Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 14.11.2018 Uruchomiony przez Piotr (administrator) JEŻ (15-11-2018 17:05:06) Uruchomiony z E:\downloads Załadowane profile: Piotr (Dostępne profile: Piotr & Administrator & DefaultAppPool) Platform: Microsoft Windows 10 Home Wersja 1803 17134.407 (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (COMODO) C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Gigabyte Technology CO., LTD.) C:\Program Files\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe (Microsoft Corporation) C:\Windows\System32\snmp.exe (Microsoft Corporation) C:\Windows\System32\snmptrap.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x86__kzf8qxf38zg5c\SkypeApp.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x86__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Gigabyte Technology CO., LTD.) C:\Program Files\GIGABYTE\smart6\timelock\AlarmClock.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (COMODO) C:\Program Files\COMODO\Internet Security Essentials\vkise.exe () C:\Program Files\Rainlendar2\Rainlendar2.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [PrnStatusMX] => C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [1077248 2012-07-04] (Marvell Semiconductor, Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [16557512 2018-08-01] (Realtek Semiconductor) HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [4260040 2018-06-22] (COMODO) HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1484480 2018-06-18] (COMODO) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation) HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] () HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\Run: [Legimi dla Kindle] => C:\Users\Piotr\AppData\Local\Programs\Legimi dla Kindle\Legimi dla Kindle.exe [1135008 2017-11-27] (Legimi sp. z o.o.) HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation) HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd) HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\MountPoints2: {f36089be-a7b5-11e0-ad3a-806e6f6e6963} - "D:\Autorun.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2018-09-29] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0288e6d6-baed-4fdd-95eb-c6d626ab2898}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{113c6ad0-21fb-4431-b794-cbab77df596e}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{306513f9-a9b4-445f-9f7f-7fdd11c555e3}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{d1f0ccb7-7dbe-4109-a6d9-089cdaa00735}: [NameServer] 194.204.152.34,194.204.159.1 Tcpip\..\Interfaces\{d1f0ccb7-7dbe-4109-a6d9-089cdaa00735}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{f73c7d60-9fcd-448e-bd5c-e536e7afd138}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/?fr=vmn&type=auslog_ya_hp SearchScopes: HKU\S-1-5-21-2399471354-2781755390-4139130681-1000 -> {93731F81-2798-4460-A356-E16E18DB266F} URL = hxxp://www.allegro.pl/search.php?sg=0&string={searchTerms} SearchScopes: HKU\S-1-5-21-2399471354-2781755390-4139130681-1000 -> {FF37A499-90B8-4284-A336-CE9927E12330} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-24] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-24] (Oracle Corporation) FireFox: ======== FF DefaultProfile: k7pq1yoi.default-1515323035174 FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174 [2018-11-15] FF Homepage: Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174 -> hxxps://www.google.pl/ FF Extension: (Brak nazwy) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\@react-devtools.xpi [2018-10-23] FF Extension: (ADB Helper) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\adbhelper@mozilla.org.xpi [2018-08-09] [Przestarzałe] FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2018-06-02] FF Extension: (English (GB) Language Pack) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2018-10-24] FF Extension: (Polski słownik poprawnej pisowni) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\pl@dictionaries.addons.mozilla.org [2018-04-15] [Przestarzałe] FF Extension: (PerfectPixel by WellDoneCode) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\{4c47d1b1-c33d-4b05-908f-90c05bf6e2ab}.xpi [2018-10-17] FF Extension: (ColorZilla) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2018-04-26] FF Extension: (OurStickys - Sticky Notes on every page) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\{980500da-0b6d-4de9-ad90-93d17605276b}.xpi [2018-04-05] FF Extension: (Web Developer) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k7pq1yoi.default-1515323035174\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2018-01-11] FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\kih9jpwe.dev-edition-default [2018-11-06] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.8.0.50\coFFAddon => nie znaleziono FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] () FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku] FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku] FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-24] (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe Chrome: ======= CHR Profile: C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default [2018-11-06] CHR Extension: (Dokumenty) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-20] CHR Extension: (Note Anywhere) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohahkiiknkelflnjjlipnaeapefmjbh [2018-04-05] CHR Extension: (PerfectPixel by WellDoneCode) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkaagdgjmgdmbnecmcefdhjekcoceebi [2018-06-30] CHR Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2018-06-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05] CHR Extension: (e-pity - dodatek) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2018-04-30] CHR Extension: (Chrome Media Router) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-30] CHR HKLM\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [8683840 2018-06-18] (COMODO) R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2080448 2018-06-18] (COMODO) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [1041608 2018-06-22] (COMODO) S3 jswpsapi; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2016-02-09] (Wireless) [Brak podpisu cyfrowego] R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation) R2 Smart TimeLock; C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [Brak podpisu cyfrowego] S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] () R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2017-03-22] (DEVGURU Co., LTD.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3287728 2018-07-31] (Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [91648 2018-07-31] (Microsoft Corporation) S2 WsAppService; C:\Program Files\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-12-14] (Wondershare) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [14872 2018-05-23] (COMODO) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39264 2018-05-23] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [653328 2018-05-23] (COMODO) R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [46040 2018-05-23] (COMODO) S3 EraserUtilDrv11720; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11720.sys [126592 2017-07-25] (Symantec Corporation) S3 gdrv; C:\Windows\gdrv.sys [17488 2015-12-17] (Windows (R) 2000 DDK provider) S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2011-08-07] () R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [48272 2018-11-10] (REALiX(tm)) R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [113496 2018-05-23] (COMODO) R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [49640 2017-12-13] (COMODO) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [53616 2018-08-01] (NVIDIA Corporation) R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [958176 2018-08-01] (Realtek ) R3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [7569824 2018-09-17] (Realtek Semiconductor Corporation ) S3 SG762_XP; C:\WINDOWS\System32\DRIVERS\WlanBZXP.sys [402432 2006-01-19] (ZyDAS Technology Corporation) [Brak podpisu cyfrowego] R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2016-12-24] (Synaptics Incorporated) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [185464 2018-08-14] (Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [193264 2018-08-14] (Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38904 2018-07-31] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [279592 2018-07-31] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [46120 2018-07-31] (Microsoft Corporation) S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-11-15 17:04 - 2018-11-15 17:05 - 000000000 ____D C:\FRST 2018-11-15 11:58 - 2018-11-15 11:58 - 000113468 _____ C:\Users\Piotr\Desktop\Unlocker — kopia.7z 2018-11-15 11:57 - 2018-11-15 11:57 - 000000000 ____D C:\Users\Piotr\Desktop\Unlocker — kopia 2018-11-14 15:02 - 2018-11-05 18:34 - 000835168 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2018-11-14 15:02 - 2018-11-05 18:34 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2018-11-14 12:48 - 2018-11-01 11:10 - 004939408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2018-11-14 12:48 - 2018-11-01 11:10 - 001362440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2018-11-14 12:48 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2018-11-14 12:48 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2018-11-14 12:48 - 2018-11-01 10:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2018-11-14 12:48 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-11-14 12:48 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2018-11-14 12:48 - 2018-11-01 05:53 - 000994480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2018-11-14 12:48 - 2018-11-01 05:50 - 004171920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2018-11-14 12:48 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2018-11-14 12:48 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-11-14 12:48 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-11-14 12:48 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2018-11-14 12:48 - 2018-11-01 05:48 - 002351416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2018-11-14 12:48 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2018-11-14 12:48 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2018-11-14 12:48 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2018-11-14 12:48 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll 2018-11-14 12:48 - 2018-11-01 05:47 - 006687032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-11-14 12:48 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-11-14 12:48 - 2018-11-01 05:47 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2018-11-14 12:48 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2018-11-14 12:48 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2018-11-14 12:48 - 2018-11-01 05:47 - 000817768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-11-14 12:48 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-11-14 12:48 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-11-14 12:48 - 2018-11-01 05:35 - 003255296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2018-11-14 12:48 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2018-11-14 12:48 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2018-11-14 12:48 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-11-14 12:48 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2018-11-14 12:48 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2018-11-14 12:48 - 2018-11-01 05:31 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2018-11-14 12:48 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2018-11-14 12:48 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-11-14 12:48 - 2018-11-01 05:30 - 002808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-11-14 12:48 - 2018-11-01 05:30 - 002278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-11-14 12:48 - 2018-11-01 05:30 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-11-14 12:48 - 2018-11-01 05:30 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-11-14 12:48 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2018-11-14 12:48 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2018-11-14 12:48 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2018-11-14 12:48 - 2018-11-01 05:28 - 000441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2018-11-14 12:48 - 2018-11-01 05:27 - 001741312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2018-11-14 12:48 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-11-14 12:48 - 2018-11-01 05:27 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2018-11-14 12:48 - 2018-11-01 05:27 - 000977408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2018-11-14 12:48 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2018-11-14 12:48 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-11-14 12:48 - 2018-11-01 05:27 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2018-11-14 12:48 - 2018-10-21 12:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2018-11-14 12:48 - 2018-10-21 12:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-11-14 12:48 - 2018-10-21 12:37 - 001530560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2018-11-14 12:48 - 2018-10-21 12:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-11-14 12:48 - 2018-10-21 12:26 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-11-14 12:48 - 2018-10-21 12:26 - 003458560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2018-11-14 12:48 - 2018-10-21 12:24 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2018-11-14 12:48 - 2018-10-21 12:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2018-11-14 12:48 - 2018-10-21 08:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2018-11-14 12:48 - 2018-10-21 08:19 - 001618376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-11-14 12:48 - 2018-10-21 08:19 - 001190696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-11-14 12:48 - 2018-10-21 08:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2018-11-14 12:48 - 2018-10-21 08:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2018-11-14 12:48 - 2018-10-21 08:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2018-11-14 12:48 - 2018-10-21 08:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2018-11-14 12:48 - 2018-10-21 08:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2018-11-14 12:48 - 2018-10-21 07:58 - 002198528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2018-11-14 12:48 - 2018-10-21 07:58 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2018-11-14 12:48 - 2018-10-21 07:58 - 001224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2018-11-14 12:48 - 2018-10-21 07:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2018-11-14 12:48 - 2018-10-21 07:57 - 002412544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2018-11-14 12:48 - 2018-10-21 07:56 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2018-11-14 12:48 - 2018-10-21 07:56 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2018-11-14 12:48 - 2018-10-21 07:56 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2018-11-14 12:47 - 2018-11-01 11:07 - 000316248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2018-11-14 12:47 - 2018-11-01 11:07 - 000078648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2018-11-14 12:47 - 2018-11-01 10:57 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2018-11-14 12:47 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll 2018-11-14 12:47 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll 2018-11-14 12:47 - 2018-11-01 10:55 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2018-11-14 12:47 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-11-14 12:47 - 2018-11-01 10:53 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2018-11-14 12:47 - 2018-11-01 10:53 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2018-11-14 12:47 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2018-11-14 12:47 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2018-11-14 12:47 - 2018-11-01 05:48 - 000502824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2018-11-14 12:47 - 2018-11-01 05:48 - 000343056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2018-11-14 12:47 - 2018-11-01 05:47 - 000679840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-11-14 12:47 - 2018-11-01 05:47 - 000633336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2018-11-14 12:47 - 2018-11-01 05:47 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2018-11-14 12:47 - 2018-11-01 05:47 - 000197136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2018-11-14 12:47 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-11-14 12:47 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2018-11-14 12:47 - 2018-11-01 05:31 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2018-11-14 12:47 - 2018-11-01 05:30 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2018-11-14 12:47 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2018-11-14 12:47 - 2018-11-01 05:29 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2018-11-14 12:47 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2018-11-14 12:47 - 2018-11-01 05:29 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2018-11-14 12:47 - 2018-11-01 05:29 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2018-11-14 12:47 - 2018-11-01 05:29 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2018-11-14 12:47 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2018-11-14 12:47 - 2018-11-01 05:29 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll 2018-11-14 12:47 - 2018-11-01 05:29 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2018-11-14 12:47 - 2018-11-01 05:28 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-11-14 12:47 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2018-11-14 12:47 - 2018-11-01 05:28 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-11-14 12:47 - 2018-11-01 05:27 - 001354240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2018-11-14 12:47 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2018-11-14 12:47 - 2018-11-01 05:27 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2018-11-14 12:47 - 2018-11-01 05:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2018-11-14 12:47 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2018-11-14 12:47 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2018-11-14 12:47 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2018-11-14 12:47 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2018-11-14 12:47 - 2018-10-21 12:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2018-11-14 12:47 - 2018-10-21 12:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll 2018-11-14 12:47 - 2018-10-21 12:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2018-11-14 12:47 - 2018-10-21 12:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll 2018-11-14 12:47 - 2018-10-21 12:26 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2018-11-14 12:47 - 2018-10-21 12:25 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll 2018-11-14 12:47 - 2018-10-21 12:23 - 000998400 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2018-11-14 12:47 - 2018-10-21 12:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2018-11-14 12:47 - 2018-10-21 12:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll 2018-11-14 12:47 - 2018-10-21 12:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll 2018-11-14 12:47 - 2018-10-21 08:39 - 000480272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2018-11-14 12:47 - 2018-10-21 08:20 - 000539904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-11-14 12:47 - 2018-10-21 08:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll 2018-11-14 12:47 - 2018-10-21 08:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2018-11-14 12:47 - 2018-10-21 08:19 - 002144056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-11-14 12:47 - 2018-10-21 08:19 - 000949344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-11-14 12:47 - 2018-10-21 08:19 - 000831216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-11-14 12:47 - 2018-10-21 08:19 - 000542520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2018-11-14 12:47 - 2018-10-21 08:19 - 000493368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2018-11-14 12:47 - 2018-10-21 08:19 - 000142136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2018-11-14 12:47 - 2018-10-21 08:18 - 001050488 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-11-14 12:47 - 2018-10-21 08:18 - 000142736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2018-11-14 12:47 - 2018-10-21 08:18 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys 2018-11-14 12:47 - 2018-10-21 08:18 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2018-11-14 12:47 - 2018-10-21 08:18 - 000044104 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2018-11-14 12:47 - 2018-10-21 08:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll 2018-11-14 12:47 - 2018-10-21 08:01 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2018-11-14 12:47 - 2018-10-21 08:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2018-11-14 12:47 - 2018-10-21 08:01 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll 2018-11-14 12:47 - 2018-10-21 08:01 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe 2018-11-14 12:47 - 2018-10-21 08:01 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll 2018-11-14 12:47 - 2018-10-21 08:01 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys 2018-11-14 12:47 - 2018-10-21 08:01 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll 2018-11-14 12:47 - 2018-10-21 08:00 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2018-11-14 12:47 - 2018-10-21 07:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2018-11-14 12:47 - 2018-10-21 07:59 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2018-11-14 12:47 - 2018-10-21 07:59 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2018-11-14 12:47 - 2018-10-21 07:58 - 001172992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2018-11-14 12:47 - 2018-10-21 07:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll 2018-11-14 12:47 - 2018-10-21 07:58 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2018-11-14 12:47 - 2018-10-21 07:58 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2018-11-14 12:47 - 2018-10-21 07:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2018-11-14 12:47 - 2018-10-21 07:58 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2018-11-14 12:47 - 2018-10-21 07:58 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2018-11-14 12:47 - 2018-10-21 07:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2018-11-14 12:47 - 2018-10-21 07:58 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2018-11-14 12:47 - 2018-10-21 07:57 - 001588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2018-11-14 12:47 - 2018-10-21 07:57 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2018-11-14 12:47 - 2018-10-21 07:57 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL 2018-11-14 12:47 - 2018-10-21 07:57 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2018-11-14 12:47 - 2018-10-21 07:56 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2018-11-14 12:47 - 2018-10-21 06:42 - 000806320 _____ C:\WINDOWS\system32\locale.nls 2018-11-12 17:52 - 2018-11-12 17:52 - 000000468 _____ C:\Users\Piotr\.gitconfig 2018-11-11 19:23 - 2018-11-11 19:23 - 000000010 _____ C:\Users\Piotr\README.md 2018-11-11 19:07 - 2018-11-11 19:07 - 000000000 ____D C:\Users\Piotr\ror4beginners2018 2018-11-09 21:09 - 2018-11-11 14:49 - 000022312 _____ C:\Users\Piotr\Desktop\Zestawy.ods 2018-11-03 11:06 - 2018-11-03 11:06 - 000000091 _____ C:\Users\Piotr\.irbrc 2018-11-03 11:02 - 2018-11-03 11:02 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.3-1-x86 with MSYS2 2018-11-03 10:58 - 2018-11-03 10:58 - 000000000 ____D C:\Ruby25 2018-11-02 08:50 - 2018-11-02 08:51 - 000000106 _____ C:\Users\Piotr\Desktop\GoogleBooks.bat 2018-10-26 11:06 - 2018-10-26 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2018-10-26 11:06 - 2018-10-26 11:06 - 000000000 ____D C:\ProgramData\Auslogics 2018-10-26 11:06 - 2018-10-26 11:06 - 000000000 ____D C:\Program Files\Auslogics 2018-10-26 10:30 - 2018-10-26 10:30 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71.dll 2018-10-26 10:30 - 2018-10-26 10:30 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll 2018-10-16 12:18 - 2018-10-22 14:24 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-10-16 12:18 - 2018-10-16 12:18 - 000000000 ____D C:\Users\Piotr\AppData\Local\mbamtray ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-11-15 17:11 - 2018-04-11 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-11-15 17:08 - 2018-07-31 11:56 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat 2018-11-15 17:04 - 2018-08-10 13:36 - 000184060 _____ C:\WINDOWS\system32\Drivers\fvstore.dat 2018-11-15 17:02 - 2016-11-19 19:09 - 000000000 ____D C:\Users\Piotr\AppData\LocalLow\Mozilla 2018-11-15 17:02 - 2014-08-18 13:26 - 000000000 ____D C:\Users\Piotr\.rainlendar2 2018-11-15 17:00 - 2018-05-09 18:30 - 000000000 ____D C:\Users\Piotr 2018-11-15 16:59 - 2018-05-09 18:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-11-15 16:59 - 2018-05-09 18:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-11-14 21:17 - 2015-12-19 14:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-11-14 15:20 - 2018-04-11 21:31 - 000000000 ____D C:\WINDOWS\INF 2018-11-14 15:11 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-11-14 15:08 - 2018-05-09 18:25 - 001998262 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-11-14 15:08 - 2018-04-12 06:04 - 000869958 _____ C:\WINDOWS\system32\perfh015.dat 2018-11-14 15:08 - 2018-04-12 06:04 - 000189146 _____ C:\WINDOWS\system32\perfc015.dat 2018-11-14 15:03 - 2017-12-11 17:39 - 000000000 ___RD C:\Users\Piotr\3D Objects 2018-11-14 15:03 - 2015-12-17 22:18 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-11-14 15:02 - 2018-05-09 18:21 - 000525744 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-11-14 14:36 - 2018-04-11 13:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2018-11-14 14:34 - 2018-04-11 21:36 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-11-14 14:34 - 2018-04-11 21:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-11-14 14:34 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\TextInput 2018-11-14 14:34 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\ShellExperiences 2018-11-14 14:34 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\bcastdvr 2018-11-14 14:18 - 2018-02-17 17:32 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-11-14 13:06 - 2018-04-11 21:25 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-11-14 13:05 - 2013-08-18 18:44 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-11-14 13:00 - 2011-07-06 15:28 - 134758520 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-11-13 21:15 - 2018-07-22 14:56 - 000000000 ____D C:\WINDOWS\Minidump 2018-11-13 17:43 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-11-13 08:48 - 2018-04-11 21:36 - 000000000 ___HD C:\Program Files\WindowsApps 2018-11-12 11:15 - 2015-11-08 09:44 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-11-12 11:15 - 2015-10-14 20:16 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2018-11-10 00:48 - 2015-12-19 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32 2018-11-10 00:48 - 2015-12-19 15:25 - 000000000 ____D C:\Program Files\HWiNFO32 2018-11-10 00:48 - 2015-11-21 13:43 - 000048272 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS 2018-11-09 07:08 - 2011-07-07 23:12 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2018-11-06 14:41 - 2016-12-21 22:02 - 000000000 ____D C:\Users\Piotr\AppData\Local\CrashDumps 2018-11-05 18:00 - 2014-11-27 08:43 - 000000000 ____D C:\Users\Piotr\Documents\Biznes 2018-11-05 16:16 - 2017-01-21 20:57 - 000000000 ____D C:\Users\Piotr\Documents\kucharskie robocze 2018-11-02 07:28 - 2015-10-14 20:16 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-10-29 16:48 - 2018-08-24 13:07 - 000000000 ____D C:\Program Files\Microsoft VS Code 2018-10-29 16:46 - 2018-08-24 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2018-10-26 13:43 - 2018-10-11 16:26 - 000000000 ____D C:\Users\Piotr\.VirtualBox 2018-10-26 11:31 - 2012-07-26 22:24 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\foobar2000 2018-10-26 11:18 - 2018-06-02 17:34 - 000000059 _____ C:\Users\Piotr\AppData\Local\UserProducts.xml 2018-10-26 11:18 - 2018-06-02 17:34 - 000000000 ____D C:\Program Files\Skillbrains 2018-10-26 10:53 - 2014-03-19 17:15 - 000000000 ____D C:\Program Files\Canon 2018-10-26 10:43 - 2011-08-06 12:11 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\Foxit Software 2018-10-26 10:43 - 2011-07-09 09:42 - 000000000 ____D C:\Program Files\Foxit Software 2018-10-26 10:41 - 2018-08-31 14:51 - 000000000 ____D C:\ProgramData\Foxit Software 2018-10-26 10:32 - 2018-07-31 11:53 - 000000000 ____D C:\Users\Piotr\AppData\Local\Comodo 2018-10-26 10:32 - 2011-07-07 23:09 - 000000000 ____D C:\Program Files\COMODO 2018-10-26 07:57 - 2016-06-04 08:14 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\uTorrent 2018-10-25 10:30 - 2017-01-21 20:50 - 000000000 ____D C:\Users\Piotr\Documents\Mieszkaniowe 2018-10-23 18:47 - 2018-05-20 22:11 - 000000000 ____D C:\Program Files\Firefox Developer Edition 2018-10-23 17:42 - 2018-05-20 22:11 - 000001291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk 2018-10-19 07:52 - 2018-05-09 18:30 - 000002444 _____ C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-19 07:52 - 2015-12-17 22:24 - 000000000 ___RD C:\Users\Piotr\OneDrive 2018-10-16 15:02 - 2018-02-06 20:34 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\npm 2018-10-16 10:45 - 2018-06-19 08:46 - 000000000 ____D C:\ProgramData\Packages ==================== Pliki w katalogu głównym wybranych folderów ======= 2012-05-18 07:24 - 2012-07-21 20:57 - 000006144 _____ () C:\Users\Piotr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-01-26 17:14 - 2018-01-26 17:14 - 000000218 _____ () C:\Users\Piotr\AppData\Local\recently-used.xbel 2018-09-30 19:11 - 2018-09-30 19:11 - 000000017 _____ () C:\Users\Piotr\AppData\Local\resmon.resmoncfg 2018-06-02 17:34 - 2018-06-02 17:34 - 000000003 _____ () C:\Users\Piotr\AppData\Local\updater.log 2018-06-02 17:34 - 2018-10-26 11:18 - 000000059 _____ () C:\Users\Piotr\AppData\Local\UserProducts.xml ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-05-09 18:21 ==================== Koniec FRST.txt ============================