Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-05-2017 Uruchomiony przez Krystian (administrator) DESKTOP-A9PAOBI (30-05-2017 16:41:49) Uruchomiony z C:\Users\alleg\Downloads Załadowane profile: Krystian (Dostępne profile: defaultuser0 & Krystian) Platform: Windows 10 Pro Wersja 1703 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Users\alleg\AppData\Local\geckof\geckof.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKU\S-1-5-21-3476149708-2475396855-3158576033-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation) HKU\S-1-5-21-3476149708-2475396855-3158576033-1001\...\Run: [iaenkrjqzc] => explorer "hxxp://godnivo.ru/?utm_source=uoua03&utm_content=8038344158c211110a96efd12e09c685&utm_term=EDC026C292F4527E060CB5319A9B6AB9&utm_d=20170529" <===== UWAGA ShellIconOverlayIdentifiers: [TortoiseOverlay] -> {CBF88FC2-F150-4F29-BC80-CE30EFD1B62C} => C:\Users\alleg\AppData\Roaming\Tortoise\TortoiseOverlay.dll [2017-05-30] () GroupPolicy: Ograniczenia <======= UWAGA GroupPolicy\User: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{12c4376c-83ce-4811-b22a-40c2cc1f395b}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{68af7503-8bd6-4412-95bc-c95a4af09cdf}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{b56d0a06-89f0-43f4-bf93-3bb4f20f3a2e}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{ebcb65a5-77ba-42c8-b7c8-29fea1c28aec}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKU\S-1-5-21-3476149708-2475396855-3158576033-1001\Software\Microsoft\Internet Explorer\Main,Start Page = SearchScopes: HKLM -> DefaultScope - brak wartości SearchScopes: HKU\S-1-5-21-3476149708-2475396855-3158576033-1001 -> DefaultScope {089680CB-B4FB-4165-90C8-65A5916A5A35} URL = hxxp://pelyena.ru/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3476149708-2475396855-3158576033-1001 -> {089680CB-B4FB-4165-90C8-65A5916A5A35} URL = hxxp://pelyena.ru/search?q={searchTerms} FireFox: ======== FF DefaultProfile: kxkb3bn7.default FF ProfilePath: C:\Users\alleg\AppData\Roaming\Mozilla\Firefox\Profiles\kxkb3bn7.default [2017-05-30] FF Homepage: Mozilla\Firefox\Profiles\kxkb3bn7.default -> www.Google.pl FF Keyword.URL: Mozilla\Firefox\Profiles\kxkb3bn7.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7BD3740D48-A79D-4D7D-A763-B93610C62736%7D&gp=811010 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-27] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-27] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2015-09-23] () R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 MpKsl459a9feb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{93651866-D66C-4353-8284-79C25C52BCDD}\MpKsl459a9feb.sys [44928 2017-05-30] (Microsoft Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-05-24] (Zemana Ltd.) S0 .ZAM_EarlyBoot; system32\drivers\zam64.sys [X] S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-30 16:41 - 2017-05-30 16:42 - 00007329 _____ C:\Users\alleg\Downloads\FRST.txt 2017-05-30 16:40 - 2017-05-30 16:40 - 00000000 ____D C:\Users\alleg\Downloads\Nowy folder 2017-05-30 16:29 - 2017-05-30 16:36 - 00000000 ____D C:\AdwCleaner 2017-05-30 15:23 - 2017-05-30 16:41 - 00000000 ____D C:\FRST 2017-05-30 15:22 - 2017-05-30 15:22 - 02429952 _____ (Farbar) C:\Users\alleg\Downloads\FRST64.exe 2017-05-30 13:50 - 2017-05-30 16:35 - 00000000 ____D C:\Users\alleg\AppData\Local\geckof 2017-05-30 13:50 - 2017-05-30 13:50 - 00055080 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\geckof.sys 2017-05-30 13:50 - 2017-05-30 13:50 - 00003670 _____ C:\WINDOWS\System32\Tasks\geckof 2017-05-30 12:47 - 2017-05-30 12:47 - 00000000 ____D C:\Users\alleg\AppData\Roaming\Tortoise 2017-05-30 05:22 - 2017-05-30 05:22 - 00000000 ____D C:\Users\alleg\AppData\Local\Chromium 2017-05-30 02:51 - 2017-05-30 15:23 - 00000000 ____D C:\Users\alleg\AppData\Local\NetBoxLogs 2017-05-29 20:59 - 2017-05-30 13:26 - 00003646 _____ C:\WINDOWS\System32\Tasks\svshost 2017-05-29 07:49 - 2017-05-29 07:49 - 00000233 _____ C:\Users\alleg\Desktop\Far Cry 4.url 2017-05-29 07:49 - 2017-05-29 07:49 - 00000233 _____ C:\Users\alleg\Desktop\Far Cry 4 Map Editor.url 2017-05-29 07:40 - 2017-05-29 07:40 - 00000000 ___HD C:\OneDriveTemp 2017-05-29 04:57 - 2017-05-29 04:57 - 00000000 ____D C:\Users\alleg\AppData\Local\DBG 2017-05-27 02:08 - 2017-05-27 02:08 - 00000000 ____D C:\Windows.old 2017-05-27 02:07 - 2017-05-27 02:07 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 21352176 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 20505088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 19334656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 08320928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02651136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-05-27 02:07 - 2017-05-27 02:07 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-05-27 02:07 - 2017-05-27 02:07 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2017-05-27 02:07 - 2017-05-27 02:07 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-05-27 02:07 - 2017-05-27 02:07 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-05-27 02:07 - 2017-05-27 02:07 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-05-27 02:07 - 2017-05-27 02:07 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2017-05-27 02:07 - 2017-05-27 02:07 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2017-05-27 02:07 - 2017-05-27 02:07 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-05-27 02:07 - 2017-05-27 02:07 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys 2017-05-27 02:07 - 2017-05-27 02:07 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-05-27 02:07 - 2017-05-27 02:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe 2017-05-27 02:07 - 2017-05-27 02:07 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys 2017-05-27 02:03 - 2017-05-27 02:03 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2017-05-27 02:03 - 2017-05-27 01:11 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-05-27 02:02 - 2017-05-27 02:02 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-05-27 01:29 - 2017-05-27 01:29 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2017-05-27 01:27 - 2017-05-27 01:27 - 00000020 ___SH C:\Users\alleg\ntuser.ini 2017-05-27 01:27 - 2017-05-27 01:27 - 00000000 ____D C:\ProgramData\USOShared 2017-05-27 01:25 - 2017-05-27 01:25 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2017-05-27 01:25 - 2017-05-27 01:25 - 00011433 _____ C:\WINDOWS\diagerr.xml 2017-05-27 01:24 - 2017-05-30 16:38 - 01959286 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-05-27 01:21 - 2017-05-30 16:39 - 00004232 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D62185B1-2286-49C4-8DCA-FA54F025F5EC} 2017-05-27 01:21 - 2017-05-30 16:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-05-27 01:21 - 2017-05-30 12:42 - 00003300 __RSH C:\WINDOWS\System32\Tasks\MSI 2017-05-27 01:21 - 2017-05-27 01:30 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-05-27 01:21 - 2017-05-27 01:21 - 00023044 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-05-27 01:17 - 2017-05-27 01:17 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-05-27 01:16 - 2017-05-27 01:17 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-05-27 01:14 - 2017-05-30 16:31 - 00000000 ____D C:\Users\alleg 2017-05-27 01:14 - 2017-05-27 01:21 - 00000000 ____D C:\Users\defaultuser0 2017-05-27 01:14 - 2017-05-27 01:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\defaultuser0\Ustawienia lokalne 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\defaultuser0\Szablony 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\defaultuser0\Moje dokumenty 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\defaultuser0\Menu Start 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\defaultuser0\Dane aplikacji 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Local\Historia 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Local\Dane aplikacji 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\alleg\Ustawienia lokalne 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\alleg\Szablony 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\alleg\Moje dokumenty 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\alleg\Menu Start 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\alleg\Dane aplikacji 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\alleg\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\alleg\AppData\Local\Historia 2017-05-27 01:14 - 2017-05-27 01:14 - 00000000 _SHDL C:\Users\alleg\AppData\Local\Dane aplikacji 2017-05-27 01:14 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-05-27 01:14 - 2016-12-29 14:44 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-05-27 01:14 - 2016-12-29 14:44 - 02477624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-05-27 01:14 - 2016-12-29 14:44 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-05-27 01:14 - 2016-12-29 14:44 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-05-27 01:14 - 2016-12-29 14:44 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-05-27 01:14 - 2016-12-29 14:44 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-05-27 01:14 - 2016-12-29 14:44 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-05-27 01:14 - 2016-12-19 09:26 - 07651057 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-05-27 01:13 - 2017-05-27 01:16 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-05-27 01:13 - 2017-05-27 01:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-05-27 01:11 - 2017-05-30 16:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-05-27 01:11 - 2017-05-27 01:18 - 00217904 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-05-27 00:14 - 2017-05-27 00:14 - 00000000 ____D C:\Users\alleg\OneDrive\Dokumenty\WB Games 2017-05-27 00:12 - 2017-05-27 00:12 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-26 23:22 - 2017-05-27 01:27 - 00000000 ___DC C:\WINDOWS\Panther 2017-05-25 22:03 - 2017-05-29 04:25 - 00000000 ____D C:\Program Files\UNP 2017-05-24 23:01 - 2017-05-24 23:01 - 00001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-05-24 23:01 - 2017-05-24 23:01 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-05-24 22:41 - 2017-05-30 16:42 - 00033460 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2017-05-24 22:41 - 2017-05-29 07:41 - 00042993 _____ C:\WINDOWS\ZAM.krnl.trace 2017-05-24 22:41 - 2017-05-24 22:41 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2017-05-24 22:41 - 2017-05-24 22:41 - 00000000 ____D C:\Users\alleg\AppData\Local\Zemana 2017-05-24 22:33 - 2017-05-27 01:16 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2017-05-24 21:11 - 2017-05-24 21:11 - 00000000 ____D C:\Users\alleg\AppData\Local\PeerDistRepub 2017-05-24 20:39 - 2017-05-30 16:35 - 00000000 ____D C:\Users\alleg\AppData\Local\svshost 2017-05-24 20:16 - 2017-05-24 20:20 - 00000000 ____D C:\WINDOWS\CSC 2017-05-24 19:47 - 2017-05-24 19:47 - 00000222 _____ C:\Users\alleg\Desktop\Mad Max.url 2017-05-24 17:51 - 2017-05-24 17:51 - 00000219 _____ C:\Users\alleg\Desktop\Counter-Strike Global Offensive.url 2017-05-23 21:05 - 2017-05-23 21:05 - 00000218 _____ C:\Users\alleg\Desktop\Counter-Strike.url 2017-05-22 18:38 - 2017-05-30 16:38 - 00000000 ____D C:\Program Files (x86)\Steam 2017-05-22 18:38 - 2017-05-27 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2017-05-22 18:38 - 2017-05-22 18:38 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk 2017-05-12 18:37 - 2017-05-12 18:37 - 00000000 ____D C:\Users\alleg\AppData\Local\UNP 2017-05-10 18:00 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-05-04 09:20 - 2017-05-04 09:20 - 00000000 ____D C:\Users\alleg\OneDrive\Dokumenty\Rockstar Games 2017-05-01 08:50 - 2017-05-01 08:50 - 00001653 _____ C:\Users\alleg\Desktop\GTA 5.lnk 2017-04-30 12:52 - 2017-04-30 12:52 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2017-04-30 12:51 - 2017-04-30 12:51 - 00000000 ____D C:\Program Files\Rockstar Games 2017-04-30 08:44 - 2017-04-30 08:44 - 00000000 ____D C:\Users\alleg\AppData\Local\Rockstar Games 2017-04-30 08:44 - 2017-04-30 08:44 - 00000000 ____D C:\ProgramData\Steam 2017-04-30 08:44 - 2017-04-30 08:44 - 00000000 ____D C:\ProgramData\Socialclub 2017-04-30 00:16 - 2017-05-27 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-30 16:38 - 2017-04-02 10:26 - 00000000 ____D C:\Users\alleg\AppData\LocalLow\Mozilla 2017-05-30 16:38 - 2017-03-20 05:58 - 00882314 _____ C:\WINDOWS\system32\perfh015.dat 2017-05-30 16:38 - 2017-03-20 05:58 - 00180568 _____ C:\WINDOWS\system32\perfc015.dat 2017-05-30 16:33 - 2017-04-01 21:32 - 00000000 ___RD C:\Users\alleg\OneDrive 2017-05-30 16:32 - 2017-04-01 21:43 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-30 16:31 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-05-30 15:35 - 2017-04-02 11:05 - 00000000 ____D C:\Users\alleg\AppData\Local\Ubisoft Game Launcher 2017-05-29 04:42 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF 2017-05-29 04:36 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-05-29 04:33 - 2017-04-01 21:30 - 00000000 ____D C:\Users\alleg\AppData\Local\ConnectedDevicesPlatform 2017-05-27 20:53 - 2017-04-01 21:30 - 00000000 ____D C:\Users\alleg\AppData\Local\VirtualStore 2017-05-27 11:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat 2017-05-27 11:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-05-27 03:28 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-05-27 02:11 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-05-27 02:08 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-05-27 02:08 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-05-27 02:08 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism 2017-05-27 02:01 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps 2017-05-27 02:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-05-27 01:44 - 2017-04-01 21:30 - 00000000 ____D C:\Users\alleg\AppData\Local\Packages 2017-05-27 01:30 - 2017-04-01 21:32 - 00002411 _____ C:\Users\alleg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-05-27 01:27 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-05-27 01:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache 2017-05-27 01:27 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate 2017-05-27 01:27 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT 2017-05-27 01:27 - 2016-11-21 11:19 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-05-27 01:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-05-27 01:26 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-05-27 01:24 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration 2017-05-27 01:22 - 2017-03-20 06:00 - 00000000 ____D C:\WINDOWS\HoloShell 2017-05-27 01:21 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries 2017-05-27 01:21 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-27 01:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-05-27 01:17 - 2017-04-24 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2017-05-27 01:17 - 2017-04-01 21:42 - 00000000 ____D C:\Users\alleg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-05-27 01:17 - 2017-04-01 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-05-27 01:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-05-27 01:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-05-27 01:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool 2017-05-27 01:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-05-27 01:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-05-27 01:16 - 2017-04-01 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-05-27 01:16 - 2017-04-01 21:28 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages 2017-05-27 01:16 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-05-27 01:15 - 2017-04-02 11:05 - 00000000 ____D C:\Users\alleg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2017-05-27 01:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help 2017-05-27 01:14 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-05-27 00:48 - 2017-03-20 06:23 - 00000000 ___HD C:\$WINDOWS.~BT 2017-05-24 22:53 - 2017-04-01 21:44 - 00000000 ____D C:\Users\alleg\AppData\Local\CrashDumps 2017-05-24 20:13 - 2016-07-16 13:43 - 00291680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.exe 2017-05-24 20:12 - 2016-07-16 13:43 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeSubscription.exe 2017-05-23 22:07 - 2017-04-21 20:02 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-05-23 22:06 - 2017-04-21 20:02 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-05-23 20:49 - 2017-04-21 19:28 - 00000000 ____D C:\Users\alleg\AppData\Local\ElevatedDiagnostics 2017-05-01 08:49 - 2017-04-29 23:01 - 00000000 ____D C:\Program Files (x86)\Grand Theft Auto V ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-05-24 20:36 - 2017-05-24 20:36 - 1930232 __RSH () C:\Users\alleg\AppData\Roaming\Microsoft\msi.exe Niektóre pliki w TEMP: ==================== 2017-05-30 13:24 - 2017-05-30 13:27 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\087pijESU9hC.exe 2017-05-29 20:42 - 2017-05-29 20:49 - 2584280 _____ () C:\Users\alleg\AppData\Local\Temp\0gJr40y76Smm.exe 2017-05-30 13:23 - 2017-05-30 13:23 - 1930232 ____N () C:\Users\alleg\AppData\Local\Temp\14rgwF7Z53Ts.exe 2017-05-30 13:59 - 2017-05-30 13:26 - 0918552 _____ () C:\Users\alleg\AppData\Local\Temp\186D.tmp.exe 2017-05-29 04:48 - 2017-05-29 04:48 - 1930232 _____ () C:\Users\alleg\AppData\Local\Temp\1afEW5gXc6VJ.exe 2017-05-29 20:50 - 2017-05-29 20:52 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\1fDtZSExb0cQ.exe 2017-05-30 12:57 - 2017-05-30 13:00 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\2hIn6uNfisu8.exe 2017-05-30 12:44 - 2017-05-30 13:20 - 0918551 _____ () C:\Users\alleg\AppData\Local\Temp\2Zckw5Z5PrO0.exe 2017-05-29 20:59 - 2017-05-29 20:59 - 0898072 _____ () C:\Users\alleg\AppData\Local\Temp\4345.tmp.exe 2017-05-30 14:32 - 2017-05-30 13:26 - 0918552 _____ () C:\Users\alleg\AppData\Local\Temp\4D85.tmp.exe 2017-05-29 06:57 - 2017-05-29 06:23 - 0906264 _____ () C:\Users\alleg\AppData\Local\Temp\5EB3.tmp.exe 2017-05-30 13:10 - 2017-05-30 13:13 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\5olRDJ2nxnJE.exe 2017-05-30 13:20 - 2017-05-30 13:23 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\5xARm2wLlYG7.exe 2017-05-30 02:51 - 2017-05-30 02:51 - 64938720 ____N (Kometa LCC) C:\Users\alleg\AppData\Local\Temp\5Yym8Uzfpt0Q.exe 2017-05-29 21:32 - 2017-05-29 20:59 - 0898072 _____ () C:\Users\alleg\AppData\Local\Temp\7485.tmp.exe 2017-05-30 12:52 - 2017-05-30 12:55 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\7sDwLriJsTvy.exe 2017-05-30 15:05 - 2017-05-30 13:26 - 0918552 _____ () C:\Users\alleg\AppData\Local\Temp\83A7.tmp.exe 2017-05-29 20:48 - 2017-05-29 20:51 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\9cNp3fZjO7XS.exe 2017-05-29 04:46 - 2017-05-29 04:44 - 0893976 _____ () C:\Users\alleg\AppData\Local\Temp\A55D.tmp.exe 2017-05-30 13:06 - 2017-05-30 13:09 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\aM3Ec5yTa9Lk.exe 2017-05-30 12:50 - 2017-05-30 12:52 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\APKLj3W41oMj.exe 2017-05-30 12:52 - 2017-05-30 12:55 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\avfJosu6o938.exe 2017-05-30 16:35 - 2017-05-30 16:34 - 0898072 _____ () C:\Users\alleg\AppData\Local\Temp\B3C.tmp.exe 2017-05-29 05:18 - 2017-05-29 04:44 - 0893976 _____ () C:\Users\alleg\AppData\Local\Temp\BB83.tmp.exe 2017-05-30 12:51 - 2017-05-30 12:54 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\C6yEJ8tVXC1X.exe 2017-05-30 13:02 - 2017-05-30 13:04 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\Ce9LbijNMSDk.exe 2017-05-30 13:26 - 2017-05-30 13:26 - 0918552 _____ () C:\Users\alleg\AppData\Local\Temp\E356.tmp.exe 2017-05-30 13:16 - 2017-05-30 13:18 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\EELr5gQuylZz.exe 2017-05-29 21:40 - 2017-05-29 21:40 - 1930232 ____N () C:\Users\alleg\AppData\Local\Temp\Ezc4BOfDSl1M.exe 2017-05-30 12:52 - 2017-05-30 12:54 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\ezJ3CpOLUXqH.exe 2017-05-29 05:51 - 2017-05-29 05:21 - 0898072 _____ () C:\Users\alleg\AppData\Local\Temp\F260.tmp.exe 2017-05-29 20:53 - 2017-05-29 20:55 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\fKqVWKmVXm8A.exe 2017-05-29 20:53 - 2017-05-29 20:55 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\ibeQGoTZrUkX.exe 2017-05-30 13:20 - 2017-05-30 13:22 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\IG4X8Ej2PAOV.exe 2017-05-29 04:42 - 2017-05-29 04:42 - 2584280 _____ () C:\Users\alleg\AppData\Local\Temp\JtiVDxvn8IGj.exe 2017-05-30 13:08 - 2017-05-30 13:11 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\LgJIEkcyGlrX.exe 2017-05-30 12:48 - 2017-05-30 12:50 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\Lk6ADvV106io.exe 2017-05-29 04:42 - 2017-05-29 20:50 - 0193200 _____ () C:\Users\alleg\AppData\Local\Temp\MailRuUpdater.exe 2017-05-30 12:48 - 2017-05-30 13:20 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\NMdIE81Cockn.exe 2017-05-30 12:53 - 2017-05-30 12:55 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\OcwbhdPpJaei.exe 2017-05-29 21:01 - 2017-05-29 21:01 - 1930232 _____ () C:\Users\alleg\AppData\Local\Temp\PJNBQHXfOYXd.exe 2017-05-30 13:11 - 2017-05-30 13:14 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\rFV0JHaJg7h9.exe 2017-05-30 12:50 - 2017-05-30 12:53 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\Rlhea5NZDai5.exe 2017-05-30 12:54 - 2017-05-30 12:57 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\tGeSJITaBOO5.exe 2017-05-30 13:13 - 2017-05-30 13:15 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\tHMS8FeAi4nH.exe 2017-05-29 04:44 - 2017-05-29 04:44 - 1930232 _____ () C:\Users\alleg\AppData\Local\Temp\twQc1zQVvX9K.exe 2017-05-30 12:47 - 2017-05-30 13:08 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\vCdSfISbNxB0.exe 2017-05-30 13:07 - 2017-05-30 13:09 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\x8MXt8c6Bo0j.exe 2017-05-30 12:43 - 2017-05-30 13:06 - 0000000 _____ () C:\Users\alleg\AppData\Local\Temp\xl6oeFhSleqP.exe 2017-05-30 13:25 - 2017-05-30 13:25 - 1930232 ____N () C:\Users\alleg\AppData\Local\Temp\yfVQtRzw0Yrp.exe 2017-05-30 15:23 - 2017-05-30 15:23 - 64938720 ____N (Kometa LCC) C:\Users\alleg\AppData\Local\Temp\zwqOgUsoWWuz.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-05-27 01:11 ==================== Koniec FRST.txt ============================