Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019 Ran by Piotr (administrator) on PIOTR (19-03-2019 15:22:27) Running from E:\Pobrane Loaded Profiles: Piotr (Available Profiles: Piotr & Guest & DefaultAppPool) Platform: Windows Embedded Standard Service Pack 1 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\psxss.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CISVC.EXE (Synology Inc. -> ) C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) E:\EaseUS\Todo\bin\Agent.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (HeroSpeed Digital Technology Co.,Ltd -> ) C:\Program Files (x86)\VMS Management\Database\bin\hsmysqld.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe (Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) E:\Program Files\Macrium\Reflect\MIGService.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Users\Piotr\USB Drivers\27_ssconn\conn\ss_conn_service.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Synology Inc. -> ) E:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (HEROSPEED TECHNOLOGY LIMITED -> ) C:\Program Files (x86)\VMS Management\VMS Watch.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\nfsclnt.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (HEROSPEED TECHNOLOGY LIMITED -> ) C:\Program Files (x86)\VMS Management\VMS Server.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) E:\EaseUS\Todo\bin\TodoBackupService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation – Non-Volatile Memory Solutions Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Intel(R) Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel Corporation – Non-Volatile Memory Solutions Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (win.rar GmbH -> Alexander Roshal) D:\Program Files (x86)\WinRAR\WinRAR.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe (ZWCAD Software Co.,LTD -> ) F:\Program Files\ZWSOFT\ZWCAD 2019\ZWCAD.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft Office\Office15\WINWORD.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (win.rar GmbH -> Alexander Roshal) D:\Program Files (x86)\WinRAR\WinRAR.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) E:\EaseUS\Todo\bin\TrayNotify.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll HKLM\...\Run: [RTHDVCPL] => c:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1854400 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => c:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) HKLM\...\Run: [Reflect UI] => c:\Program Files\Macrium\Common\ReflectUI.exe [3523848 2018-07-03] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [USB3MON] => c:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] => c:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [301344 2015-07-15] (Intel Corporation – Non-Volatile Memory Solutions Group -> Intel Corporation) HKLM-x32\...\Run: [Sage Komunikator] => c:\Program Files (x86)\Sage\Komunikator\SageUpdt.exe [246736 2013-01-03] (Sage sp. z o.o. -> ) HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [Autodesk Desktop App] => c:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [706392 2017-12-19] (Autodesk, Inc. -> Autodesk, Inc.) HKLM-x32\...\Run: [Dropbox] => c:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => c:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1441921510-783520103-3890087851-1001\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe [3941376 2017-02-21] ( ) [File not signed] HKU\S-1-5-21-1441921510-783520103-3890087851-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-02-08] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1441921510-783520103-3890087851-1001\...\RunOnce: [Adobe Speed Launcher] => 1552977879 HKU\S-1-5-21-1441921510-783520103-3890087851-1001\...\MountPoints2: {53d7601e-10c5-11e9-bb20-0cc47ae304f2} - G:\MicroLauncher.exe HKU\S-1-5-21-1441921510-783520103-3890087851-1001\...\MountPoints2: {63b78d05-941d-11e8-87cd-0cc47ae304f2} - F:\HiSuiteDownLoader.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> F:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-12] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 194.153.119.3 8.8.8.8 Tcpip\..\Interfaces\{336A4BBD-91D0-49C9-8131-9B51345E41C7}: [DhcpNameServer] 194.153.119.3 8.8.8.8 Tcpip\..\Interfaces\{FE1D8E72-AF5F-480D-B865-960A317F2FB8}: [DhcpNameServer] 194.153.119.3 8.8.8.8 Internet Explorer: ================== HKU\S-1-5-21-1441921510-783520103-3890087851-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-16] (Kaspersky Lab -> AO Kaspersky Lab) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-12-25] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-07-16] (Kaspersky Lab -> AO Kaspersky Lab) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-16] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-07-16] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH) Toolbar: HKU\S-1-5-21-1441921510-783520103-3890087851-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1441921510-783520103-3890087851-1001 -> Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-16] (Kaspersky Lab -> AO Kaspersky Lab) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\Windows\system32\urlmon.dll [2015-12-10] (Microsoft Windows -> Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\Windows\SysWOW64\urlmon.dll [2015-12-10] (Microsoft Windows -> Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\Windows\system32\urlmon.dll [2015-12-10] (Microsoft Windows -> Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\Windows\SysWOW64\urlmon.dll [2015-12-10] (Microsoft Windows -> Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - c:\Program Files (x86)\Internet Explorer\iexplore.exe FireFox: ======== FF DefaultProfile: vigkk9vk.default FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\vigkk9vk.default [2019-03-19] FF Extension: (LastPass: Free Password Manager) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\vigkk9vk.default\Extensions\support@lastpass.com.xpi [2019-03-12] FF Extension: (No Name) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\vigkk9vk.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2018-03-13] FF ProfilePath: c:\programdata\kaspersky lab\safebrowser\pure\s-1-5-21-1441921510-783520103-3890087851-1001\firefox [2019-03-18] FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-07-16] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2018-11-05] [Legacy] [not signed] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> c:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> ) FF Plugin-x32: @canon.com/EPPEX -> c:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed] FF Plugin-x32: @DVR/npmedia,version=33.2.0.4 -> c:\Program Files (x86)\webrec\WEB30\DVR32\33.2.0.4\npmedia.dll [2016-09-27] (Zhejiang Dahua Technology CO.,LTD. -> ) [File not signed] FF Plugin-x32: @DVR/npTimeGrid,version=33.2.0.4 -> c:\Program Files (x86)\webrec\WEB30\DVR32\33.2.0.4\npTimeGrid.dll [2016-09-27] (Zhejiang Dahua Technology CO.,LTD. -> Unauthorized copy) [File not signed] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> c:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-01-20] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> c:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-01-20] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> c:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> c:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.) FF Plugin-x32: Adobe Acrobat -> c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> c:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems) StartMenuInternet: Firefox-26F542E24F1C8677 - c:\program files\Mozilla Firefox\firefox.exe Chrome: ======= CHR HomePage: Default -> hxxp://start.qone8.com/?type=hp&ts=1383215852&from=cor&uid=TOSHIBAXMK2555GSX_69DDSBFRSXX69DDSBFRS CHR StartupUrls: Default -> "hxxp://start.qone8.com/?type=hp&ts=1383215852&from=cor&uid=TOSHIBAXMK2555GSX_69DDSBFRSXX69DDSBFRS","hxxp://www.google.com","" CHR DefaultSearchKeyword: Default -> google.pl_ CHR Profile: C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default [2019-03-14] CHR Extension: (Prezentacje) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-06] CHR Extension: (Dokumenty) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-06] CHR Extension: (Dysk Google) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-06] CHR Extension: (YouTube) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-06] CHR Extension: (One Number) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi [2018-10-31] CHR Extension: (Adobe Acrobat) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-06] CHR Extension: (SERP Preview Tool) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\effdkahkjdmlholdbalhcdpgfiigdfbj [2018-04-20] CHR Extension: (Arkusze) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-06] CHR Extension: (Dokumenty Google offline) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-25] CHR Extension: (feedly) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2018-03-06] CHR Extension: (Privacy Protector) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\iipmbgcdeidgjikbacnbmifjggfedchc [2018-11-28] CHR Extension: (Tag Assistant (by Google)) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2018-11-28] CHR Extension: (Kaspersky Protection) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-03-06] CHR Extension: (Rozszerzenie Subskrypcje RSS (od Google)) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2018-03-06] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-20] CHR Extension: (Gmail) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-06] CHR Extension: (Chrome Media Router) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-13] CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - c:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03] CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; c:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2017-12-19] (Autodesk, Inc. -> Autodesk Inc.) R2 AdobeUpdateService; c:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.) R2 AESMService; c:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3715208 2015-09-30] (Intel(R) Corporation -> Intel Corporation) R2 AGMService; c:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 AGSService; c:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab) R2 Cloud Station Backup VSS Service x64; c:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2018-05-18] (Synology Inc. -> ) S2 dbupdate; c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-07] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-07] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.) R2 EaseUS Agent; E:\EaseUS\Todo\bin\Agent.exe [40080 2018-05-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Windows -> Microsoft Corporation) S3 GoogleChromeElevationService; F:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe [1271280 2019-03-01] (Google LLC -> Google Inc.) R2 HSMYSQL; c:\Program Files (x86)\VMS Management\Database\bin\hsmysqld.exe [8165600 2015-10-27] (HeroSpeed Digital Technology Co.,Ltd -> ) S2 HuaweiHiSuiteService64.exe; c:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] (Huawei Technologies Co., Ltd. -> ) [File not signed] R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Windows -> Microsoft Corporation) R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [426416 2017-11-13] (Kaspersky Lab -> AO Kaspersky Lab) R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab) R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Windows -> Microsoft Corporation) R2 MacriumImageGuardianService; E:\Program Files\Macrium\Reflect\MIGService.exe [3461448 2018-04-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) R2 MacriumService; c:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd -> Paramount Software UK Ltd) R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Windows -> Microsoft Corporation) R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Windows -> Microsoft Corporation) R2 NVIDIA Wireless Controller Service; c:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation) S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2709176 2017-07-05] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1051312 2017-07-05] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [859312 2017-07-05] (pdfforge GmbH -> pdfforge GmbH) S2 PDF Architect 5 Manager; c:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.) R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Windows -> Microsoft Corporation) R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Windows -> Microsoft Corporation) R2 ss_conn_service; C:\Users\Piotr\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 TeamViewer; c:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644144 2018-07-23] (TeamViewer GmbH -> TeamViewer GmbH) R2 UsbClientService; e:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2018-05-11] (Synology Inc. -> ) R2 VMS_Server; c:\Program Files (x86)\VMS Management\VMS Watch.exe [17120 2016-07-14] (HEROSPEED TECHNOLOGY LIMITED -> ) S3 wmiApSrv; C:\Windows\SysWOW64\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Windows -> Microsoft Corporation) R2 NvContainerLocalSystem; "c:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "c:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 S3 NvContainerNetworkService; "c:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "c:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 R2 NVDisplay.ContainerLocalSystem; "c:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "c:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X] R3 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BlueStacksDrv; c:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-10-09] (Bluestack Systems, Inc. -> Bluestack System Inc. ) R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [55776 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (Kaspersky Lab -> AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-05-10] (Intel(R) INTELNPG1 -> Intel Corporation) R3 e1rexpress; C:\Windows\System32\DRIVERS\e1r62x64.sys [499184 2015-06-05] (Intel(R) Intel Network Drivers -> Intel Corporation) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [25032 2018-01-16] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFlt; C:\Windows\System32\drivers\EPMVolFlt.sys [20936 2017-11-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [54216 2018-05-15] (CHENGDU YIWO Tech Development Co., Ltd. -> ) S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31192 2015-05-21] (Intel Corporation – Non-Volatile Memory Solutions Group -> Intel Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (Kaspersky Lab -> AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-12] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [119584 2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [85704 2018-07-16] (Kaspersky Lab -> AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [206024 2018-05-04] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1214752 2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1074472 2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-05-04] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [57568 2016-12-23] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [58592 2016-12-07] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-10-15] (Kaspersky Lab -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (AnchorFree Inc -> The OpenVPN Project) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81904 2017-10-15] (Kaspersky Lab -> AO Kaspersky Lab) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [142024 2018-07-16] (Kaspersky Lab -> AO Kaspersky Lab) S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2000-11-25] (DATOM Dariusz Cielebąk) [File not signed] R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-12-12] (Kaspersky Lab -> AO Kaspersky Lab) R2 MacriumImageGuardianDriver; C:\Windows\system32\Drivers\mrigflt.sys [40592 2018-08-01] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) R0 mrcbt; C:\Windows\System32\drivers\mrcbt.sys [76968 2018-08-01] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Windows -> Microsoft Corporation) S3 NvStreamKms; c:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Windows -> Microsoft Corporation) R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2019-02-04] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.) R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Windows -> Microsoft Corporation) R3 SGXEPC; C:\Windows\System32\DRIVERS\sgx_driver.sys [54768 2015-09-30] (Intel(R) Corporation -> Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-19 15:13 - 2019-03-19 15:22 - 000000000 ____D C:\FRST 2019-03-18 16:59 - 2019-03-18 16:59 - 000001748 _____ C:\Users\Public\Desktop\Smart Switch.lnk 2019-03-18 16:59 - 2019-03-18 16:59 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log 2019-03-18 16:59 - 2019-03-18 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2019-03-18 16:26 - 2019-03-18 16:26 - 000000000 ____D C:\Users\Piotr\USB Drivers 2019-03-18 16:26 - 2017-01-16 07:26 - 000165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2019-03-18 16:26 - 2017-01-16 07:26 - 000131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2019-03-18 16:25 - 2019-03-18 16:59 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\Samsung 2019-03-18 16:25 - 2019-03-18 16:25 - 000000000 ____D C:\Users\Piotr\SmartSwitchPC 2019-03-18 16:25 - 2016-12-09 09:04 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2019-03-18 16:09 - 2019-03-18 16:09 - 000000000 ____D F:\Program Files\SAMSUNG 2019-03-18 16:08 - 2019-03-18 16:08 - 000000000 ____D C:\ProgramData\Samsung 2019-03-18 10:12 - 2019-03-18 10:12 - 000001068 _____ C:\Users\Public\Desktop\ZWCAD 2019 English.lnk 2019-03-18 10:12 - 2019-03-18 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZWSOFT 2019-03-18 10:11 - 2019-03-18 10:11 - 000000000 ____D c:\Program Files\Common Files\ZWSoft Shared 2019-03-15 13:20 - 2019-03-15 13:28 - 000118322 _____ C:\Users\Piotr\Desktop\budmech izolacja.pdf 2019-03-13 17:03 - 2019-03-13 17:03 - 000001329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2019-03-13 17:03 - 2019-03-13 17:03 - 000001317 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2019-03-13 16:59 - 2019-03-13 16:59 - 000000000 ___HD C:\temp 2019-03-13 15:58 - 2019-03-14 16:07 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\Complay 2019-03-13 15:58 - 2019-03-13 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeoLight 2019-03-13 15:57 - 2019-03-14 13:43 - 000000000 ____D C:\Users\Piotr\Documents\SeoLight - dokumenty 2019-03-13 15:57 - 2019-03-13 15:58 - 000000000 ____D F:\Program Files (x86)\SeoLight 2019-03-13 10:01 - 2019-03-13 13:37 - 000003198 _____ C:\Windows\System32\Tasks\Adobe Uninstaller 2019-03-13 09:16 - 2019-03-13 09:16 - 000186140 _____ C:\Users\Piotr\Desktop\zal._26_do_siwz_projekt_wykonawczy_-_pr - PROFIL.pdf 2019-03-13 09:13 - 2019-03-13 09:13 - 000106939 _____ C:\Users\Piotr\Desktop\zal._26_do_siwz_projekt_wykonawczy_-_pr.pdf 2019-03-13 04:45 - 2019-03-06 04:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-03-13 04:45 - 2019-03-06 04:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-03-13 04:45 - 2019-03-06 04:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-03-13 04:45 - 2019-03-06 04:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-03-13 04:45 - 2019-03-06 04:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-03-13 04:45 - 2019-03-06 04:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-03-13 04:45 - 2019-03-06 04:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2019-03-13 04:45 - 2019-03-06 04:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2019-03-13 04:45 - 2019-03-06 04:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2019-03-13 04:45 - 2019-03-06 04:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 03:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-03-13 04:45 - 2019-03-06 03:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-03-13 04:45 - 2019-03-06 03:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-03-13 04:45 - 2019-03-06 03:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-03-13 04:45 - 2019-03-06 03:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-03-13 04:45 - 2019-03-06 03:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-03-13 04:45 - 2019-03-06 03:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-03-13 04:45 - 2019-03-06 03:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-03-13 04:45 - 2019-03-06 03:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2019-03-13 04:45 - 2019-03-06 03:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2019-03-13 04:45 - 2019-03-06 03:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-03-13 04:45 - 2019-03-06 03:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-03-13 04:45 - 2019-03-06 03:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-03-13 04:45 - 2019-03-06 03:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-03-13 04:45 - 2019-03-06 03:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-03-13 04:45 - 2019-03-06 03:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-03-13 04:45 - 2019-03-06 03:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-03-13 04:45 - 2019-03-06 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-03-13 04:45 - 2019-03-06 03:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-03-13 04:45 - 2019-03-06 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-03-13 04:45 - 2019-03-06 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-03-13 04:45 - 2019-03-06 03:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-03-13 04:45 - 2019-03-06 03:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-03-13 04:45 - 2019-03-06 03:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2019-03-13 04:45 - 2019-03-06 03:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2019-03-13 04:45 - 2019-03-06 03:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2019-03-13 04:45 - 2019-03-06 03:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2019-03-13 04:45 - 2019-03-06 03:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2019-03-13 04:45 - 2019-03-06 03:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 03:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 03:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2019-03-13 04:45 - 2019-03-06 03:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2019-03-13 04:45 - 2019-03-05 03:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2019-03-13 04:45 - 2019-03-05 03:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-03-13 04:45 - 2019-03-05 03:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2019-03-13 04:45 - 2019-02-22 04:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-03-13 04:45 - 2019-02-22 04:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2019-03-13 04:45 - 2019-02-22 03:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll 2019-03-13 04:45 - 2019-02-22 03:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-03-13 04:45 - 2019-02-22 03:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2019-03-13 04:45 - 2019-02-16 07:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-03-13 04:45 - 2019-02-16 07:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-03-13 04:45 - 2019-02-16 07:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-03-13 04:45 - 2019-02-16 07:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-03-13 04:45 - 2019-02-16 07:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-03-13 04:45 - 2019-02-16 07:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2019-03-13 04:45 - 2019-02-16 07:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2019-03-13 04:45 - 2019-02-16 06:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2019-03-13 04:45 - 2019-02-16 06:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-03-13 04:45 - 2019-02-16 06:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2019-03-13 04:45 - 2019-02-16 06:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll 2019-03-13 04:45 - 2019-02-16 06:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll 2019-03-13 04:45 - 2019-02-16 06:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-03-13 04:45 - 2019-02-16 06:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2019-03-13 04:45 - 2019-02-15 17:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-03-13 04:45 - 2019-02-15 17:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-03-13 04:45 - 2019-02-15 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2019-03-13 04:45 - 2019-02-15 16:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2019-03-13 04:45 - 2019-02-15 16:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2019-03-13 04:45 - 2019-02-15 16:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-03-13 04:45 - 2019-02-15 16:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-03-13 04:45 - 2019-02-15 16:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-03-13 04:45 - 2019-02-15 16:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2019-03-13 04:45 - 2019-02-15 16:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2019-03-13 04:45 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2019-03-13 04:45 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2019-03-13 04:45 - 2019-02-10 17:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll 2019-03-13 04:45 - 2019-02-10 17:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2019-03-13 04:45 - 2019-02-10 17:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2019-03-13 04:45 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2019-03-13 04:45 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2019-03-13 04:45 - 2019-02-10 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2019-03-13 04:45 - 2019-02-10 17:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2019-03-13 04:45 - 2019-02-10 17:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-03-13 04:45 - 2019-02-10 17:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-03-13 04:45 - 2019-02-10 17:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-03-13 04:45 - 2019-02-10 17:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-03-13 04:45 - 2019-02-10 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-03-13 04:45 - 2019-02-10 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-03-13 04:45 - 2019-02-10 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-03-13 04:45 - 2019-02-10 17:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-03-13 04:45 - 2019-02-10 17:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-03-13 04:45 - 2019-02-10 17:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-03-13 04:45 - 2019-02-10 17:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-03-13 04:45 - 2019-02-10 17:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-03-13 04:45 - 2019-02-10 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-03-13 04:45 - 2019-02-10 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-03-13 04:45 - 2019-02-10 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-03-13 04:45 - 2019-02-10 16:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-03-13 04:45 - 2019-02-10 16:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-03-13 04:45 - 2019-02-10 16:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-03-13 04:45 - 2019-02-10 16:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-03-13 04:45 - 2019-02-10 16:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-03-13 04:45 - 2019-02-10 16:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-03-13 04:45 - 2019-02-08 17:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-03-13 04:45 - 2019-02-08 17:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-03-13 04:45 - 2019-02-08 17:08 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\ixsso.dll 2019-03-13 04:45 - 2019-02-08 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2019-03-13 04:45 - 2019-02-08 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2019-03-13 04:45 - 2019-02-08 17:07 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\ciodm.dll 2019-03-13 04:45 - 2019-02-08 16:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-03-13 04:45 - 2019-02-08 16:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2019-03-13 04:45 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2019-03-13 04:45 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2019-03-13 04:45 - 2019-02-08 16:51 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\CISVC.EXE 2019-03-13 04:45 - 2019-02-08 16:51 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\CIDAEMON.EXE 2019-03-13 04:45 - 2019-02-07 17:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll 2019-03-13 04:45 - 2019-02-07 17:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll 2019-03-13 04:45 - 2019-02-07 17:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-03-13 04:45 - 2019-02-07 16:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2019-03-13 04:45 - 2019-02-03 16:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-03-13 04:45 - 2019-01-04 17:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-03-13 04:45 - 2019-01-04 15:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-03-13 04:45 - 2019-01-03 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-03-13 04:45 - 2019-01-03 16:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2019-03-12 08:15 - 2019-03-12 08:15 - 000000000 ____D C:\Users\Guest\AppData\Roaming\IrfanView 2019-03-12 08:08 - 2019-03-12 08:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-03-04 14:17 - 2019-03-04 14:17 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2019-03-04 14:17 - 2019-03-04 14:17 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2019-03-04 14:17 - 2019-03-04 14:17 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2019-03-04 14:17 - 2019-03-04 14:17 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2019-03-04 11:28 - 2019-03-04 11:28 - 000023386 _____ C:\Users\Guest\Downloads\REZERWACJE (5).xlsx 2019-03-04 11:28 - 2019-03-04 11:28 - 000023386 _____ C:\Users\Guest\Downloads\REZERWACJE (4).xlsx 2019-03-04 11:28 - 2019-03-04 11:28 - 000023386 _____ C:\Users\Guest\Downloads\REZERWACJE (3).xlsx 2019-03-04 11:26 - 2019-03-04 11:26 - 000023386 _____ C:\Users\Guest\Downloads\REZERWACJE (2).xlsx 2019-03-04 11:25 - 2019-03-04 11:25 - 000023386 _____ C:\Users\Guest\Downloads\REZERWACJE.xlsx 2019-03-04 11:25 - 2019-03-04 11:25 - 000023386 _____ C:\Users\Guest\Downloads\REZERWACJE (1).xlsx 2019-02-22 12:23 - 2019-02-22 12:23 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsign72a77631ef64e23a 2019-02-22 12:22 - 2019-02-22 12:22 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsignbd8144510276a586 2019-02-22 12:22 - 2019-02-22 12:22 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsign5cc5ea75931622bb 2019-02-22 12:22 - 2019-02-22 12:22 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsign1b437b7cdd689921 2019-02-22 11:33 - 2019-02-22 11:33 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsign937d0266e2ef6182 2019-02-22 11:31 - 2019-02-22 11:31 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsignb4ffce54e177338e 2019-02-22 11:25 - 2019-02-22 11:25 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsignfe6d04297315585a 2019-02-22 11:22 - 2019-02-22 11:22 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsign9f118224d2cc013f 2019-02-22 11:22 - 2019-02-22 11:22 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsign66154a77286206fc 2019-02-22 11:22 - 2019-02-22 11:22 - 000000000 ____D C:\Users\Piotr\AppData\Local\Tempzxpsign50834732e9c2ff09 ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-19 14:58 - 2018-05-07 10:33 - 000001150 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2019-03-19 14:57 - 2018-08-17 11:20 - 000000000 ____D C:\Users\Piotr\AppData\Local\ChomikBox 2019-03-19 14:05 - 2017-11-13 10:31 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2019-03-19 11:02 - 2019-01-04 13:59 - 000004096 ___SH C:\{DC698C1F-9837-4B80-A32B-F05F97EF51CF}.CBM 2019-03-19 11:00 - 2018-07-31 18:07 - 000356352 ___SH C:\EUMONBMP.SYS 2019-03-19 11:00 - 2018-07-31 18:07 - 000000000 ____D C:\Windows\system32\config\regsave 2019-03-19 07:52 - 2010-12-10 21:43 - 000012464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-03-19 07:52 - 2010-12-10 21:43 - 000012464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-03-19 07:49 - 2010-12-10 21:51 - 000891778 _____ C:\Windows\system32\PerfStringBackup.INI 2019-03-19 07:49 - 2010-04-02 16:10 - 000000000 ____D C:\Windows\inf 2019-03-19 07:45 - 2017-11-13 10:28 - 000000000 ____D C:\Users\Piotr\AppData\LocalLow\Mozilla 2019-03-19 07:45 - 2010-04-02 16:10 - 000000000 ____D C:\Windows\system32\inetsrv 2019-03-19 07:44 - 2018-08-17 11:20 - 000000000 ____D C:\Users\Piotr\.gstreamer-0.10 2019-03-19 07:44 - 2018-05-07 10:33 - 000001146 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2019-03-19 07:44 - 2017-02-06 15:03 - 000000000 ____D C:\ProgramData\NVIDIA 2019-03-19 07:43 - 2017-02-06 14:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-03-19 07:43 - 2010-12-10 21:43 - 000444968 _____ C:\Windows\system32\FNTCACHE.DAT 2019-03-18 16:26 - 2017-11-13 09:18 - 000000000 ____D C:\Users\Piotr 2019-03-18 15:17 - 2017-11-13 14:44 - 000000000 ____D C:\ProgramData\Adobe 2019-03-18 13:15 - 2017-11-13 09:18 - 000121888 _____ C:\Users\Piotr\AppData\Local\GDIPFONTCACHEV1.DAT 2019-03-18 12:25 - 2017-12-04 15:40 - 000000000 ____D C:\Users\Piotr\AppData\Local\CrashDumps 2019-03-18 10:21 - 2019-02-04 15:13 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\ZWSOFT 2019-03-15 13:19 - 2017-02-06 23:25 - 000000000 ____D C:\Windows\system32\FxsTmp 2019-03-14 08:03 - 2010-04-02 16:10 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-03-14 08:03 - 2010-04-02 16:10 - 000000000 ____D C:\Windows\system32\Dism 2019-03-13 16:58 - 2017-11-13 14:44 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\Adobe 2019-03-13 11:20 - 2018-06-08 15:09 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-03-13 11:17 - 2018-10-23 14:34 - 000000000 ____D C:\Users\Piotr\AppData\Roaming\Thunderbird 2019-03-13 11:17 - 2018-03-21 10:04 - 000000000 ____D C:\Users\Piotr\AppData\Local\Thunderbird 2019-03-13 09:56 - 2019-01-02 11:45 - 000000000 ____D c:\Program Files\Common Files\Adobe 2019-03-13 09:13 - 2018-06-08 15:09 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-03-13 09:13 - 2018-06-08 15:09 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-03-13 09:13 - 2018-06-08 15:09 - 000004456 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-03-13 09:13 - 2018-06-08 15:09 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2019-03-13 09:13 - 2018-06-08 15:09 - 000000000 ____D C:\Windows\system32\Macromed 2019-03-13 03:00 - 2017-11-23 09:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2019-03-13 03:00 - 2010-04-02 15:57 - 000000194 _____ C:\Windows\win.ini 2019-03-12 09:45 - 2018-10-16 08:25 - 000003856 _____ C:\Windows\System32\Tasks\BlueStacksHelper 2019-03-12 09:03 - 2018-05-07 08:34 - 000000000 ___RD C:\Users\Guest\Dropbox 2019-03-12 08:32 - 2019-02-06 12:34 - 000004040 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1549452841 2019-03-12 08:27 - 2018-01-09 06:43 - 000000000 ____D C:\Users\Guest\AppData\Local\Dropbox 2019-03-12 08:18 - 2018-03-06 15:29 - 000001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-12 08:18 - 2018-03-06 15:29 - 000001270 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-03-12 08:10 - 2018-08-01 12:57 - 000004006 _____ C:\Windows\System32\Tasks\Macrium-Backup-{1D2BF7D7-0BD5-4B4D-9BD1-B531C73CF296} 2019-03-12 08:10 - 2018-08-01 12:57 - 000003820 _____ C:\Windows\System32\Tasks\Macrium-Backup-{C251C127-47CA-45AD-AC3F-F0713873F225} 2019-03-12 08:07 - 2018-01-09 06:43 - 000000000 ____D C:\Users\Guest\AppData\LocalLow\Mozilla 2019-03-04 10:45 - 2018-08-01 12:57 - 000004504 _____ C:\Windows\System32\Tasks\Macrium-Backup-{E91438B2-F199-43B5-9756-8B860CAE1928} 2019-03-04 10:40 - 2017-11-13 09:22 - 000121888 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2019-02-21 08:33 - 2018-11-26 13:28 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk 2019-02-21 08:33 - 2018-11-26 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-02-18 10:12 - 2019-02-13 13:34 - 000000000 ____D C:\Users\Piotr\Desktop\Karty poziomo A4 layout OPA wymiary po inwentaryzacji ==================== Files in the root of some directories ======= 2019-01-07 16:24 - 2019-02-06 10:10 - 000000033 _____ () C:\Users\Piotr\AppData\Roaming\AdobeWLCMCache.dat 2018-09-28 08:52 - 2018-09-28 08:52 - 000000000 _____ () C:\Users\Piotr\AppData\Local\oobelibMkey.log ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-04 12:01 ==================== End of FRST.txt ============================