Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-08-2017 Uruchomiony przez Asus (administrator) ASUS-KOMPUTER (23-08-2017 15:27:49) Uruchomiony z D:\Pobrane Załadowane profile: Asus & UpdatusUser (Dostępne profile: Asus & UpdatusUser) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (HP) C:\Windows\System32\HPSIsvc.exe () C:\Windows\System32\NA_Service.exe () C:\Windows\System32\ModbusDrvSys.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe () C:\Windows\System32\ModbusDrv.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (ASUS) C:\Program Files\P4G\BatteryLife.exe () C:\Windows\System32\NA_XWAY.exe (Schneider Electric Industries SAS) C:\Windows\System32\UsbConnect.exe (Schneider Electric) C:\Windows\System32\UsbConsole.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2015-02-18] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2015-02-18] (Realtek Semiconductor) HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1502457686-1715836619-4247055383-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-1502457686-1715836619-4247055383-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{1F52A806-21CF-41C2-93A6-7DE2256B2720}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{56CCB13A-9FDA-44FD-BB22-AD91A1E31073}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{A2847E52-1E7D-4C5D-8841-B65D7AAFB8E8}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{A2847E52-1E7D-4C5D-8841-B65D7AAFB8E8}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{B44A1B60-AB45-4704-BD77-1F361B037AC8}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{C88EE072-D9C8-47D6-9CAD-4D73F0CD776C}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{F4B33180-EA57-4B8F-81D6-D651AD62E9D9}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{F55AFDCD-2108-4151-A393-CA5717D86EEB}: [NameServer] 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130966780878275059&GUID=AE4D23F4-B7B3-4C3A-8A1A-87E4B3565B8F HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130966780878275059&GUID=AE4D23F4-B7B3-4C3A-8A1A-87E4B3565B8F HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1502457686-1715836619-4247055383-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1502457686-1715836619-4247055383-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp URLSearchHook: HKLM-x32 -> Domyślne = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-07-27] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-27] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @DVR/npmedia,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npmedia.dll [2016-06-30] () FF Plugin-x32: @DVR/npTimeGrid,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npTimeGrid.dll [2016-06-30] (Unauthorized copy) FF Plugin-x32: @haitao.com/npHaitaoPlugin -> C:\Users\Asus\AppData\Local\htyh\application\htwebHelper.dll [Brak pliku] FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1502457686-1715836619-4247055383-1000: www.wansview.com/HYPlayer -> D:\Program Files (x86)\HYPlayer\npHYPlayer.dll [2016-09-22] (IPC) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxp://google.pl/ CHR StartupUrls: Profile 1 -> "hxxp://google.pl/","hxxps://www.google.pl/","hxxp://google.pl/" CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2017-08-23] CHR Extension: (Dysk Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-05] CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-05] CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-17] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-02-05] CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-17] CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05] CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-08-23] CHR Extension: (Tłumacz Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-09-17] CHR Extension: (Prezentacje Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-07] CHR Extension: (Adblocker for Youtube™) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agalokjhnhheienloigiaoohgmjdpned [2017-08-02] CHR Extension: (Dysk Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-07] CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-08-01] CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-07] CHR Extension: (Adblock Plus) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-01] CHR Extension: (OneNote Online) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2016-09-16] CHR Extension: (Adblock dla serwisu Youtube™) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-08-01] CHR Extension: (Spotify - Music for every moment) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-07-14] CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-07] CHR Extension: (Adobe Acrobat) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-21] CHR Extension: (Gmail offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-09-17] CHR Extension: (Kalendarz Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-09] CHR Extension: (Arkusze Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-07] CHR Extension: (Booking.com for Chrome™) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2017-03-13] CHR Extension: (Boxy SVG) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gaoogdonmngmdlbinmiclicjpbjhgomg [2017-08-16] CHR Extension: (Dokumenty Google offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Dropbox) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-09-16] CHR Extension: (SoundCloud) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2016-09-16] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-16] CHR Extension: (Versal) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdopdpfompanpcllldljeocebhipoelj [2016-09-16] CHR Extension: (Pocket) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-09-17] CHR Extension: (Sticky Notes) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2016-09-18] CHR Extension: (Downloads) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2017-08-23] CHR Extension: (Save to Pocket) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-08-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-07] CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-07] CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-23] CHR HKU\S-1-5-21-1502457686-1715836619-4247055383-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Asus\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-09-16] CHR HKU\S-1-5-21-1502457686-1715836619-4247055383-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1502457686-1715836619-4247055383-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1502457686-1715836619-4247055383-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pnfdifjinnoooocgmbdioahcpaplhbhb] - ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [Brak podpisu cyfrowego] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [Brak podpisu cyfrowego] S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R2 NA_Service; C:\Windows\system32\NA_Service.exe [99328 2015-02-20] () [Brak podpisu cyfrowego] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [1997168 2015-06-06] (Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-26] (TeamViewer GmbH) R2 UsbConnect; C:\Windows\system32\UsbConnect.exe [128512 2013-02-04] (Schneider Electric Industries SAS) [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-09-10] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== UWAGA (Brak ServiceDLL) S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-01-26] (www.winchiphead.com) R3 Duntlw; C:\Windows\System32\Drivers\DuntlwNT.sys [72824 2012-06-12] (Schneider Electric Industries SAS) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-18] (REALiX(tm)) S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-08-01] (Malwarebytes) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] () [Brak podpisu cyfrowego] S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] () [Brak podpisu cyfrowego] S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2014-10-17] (Novation DMS Ltd.) S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-08-23 14:02 - 2017-08-23 13:52 - 000018248 _____ C:\Users\Asus\Desktop\Fixlog.txt 2017-08-23 11:25 - 2017-08-23 15:23 - 000000000 ____D C:\FRST 2017-08-22 15:41 - 2017-08-22 15:42 - 000000000 ____D C:\Users\Asus\Desktop\zipp ranger 2017-08-22 13:09 - 2017-08-22 13:10 - 000000000 ____D C:\Users\Asus\Desktop\zrzuty 2017-08-22 13:03 - 2017-08-22 13:03 - 000000000 ___RD C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2017-08-22 12:39 - 2017-08-22 12:39 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2017-08-22 12:39 - 2017-08-22 12:39 - 000001912 _____ C:\Windows\epplauncher.mif 2017-08-22 12:39 - 2017-08-22 12:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client 2017-08-22 12:38 - 2017-08-22 12:39 - 000000000 ____D C:\Program Files\Microsoft Security Client 2017-08-22 12:27 - 2017-08-22 12:27 - 000025051 _____ C:\ProgramData\1503397635.bdinstall.bin 2017-08-22 11:17 - 2017-08-22 11:17 - 000034128 _____ C:\ComboFix.txt 2017-08-22 10:26 - 2017-08-22 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-08-22 10:26 - 2017-08-22 10:26 - 000000000 ____D C:\ProgramData\Avira 2017-08-22 09:51 - 2017-08-22 09:55 - 000003452 _____ C:\Users\Asus\Desktop\Rkill.txt 2017-08-21 17:24 - 2017-08-23 14:07 - 000005106 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Asus-Komputer-Asus Asus-Komputer 2017-08-10 12:29 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe 2017-08-10 12:29 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe 2017-08-10 12:29 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2017-08-10 12:29 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2017-08-10 12:29 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2017-08-10 12:29 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe 2017-08-10 12:29 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe 2017-08-10 12:29 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe 2017-08-10 12:28 - 2017-08-22 11:17 - 000000000 ____D C:\Qoobox 2017-08-10 12:27 - 2017-08-10 12:50 - 000000000 ____D C:\Windows\erdnt 2017-08-10 12:26 - 2017-08-10 12:26 - 005659788 ____R (Swearware) C:\Users\Asus\Downloads\ComboFix.exe 2017-08-10 10:34 - 2017-08-10 10:34 - 000000855 _____ C:\Users\Asus\Desktop\µTorrent.lnk 2017-08-10 09:38 - 2017-08-10 09:38 - 000001054 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-08-09 09:20 - 2017-08-09 09:20 - 000000676 _____ C:\Users\Asus\Desktop\Core Temp.lnk 2017-08-09 09:01 - 2017-07-29 16:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2017-08-09 09:01 - 2017-07-21 16:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll 2017-08-09 09:01 - 2017-07-21 16:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll 2017-08-09 09:01 - 2017-07-21 16:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll 2017-08-09 09:01 - 2017-07-21 16:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll 2017-08-09 09:01 - 2017-07-15 20:35 - 000394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-08-09 09:01 - 2017-07-15 19:52 - 000346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2017-08-09 09:01 - 2017-07-14 17:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2017-08-09 09:01 - 2017-07-14 17:12 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-08-09 09:01 - 2017-07-14 17:12 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-08-09 09:01 - 2017-07-14 17:11 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2017-08-09 09:01 - 2017-07-14 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2017-08-09 09:01 - 2017-07-14 17:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2017-08-09 09:01 - 2017-07-14 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-08-09 09:01 - 2017-07-14 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-08-09 09:01 - 2017-07-14 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2017-08-09 09:01 - 2017-07-14 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2017-08-09 09:01 - 2017-07-14 16:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2017-08-09 09:01 - 2017-07-14 16:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2017-08-09 09:01 - 2017-07-14 16:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2017-08-09 09:01 - 2017-07-14 09:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-08-09 09:01 - 2017-07-14 09:15 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-08-09 09:01 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-08-09 09:01 - 2017-07-14 08:47 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-08-09 09:01 - 2017-07-14 08:45 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-08-09 09:01 - 2017-07-14 08:45 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-08-09 09:01 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-08-09 09:01 - 2017-07-14 08:44 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-08-09 09:01 - 2017-07-14 08:38 - 002899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-08-09 09:01 - 2017-07-14 08:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-08-09 09:01 - 2017-07-14 08:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-08-09 09:01 - 2017-07-14 08:22 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-08-09 09:01 - 2017-07-14 08:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-08-09 09:01 - 2017-07-14 08:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-08-09 09:01 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-08-09 09:01 - 2017-07-14 08:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-08-09 09:01 - 2017-07-14 08:08 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-08-09 09:01 - 2017-07-14 08:02 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-08-09 09:01 - 2017-07-14 07:49 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-08-09 09:01 - 2017-07-14 07:48 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-08-09 09:01 - 2017-07-14 07:47 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-08-09 09:01 - 2017-07-14 07:42 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-08-09 09:01 - 2017-07-14 07:40 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-08-09 09:01 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-08-09 09:01 - 2017-07-14 07:35 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-08-09 09:01 - 2017-07-14 07:33 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-08-09 09:01 - 2017-07-14 07:16 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-08-09 09:01 - 2017-07-14 07:11 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-08-09 09:01 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-08-09 09:01 - 2017-07-14 07:09 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-08-09 09:01 - 2017-07-14 07:09 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-08-09 09:01 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-08-09 09:01 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-08-09 09:01 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-08-09 09:01 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-08-09 09:01 - 2017-07-14 05:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-08-09 09:01 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-08-09 09:01 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-08-09 09:01 - 2017-07-14 04:48 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-08-09 09:01 - 2017-07-14 04:48 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-08-09 09:01 - 2017-07-14 04:48 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-08-09 09:01 - 2017-07-14 04:47 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-08-09 09:01 - 2017-07-14 04:44 - 002290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-08-09 09:01 - 2017-07-14 04:42 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-08-09 09:01 - 2017-07-14 04:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-08-09 09:01 - 2017-07-14 04:39 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-08-09 09:01 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-08-09 09:01 - 2017-07-14 04:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-08-09 09:01 - 2017-07-14 04:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-08-09 09:01 - 2017-07-14 04:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-08-09 09:01 - 2017-07-14 04:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-08-09 09:01 - 2017-07-14 04:25 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-08-09 09:01 - 2017-07-14 04:25 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-08-09 09:01 - 2017-07-14 04:23 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-08-09 09:01 - 2017-07-14 04:22 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-08-09 09:01 - 2017-07-14 04:21 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-08-09 09:01 - 2017-07-14 04:20 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-08-09 09:01 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-08-09 09:01 - 2017-07-14 04:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-08-09 09:01 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-08-09 09:01 - 2017-07-14 04:11 - 002057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-08-09 09:01 - 2017-07-14 04:11 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-08-09 09:01 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-08-09 09:01 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-08-09 09:01 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-08-09 09:01 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-08-09 09:01 - 2017-07-08 17:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2017-08-09 09:01 - 2017-07-08 17:00 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-08-09 09:01 - 2017-07-07 17:37 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-08-09 09:01 - 2017-07-07 17:33 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-08-09 09:01 - 2017-07-07 17:33 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-08-09 09:01 - 2017-07-07 17:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2017-08-09 09:01 - 2017-07-07 17:33 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-08-09 09:01 - 2017-07-07 17:33 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-08-09 09:01 - 2017-07-07 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:15 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-08-09 09:01 - 2017-07-07 17:15 - 003945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-08-09 09:01 - 2017-07-07 17:13 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-08-09 09:01 - 2017-07-07 17:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 17:02 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-08-09 09:01 - 2017-07-07 17:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-08-09 09:01 - 2017-07-07 17:01 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2017-08-09 09:01 - 2017-07-07 17:01 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-08-09 09:01 - 2017-07-07 16:58 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2017-08-09 09:01 - 2017-07-07 16:57 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2017-08-09 09:01 - 2017-07-07 16:54 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-08-09 09:01 - 2017-07-07 16:54 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-08-09 09:01 - 2017-07-07 16:54 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-08-09 09:01 - 2017-07-07 16:53 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-08-09 09:01 - 2017-07-07 16:53 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-08-09 09:01 - 2017-07-07 16:51 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-08-09 09:01 - 2017-07-07 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-08-09 09:01 - 2017-07-07 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-08-09 09:01 - 2017-07-07 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-08-09 09:01 - 2017-07-07 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-08-09 09:01 - 2017-07-07 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-08-09 09:01 - 2017-07-07 16:47 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 16:47 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 16:47 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-08-09 09:01 - 2017-07-07 16:47 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll 2017-08-09 09:01 - 2017-07-01 15:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll 2017-08-02 23:36 - 2017-08-02 23:36 - 000000000 ____D C:\Users\Asus\AppData\Roaming\DVDVideoSoft 2017-08-02 01:02 - 2017-08-23 13:54 - 000000008 __RSH C:\Users\Asus\ntuser.pol 2017-08-02 01:01 - 2017-08-02 01:01 - 000001562 _____ C:\Windows\Tasks\Communications RND Reflector.job 2017-08-01 21:30 - 2017-08-01 21:51 - 000000000 ____D C:\Users\Asus\AppData\Roaming\chroma 2017-08-01 21:28 - 2017-08-02 01:02 - 000000000 ____D C:\Users\Asus\AppData\Local\28f7d51171794bdeaf87103e128cc6f2 2017-08-01 21:28 - 2017-08-02 01:01 - 000016776 _____ C:\Windows\System32\Tasks\Communications RND Reflector 2017-08-01 21:27 - 2017-08-02 01:02 - 000000000 ____D C:\ProgramData\Google 2017-08-01 21:27 - 2017-08-01 22:23 - 000000000 ____D C:\Program Files (x86)\driverupdaterplus 2017-08-01 21:07 - 2017-08-01 21:07 - 000000000 ____D C:\Users\Asus\AppData\Local\AdvinstAnalytics 2017-08-01 21:05 - 2017-08-01 21:05 - 000000000 ____D C:\Users\Public\Documents\XMUpdate 2017-08-01 21:04 - 2017-08-23 14:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Toolkit Final 2017-08-01 11:00 - 2017-08-01 11:00 - 000002273 _____ C:\Users\Asus\Desktop\do wysłania.txt 2017-07-31 12:29 - 2017-07-17 11:52 - 000054272 _____ C:\Users\Asus\Desktop\winbox.exe 2017-07-31 12:00 - 2017-07-31 12:00 - 000000000 ____D C:\Users\Asus\AppData\Roaming\blueconnect 2017-07-31 11:55 - 2017-07-31 12:01 - 000000000 ____D C:\Program Files (x86)\blueconnect 2017-07-31 11:55 - 2017-07-31 11:55 - 000001057 _____ C:\Users\Public\Desktop\blueconnect.lnk 2017-07-31 11:55 - 2017-07-31 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\blueconnect 2017-07-31 11:55 - 2009-06-22 20:01 - 000132608 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbnet.sys 2017-07-31 11:55 - 2009-06-22 19:38 - 000116992 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2017-07-31 11:55 - 2009-06-22 19:26 - 000113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbdev.sys 2017-07-31 11:55 - 2007-08-09 04:10 - 000029696 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2017-07-31 11:39 - 2017-08-17 20:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-07-31 11:39 - 2017-08-10 09:25 - 000000000 ____D C:\Users\Asus\AppData\Roaming\TeamViewer 2017-07-31 11:39 - 2017-07-31 11:42 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-07-31 11:39 - 2017-07-31 11:42 - 000001045 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2017-07-31 11:39 - 2017-02-10 12:04 - 000035112 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\teamviewervpn.sys 2017-07-24 14:04 - 2015-12-14 18:40 - 000111104 _____ (Angryziber Software) C:\Users\Asus\Desktop\ipscan221.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-08-23 15:27 - 2016-01-07 21:25 - 000000544 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job 2017-08-23 15:27 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-08-23 15:27 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-08-23 15:19 - 2016-09-16 15:18 - 000000000 ___RD C:\Users\Asus\Dysk Google 2017-08-23 15:17 - 2017-06-25 22:16 - 000038319 _____ C:\Windows\system32\NetAccessLog.txt 2017-08-23 15:16 - 2015-02-18 11:24 - 000000000 ____D C:\ProgramData\NVIDIA 2017-08-23 15:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-08-23 15:15 - 2017-07-17 21:27 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HT1H 2017-08-23 15:15 - 2017-07-10 10:15 - 000000000 ____D C:\Users\Asus\Desktop\Thales 2017-08-23 13:54 - 2015-03-08 22:34 - 000000008 __RSH C:\ProgramData\ntuser.pol 2017-08-23 13:54 - 2015-02-17 18:56 - 000000000 ____D C:\Users\Asus 2017-08-23 13:52 - 2016-11-26 22:10 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Slack 2017-08-23 13:52 - 2016-05-30 06:59 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Temp 2017-08-23 13:52 - 2015-03-06 14:39 - 000000000 ____D C:\Users\Asus\AppData\Roaming\uTorrent 2017-08-23 13:51 - 2015-04-14 03:39 - 000000000 ___RD C:\Users\Asus\Desktop\Programy 2017-08-23 13:51 - 2015-03-13 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania 2017-08-23 13:51 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2017-08-23 13:32 - 2015-03-06 14:41 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Skype 2017-08-23 13:11 - 2011-04-12 15:21 - 000012650 _____ C:\Windows\system32\perfh015.dat 2017-08-23 13:11 - 2011-04-12 15:21 - 000004422 _____ C:\Windows\system32\perfc015.dat 2017-08-23 13:11 - 2009-07-14 07:13 - 000781832 _____ C:\Windows\system32\PerfStringBackup.INI 2017-08-23 13:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2017-08-23 12:10 - 2016-11-16 18:05 - 000004000 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{58E5E69A-E4EC-478D-B556-89D04EE6E037} 2017-08-23 11:11 - 2016-01-07 23:35 - 000000000 ____D C:\Windows\pss 2017-08-23 01:06 - 2016-09-16 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2017-08-22 23:24 - 2017-06-16 04:33 - 000000000 ____D C:\Windows\rescache 2017-08-22 13:10 - 2016-09-18 16:59 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Spotify 2017-08-22 13:06 - 2016-09-11 13:29 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\uTorrent 2017-08-22 12:59 - 2016-11-10 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-08-22 12:58 - 2016-11-10 19:18 - 000000000 ____D C:\Program Files (x86)\HP 2017-08-22 12:58 - 2016-11-10 19:16 - 000000000 ____D C:\ProgramData\HP 2017-08-22 12:30 - 2015-02-18 12:53 - 000000000 ____D C:\Users\Asus\AppData\Local\CrashDumps 2017-08-22 12:28 - 2016-11-26 22:09 - 000000000 ____D C:\Users\Asus\AppData\Local\slack 2017-08-22 12:27 - 2016-11-26 22:10 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies 2017-08-22 12:26 - 2016-11-26 22:09 - 000000000 ____D C:\Users\Asus\AppData\Local\SquirrelTemp 2017-08-22 12:25 - 2016-09-18 17:01 - 000000000 ____D C:\Users\Asus\AppData\Local\Spotify 2017-08-22 12:18 - 2015-02-18 12:01 - 000000000 ____D C:\Users\Asus\Documents\Bluetooth Folder 2017-08-22 12:06 - 2016-10-08 11:37 - 000007597 _____ C:\Users\Asus\AppData\Local\Resmon.ResmonCfg 2017-08-22 11:56 - 2015-02-18 11:01 - 000000000 ____D C:\Users\Asus\AppData\Local\Apps\2.0 2017-08-22 11:08 - 2015-02-18 11:41 - 000002568 _____ C:\Windows\system32\AutoRunFilter.ini 2017-08-22 11:07 - 2015-02-18 11:41 - 000001666 _____ C:\Windows\system32\ServiceFilter.ini 2017-08-22 11:07 - 2009-07-14 04:34 - 000000215 _____ C:\Windows\system.ini 2017-08-22 10:26 - 2015-03-12 02:13 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-21 17:22 - 2017-04-05 23:49 - 000100626 _____ C:\Users\Asus\Desktop\Netflix.xlsx 2017-08-21 16:38 - 2015-02-18 13:23 - 000000000 ____D C:\Program Files (x86)\Opera 2017-08-21 13:50 - 2017-07-10 10:45 - 000002238 ____H C:\Users\Asus\Documents\Default.rdp 2017-08-21 08:08 - 2015-03-06 14:15 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-08-18 08:39 - 2015-07-17 03:09 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-17 18:35 - 2010-11-21 05:27 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2017-08-17 17:28 - 2017-07-14 10:39 - 000000000 ____D C:\Program Files (x86)\ToolBox 2017-08-17 16:38 - 2015-02-18 13:23 - 000003898 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424258623 2017-08-17 16:33 - 2015-02-18 11:24 - 000000000 ____D C:\Users\UpdatusUser 2017-08-16 08:20 - 2015-06-25 16:11 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-08-16 08:19 - 2015-06-25 16:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-08-10 10:34 - 2015-03-06 14:40 - 000000835 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2017-08-10 09:54 - 2014-09-10 11:33 - 000000000 ____D C:\Windows\system32\MRT 2017-08-10 09:47 - 2009-07-14 06:45 - 000516152 _____ C:\Windows\system32\FNTCACHE.DAT 2017-08-10 09:38 - 2015-02-17 18:57 - 000001054 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-08-10 09:34 - 2015-02-17 22:12 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-08-10 09:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\ModemLogs 2017-08-09 14:31 - 2016-04-08 14:31 - 000004558 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-08-09 14:31 - 2015-03-06 14:15 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-08-09 14:31 - 2015-03-06 14:15 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-08-09 14:31 - 2015-03-06 14:15 - 000004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-08-09 14:31 - 2015-03-06 14:15 - 000000000 ____D C:\Windows\system32\Macromed 2017-08-09 09:20 - 2016-09-21 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp 2017-08-03 12:30 - 2016-10-10 18:11 - 000000000 ____D C:\Users\Asus\Documents\Pliki programu Outlook 2017-08-02 01:02 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Communications RND Reflector 2017-08-02 00:53 - 2017-07-17 21:27 - 000000000 ____D C:\Users\Asus\AppData\Local\UCBrowser 2017-08-01 21:28 - 2017-03-17 15:59 - 000251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-08-01 21:27 - 2015-02-18 11:11 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-08-01 21:05 - 2015-03-14 04:22 - 000000000 ____D C:\Users\Asus\AppData\Roaming\NVIDIA 2017-07-31 11:57 - 2015-02-17 18:56 - 000150904 _____ C:\Users\Asus\AppData\Local\GDIPFONTCACHEV1.DAT 2017-07-31 10:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2017-07-27 08:59 - 2016-06-15 09:30 - 000000000 ____D C:\ProgramData\Oracle 2017-07-27 08:55 - 2016-06-15 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-07-27 08:55 - 2016-06-15 09:29 - 000000000 ____D C:\Program Files (x86)\Java 2017-07-27 08:54 - 2016-06-15 09:30 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-06-09 14:02 - 2013-07-21 21:59 - 000012005 _____ () C:\Users\Asus\AppData\Roaming\alsoft.ini 2015-06-30 04:23 - 2016-01-07 19:50 - 000000024 _____ () C:\Users\Asus\AppData\Roaming\appdataFr25.bin 2016-01-10 19:25 - 2016-01-10 19:25 - 000000425 _____ () C:\Users\Asus\AppData\Roaming\spell.cfg 2016-10-08 11:37 - 2017-08-22 12:06 - 000007597 _____ () C:\Users\Asus\AppData\Local\Resmon.ResmonCfg 2015-03-25 16:54 - 2015-03-25 16:55 - 000014578 _____ () C:\Users\Asus\AppData\Local\WiDiSetupLog.20150325.155433.wdl 2017-08-22 12:27 - 2017-08-22 12:27 - 000025051 _____ () C:\ProgramData\1503397635.bdinstall.bin 2016-11-10 19:16 - 2017-08-22 13:00 - 000003770 _____ () C:\ProgramData\hpzinstall.log ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-08-22 23:17 ==================== Koniec FRST.txt ============================