Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-08-2016 01 Uruchomiony przez OSHI (administrator) LAPTOP-2MUNA3D3 (16-08-2016 07:29:32) Uruchomiony z C:\Users\OSHI\Desktop\FRST Załadowane profile: OSHI (Dostępne profile: OSHI) Platform: Windows 10 Home (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel Corporation) C:\Windows\System32\IntelCpHDCPSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\Lenovo\LenovoUtility\utility.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseInfo.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-04-01] (Realtek Semiconductor) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-12-05] () HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16473856 2016-04-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-04-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-04-01] (Realtek Semiconductor) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [736768 2016-02-04] () HKLM-x32\...\Run: [Intel(R) RealSense(TM) SDK info server] => C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseInfo.exe [21144 2015-07-16] (Intel Corporation) HKU\S-1-5-21-3562009082-1077438095-1519389639-1001\...\MountPoints2: {9b0e27d2-4768-11e6-9be8-507b9d810f0d} - "E:\Startme.exe" HKU\S-1-5-21-3562009082-1077438095-1519389639-1001\...\MountPoints2: {a52e91d8-179e-11e6-9bd1-507b9d810f0d} - "E:\autorun.exe" AppInit_DLLs: C:\ProgramData\Konksolex\ZoneGotam.dll => Brak pliku AppInit_DLLs-x32: C:\ProgramData\Konksolex\Hattraxtouch.dll => Brak pliku ShellIconOverlayIdentifiers: [JzShlobj] -> {7B286609-DA97-47E1-AC6B-33B8B4732C95} => Brak pliku ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => Brak pliku ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{15e916cf-0078-4bb0-9d3c-23d925a45a03}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{ebf6ed8a-f507-4579-b466-477755bd3c9e}: [DhcpNameServer] 62.233.233.233 Internet Explorer: ================== HKU\S-1-5-21-3562009082-1077438095-1519389639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKU\S-1-5-21-3562009082-1077438095-1519389639-1001 -> {046BF511-2AAC-4E4A-96F8-813EB01E3F81} URL = FireFox: ======== FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-11] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-15] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-15] CHR Extension: (Dokumenty Google) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-15] CHR Extension: (Dysk Google) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-15] CHR Extension: (YouTube) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-15] CHR Extension: (Arkusze Google) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-15] CHR Extension: (Dokumenty Google offline) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-15] CHR Extension: (Gmail) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-15] CHR Extension: (Chrome Media Router) - C:\Users\OSHI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-15] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo) R2 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [476624 2016-08-11] (Intel Corporation) R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Brak podpisu cyfrowego] S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [244800 2016-07-04] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-06-08] (GOG.com) R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [135408 2015-09-16] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [341968 2016-08-11] (Intel Corporation) R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [59216 2016-07-01] (Lenovo Group Limited) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-07-17] (Lenovo) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] () S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5691912 2016-05-18] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 O2FLASH; C:\Windows\System32\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International) R2 O2FLASH; C:\WINDOWS\SysWOW64\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International) R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Corporation) S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255096 2016-05-11] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation) S2 Citdhwa; "C:\Users\OSHI\AppData\Roaming\AzigcWig\Geeswu.exe" -cms [X] S2 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.5.471.0\McCSPServiceHost.exe" [X] S2 nplus; "C:\Program Files\ktip\ktip.exe" /s iid=8202248 did=APSFTuto4PC sid=11 ref=42b4b248-27ad-c56a-8635-19532422e091-PolicyMac id=2f06fafcae001e9deaa8c16f5bb034930462277e3185461210b98f9f4f562a1f [X] S4 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2016-07-12] (Sony Mobile Communications) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [122120 2015-09-17] (Intel Corporation) R3 IntelDFUACPI; C:\Windows\System32\drivers\IntelDFUACPI.sys [36352 2015-10-15] (Intel(R) Corporation) R3 IXCamera; C:\Windows\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-28] (Intel Corporation) R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [7075568 2015-08-23] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-06-03] (NVIDIA Corporation) R3 O2FJ2RDR; C:\Windows\System32\drivers\O2FJ2x64.sys [201240 2015-05-21] (BayHubTech/O2Micro ) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-16] (Realtek ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [50808 2016-05-11] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [51320 2016-05-11] (Synaptics Incorporated) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-08-14] (Zemana Ltd.) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-08-16 07:25 - 2016-08-16 07:29 - 00000000 ____D C:\FRST 2016-08-16 06:58 - 2016-08-16 06:58 - 00000000 ____D C:\Users\OSHI\Desktop\OTL 2016-08-16 06:57 - 2016-08-16 07:29 - 00000000 ____D C:\Users\OSHI\Desktop\FRST 2016-08-16 06:28 - 2016-08-16 06:28 - 00016148 _____ C:\WINDOWS\system32\LAPTOP-2MUNA3D3_OSHI_HistoryPrediction.bin 2016-08-16 06:28 - 2016-08-16 06:28 - 00000000 ___HD C:\OneDriveTemp 2016-08-15 20:39 - 2016-08-15 20:39 - 00243298 _____ C:\Users\OSHI\Downloads\FAQ_Monstercards_PL.pdf 2016-08-15 16:51 - 2016-08-15 16:51 - 05810591 _____ C:\WINDOWS\NGIPacket.KTL 2016-08-15 16:51 - 2016-08-15 16:51 - 01465682 _____ C:\WINDOWS\ProcessedPackets.KTL 2016-08-15 16:51 - 2016-08-15 16:51 - 00288386 _____ C:\WINDOWS\NGIControl.KTL 2016-08-15 16:51 - 2016-08-15 16:51 - 00017310 _____ C:\WINDOWS\Control.KTL 2016-08-15 16:46 - 2016-08-15 16:46 - 00000000 ____D C:\Users\OSHI\Documents\BioWare 2016-08-15 16:45 - 2016-08-15 16:45 - 00001061 _____ C:\Users\Public\Desktop\Mass Effect 3.lnk 2016-08-15 16:45 - 2016-08-15 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 3 2016-08-15 16:24 - 2016-08-15 16:46 - 00000000 __SHD C:\WINDOWS\ei_temp 2016-08-15 15:45 - 2016-08-15 15:45 - 00033199 _____ C:\Users\OSHI\Downloads\[www.tnt24.info] Mass Effect 3 - REPACK [PL].torrent 2016-08-15 10:21 - 2016-08-16 06:32 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-15 10:21 - 2016-08-16 06:28 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-15 10:21 - 2016-08-15 10:27 - 00004146 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-08-15 10:21 - 2016-08-15 10:27 - 00003914 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-08-15 10:21 - 2016-08-15 10:21 - 00002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-08-15 10:21 - 2016-08-15 10:21 - 00002349 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-08-15 10:21 - 2016-08-15 10:21 - 00000000 ____D C:\Users\OSHI\AppData\Local\Deployment 2016-08-15 10:19 - 2016-08-15 10:19 - 00000000 ____D C:\Users\OSHI\Downloads\Gameforge Live 2016-08-15 08:57 - 2016-08-15 09:07 - 00000000 ____D C:\ProgramData\SecTaskMan 2016-08-15 08:57 - 2016-08-15 09:03 - 00000000 ____D C:\Program Files (x86)\Security Task Manager 2016-08-14 20:37 - 2016-08-16 07:29 - 00221979 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2016-08-14 20:37 - 2016-08-15 09:09 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2016-08-14 20:37 - 2016-08-15 09:02 - 00061860 _____ C:\WINDOWS\ZAM.krnl.trace 2016-08-14 20:37 - 2016-08-14 20:37 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2016-08-14 20:37 - 2016-08-14 20:37 - 00000000 ____D C:\Users\OSHI\AppData\Local\Zemana 2016-08-14 20:08 - 2016-08-14 20:20 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2016-08-14 20:07 - 2016-08-14 20:07 - 00000000 ____D C:\WINDOWS\pss 2016-08-14 19:34 - 2016-08-14 19:38 - 00000000 ____D C:\Program Files\Plumbytes Software 2016-08-14 18:47 - 2016-08-14 18:47 - 00000000 ____D C:\WINDOWS\system32\pido 2016-08-14 18:39 - 2016-08-16 06:30 - 00004224 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{95766659-211D-464D-9B73-7B364E141D62} 2016-08-14 18:38 - 2016-08-14 18:38 - 03784256 _____ C:\Users\OSHI\Desktop\adwcleaner_6.000.exe 2016-08-14 18:34 - 2016-08-14 20:46 - 00000000 ___HD C:\Program Files\nplus 2016-08-14 18:34 - 2016-08-14 18:34 - 00000000 ____D C:\Users\OSHI\AppData\Roaming\Mozilla 2016-08-14 18:34 - 2016-08-14 18:34 - 00000000 ____D C:\Program Files\żěŃą 2016-08-14 18:33 - 2016-08-14 18:33 - 07118336 _____ C:\Users\OSHI\AppData\Roaming\agent.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 02279413 _____ C:\Users\OSHI\AppData\Roaming\ZummaDax.bin 2016-08-14 18:33 - 2016-08-14 18:33 - 01899844 _____ C:\Users\OSHI\AppData\Roaming\Trueantough.tst 2016-08-14 18:33 - 2016-08-14 18:33 - 00188578 _____ () C:\Users\OSHI\AppData\Roaming\Donfax.bin 2016-08-14 18:33 - 2016-08-14 18:33 - 00126464 _____ C:\Users\OSHI\AppData\Roaming\noah.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 00126464 _____ C:\Users\OSHI\AppData\Roaming\lobby.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 00072703 _____ C:\Users\OSHI\AppData\Roaming\BamHold.tst 2016-08-14 18:33 - 2016-08-14 18:33 - 00070704 _____ C:\Users\OSHI\AppData\Roaming\Config.xml 2016-08-14 18:33 - 2016-08-14 18:33 - 00054272 _____ C:\Users\OSHI\AppData\Roaming\ApplicationHosting.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 00018432 _____ C:\Users\OSHI\AppData\Roaming\Main.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 00005568 _____ C:\Users\OSHI\AppData\Roaming\md.xml 2016-08-14 18:32 - 2016-08-14 20:46 - 00000000 ____D C:\Users\OSHI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器 2016-08-14 18:32 - 2016-08-14 20:39 - 00000000 ____D C:\Users\OSHI\AppData\Roaming\Hemkajdoa 2016-08-14 18:32 - 2016-08-14 18:34 - 00020016 _____ C:\Users\OSHI\AppData\Roaming\InstallationConfiguration.xml 2016-08-14 18:32 - 2016-08-14 18:32 - 00848437 _____ C:\Users\OSHI\AppData\Roaming\Toughair.bin 2016-08-14 18:32 - 2016-08-14 18:32 - 00138240 _____ C:\Users\OSHI\AppData\Roaming\Installer.dat 2016-08-14 18:32 - 2016-08-14 18:32 - 00000000 ____D C:\Users\OSHI\AppData\LocalLow\Company 2016-08-14 18:32 - 2016-08-14 18:32 - 00000000 ____D C:\Users\OSHI\AppData\Local\Tempfolder 2016-08-14 18:31 - 2016-08-15 10:21 - 00000000 ____D C:\Users\OSHI\AppData\Local\Apps\2.0 2016-08-14 18:30 - 2016-08-14 18:30 - 00003286 _____ C:\WINDOWS\System32\Tasks\{9B7C31D8-3596-4F2E-A6F3-D9C67824A619} 2016-08-14 18:29 - 2016-08-14 18:29 - 00001552 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak 2016-08-14 18:29 - 2016-08-14 18:29 - 00000000 ___HD C:\Program Files (x86)\yu6D58C 2016-08-14 18:29 - 2016-08-14 18:29 - 00000000 ____D C:\Users\OSHI\AppData\Local\UCBrowser 2016-08-14 18:29 - 2016-08-14 18:29 - 00000000 ____D C:\ProgramData\AVAST Software 2016-08-14 18:29 - 2016-08-14 18:29 - 00000000 ____D C:\Program Files (x86)\UCBrowser 2016-08-14 18:28 - 2016-08-14 20:46 - 00000000 ____D C:\Program Files (x86)\sbqh 2016-08-14 18:28 - 2016-08-14 18:28 - 00000000 ____D C:\Users\OSHI\AppData\Roaming\NVIDIA 2016-08-14 18:27 - 2016-08-14 18:29 - 00009040 _____ C:\WINDOWS\System32\Tasks\Dahashhecech Reports 2016-08-14 18:27 - 2016-08-14 18:28 - 00000000 ____D C:\Users\OSHI\AppData\Local\cooqolemetetionsuzaward 2016-08-14 18:27 - 2016-08-14 18:27 - 00000000 ___HD C:\Program Files (x86)\bsgB99D 2016-08-14 11:49 - 2016-08-15 10:18 - 00000000 ____D C:\Program Files (x86)\Winamp 2016-08-11 11:42 - 2016-08-15 15:45 - 00000000 ____D C:\Users\OSHI\AppData\LocalLow\uTorrent 2016-08-11 11:27 - 2016-08-11 11:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-08-11 11:27 - 2016-08-11 11:27 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2016-08-11 11:26 - 2016-08-11 11:26 - 55104024 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 46967664 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 36638712 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 24680952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 16207288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 13698560 _____ (Intel Corporation) C:\WINDOWS\system32\ig9icd64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 10462712 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig9icd32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 08080274 _____ C:\WINDOWS\system32\igdclbif.bin 2016-08-11 11:26 - 2016-08-11 11:26 - 07019008 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 06886912 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 06626576 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 06311416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 05088104 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 05056512 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 04840448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 03049256 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 02914000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 02648360 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 02323456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 02058312 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 01816704 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 01814048 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 01711104 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 01345056 _____ C:\WINDOWS\system32\iga64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 01113984 _____ C:\WINDOWS\SysWOW64\iga32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 01018320 _____ (Intel Corporation) C:\WINDOWS\system32\igxpun.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00992720 _____ C:\WINDOWS\system32\igfxSDK.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00911824 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00906192 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00829802 _____ C:\WINDOWS\system32\DisplayAudiox64.cab 2016-08-11 11:26 - 2016-08-11 11:26 - 00642048 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00560260 _____ C:\WINDOWS\system32\cp_resources.bin 2016-08-11 11:26 - 2016-08-11 11:26 - 00532432 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00476624 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00460800 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00458704 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00433864 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00427512 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00412392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00411648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00349200 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00325632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00302552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00301520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00279040 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00271352 _____ C:\WINDOWS\system32\igfxCPL.cpl 2016-08-11 11:26 - 2016-08-11 11:26 - 00242152 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00239104 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00224768 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00209400 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4482.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00208376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00205352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00197064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00194496 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00193016 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00183368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00175056 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe 2016-08-11 11:26 - 2016-08-11 11:26 - 00173568 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00170792 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00170688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00141304 _____ C:\WINDOWS\SysWOW64\libEGL.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00123904 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00115200 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00112120 _____ C:\WINDOWS\SysWOW64\libGLESv2.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00107520 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00102912 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00101376 _____ C:\WINDOWS\SysWOW64\libGLESv1_CM.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00097280 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00055232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00052728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00029176 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00029176 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00027648 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00027640 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00022520 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00022520 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll 2016-08-11 11:26 - 2016-08-11 11:26 - 00012694 _____ C:\WINDOWS\system32\iglhxs64.vp 2016-08-09 21:42 - 2016-08-03 08:25 - 00953472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-09 21:42 - 2016-08-03 08:25 - 00365120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-08-09 21:42 - 2016-08-03 08:24 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-08-09 21:42 - 2016-08-03 08:24 - 01767008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-08-09 21:42 - 2016-08-03 08:24 - 01531368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-08-09 21:42 - 2016-08-03 08:24 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2016-08-09 21:42 - 2016-08-03 08:24 - 00439648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-09 21:42 - 2016-08-03 08:24 - 00046480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-09 21:42 - 2016-08-03 08:23 - 01895576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2016-08-09 21:42 - 2016-08-03 08:22 - 01811360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-08-09 21:42 - 2016-08-03 08:15 - 02881624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-09 21:42 - 2016-08-03 08:15 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-09 21:42 - 2016-08-03 08:15 - 00468832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-09 21:42 - 2016-08-03 08:15 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL 2016-08-09 21:42 - 2016-08-03 08:14 - 00565648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2016-08-09 21:42 - 2016-08-03 08:13 - 00065096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll 2016-08-09 21:42 - 2016-08-03 08:09 - 00185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 08016728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-09 21:42 - 2016-08-03 07:46 - 03467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 02816016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-08-09 21:42 - 2016-08-03 07:46 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 01951864 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 01563480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 01538168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 00632680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 00601336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-09 21:42 - 2016-08-03 07:46 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-09 21:42 - 2016-08-03 07:46 - 00432352 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-08-09 21:42 - 2016-08-03 07:46 - 00158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-09 21:42 - 2016-08-03 07:46 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-09 21:42 - 2016-08-03 07:44 - 02495776 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-08-09 21:42 - 2016-08-03 07:44 - 02429792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-08-09 21:42 - 2016-08-03 07:44 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2016-08-09 21:42 - 2016-08-03 07:44 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-08-09 21:42 - 2016-08-03 07:44 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2016-08-09 21:42 - 2016-08-03 07:44 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-08-09 21:42 - 2016-08-03 07:39 - 00660320 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-09 21:42 - 2016-08-03 07:38 - 06525424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2016-08-09 21:42 - 2016-08-03 07:38 - 03625928 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-09 21:42 - 2016-08-03 07:38 - 01134792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2016-08-09 21:42 - 2016-08-03 07:38 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-09 21:42 - 2016-08-03 07:38 - 00724168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2016-08-09 21:42 - 2016-08-03 07:38 - 00252760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2016-08-09 21:42 - 2016-08-03 07:38 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll 2016-08-09 21:42 - 2016-08-03 07:37 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-08-09 21:42 - 2016-08-03 07:33 - 00224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-08-09 21:42 - 2016-08-03 07:32 - 00983904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-08-09 21:42 - 2016-08-03 07:09 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-08-09 21:42 - 2016-08-03 07:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-09 21:42 - 2016-08-03 06:57 - 24604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-09 21:42 - 2016-08-03 06:57 - 21862912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-09 21:42 - 2016-08-03 06:57 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2016-08-09 21:42 - 2016-08-03 06:57 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-09 21:42 - 2016-08-03 06:55 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll 2016-08-09 21:42 - 2016-08-03 06:54 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-08-09 21:42 - 2016-08-03 06:53 - 13027328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-09 21:42 - 2016-08-03 06:53 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-08-09 21:42 - 2016-08-03 06:52 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-08-09 21:42 - 2016-08-03 06:51 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-08-09 21:42 - 2016-08-03 06:50 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-08-09 21:42 - 2016-08-03 06:49 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-08-09 21:42 - 2016-08-03 06:49 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2016-08-09 21:42 - 2016-08-03 06:49 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-09 21:42 - 2016-08-03 06:48 - 06788096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-09 21:42 - 2016-08-03 06:47 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-08-09 21:42 - 2016-08-03 06:47 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-08-09 21:42 - 2016-08-03 06:47 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll 2016-08-09 21:42 - 2016-08-03 06:47 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll 2016-08-09 21:42 - 2016-08-03 06:47 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2016-08-09 21:42 - 2016-08-03 06:46 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-09 21:42 - 2016-08-03 06:46 - 01416704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-09 21:42 - 2016-08-03 06:46 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2016-08-09 21:42 - 2016-08-03 06:46 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2016-08-09 21:42 - 2016-08-03 06:46 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-08-09 21:42 - 2016-08-03 06:46 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-08-09 21:42 - 2016-08-03 06:46 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll 2016-08-09 21:42 - 2016-08-03 06:45 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-09 21:42 - 2016-08-03 06:45 - 12514304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-09 21:42 - 2016-08-03 06:45 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-09 21:42 - 2016-08-03 06:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassvcs.dll 2016-08-09 21:42 - 2016-08-03 06:44 - 19337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-09 21:42 - 2016-08-03 06:44 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-08-09 21:42 - 2016-08-03 06:44 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2016-08-09 21:42 - 2016-08-03 06:44 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll 2016-08-09 21:42 - 2016-08-03 06:44 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2016-08-09 21:42 - 2016-08-03 06:44 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-08-09 21:42 - 2016-08-03 06:43 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-08-09 21:42 - 2016-08-03 06:43 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2016-08-09 21:42 - 2016-08-03 06:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2016-08-09 21:42 - 2016-08-03 06:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2016-08-09 21:42 - 2016-08-03 06:42 - 02839040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2016-08-09 21:42 - 2016-08-03 06:42 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-08-09 21:42 - 2016-08-03 06:42 - 02253824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2016-08-09 21:42 - 2016-08-03 06:42 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-09 21:42 - 2016-08-03 06:42 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll 2016-08-09 21:42 - 2016-08-03 06:41 - 04398592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-08-09 21:42 - 2016-08-03 06:41 - 03119104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-09 21:42 - 2016-08-03 06:41 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2016-08-09 21:42 - 2016-08-03 06:41 - 01686528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-09 21:42 - 2016-08-03 06:41 - 01606656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-09 21:42 - 2016-08-03 06:41 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2016-08-09 21:42 - 2016-08-03 06:40 - 05160960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-09 21:42 - 2016-08-03 06:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-08-09 21:42 - 2016-08-03 06:40 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-09 21:42 - 2016-08-03 06:40 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-08-09 21:42 - 2016-08-03 06:40 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-08-09 21:42 - 2016-08-03 06:40 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-08-09 21:42 - 2016-08-03 06:40 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-08-09 21:42 - 2016-08-03 06:39 - 05448704 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-08-09 21:42 - 2016-08-03 06:39 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2016-08-09 21:42 - 2016-08-03 06:39 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2016-08-09 21:42 - 2016-08-03 06:39 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-09 21:42 - 2016-08-03 06:39 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-08-09 21:42 - 2016-08-03 06:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-08-09 21:42 - 2016-08-03 06:39 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-09 21:42 - 2016-08-03 06:39 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll 2016-08-09 21:42 - 2016-08-03 06:39 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2016-08-09 21:42 - 2016-08-03 06:38 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-08-09 21:42 - 2016-08-03 06:38 - 03873280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-09 21:42 - 2016-08-03 06:38 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2016-08-09 21:42 - 2016-08-03 06:38 - 00819712 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe 2016-08-09 21:42 - 2016-08-03 06:38 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2016-08-09 21:42 - 2016-08-03 06:38 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2016-08-09 21:42 - 2016-08-03 06:38 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-09 21:42 - 2016-08-03 06:38 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-08-09 21:42 - 2016-08-03 06:37 - 04453888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2016-08-09 21:42 - 2016-08-03 06:37 - 04168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2016-08-09 21:42 - 2016-08-03 06:37 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2016-08-09 21:42 - 2016-08-03 06:37 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassvcs.dll 2016-08-09 21:42 - 2016-08-03 06:36 - 07524352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-09 21:42 - 2016-08-03 06:36 - 07502848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-09 21:42 - 2016-08-03 06:36 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2016-08-09 21:42 - 2016-08-03 06:36 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provcore.dll 2016-08-09 21:42 - 2016-08-03 06:36 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2016-08-09 21:42 - 2016-08-03 06:36 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2016-08-09 21:42 - 2016-08-03 06:36 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll 2016-08-09 21:42 - 2016-08-03 06:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2016-08-09 21:42 - 2016-08-03 06:35 - 18799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-09 21:42 - 2016-08-03 06:35 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-09 21:42 - 2016-08-03 06:35 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-09 21:42 - 2016-08-03 06:35 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-09 21:42 - 2016-08-03 06:35 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-09 21:42 - 2016-08-03 06:35 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2016-08-09 21:42 - 2016-08-03 06:35 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-08-09 21:42 - 2016-08-03 06:35 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2016-08-09 21:42 - 2016-08-03 06:35 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2016-08-09 21:42 - 2016-08-03 06:35 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2016-08-09 21:42 - 2016-08-03 06:35 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 01522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00763904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-08-09 21:42 - 2016-08-03 06:34 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 02198016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-09 21:42 - 2016-08-03 06:33 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-09 21:42 - 2016-08-03 06:33 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2016-08-09 21:42 - 2016-08-03 06:32 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-08-09 21:42 - 2016-08-03 06:32 - 01492992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-09 21:42 - 2016-08-03 06:32 - 00939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2016-08-09 21:42 - 2016-08-03 06:32 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-08-09 21:42 - 2016-08-03 06:32 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-09 21:42 - 2016-08-03 06:32 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-08-09 21:42 - 2016-08-03 06:32 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-08-09 21:42 - 2016-08-03 06:32 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-08-09 21:42 - 2016-08-03 06:31 - 05329408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2016-08-09 21:42 - 2016-08-03 06:31 - 01096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2016-08-09 21:42 - 2016-08-03 06:31 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll 2016-08-09 21:42 - 2016-08-03 06:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-08-09 21:42 - 2016-08-03 06:31 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-08-09 21:42 - 2016-08-03 06:30 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2016-08-09 21:42 - 2016-08-03 06:30 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe 2016-08-09 21:42 - 2016-08-03 06:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-09 21:42 - 2016-08-03 06:30 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgcore.dll 2016-08-09 21:42 - 2016-08-03 06:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-09 21:42 - 2016-08-03 06:29 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2016-08-09 21:42 - 2016-08-03 06:29 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2016-08-09 21:42 - 2016-08-03 06:28 - 03692032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2016-08-09 21:42 - 2016-08-03 06:28 - 03579392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-09 21:42 - 2016-08-03 06:27 - 11270656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-09 21:42 - 2016-08-03 06:27 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2016-08-09 21:42 - 2016-08-03 06:27 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2016-08-09 21:42 - 2016-08-03 06:26 - 06713856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-09 21:42 - 2016-08-03 06:26 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-09 21:42 - 2016-08-03 06:26 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-09 21:42 - 2016-08-03 06:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2016-08-09 21:42 - 2016-08-03 06:26 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2016-08-09 21:42 - 2016-08-03 06:26 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2016-08-09 21:42 - 2016-08-03 06:26 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2016-08-09 21:42 - 2016-08-03 06:25 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2016-08-09 21:42 - 2016-08-03 06:25 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2016-08-09 21:42 - 2016-08-03 06:25 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-08-09 21:42 - 2016-08-03 06:25 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll 2016-08-09 21:42 - 2016-08-03 06:25 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2016-08-09 21:42 - 2016-08-03 06:25 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-08-09 21:42 - 2016-08-03 06:25 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2016-08-09 21:42 - 2016-08-03 06:22 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-08-09 21:42 - 2016-08-03 06:21 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2016-08-09 21:42 - 2016-08-03 06:21 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll 2016-08-09 21:42 - 2016-08-03 06:21 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-08-09 21:42 - 2016-08-03 06:20 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgcore.dll 2016-08-04 19:07 - 2016-08-04 19:08 - 00056243 _____ C:\Users\OSHI\Desktop\RAPORT LIPIEC 2016.pdf 2016-07-30 10:47 - 2016-07-30 10:47 - 00000000 ____D C:\Users\OSHI\Desktop\Windows 10 Anniversary Wallpaper_pl-PL 2016-07-30 10:39 - 2016-07-30 10:45 - 00000000 ____D C:\Users\OSHI\AppData\Local\Comms 2016-07-26 18:17 - 2016-07-26 18:17 - 01868290 _____ C:\Users\OSHI\Desktop\desmume-0.9.11-win64.zip ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-08-16 06:31 - 2016-06-12 10:13 - 00814800 _____ C:\WINDOWS\system32\perfh015.dat 2016-08-16 06:31 - 2016-06-12 10:13 - 00156796 _____ C:\WINDOWS\system32\perfc015.dat 2016-08-16 06:31 - 2016-06-12 10:10 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-16 06:31 - 2016-06-12 10:10 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-16 06:31 - 2016-06-12 10:09 - 00000000 ____D C:\WINDOWS\INF 2016-08-16 06:31 - 2015-07-16 17:54 - 01839522 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-08-16 06:28 - 2016-05-11 17:00 - 00000000 ___RD C:\Users\OSHI\OneDrive 2016-08-16 06:28 - 2016-05-11 16:58 - 00000000 __SHD C:\Users\OSHI\IntelGraphicsProfiles 2016-08-15 22:24 - 2016-06-13 20:07 - 00000000 ____D C:\Users\OSHI\AppData\Roaming\TS3Client 2016-08-15 17:13 - 2016-06-12 09:40 - 00000000 ____D C:\Users\OSHI\AppData\Roaming\uTorrent 2016-08-15 16:04 - 2016-06-12 18:33 - 00000000 ____D C:\Users\OSHI\AppData\Local\CrashDumps 2016-08-15 12:45 - 2016-05-12 11:49 - 00001163 _____ C:\Users\OSHI\Desktop\fifa15 — skrót .lnk 2016-08-15 10:21 - 2016-06-12 00:56 - 00000000 ____D C:\Users\OSHI\AppData\Local\Google 2016-08-15 10:21 - 2016-06-12 00:56 - 00000000 ____D C:\Program Files (x86)\Google 2016-08-15 10:17 - 2016-06-12 19:15 - 00000000 ____D C:\Users\OSHI\AppData\Local\ElevatedDiagnostics 2016-08-15 10:01 - 2016-06-12 10:03 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-08-15 10:01 - 2016-06-12 07:39 - 00000000 ____D C:\ProgramData\NVIDIA 2016-08-15 10:01 - 2016-06-12 00:27 - 00000000 ____D C:\Users\OSHI 2016-08-15 10:01 - 2016-06-12 00:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-15 09:10 - 2016-05-19 01:17 - 00000000 ____D C:\AdwCleaner 2016-08-14 22:02 - 2016-06-12 00:33 - 00000000 ____D C:\Users\OSHI\AppData\Local\Packages 2016-08-14 20:39 - 2015-07-10 13:00 - 00680256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2016-08-14 10:45 - 2016-06-12 10:16 - 00000000 ____D C:\Windows.old 2016-08-11 19:44 - 2016-06-12 10:10 - 00000000 ____D C:\WINDOWS\rescache 2016-08-11 13:44 - 2015-12-05 14:59 - 00000000 ____D C:\ProgramData\Lenovo 2016-08-11 11:27 - 2015-12-05 15:41 - 00000000 ___HD C:\Intel 2016-08-11 11:26 - 2016-06-12 06:48 - 54038552 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll 2016-08-11 11:26 - 2016-06-12 06:48 - 16692632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll 2016-08-11 11:26 - 2016-06-12 00:18 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-08-11 11:26 - 2016-06-12 00:18 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-08-11 11:26 - 2015-09-23 07:44 - 02008064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll 2016-08-11 11:26 - 2015-09-23 07:43 - 47841240 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll 2016-08-11 11:26 - 2015-09-23 07:43 - 20360112 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll 2016-08-11 11:26 - 2015-09-23 07:43 - 19560984 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll 2016-08-11 11:26 - 2015-09-23 07:43 - 10525136 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys 2016-08-11 11:26 - 2015-09-23 07:43 - 00924664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll 2016-08-11 11:26 - 2015-09-23 07:43 - 00523216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe 2016-08-11 11:26 - 2015-09-23 07:43 - 00395776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll 2016-08-11 11:26 - 2015-09-23 07:43 - 00341968 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe 2016-08-10 14:14 - 2016-06-12 10:10 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-10 14:14 - 2016-06-12 10:10 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2016-08-10 14:14 - 2016-06-12 10:10 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-08-10 14:14 - 2016-06-12 10:10 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-08-10 14:14 - 2016-06-12 10:10 - 00000000 ____D C:\Program Files\Windows Defender 2016-08-10 14:14 - 2016-06-12 10:10 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-08-10 07:06 - 2016-06-12 10:06 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-10 07:06 - 2016-06-12 01:07 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 07:03 - 2016-06-12 10:10 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-10 07:03 - 2016-06-12 01:07 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-05 21:23 - 2016-06-12 10:10 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-08-04 19:08 - 2016-07-03 07:43 - 00025763 _____ C:\Users\OSHI\Desktop\RAPORT LIPIEC 2016.odt 2016-08-03 08:45 - 2016-06-12 00:20 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-08-02 18:19 - 2015-12-05 14:46 - 00000000 ____D C:\Program Files\Lenovo 2016-08-02 18:19 - 2015-12-05 14:42 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-07-27 21:25 - 2016-06-12 01:11 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-07-26 18:32 - 2016-05-12 11:40 - 00000000 ____D C:\Users\OSHI\Desktop\z kompa 2016-07-26 18:31 - 2016-05-12 11:40 - 00000000 ____D C:\Users\OSHI\Desktop\pokemon 2016-07-25 18:08 - 2016-06-12 00:49 - 00000000 ____D C:\Users\OSHI\AppData\Local\Lenovo 2016-07-24 16:09 - 2016-06-12 12:52 - 00000000 ____D C:\Users\OSHI\Documents\The Witcher 3 2016-07-24 07:10 - 2016-07-12 13:02 - 00000000 ____D C:\ProgramData\Sony Mobile 2016-07-24 07:10 - 2016-07-12 13:02 - 00000000 ____D C:\Program Files (x86)\Sony Mobile 2016-07-24 07:10 - 2016-07-12 13:00 - 00000000 ____D C:\Program Files (x86)\Sony 2016-07-24 07:10 - 2016-06-12 00:20 - 00000000 ____D C:\ProgramData\Package Cache 2016-07-21 20:49 - 2016-06-13 20:52 - 00000023 _____ C:\Users\OSHI\Desktop\583485518.txt 2016-07-18 20:31 - 2016-06-13 20:06 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client ==================== Pliki w katalogu głównym wybranych folderów ======= 2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\OSHI\AppData\Roaming\AdbWinApi.dll 2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\OSHI\AppData\Roaming\AdbWinUsbApi.dll 2016-08-14 18:33 - 2016-08-14 18:33 - 7118336 _____ () C:\Users\OSHI\AppData\Roaming\agent.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 0054272 _____ () C:\Users\OSHI\AppData\Roaming\ApplicationHosting.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 0072703 _____ () C:\Users\OSHI\AppData\Roaming\BamHold.tst 2016-08-14 18:33 - 2016-08-14 18:33 - 0070704 _____ () C:\Users\OSHI\AppData\Roaming\Config.xml 2016-08-14 18:33 - 2016-08-14 18:33 - 0188578 _____ () C:\Users\OSHI\AppData\Roaming\Donfax.bin 2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\OSHI\AppData\Roaming\EYapp.apk 2016-06-14 12:28 - 2016-06-14 12:28 - 0000000 _____ () C:\Users\OSHI\AppData\Roaming\fastboot.log 2016-08-14 18:32 - 2016-08-14 18:34 - 0020016 _____ () C:\Users\OSHI\AppData\Roaming\InstallationConfiguration.xml 2016-08-14 18:32 - 2016-08-14 18:32 - 0138240 _____ () C:\Users\OSHI\AppData\Roaming\Installer.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 0126464 _____ () C:\Users\OSHI\AppData\Roaming\lobby.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 0018432 _____ () C:\Users\OSHI\AppData\Roaming\Main.dat 2016-08-14 18:33 - 2016-08-14 18:33 - 0005568 _____ () C:\Users\OSHI\AppData\Roaming\md.xml 2016-08-14 18:33 - 2016-08-14 18:33 - 0126464 _____ () C:\Users\OSHI\AppData\Roaming\noah.dat 2016-08-14 18:32 - 2016-08-14 18:32 - 0848437 _____ () C:\Users\OSHI\AppData\Roaming\Toughair.bin 2016-08-14 18:33 - 2016-08-14 18:33 - 1899844 _____ () C:\Users\OSHI\AppData\Roaming\Trueantough.tst 2016-08-14 18:33 - 2016-08-14 18:33 - 0032038 _____ () C:\Users\OSHI\AppData\Roaming\uninstall_temp.ico 2016-08-14 18:33 - 2016-08-14 18:33 - 2279413 _____ () C:\Users\OSHI\AppData\Roaming\ZummaDax.bin 2016-06-12 00:19 - 2016-06-12 00:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-06-12 00:19 - 2016-06-12 00:19 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc Niektóre pliki w TEMP: ==================== C:\Users\OSHI\AppData\Local\temp\21IAHLVM87.exe C:\Users\OSHI\AppData\Local\temp\360net.dll C:\Users\OSHI\AppData\Local\temp\360NetBase.dll C:\Users\OSHI\AppData\Local\temp\360NetBase64.dll C:\Users\OSHI\AppData\Local\temp\360NetUL.dll C:\Users\OSHI\AppData\Local\temp\5E81.tmp.exe C:\Users\OSHI\AppData\Local\temp\707ZZM0SCQ.exe C:\Users\OSHI\AppData\Local\temp\A73A.tmp.exe C:\Users\OSHI\AppData\Local\temp\CNK2IZ3ZIL.exe C:\Users\OSHI\AppData\Local\temp\DWN0YC77DG.exe C:\Users\OSHI\AppData\Local\temp\EF97.tmp.exe C:\Users\OSHI\AppData\Local\temp\FMO10E9ZB9.exe C:\Users\OSHI\AppData\Local\temp\GKR9XY3JF6.exe C:\Users\OSHI\AppData\Local\temp\H3ZKG52C0U.exe C:\Users\OSHI\AppData\Local\temp\K5GBD37P1U.exe C:\Users\OSHI\AppData\Local\temp\nvSCPAPI.dll C:\Users\OSHI\AppData\Local\temp\nvStInst.exe C:\Users\OSHI\AppData\Local\temp\sqlite3.exe C:\Users\OSHI\AppData\Local\temp\T3LD22RBJW.exe C:\Users\OSHI\AppData\Local\temp\xcs7D23.tmp.exe C:\Users\OSHI\AppData\Local\temp\ZC4Z6CTLBC.exe C:\Users\OSHI\AppData\Local\temp\ZOSU9OAH7A.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-08-10 07:03 ==================== Koniec FRST.txt ============================