Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-03-2017 Uruchomiony przez Crassus (administrator) CRASSUS1 (03-04-2017 16:29:53) Uruchomiony z D:\Mich\fixit1 Załadowane profile: Crassus (Dostępne profile: Crassus) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\MDM.EXE (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1022592 2012-04-28] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-04-28] (Atheros Commnucations) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-11404083-1961707564-3743522279-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3019552 2017-03-23] (Valve Corporation) HKU\S-1-5-21-11404083-1961707564-3743522279-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [4027968 2017-03-17] (GOG.com) HKU\S-1-5-21-11404083-1961707564-3743522279-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd) HKU\S-1-5-21-11404083-1961707564-3743522279-1001\...\MountPoints2: {6b28d93d-aa4d-11e4-94f4-689423f0ef8f} - I:\LG_PC_Programs.exe HKU\S-1-5-21-11404083-1961707564-3743522279-1001\...\MountPoints2: {9385bb40-22ca-11e3-9b2e-806e6f6e6963} - H:\SETUP.EXE HKU\S-1-5-21-11404083-1961707564-3743522279-1001\...\MountPoints2: {a22991a4-fbdb-11e4-84c5-689423f0ef8f} - G:\AutoRun.exe HKU\S-1-5-21-11404083-1961707564-3743522279-1001\...\MountPoints2: {a22991b3-fbdb-11e4-84c5-689423f0ef8f} - G:\AutoRun.exe AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation) Startup: C:\Users\Crassus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 2540 series.lnk [2017-03-16] ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\Crassus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2016-05-07] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Ograniczenia <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{34417F6C-8B8F-4041-A6C8-3275228CC2B8}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Tcpip\..\Interfaces\{E5E9199A-0727-4D13-AD40-A1861B37DCC9}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-11404083-1961707564-3743522279-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms} SearchScopes: HKU\S-1-5-21-11404083-1961707564-3743522279-1001 -> DefaultScope {2465CD1A-5B01-478E-B13F-B7637C209EAB} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms} SearchScopes: HKU\S-1-5-21-11404083-1961707564-3743522279-1001 -> {2465CD1A-5B01-478E-B13F-B7637C209EAB} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms} SearchScopes: HKU\S-1-5-21-11404083-1961707564-3743522279-1001 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms} BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll => Brak pliku BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-09-03] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-27] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll => Brak pliku BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-27] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Crassus\AppData\Roaming\Mozilla\Firefox\Profiles\n6hdzg97.default [2017-04-03] FF user.js: detected! => C:\Users\Crassus\AppData\Roaming\Mozilla\Firefox\Profiles\n6hdzg97.default\user.js [2015-01-11] FF Extension: (DoNotTrackMe) - C:\Users\Crassus\AppData\Roaming\Mozilla\Firefox\Profiles\n6hdzg97.default\Extensions\donottrackplus@abine.com [2013-09-21] [Brak podpisu cyfrowego] FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Crassus\AppData\Roaming\Mozilla\Firefox\Profiles\n6hdzg97.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-01-28] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-02] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll [2013-09-21] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll [2013-09-21] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Brak pliku] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Session Restore: Default -> [funkcja włączona] CHR Profile: C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default [2017-04-03] CHR Extension: (Dokumenty Google) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06] CHR Extension: (Dysk Google) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Dokumenty Google offline) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-03-30] CHR Extension: (Kaspersky Protection) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2017-01-30] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10] CHR Extension: (Gmail) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Extension: (Chrome Media Router) - C:\Users\Crassus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-28] CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [Brak podpisu cyfrowego] R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [284736 2017-03-17] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-10] (GOG.com) S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-10-21] () R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.) S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [341120 2012-04-28] (Atheros) [Brak podpisu cyfrowego] S3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [111232 2012-04-28] (Atheros) [Brak podpisu cyfrowego] R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [186080 2017-03-14] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [244448 2017-03-14] (AO Kaspersky Lab) S3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [171312 2017-04-03] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1008352 2017-03-14] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-05-05] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [116448 2017-03-14] (AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.) S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36608 2012-04-28] (Atheros) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-10-21] () S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] S3 vm331avs; System32\Drivers\vm331avs.sys [X] U3 fftoqpoc; \??\C:\Users\Crassus\AppData\Local\Temp\fftoqpoc.sys [X] <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-03 16:28 - 2017-04-03 16:29 - 00000000 ____D C:\FRST 2017-04-02 18:47 - 2017-04-02 19:07 - 00000000 ____D C:\Program Files (x86)\Auslogics 2017-04-02 18:46 - 2017-04-02 18:46 - 00000000 ____D C:\ProgramData\Auslogics 2017-04-02 18:39 - 2017-04-02 18:39 - 00000000 ____D C:\Users\Crassus\AppData\Local\CEF 2017-04-02 18:35 - 2017-04-02 18:35 - 00000000 ____D C:\Users\Crassus\AppData\Local\BMExplorer 2017-04-02 16:54 - 2017-04-02 16:54 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-04-02 16:54 - 2017-04-02 16:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-04-02 16:54 - 2017-04-02 16:54 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00419648 _____ C:\Windows\SysWOW64\locale.nls 2017-04-02 16:54 - 2017-04-02 16:54 - 00419648 _____ C:\Windows\system32\locale.nls 2017-04-02 16:54 - 2017-04-02 16:54 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2017-04-02 16:54 - 2017-04-02 16:54 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-04-02 16:54 - 2017-04-02 16:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2017-04-02 16:54 - 2017-04-02 16:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-04-02 16:49 - 2017-04-02 16:49 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-04-02 16:49 - 2017-04-02 16:49 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-04-02 16:49 - 2017-04-02 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-04-02 16:49 - 2017-04-02 16:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-04-02 16:49 - 2017-04-02 16:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-04-02 16:49 - 2017-04-02 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-04-02 16:49 - 2017-04-02 16:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-04-02 16:49 - 2017-04-02 16:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-04-02 16:49 - 2017-04-02 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-04-02 16:47 - 2017-04-02 16:47 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-04-02 16:47 - 2017-04-02 16:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-04-02 16:47 - 2017-04-02 16:47 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-04-02 16:47 - 2017-04-02 16:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-04-02 16:47 - 2017-04-02 16:47 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-04-02 16:47 - 2017-04-02 16:47 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-04-02 16:47 - 2017-04-02 16:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-04-02 16:47 - 2017-04-02 16:47 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-04-02 16:47 - 2017-04-02 16:47 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2017-04-02 16:47 - 2017-04-02 16:47 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-04-02 16:47 - 2017-04-02 16:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-04-02 16:47 - 2017-04-02 16:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2017-04-02 16:47 - 2017-04-02 16:47 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-04-02 16:47 - 2017-04-02 16:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-04-02 16:47 - 2017-04-02 16:47 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2017-04-02 16:47 - 2017-04-02 16:47 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2017-04-02 16:47 - 2017-04-02 16:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2017-04-02 16:47 - 2017-04-02 16:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-04-02 00:19 - 2017-04-02 00:19 - 00000000 ___SD C:\Windows\system32\CompatTel 2017-04-02 00:19 - 2017-04-02 00:19 - 00000000 ____D C:\Windows\system32\appraiser 2017-04-01 23:34 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2017-04-01 23:34 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2017-04-01 23:34 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2017-04-01 23:34 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2017-04-01 23:34 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2017-04-01 23:34 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2017-04-01 23:33 - 2016-05-14 00:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2017-04-01 23:33 - 2016-05-14 00:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2017-04-01 23:33 - 2016-05-14 00:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2017-04-01 23:33 - 2016-05-14 00:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2017-04-01 23:33 - 2016-05-13 23:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-04-01 23:33 - 2016-05-13 23:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-04-01 23:33 - 2016-05-13 23:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2017-04-01 23:33 - 2016-05-13 23:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2017-04-01 23:33 - 2016-05-13 23:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2017-04-01 23:33 - 2016-05-13 23:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2017-04-01 23:33 - 2016-05-13 23:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2017-04-01 23:33 - 2016-05-13 23:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2017-04-01 23:33 - 2016-05-13 23:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-04-01 23:33 - 2016-05-13 23:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2017-04-01 23:33 - 2016-05-13 23:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2017-04-01 23:33 - 2016-05-13 23:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2017-04-01 23:33 - 2016-05-12 17:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2017-04-01 23:33 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2017-04-01 23:33 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2017-04-01 23:33 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2017-04-01 23:33 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2017-04-01 23:33 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2017-04-01 23:33 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2017-04-01 23:33 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2017-04-01 23:33 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2017-04-01 23:33 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2017-04-01 23:33 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2017-04-01 23:33 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2017-04-01 23:33 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2017-04-01 23:33 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2017-04-01 23:33 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2017-04-01 23:32 - 2016-09-12 23:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-04-01 23:32 - 2016-09-12 23:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-04-01 23:32 - 2016-09-09 17:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-04-01 23:32 - 2016-09-09 17:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-04-01 23:32 - 2016-09-09 17:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-04-01 23:32 - 2016-09-09 17:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-04-01 23:32 - 2016-09-09 17:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-04-01 23:32 - 2016-09-09 17:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-04-01 23:32 - 2016-09-09 17:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-04-01 23:32 - 2016-03-24 00:40 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2017-04-01 23:32 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2017-04-01 23:32 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2017-04-01 23:32 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2017-04-01 23:32 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2017-04-01 23:32 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2017-04-01 23:32 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2017-04-01 23:32 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2017-04-01 23:32 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2017-04-01 23:32 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2017-04-01 23:32 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2017-04-01 23:32 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2017-04-01 23:32 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2017-04-01 23:32 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2017-04-01 23:32 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2017-04-01 23:32 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2017-04-01 23:32 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2017-04-01 23:32 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2017-04-01 23:32 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2017-04-01 23:32 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2017-04-01 23:32 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2017-04-01 23:32 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2017-04-01 23:32 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2017-04-01 23:32 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2017-04-01 23:32 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2017-04-01 23:32 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2017-04-01 23:32 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2017-04-01 23:32 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2017-04-01 23:32 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2017-04-01 23:31 - 2016-08-16 22:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2017-04-01 23:31 - 2016-08-16 22:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2017-04-01 23:31 - 2016-08-16 22:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2017-04-01 23:31 - 2016-08-16 22:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2017-04-01 23:31 - 2016-08-16 22:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2017-04-01 23:31 - 2016-08-16 22:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2017-04-01 23:31 - 2016-08-16 22:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2017-04-01 23:31 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2017-04-01 23:31 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2017-04-01 23:31 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2017-04-01 23:31 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll 2017-04-01 23:31 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll 2017-04-01 23:31 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2017-04-01 23:31 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2017-04-01 23:31 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2017-04-01 23:31 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2017-04-01 23:31 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2017-04-01 23:31 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2017-04-01 23:31 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2017-04-01 23:31 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2017-04-01 23:31 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2017-04-01 23:31 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2017-04-01 23:31 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2017-04-01 23:31 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2017-04-01 23:31 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2017-04-01 23:30 - 2016-08-29 17:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-04-01 23:30 - 2016-08-29 17:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2017-04-01 23:30 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-04-01 23:30 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2017-04-01 23:30 - 2016-08-29 17:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2017-04-01 23:30 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2017-04-01 23:30 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2017-04-01 23:30 - 2015-10-29 19:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2017-04-01 23:30 - 2015-10-29 19:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2017-04-01 23:30 - 2015-10-29 19:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2017-04-01 23:30 - 2015-10-29 19:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2017-04-01 23:30 - 2015-10-29 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2017-04-01 23:30 - 2015-10-29 19:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2017-04-01 23:30 - 2015-10-29 19:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2017-04-01 23:30 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2017-04-01 23:30 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2017-04-01 23:30 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2017-04-01 23:30 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2017-04-01 23:30 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2017-04-01 23:30 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2017-04-01 23:30 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2017-04-01 23:30 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2017-04-01 23:30 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2017-04-01 23:30 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2017-04-01 23:30 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2017-04-01 23:30 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2017-04-01 23:30 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2017-04-01 23:30 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2017-04-01 23:30 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2017-04-01 23:30 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2017-04-01 23:30 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2017-04-01 23:30 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2017-04-01 23:30 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe 2017-04-01 23:29 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2017-04-01 23:29 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2017-04-01 23:29 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2017-04-01 23:29 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2017-04-01 23:29 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2017-04-01 23:29 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2017-04-01 23:29 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2017-04-01 23:29 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2017-04-01 23:29 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2017-04-01 23:29 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-04-01 23:29 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2017-04-01 23:29 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2017-04-01 23:29 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2017-04-01 23:29 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2017-04-01 23:29 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2017-04-01 23:29 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2017-03-30 15:39 - 2017-03-30 15:39 - 00000932 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk 2017-03-30 15:39 - 2017-03-30 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2017-03-30 15:39 - 2017-03-30 15:39 - 00000000 ____D C:\Program Files\CPUID 2017-03-30 11:58 - 2017-04-02 01:26 - 00263006 _____ C:\Windows\ntbtlog.txt 2017-03-16 18:11 - 2017-03-16 18:11 - 00000893 _____ C:\Users\Crassus\AppData\Roaming\Microsoft\Windows\Start Menu\MiFlash.lnk 2017-03-16 18:10 - 2017-03-16 18:14 - 00000000 ____D C:\Users\Crassus\.android 2017-03-16 18:07 - 2016-04-21 03:40 - 00140288 _____ (XiaoMi Corporation) C:\Windows\system32\qcCoInstaller.dll 2017-03-16 02:05 - 2017-03-16 02:16 - 00000000 ____D C:\Program Files (x86)\PdaNet for Android 2017-03-16 02:05 - 2011-11-25 02:25 - 00015360 _____ (June Fabrics Technology Inc.) C:\Windows\system32\Drivers\pneteth.sys 2017-03-16 01:44 - 2017-03-16 01:44 - 00000863 _____ C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk 2017-03-16 01:44 - 2017-03-16 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-03 15:14 - 2016-06-21 06:19 - 00007605 _____ C:\Users\Crassus\AppData\Local\Resmon.ResmonCfg 2017-04-03 14:54 - 2009-07-14 06:45 - 00034848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-04-03 14:54 - 2009-07-14 06:45 - 00034848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-04-03 14:46 - 2013-09-23 18:02 - 00000000 ____D C:\Program Files (x86)\Steam 2017-04-03 14:46 - 2011-04-12 15:21 - 00750822 _____ C:\Windows\system32\perfh015.dat 2017-04-03 14:46 - 2011-04-12 15:21 - 00162242 _____ C:\Windows\system32\perfc015.dat 2017-04-03 14:46 - 2009-07-14 07:13 - 01701472 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-03 14:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-04-03 14:44 - 2013-09-09 16:36 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{59C37157-2066-487A-8DF3-E286C09B1D04} 2017-04-03 14:41 - 2013-09-21 13:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-04-03 14:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-02 18:32 - 2009-07-14 06:45 - 00440984 _____ C:\Windows\system32\FNTCACHE.DAT 2017-04-02 17:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2017-04-02 15:59 - 2015-05-21 22:56 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-02 10:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat 2017-04-02 10:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing 2017-04-02 00:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2017-04-02 00:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism 2017-04-02 00:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers 2017-04-02 00:09 - 2013-09-21 12:58 - 01674078 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-03-30 21:53 - 2016-12-29 21:32 - 00000000 ____D C:\AdwCleaner 2017-03-30 20:57 - 2015-05-21 23:15 - 00000000 ____D C:\Users\Crassus\Documents\The Witcher 3 2017-03-30 17:41 - 2013-12-17 19:14 - 00000000 ____D C:\Users\Crassus\.umplayer 2017-03-29 23:37 - 2013-09-21 14:26 - 00002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-29 23:37 - 2013-09-21 14:26 - 00002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-03-29 00:41 - 2014-05-31 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2017-03-29 00:41 - 2014-05-30 23:53 - 00000000 ____D C:\ProgramData\Origin 2017-03-28 23:38 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-03-27 15:27 - 2014-08-26 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-03-27 15:27 - 2013-09-26 12:47 - 00000000 ____D C:\ProgramData\Oracle 2017-03-27 15:27 - 2013-09-26 12:46 - 00000000 ____D C:\Program Files (x86)\Java 2017-03-27 15:25 - 2014-08-26 10:59 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-03-22 13:13 - 2015-05-21 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2017-03-17 13:33 - 2015-05-21 22:55 - 00000000 ____D C:\Program Files (x86)\GalaxyClient 2017-03-16 18:10 - 2013-09-09 16:10 - 00000000 ____D C:\Users\Crassus 2017-03-14 12:37 - 2016-01-25 15:13 - 01008352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2017-03-14 12:37 - 2016-01-25 15:13 - 00186080 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2017-03-14 12:37 - 2015-06-16 22:56 - 00116448 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys 2017-03-14 12:36 - 2016-05-05 17:13 - 00244448 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2017-03-14 12:29 - 2013-09-09 16:11 - 00000000 ____D C:\Users\Crassus\AppData\Roaming\Atheros 2017-03-13 15:14 - 2013-09-09 16:11 - 00000000 ____D C:\Users\Crassus\Documents\Bluetooth Folder 2017-03-07 11:50 - 2009-07-14 07:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-11-12 19:11 - 2013-11-12 19:11 - 0000095 _____ () C:\Users\Crassus\AppData\Local\fusioncache.dat 2013-12-05 13:45 - 2013-12-05 13:45 - 0004096 ____H () C:\Users\Crassus\AppData\Local\keyfile3.drm 2016-06-21 06:19 - 2017-04-03 15:14 - 0007605 _____ () C:\Users\Crassus\AppData\Local\Resmon.ResmonCfg 2016-06-13 11:49 - 2016-06-13 11:49 - 0000057 _____ () C:\ProgramData\Ament.ini ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-03-29 21:48 ==================== Koniec FRST.txt ============================