ____D C:\Users\Gr\AppData\Local\Packages 2017-10-30 18:17 - 2016-01-06 12:57 - 00000000 ____D C:\ProgramData\Napisy24 2017-10-29 18:02 - 2015-05-26 20:05 - 00000000 ____D C:\ProgramData\Oracle 2017-10-29 17:33 - 2015-05-26 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-10-29 17:33 - 2015-05-26 20:05 - 00000000 ____D C:\Program Files (x86)\Java 2017-10-29 17:32 - 2015-05-26 20:05 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-10-29 17:30 - 2017-05-20 12:11 - 00004486 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-10-29 17:30 - 2015-05-26 19:57 - 00000000 ____D C:\Users\Gr\AppData\Local\Adobe 2017-10-27 16:56 - 2017-02-12 18:46 - 00009216 _____ C:\Users\Gr\Downloads\Ewidencja czasu pracy październik 2017.xls ==================== Files in the root of some directories ======= 2015-06-02 13:31 - 2015-06-23 14:09 - 0000308 _____ () C:\Program Files (x86)\ClientRegistry.blob 2017-05-20 11:32 - 2017-05-20 11:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-06-11 16:26 - 2015-06-11 16:26 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2015-07-09 11:46 - 2015-07-09 11:46 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Some files in TEMP: ==================== C:\Users\Gr\AppData\Local\Temp\AcDeltree.exe C:\Users\Gr\AppData\Local\Temp\gusetup4.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-11-12 12:28 ==================== End of log ============================