Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06.06.2018 01 Uruchomiony przez User (administrator) USER-KOMPUTER (19-06-2018 13:19:50) Uruchomiony z C:\Users\User\Desktop Załadowane profile: User (Dostępne profile: User) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Webroot) C:\Program Files\Webroot\WRSA.exe (Webroot) C:\Program Files\Webroot\WRSA.exe (Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [136952 2018-05-30] (Intel) HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [3688336 2018-06-17] (Webroot) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 HKLM\...\Policies\Explorer: [NoShellSearchButton] 0 HKLM\...\Policies\Explorer: [NoFind] 0 HKLM\...\Policies\Explorer: [NoFile] 0 HKLM\...\Policies\Explorer: [HideClock] 0 HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0 HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKLM\...\Policies\Explorer: [NoSetFolders] 0 HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKLM\...\Policies\Explorer: [NoSetTaskbar] 0 HKLM\...\Policies\Explorer: [NoDeletePrinter] 0 HKLM\...\Policies\Explorer: [NoDFSTab] 0 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKLM\...\Policies\Explorer: [NoLogoff] 0 HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0 HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0 HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 0 HKLM\...\Policies\Explorer: [NoSaveSettings] 0 HKLM\...\Policies\Explorer: [NoHardwareTab] 0 HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKLM\...\Policies\Explorer: [NoDesktop] 0 HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd) HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2018-06-17] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2018-06-17] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{656CDCB8-ABCC-4421-A837-1AA23C75C737}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B868CD23-C49D-461B-B6E4-6C49B3F60C12}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2018-06-17] (Webroot) BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2018-06-17] (Webroot) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.) BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2018-06-17] (Webroot) BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2018-06-17] (Webroot) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.) Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2018-06-17] (Webroot) Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2018-06-17] (Webroot) FireFox: ======== FF DefaultProfile: oartehf7.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\oartehf7.default [2018-06-19] FF HKLM\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FF_WEBEX FF Extension: (Webroot Filtering Extension) - C:\ProgramData\WRData\PKG\FF_WEBEX [2018-06-17] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2018-03-05] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-3571309440-1360484222-4249323686-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-05-30] (Intel) R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885992 2018-04-06] () R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [185064 2018-04-06] () S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885992 2018-04-06] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [3688336 2018-06-17] (Webroot) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-06-19] (REALiX(tm)) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-06-14] (Malwarebytes) R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-04-06] () R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [144208 2018-06-17] (Webroot) S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [68896 2018-06-17] (Webroot) U0 SR; Brak ImagePath U2 srservice; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-06-19 13:19 - 2018-06-19 13:19 - 000017481 _____ C:\Users\User\Desktop\FRST.txt 2018-06-19 13:18 - 2018-06-19 13:18 - 000000000 ____D C:\Windows\Minidump 2018-06-19 13:18 - 2018-06-19 13:07 - 000280408 _____ C:\Windows\Minidump\061918-5584-01.dmp 2018-06-19 13:08 - 2018-06-19 13:18 - 000000000 ____D C:\Users\User\Desktop\Nowy folder (4) 2018-06-19 13:07 - 2018-06-19 13:07 - 396828514 _____ C:\Windows\MEMORY.DMP 2018-06-19 12:02 - 2018-06-19 12:02 - 000055960 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS 2018-06-19 12:01 - 2018-06-19 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2018-06-19 12:01 - 2018-06-19 12:12 - 000000000 ____D C:\Program Files\HWiNFO64 2018-06-19 11:16 - 2018-06-19 13:19 - 000000000 ____D C:\FRST 2018-06-19 11:09 - 2018-06-19 11:09 - 002413056 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2018-06-19 10:08 - 2018-06-19 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1 2018-06-19 10:08 - 2018-06-19 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64) 2018-06-19 10:08 - 2018-06-19 10:08 - 000000000 ____D C:\Program Files\Microsoft SDKs 2018-06-18 17:27 - 2018-06-19 10:16 - 000000000 ____D C:\Program Files (x86)\Google 2018-06-18 17:27 - 2018-06-18 19:45 - 000000000 ____D C:\Users\User\AppData\Local\Google 2018-06-17 23:13 - 2018-06-19 13:13 - 000180600 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll 2018-06-17 23:13 - 2018-06-19 13:13 - 000112112 _____ (Webroot) C:\Windows\system32\WRusr.dll 2018-06-17 23:13 - 2018-06-17 23:13 - 000144208 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys 2018-06-17 23:13 - 2018-06-17 23:13 - 000068896 ____T (Webroot) C:\Windows\system32\Drivers\wrUrlFlt.sys 2018-06-17 23:13 - 2018-06-17 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere 2018-06-17 23:13 - 2018-06-17 23:13 - 000000000 ____D C:\Program Files\Webroot 2018-06-17 23:13 - 2018-06-17 23:13 - 000000000 ____D C:\Program Files\Common Files\Webroot 2018-06-16 11:14 - 2018-06-16 11:14 - 000000000 ____D C:\Users\User\AppData\Roaming\JAM Software 2018-06-16 11:06 - 2018-06-16 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeavyLoad 2018-06-16 11:06 - 2018-06-16 11:06 - 000000000 ____D C:\Program Files\JAM Software 2018-06-16 10:59 - 2018-06-16 10:59 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2018-06-16 10:58 - 2012-06-19 10:54 - 004065296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2018-06-16 10:58 - 2012-06-19 07:31 - 000293889 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2018-06-16 10:58 - 2012-06-08 10:23 - 000083072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll 2018-06-16 10:58 - 2012-06-08 10:21 - 000897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll 2018-06-16 10:58 - 2012-06-08 10:21 - 000753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll 2018-06-16 10:58 - 2012-06-08 10:18 - 003615888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2018-06-16 10:58 - 2012-06-06 04:44 - 000869520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2018-06-16 10:58 - 2012-06-01 03:37 - 002674320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2018-06-16 10:58 - 2012-05-31 12:08 - 000105616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2018-06-16 10:58 - 2012-05-10 09:22 - 001262696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2018-06-16 10:58 - 2012-04-10 08:40 - 002533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2018-06-16 10:58 - 2012-04-03 12:42 - 001015640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2018-06-16 10:58 - 2012-03-08 05:47 - 000202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2018-06-16 10:58 - 2012-03-08 05:47 - 000108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2018-06-16 10:58 - 2012-02-21 13:45 - 002605400 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2018-06-16 10:58 - 2011-12-20 09:32 - 000331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2018-06-16 10:58 - 2011-12-18 11:58 - 002131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2018-06-16 10:58 - 2011-12-16 08:57 - 000065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll 2018-06-16 10:58 - 2011-12-13 10:58 - 001560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2018-06-16 10:58 - 2011-11-22 10:28 - 000014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2018-06-16 10:58 - 2010-11-08 01:31 - 000375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2018-06-16 10:58 - 2010-11-08 01:31 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2018-06-16 10:58 - 2010-11-08 01:31 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2018-06-16 10:58 - 2010-11-08 01:31 - 000204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2018-06-16 10:58 - 2010-11-08 01:31 - 000101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2018-06-16 10:58 - 2010-11-08 01:31 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2018-06-16 10:58 - 2010-11-03 12:30 - 000149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2018-06-16 10:58 - 2010-09-27 03:34 - 000318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2018-06-16 10:58 - 2009-11-24 03:55 - 000518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2018-06-16 10:58 - 2009-11-24 03:55 - 000211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2018-06-16 10:58 - 2009-11-24 03:55 - 000198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2018-06-16 10:58 - 2009-11-24 03:55 - 000155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2018-06-16 10:58 - 2009-11-18 01:13 - 000060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll 2018-06-16 10:19 - 2018-06-16 10:19 - 000003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2018-06-16 10:19 - 2018-06-16 10:19 - 000000266 __RSH C:\ProgramData\ntuser.pol 2018-06-16 10:08 - 2018-04-06 20:54 - 000043008 _____ C:\Windows\system32\Drivers\semav6msr64.sys 2018-06-16 10:07 - 2018-06-16 10:31 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant 2018-06-16 10:07 - 2018-06-16 10:29 - 000000000 ____D C:\ProgramData\Package Cache 2018-06-16 10:07 - 2018-06-16 10:29 - 000000000 ____D C:\Program Files\Intel 2018-06-16 10:07 - 2018-06-16 10:08 - 000003482 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK 2018-06-16 10:07 - 2018-06-16 10:07 - 000003616 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2018-06-16 10:07 - 2018-06-16 10:07 - 000003370 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2018-06-16 10:07 - 2018-06-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant 2018-06-15 10:07 - 2018-06-15 10:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-06-14 16:00 - 2018-05-29 22:36 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-06-14 16:00 - 2018-05-29 21:40 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-06-14 16:00 - 2018-05-29 04:43 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-06-14 16:00 - 2018-05-29 04:41 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-06-14 16:00 - 2018-05-29 04:41 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-06-14 16:00 - 2018-05-29 04:41 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-06-14 16:00 - 2018-05-29 04:41 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-06-14 16:00 - 2018-05-29 04:41 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-06-14 16:00 - 2018-05-29 04:35 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-06-14 16:00 - 2018-05-29 04:32 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-06-14 16:00 - 2018-05-29 04:32 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:25 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 04:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-06-14 16:00 - 2018-05-29 04:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-06-14 16:00 - 2018-05-29 04:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-06-14 16:00 - 2018-05-29 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-06-14 16:00 - 2018-05-29 04:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-06-14 16:00 - 2018-05-29 03:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-06-14 16:00 - 2018-05-29 03:59 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-06-14 16:00 - 2018-05-29 03:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2018-06-14 16:00 - 2018-05-29 03:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-06-14 16:00 - 2018-05-29 03:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-06-14 16:00 - 2018-05-29 03:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-06-14 16:00 - 2018-05-29 03:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-06-14 16:00 - 2018-05-29 03:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-06-14 16:00 - 2018-05-29 03:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 03:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 03:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 03:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-06-14 16:00 - 2018-05-29 03:56 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-06-14 16:00 - 2018-05-29 03:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-06-14 16:00 - 2018-05-29 03:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-06-14 16:00 - 2018-05-29 03:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-06-14 16:00 - 2018-05-29 03:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-06-14 16:00 - 2018-05-29 02:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-06-14 16:00 - 2018-05-25 07:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-06-14 16:00 - 2018-05-25 06:59 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2018-06-14 16:00 - 2018-05-25 06:59 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2018-06-14 16:00 - 2018-05-25 06:46 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-06-14 16:00 - 2018-05-25 06:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2018-06-14 16:00 - 2018-05-25 06:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-06-14 16:00 - 2018-05-25 06:44 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-06-14 16:00 - 2018-05-25 06:44 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2018-06-14 16:00 - 2018-05-25 06:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2018-06-14 16:00 - 2018-05-25 06:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-06-14 16:00 - 2018-05-25 06:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2018-06-14 16:00 - 2018-05-25 06:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2018-06-14 16:00 - 2018-05-25 06:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-06-14 16:00 - 2018-05-25 06:33 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-06-14 16:00 - 2018-05-25 06:32 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-06-14 16:00 - 2018-05-25 06:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-06-14 16:00 - 2018-05-25 06:32 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2018-06-14 16:00 - 2018-05-25 06:32 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2018-06-14 16:00 - 2018-05-25 06:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2018-06-14 16:00 - 2018-05-25 06:24 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2018-06-14 16:00 - 2018-05-25 06:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-06-14 16:00 - 2018-05-25 06:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-06-14 16:00 - 2018-05-25 06:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2018-06-14 16:00 - 2018-05-25 06:15 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2018-06-14 16:00 - 2018-05-25 06:15 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2018-06-14 16:00 - 2018-05-25 06:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2018-06-14 16:00 - 2018-05-25 06:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2018-06-14 16:00 - 2018-05-25 06:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2018-06-14 16:00 - 2018-05-25 06:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2018-06-14 16:00 - 2018-05-25 06:12 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-06-14 16:00 - 2018-05-25 06:10 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2018-06-14 16:00 - 2018-05-25 06:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-06-14 16:00 - 2018-05-25 06:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2018-06-14 16:00 - 2018-05-25 06:08 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-06-14 16:00 - 2018-05-25 06:08 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2018-06-14 16:00 - 2018-05-25 06:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2018-06-14 16:00 - 2018-05-25 06:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-06-14 16:00 - 2018-05-25 06:06 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2018-06-14 16:00 - 2018-05-25 06:05 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-06-14 16:00 - 2018-05-25 06:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2018-06-14 16:00 - 2018-05-25 05:57 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2018-06-14 16:00 - 2018-05-25 05:57 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-06-14 16:00 - 2018-05-25 05:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-06-14 16:00 - 2018-05-25 05:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-06-14 16:00 - 2018-05-25 05:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-06-14 16:00 - 2018-05-25 05:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-06-14 16:00 - 2018-05-25 05:53 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2018-06-14 16:00 - 2018-05-25 05:52 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2018-06-14 16:00 - 2018-05-25 05:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2018-06-14 16:00 - 2018-05-25 05:51 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2018-06-14 16:00 - 2018-05-25 05:49 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2018-06-14 16:00 - 2018-05-25 05:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2018-06-14 16:00 - 2018-05-25 05:47 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2018-06-14 16:00 - 2018-05-25 05:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2018-06-14 16:00 - 2018-05-25 05:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-06-14 16:00 - 2018-05-25 05:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2018-06-14 16:00 - 2018-05-25 05:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-06-14 16:00 - 2018-05-25 05:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-06-14 16:00 - 2018-05-25 05:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-06-14 16:00 - 2018-05-25 05:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-06-14 16:00 - 2018-05-25 05:37 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2018-06-14 16:00 - 2018-05-25 05:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-06-14 16:00 - 2018-05-25 05:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-06-14 16:00 - 2018-05-25 05:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-06-14 16:00 - 2018-05-25 05:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-06-14 16:00 - 2018-05-25 05:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-06-14 16:00 - 2018-05-15 06:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2018-06-14 16:00 - 2018-05-15 05:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2018-06-14 16:00 - 2018-05-15 05:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2018-06-14 16:00 - 2018-05-15 05:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2018-06-14 16:00 - 2018-05-15 05:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2018-06-14 16:00 - 2018-05-15 05:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2018-06-14 16:00 - 2018-05-15 05:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2018-06-14 16:00 - 2018-05-15 05:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2018-06-14 16:00 - 2018-05-15 05:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll 2018-06-14 16:00 - 2018-05-15 05:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2018-06-14 16:00 - 2018-05-15 05:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2018-06-14 16:00 - 2018-05-15 05:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2018-06-14 16:00 - 2018-05-15 05:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2018-06-14 16:00 - 2018-05-15 03:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2018-06-14 16:00 - 2018-05-15 03:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2018-06-14 16:00 - 2018-05-12 04:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2018-06-14 16:00 - 2018-05-12 04:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2018-06-14 16:00 - 2018-05-12 04:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2018-06-14 16:00 - 2018-05-11 23:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2018-06-14 16:00 - 2018-05-11 23:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2018-06-14 16:00 - 2018-05-11 23:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2018-06-14 16:00 - 2018-05-11 02:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2018-06-14 16:00 - 2018-05-11 02:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2018-06-14 16:00 - 2018-05-11 02:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2018-06-14 16:00 - 2018-04-06 18:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2018-06-14 16:00 - 2018-04-06 18:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2018-06-14 13:24 - 2018-06-14 13:24 - 000000000 ____D C:\Users\User\Desktop\Nowy folder 2018-06-02 15:30 - 2018-06-06 03:33 - 000000000 ____D C:\Users\User\Desktop\Nowy folder (3) 2018-05-23 13:02 - 2018-05-23 13:02 - 000000020 _____ C:\Users\User\Desktop\Nowy dokument tekstowy (2).txt ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-06-19 13:19 - 2018-03-05 12:57 - 000000000 ____D C:\Users\User\Desktop\Diagnostyka 2018-06-19 13:19 - 2011-04-12 15:21 - 000740036 _____ C:\Windows\system32\perfh015.dat 2018-06-19 13:19 - 2011-04-12 15:21 - 000155610 _____ C:\Windows\system32\perfc015.dat 2018-06-19 13:19 - 2009-07-14 07:13 - 001668930 _____ C:\Windows\system32\PerfStringBackup.INI 2018-06-19 13:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-06-19 13:18 - 2018-03-04 01:33 - 000000000 ____D C:\Windows\Panther 2018-06-19 13:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-06-19 13:08 - 2018-03-04 23:08 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla 2018-06-19 13:07 - 2018-03-04 23:43 - 000000000 ____D C:\ProgramData\WRData 2018-06-19 12:00 - 2018-03-12 18:30 - 000000000 ____D C:\Users\User\Desktop\Pobieranie 2018-06-19 11:24 - 2018-03-05 12:02 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-06-19 11:23 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-06-19 11:23 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-06-19 10:08 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-06-18 17:02 - 2018-03-04 03:08 - 000000000 ____D C:\totalcmd 2018-06-17 23:20 - 2018-03-04 22:44 - 000000000 ____D C:\Users\User\Desktop\do wyjasnienia 2018-06-17 23:14 - 2018-03-18 18:53 - 000000000 ____D C:\Users\User\AppData\LocalLow\webroot 2018-06-17 23:14 - 2018-03-18 18:53 - 000000000 ____D C:\Users\User\AppData\Local\lptmp 2018-06-16 12:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2018-06-16 10:59 - 2018-03-04 01:50 - 000000000 ___HD C:\Program Files (x86)\Temp 2018-06-16 10:58 - 2018-03-04 01:46 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-06-16 10:43 - 2018-03-04 01:49 - 000016276 _____ C:\Windows\system32\results.xml 2018-06-16 10:40 - 2018-03-04 01:46 - 000000000 ____D C:\Program Files (x86)\Realtek 2018-06-16 10:19 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2018-06-16 10:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2018-06-16 10:11 - 2018-03-04 01:48 - 000000000 ____D C:\ProgramData\Intel 2018-06-16 09:42 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Registration 2018-06-15 10:07 - 2018-03-04 23:08 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-06-15 10:07 - 2018-03-04 23:08 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk 2018-06-15 10:07 - 2018-03-04 23:08 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-06-15 09:03 - 2009-07-14 06:45 - 000296472 _____ C:\Windows\system32\FNTCACHE.DAT 2018-06-14 23:58 - 2018-03-09 21:02 - 000000000 ____D C:\Users\User\Desktop\KOMP 2018-06-14 23:05 - 2018-03-12 15:07 - 000000000 ____D C:\Users\User\Desktop\Filmy napisy 2018-06-14 14:49 - 2018-03-04 23:50 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-06-14 14:46 - 2018-03-04 23:13 - 000000000 ____D C:\Users\User\Desktop\Pliki instalacyjne 2018-06-14 14:43 - 2018-03-04 23:29 - 000000000 ____D C:\Users\User\AppData\Local\Opera Software 2018-06-13 16:35 - 2018-03-04 04:30 - 000000000 ____D C:\Windows\system32\MRT 2018-06-13 16:34 - 2018-03-04 04:30 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-06-13 16:34 - 2018-03-04 04:30 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-06-10 22:20 - 2018-03-12 15:07 - 000000000 ____D C:\Users\User\Desktop\Filmy lektor 2018-06-10 19:35 - 2009-07-14 07:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-06-06 16:53 - 2018-05-04 12:17 - 000000000 ____D C:\Users\User\Desktop\Nowy folder (2) ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-03-18 18:53 - 2018-06-17 23:14 - 018102328 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-06-08 13:39 ==================== Koniec FRST.txt ============================