Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Ran by Wojtelllo (administrator) on KOMPUTERIUSZ (06-04-2017 18:00:02) Running from C:\Users\Wojtelllo\Downloads Loaded Profiles: Wojtelllo (Available Profiles: Wojtelllo & Administrator) Platform: Windows 8.1 (Update) (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\ProgramData\MobileBrServ\mbbService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe () C:\Program Files (x86)\Wi-Fi\WiFiGxSvc.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe (© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe () C:\ProgramData\PLAY INTERNET\OnlineUpdate\ouc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalsystray.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe (Lenovo) C:\Users\Wojtelllo\AppData\Local\Apps\2.0\3NQBPTJT.W9O\WETVBAA7.9WJ\lsb...tion_91a10ba61c75c82d_0001.0004_53146ffb7155a994\LSB.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\unins000.exe () C:\Users\Wojtelllo\AppData\Local\Temp\_iu14D2N.tmp (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-09-02] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-09-02] (Lenovo(beijing) Limited) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-07-29] (Bitdefender) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2986224 2013-06-20] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.) HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28065728 2017-03-21] (Dropbox, Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [454248 2013-08-02] (CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-03-11] (CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2765256 2015-04-27] (ALLPlayer Group Ltd.) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe [5182896 2014-07-23] (ALLPlayer Group Ltd.) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [Agent Portfela Bitdefender] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-07-29] (Bitdefender) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-14] (Valve Corporation) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3709896 2015-11-04] (Napisy24.pl) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [Napisy24.pl] => C:\Program Files (x86)\Napisy24\Napisy24.exe [5511112 2015-11-04] (Napisy24.pl) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [Gaijin.Net Agent] => C:\Users\Wojtelllo\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [1798664 2016-12-29] () HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10431176 2017-01-20] (FreeDownloadManager.org) HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\MountPoints2: {6b5ab849-8710-11e5-be90-806e6f6e6963} - "E:\LoaderPrawkoS.exe" HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\...\MountPoints2: {bf64bf0a-6592-11e6-bec9-0c54a5142d6d} - "G:\Setup.exe" HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Wojtelllo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Wojtelllo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Wojtelllo\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Wojtelllo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Wojtelllo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Wojtelllo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-09-02] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-10-10] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Wojtelllo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-02-29] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Wojtelllo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2016-08-05] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [S-1-5-21-1181477252-4154694367-2884869693-1002] => http=;ftp=;https=; Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 153.19.1.254 153.19.250.100 Tcpip\..\Interfaces\{3C9C5894-8436-4F46-8303-6C3254A5CF5D}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{91B15D13-2A3C-4943-9FB4-BE9B876B84EC}: [DhcpNameServer] 153.19.1.254 153.19.250.100 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1181477252-4154694367-2884869693-1002 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1181477252-4154694367-2884869693-1002 -> {6AF4F022-DE97-4052-8E0D-EE16E324E4A4} URL = SearchScopes: HKU\S-1-5-21-1181477252-4154694367-2884869693-1002 -> {FFCA5D91-2573-4154-9A85-75741F8F55EF} URL = hxxps://it.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-06] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-06] (Microsoft Corporation) BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-20] (Oracle Corporation) BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-20] (Oracle Corporation) Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-29] (Bitdefender) Toolbar: HKLM-x32 - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-07-29] (Bitdefender) Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-06] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-06] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-06] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-06] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: gn4vgo72.default FF ProfilePath: C:\Users\Wojtelllo\AppData\Roaming\Mozilla\Firefox\Profiles\gn4vgo72.default [2017-04-06] FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-06] [not signed] FF HKLM\...\Firefox\Extensions: [pdf_architect_5_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 5\resources\pdfarchitect5firefoxextension FF Extension: (PDF Architect 5 Creator) - C:\Program Files\PDF Architect 5\resources\pdfarchitect5firefoxextension [2017-02-17] [not signed] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-09-04] [not signed] FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-09-04] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1181477252-4154694367-2884869693-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Wojtelllo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS) Chrome: ======= CHR HomePage: Default -> hxxp://olx.pl/oferta/rower-yukon-gtix-kola-26-cali-CID767-IDgog1l.html#81764a2543 CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms} CHR DefaultSearchKeyword: Default -> google CHR Profile: C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default [2017-04-06] CHR Extension: (Tłumacz Google) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17] CHR Extension: (Prezentacje Google) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-29] CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-07-29] CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2017-03-08] CHR Extension: (Dokumenty Google) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29] CHR Extension: (Dysk Google) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Symbaloo) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfnbdccaiknlpdgabdgjijniolkgmoeh [2016-06-17] CHR Extension: (Adobe Acrobat) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-16] CHR Extension: (Kalendarz Google) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07] CHR Extension: (Arkusze Google) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-29] CHR Extension: (Dokumenty Google offline) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-01] CHR Extension: (Google Keep – notatki i listy) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-03-30] CHR Extension: (My Study Life) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjdjjiobjicmlhnjlogfgbibihjhkeo [2016-11-30] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11] CHR Extension: (Gmail) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29] CHR Extension: (Chrome Media Router) - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08] CHR HKLM\...\Chrome\Extension: [jdiejbegdjikmehflknhkbieocmnogcf] - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf.crx [2015-11-07] CHR HKU\S-1-5-21-1181477252-4154694367-2884869693-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jdiejbegdjikmehflknhkbieocmnogcf] - C:\Users\Wojtelllo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdiejbegdjikmehflknhkbieocmnogcf.crx [2015-11-07] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) R2 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-07-29] (Bitdefender) S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-28] (Broadcom Corporation.) R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1246112 2015-06-03] (Intel® Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3800264 2017-03-23] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-03-11] (Dropbox, Inc.) R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) R2 Huawei E3272; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2013-12-03] () R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] () R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156104 2013-06-04] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] () R2 MyWiFiRouterDHCP; C:\Program Files (x86)\Wi-Fi\WiFiGxSvc.exe [47464 2014-11-18] () R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-24] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-24] (Electronic Arts) S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH) S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH) R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH) R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-01] (© pdfforge GmbH.) S2 PLAY INTERNET. RunOuc; C:\Program Files (x86)\PLAY INTERNET\UpdateDog\ouc.exe [651856 2013-10-26] () R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [File not signed] S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] () R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2015-07-29] (Bitdefender) S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] () R3 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-09-02] () R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-07-29] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-13] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-13] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation) S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Origins\bin_ship\DAUpdaterSvc.Service.exe [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1306464 2015-07-29] (BitDefender) R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [677104 2015-07-29] (BitDefender) U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [304296 2015-11-09] (Alcohol Soft Development Team) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-07-29] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC) R1 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender) S3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [160544 2015-07-29] (BitDefender LLC) S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [115656 2013-06-04] (Intel Corporation) R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation) R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\NETwbw02.sys [3515664 2016-01-29] (Intel Corporation) S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2015-09-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed] R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-03-09] () R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-20] (Synaptics Incorporated) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [381608 2015-10-25] (Duplex Secure Ltd.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [452040 2015-07-29] (BitDefender S.R.L.) R1 txwifinat; C:\WINDOWS\system32\DRIVERS\txwifinat64.sys [35248 2014-12-01] (Nanjing Tongxiang Network Technology Co.,LTD) S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [20992 2015-10-13] (Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-10-13] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-10-13] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-10-13] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 dbx; system32\DRIVERS\dbx.sys [X] U3 DfSdkS; no ImagePath ========================== Drivers MD5 ======================= C:\WINDOWS\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1 C:\WINDOWS\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1 C:\WINDOWS\System32\drivers\ACPI.sys E796AE43DDD1844281DB4D57294D17C0 C:\WINDOWS\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813 C:\WINDOWS\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F C:\WINDOWS\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65 C:\WINDOWS\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7 C:\WINDOWS\System32\drivers\AcpiVpc.sys AF7A18603B0B82DFA5B420456FAF2201 C:\WINDOWS\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD C:\WINDOWS\system32\drivers\afd.sys A460C3AF3755A2A79A3C8EFE72E147B5 C:\WINDOWS\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8 C:\WINDOWS\System32\DRIVERS\ahcache.sys FE14D249D39368CA62D8DA6BC94AC694 C:\WINDOWS\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729 C:\WINDOWS\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3 C:\WINDOWS\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2 C:\WINDOWS\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E C:\WINDOWS\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50 C:\WINDOWS\System32\drivers\AMPPAL.sys 07B66CCF59037018633D75B8DA87FE9E C:\WINDOWS\system32\drivers\AmUStor.SYS 4126D30992B26303E47E8981313FD6D6 C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys 4542CC17440E85D2D2D73A7D40FAED0A C:\WINDOWS\system32\drivers\appid.sys 415DD71628795197F7AFC176CBADC74E C:\WINDOWS\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B C:\WINDOWS\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD C:\WINDOWS\System32\DRIVERS\avc3.sys 1517FBA8213F75ECCD9311DE493DD8C9 C:\WINDOWS\System32\DRIVERS\avckf.sys D1A0A4A314FCE6478F2E8C05D8DABC5B C:\Windows\System32\Drivers\axscsidrv.sys 1CF8237A7EBA04A25785F7DA1BE141DB C:\WINDOWS\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF C:\WINDOWS\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68 C:\WINDOWS\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768 C:\WINDOWS\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21 C:\WINDOWS\System32\drivers\bdelam.sys 3701D3BF4AC12EAACB1F58847C1D32FC C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys 3AB8C5FA9589B637930783165DD94E54 C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys 923E8216382E2F64EC8AADBA3C2CFFEE C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys C0247341C1BCD7FF2742821D0AD7AFBC C:\WINDOWS\system32\DRIVERS\bdvedisk.sys F7F20DFE87C425221D8FCE77C5ED46AC C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6 C:\WINDOWS\System32\DRIVERS\bowser.sys 4938A9236300A356F97E378491EE4844 C:\WINDOWS\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7 C:\WINDOWS\system32\DRIVERS\BthEnum.sys 1104A31260CCF4318C884E0AE6C513BF C:\WINDOWS\System32\drivers\bthhfenum.sys 272A62B660A48AEF366F8A1836CED19F C:\WINDOWS\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07 C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys D30C67473A2E229662D21F27EAA9AAA5 C:\WINDOWS\System32\drivers\bthmodem.sys EF4B9E7C9AD88C00C18A12B0D22D1894 C:\WINDOWS\system32\DRIVERS\bthpan.sys FEA8FC81431AD93F44D5FBFBBF096AA7 C:\WINDOWS\System32\Drivers\BTHport.sys 0CC00ADC1B84C93FB46E1A0974E956E1 C:\WINDOWS\System32\Drivers\BTHUSB.sys 08EA90955AED2D959EE67DF6EDF0E2B6 C:\WINDOWS\system32\DRIVERS\btmhsf.sys 8669DE4D76C48D8DC09B6034ABEBEB1A C:\WINDOWS\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9 C:\WINDOWS\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D C:\WINDOWS\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B C:\WINDOWS\System32\drivers\CLFS.sys 9DA497AEAF35AA7BF7710132FC2A9906 C:\WINDOWS\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB C:\WINDOWS\System32\Drivers\cng.sys C8823A6ECE66B997C8E9F413D1D671E7 C:\WINDOWS\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905 C:\WINDOWS\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2 C:\WINDOWS\System32\drivers\dam.sys 389C998C64319CD97625B0550E52ECFA C:\WINDOWS\System32\Drivers\dfsc.sys FBFF94FC1FE0699A6BC5ACE270AB9EA1 C:\WINDOWS\system32\DRIVERS\ssudbus.sys 9593475FBC857A05D93BFF4FA7323C2B C:\WINDOWS\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85 C:\WINDOWS\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F C:\WINDOWS\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94 C:\WINDOWS\System32\drivers\dxgkrnl.sys 5CEAB7EE9643C34C88C55E6F6680D0E0 C:\WINDOWS\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D C:\WINDOWS\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9 C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B C:\WINDOWS\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3 C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4 C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B C:\WINDOWS\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B C:\WINDOWS\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265 C:\WINDOWS\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF C:\WINDOWS\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A C:\WINDOWS\System32\drivers\fltmgr.sys C1FB505A73FA2E9019D32444AB33B75A C:\WINDOWS\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42 C:\WINDOWS\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE C:\WINDOWS\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015 C:\WINDOWS\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA C:\WINDOWS\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1 C:\WINDOWS\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19 C:\WINDOWS\System32\DRIVERS\gzflt.sys 4250E0978FBC9B3C0D115CD26C5BA9F4 C:\WINDOWS\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926 C:\WINDOWS\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906 C:\WINDOWS\System32\drivers\hidbth.sys 42F88B57CAE42FC10059C887B3FCFCEA C:\WINDOWS\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17 C:\WINDOWS\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95 C:\WINDOWS\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4 C:\WINDOWS\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D C:\WINDOWS\System32\drivers\HTTP.sys 76A6FDA32A21515B67633497D8FDB1E4 C:\WINDOWS\System32\drivers\ew_jubusenum.sys D49D4E7B70AD6B1D04771AC1F7DB79C7 C:\WINDOWS\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F C:\WINDOWS\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1 C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25 C:\WINDOWS\System32\drivers\i8042prt.sys 49EE0AE9E5B64FFBBD06D55C4984B598 C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05 C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C C:\WINDOWS\System32\drivers\iaStorA.sys 0A34D806EF2767E62CAFEA1A150A8830 C:\WINDOWS\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC C:\WINDOWS\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2 C:\WINDOWS\system32\DRIVERS\ibtusb.sys 6C23262230188DAE2E8D27B7F21CCC02 C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 5863E2DD2E5C2D1B1F70C3826C162A7B C:\WINDOWS\system32\drivers\intelaud.sys 5950F69F9B345952F3C2275C39EA393B C:\WINDOWS\system32\DRIVERS\IntcDAud.sys EEE7376243CD8A4B49B885EF122D25E5 C:\WINDOWS\System32\drivers\IntelPcc.sys 0DA6BAF6CF50F4F0A04334BF0DCF6C9A C:\WINDOWS\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157 C:\WINDOWS\System32\drivers\intelpep.sys 7AA01AB1C110916825E6E1389F1B9AF2 C:\WINDOWS\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514 C:\WINDOWS\System32\drivers\IPMIDrv.sys 9C096BF5E10CA8BFA56F32522A89FAF1 C:\WINDOWS\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD C:\WINDOWS\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97 C:\WINDOWS\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21 C:\WINDOWS\System32\drivers\msiscsi.sys AD3C1F4BD9167420F04052FDA197CF29 C:\WINDOWS\System32\drivers\iwdbus.sys F1D3A377ED9BA1CA449824C41CAF104C C:\WINDOWS\System32\drivers\kbdclass.sys 5917AFE4A3F695A54B99C1849C8207FE C:\WINDOWS\System32\drivers\kbdhid.sys 8CD840A062F6BDF41DDE3ACB96164B72 C:\WINDOWS\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05 C:\WINDOWS\System32\Drivers\ksecdd.sys 304DA394D958BC3B62AF6DF514005B01 C:\WINDOWS\System32\Drivers\ksecpkg.sys 3D4AE520CD6F6FFE549DD195C1F515BE C:\WINDOWS\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F C:\WINDOWS\system32\DRIVERS\L1C63x64.sys 50AECF8C21AB2A6428A6E1E10549D8E5 C:\WINDOWS\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8 C:\WINDOWS\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC C:\WINDOWS\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141 C:\WINDOWS\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191 C:\WINDOWS\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C C:\WINDOWS\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4 C:\WINDOWS\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F C:\WINDOWS\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363 C:\WINDOWS\System32\drivers\HECIx64.sys 2BB3EAE2EA641515D4B205CAB29E1624 C:\WINDOWS\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378 C:\WINDOWS\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9 C:\WINDOWS\System32\drivers\mouclass.sys 08374E4E5B8914DE6067CBA99F61E930 C:\WINDOWS\System32\drivers\mouhid.sys 5FCBAB60598AE119E02B4C27DE6B99EA C:\WINDOWS\System32\drivers\mountmgr.sys 9A788037D768809DFD677F4BA08A224A C:\WINDOWS\System32\drivers\mpsdrv.sys 6FC047578785B0435F4E2660946D1ADC C:\WINDOWS\system32\drivers\mrxdav.sys 3F818C1518DA702C8F10259095C9BDE0 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 708F7D4C1EDCC5891A5F63AA48277132 C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys 15D7AF1A26CCEBA32DF21A8E2098F463 C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 3F93BC38C65556CC101F595E17C55629 C:\WINDOWS\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08 C:\WINDOWS\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD C:\WINDOWS\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31 C:\WINDOWS\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA C:\WINDOWS\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C C:\WINDOWS\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D C:\WINDOWS\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113 C:\WINDOWS\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6 C:\WINDOWS\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8 C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0 C:\WINDOWS\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E C:\WINDOWS\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2 C:\WINDOWS\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E C:\WINDOWS\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365 C:\WINDOWS\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F C:\WINDOWS\system32\DRIVERS\nwifi.sys 008F7CED69FD5B30CBDE1E03C6F36A27 C:\WINDOWS\System32\drivers\ndis.sys 97DC5967F65503213FD1F1B3E4A6F983 C:\WINDOWS\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664 C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322 C:\WINDOWS\system32\DRIVERS\ndistapi.sys DC1D9F692C2AD84C214584C28501C1F7 C:\WINDOWS\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59 C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE C:\WINDOWS\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A C:\WINDOWS\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A C:\Windows\System32\Drivers\NDProxy.sys 0BBE2FA30BAD58C9ADC01E4F84A3D2A1 C:\WINDOWS\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B C:\WINDOWS\System32\DRIVERS\netbios.sys 42FF4975D032CAE558AE4BB8448F6E5A C:\WINDOWS\System32\DRIVERS\netbt.sys 9DC17B7D9D84C37C102D379FCC7D4942 C:\WINDOWS\System32\drivers\netvsc63.sys D4DCE03870314D3354F3501F9DDD4123 C:\WINDOWS\system32\DRIVERS\NETwbw02.sys 57B8053A3C2A01A2C2A2DB2577D653DB C:\WINDOWS\system32\DRIVERS\Netwew02.sys CE01BC8C2B3CBDD4A6EBD25331E48F4B C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351 C:\WINDOWS\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC C:\WINDOWS\System32\drivers\nsiproxy.sys 0E046FF5823B95326D10CF1B4AF23541 C:\Windows\System32\Drivers\Ntfs.sys 7F68063A5A0461E02BC860CE0E6BFDDC C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904 C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 86B50CE257C74E378FC2686B8A1F8B30 C:\WINDOWS\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8 C:\WINDOWS\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 0EF30778078D7B5877F8F57151699798 C:\WINDOWS\system32\drivers\nvvad64v.sys 4F00008B513F4019623ED61159363888 C:\WINDOWS\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49 C:\WINDOWS\System32\drivers\parport.sys 57DCE4FB0467986AE78E1C6FC5240D32 C:\WINDOWS\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4 C:\WINDOWS\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4 C:\WINDOWS\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4 C:\WINDOWS\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397 C:\WINDOWS\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D C:\WINDOWS\System32\drivers\pdc.sys ED54A75050211DC77F9B98C41E026858 C:\WINDOWS\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6 C:\WINDOWS\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F C:\WINDOWS\system32\DRIVERS\pacer.sys FC0141B4A5AD6D637D883C1A89FC45C5 C:\WINDOWS\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1 C:\WINDOWS\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F C:\WINDOWS\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A C:\WINDOWS\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051 C:\WINDOWS\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32 C:\WINDOWS\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF C:\WINDOWS\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64 C:\WINDOWS\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6 C:\Windows\System32\Drivers\ReFS.sys 2D39BCFA4DD1081B8F282B623456B858 C:\WINDOWS\system32\DRIVERS\rfcomm.sys DC66AE45816614D2999DCD3834DCCC4E C:\WINDOWS\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC C:\WINDOWS\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0 C:\WINDOWS\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7 C:\WINDOWS\System32\DRIVERS\scfilter.sys 13BEA6C882D4D877A5A85CA149C86BC1 C:\WINDOWS\System32\drivers\sdbus.sys C54B6B2170BF628FD42F799A66956D75 C:\WINDOWS\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8 C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\WINDOWS\system32\drivers\semav6msr64.sys 07F83829E7429E60298440CD1E601A6A C:\WINDOWS\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89 C:\WINDOWS\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431 C:\WINDOWS\System32\drivers\serenum.sys 1F0135949A6AD6025F363F80FE268251 C:\WINDOWS\System32\drivers\serial.sys 81633C87B42B63BA484A6177179AC750 C:\WINDOWS\System32\drivers\sermouse.sys 148195AE95D9BC7375A08846439FDAC1 C:\WINDOWS\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764 C:\WINDOWS\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F C:\WINDOWS\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 15578FED606D7B31853B3DD589E897D9 C:\WINDOWS\System32\drivers\spaceport.sys 546B88E6906EE9813EFE314DC95E3488 C:\WINDOWS\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34 C:\WINDOWS\System32\Drivers\sptd.sys FEB80A9EC320569CC82D4DB9F4AC78BC C:\WINDOWS\System32\DRIVERS\srv.sys D10F18E3287374D3B40D41C1651355DE C:\WINDOWS\System32\DRIVERS\srv2.sys E6520A3B215FAFBF23E24AB22C44F973 C:\WINDOWS\System32\DRIVERS\srvnet.sys FABC49666708EA562549E78E6FBF3191 C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 592FF34A2FD6C6351B8A3AA76B2C0A9E C:\WINDOWS\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B C:\WINDOWS\system32\DRIVERS\stwrt64.sys 54ED2C1F251CF19EB3E965857BACF6F7 C:\WINDOWS\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90 C:\WINDOWS\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34 C:\WINDOWS\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE C:\WINDOWS\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F C:\WINDOWS\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43 C:\WINDOWS\system32\DRIVERS\SynTP.sys D4F0FC9B13624E9422AEC12C2CCDEAF5 C:\WINDOWS\system32\DRIVERS\tap0901.sys 3C32FF010F869BC184DF71290477384E C:\WINDOWS\System32\drivers\tcpip.sys 2F10C145F517419E17203632FCDA0A13 C:\WINDOWS\system32\DRIVERS\tcpip.sys 2F10C145F517419E17203632FCDA0A13 C:\WINDOWS\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4 C:\WINDOWS\system32\DRIVERS\tdx.sys E0BD2D83875464FEEEB242CBA8B7E073 C:\WINDOWS\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431 C:\WINDOWS\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626 C:\WINDOWS\System32\DRIVERS\trufos.sys 3E75A47D2DEFD2683DCA409572FBE8B2 C:\WINDOWS\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93 C:\WINDOWS\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99 C:\WINDOWS\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242 C:\WINDOWS\system32\DRIVERS\txwifinat64.sys 7C2D7F72609CDC59A3A1462CD6B95255 C:\WINDOWS\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54 C:\WINDOWS\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B C:\WINDOWS\System32\drivers\ucx01000.sys 807F8CF3E973305FC435C61CBBEE2A49 C:\WINDOWS\System32\DRIVERS\udfs.sys C61EAF8E1E4B2F62BA4FDF457440B2C6 C:\WINDOWS\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21 C:\WINDOWS\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9 C:\WINDOWS\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034 C:\WINDOWS\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E C:\WINDOWS\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8 C:\WINDOWS\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40 C:\WINDOWS\System32\drivers\usbehci.sys 48BA326A3DBA5B5BEB5F2777F4618696 C:\WINDOWS\System32\drivers\usbhub.sys FEF0BC107812B36849741C3211BA6B60 C:\WINDOWS\System32\drivers\UsbHub3.sys 95B0179BDA907252025DEEA183699FB3 C:\WINDOWS\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD C:\WINDOWS\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C C:\WINDOWS\system32\DRIVERS\usb80236.sys 9EAA9AEE921DDBC96557BD0ABCA90829 C:\WINDOWS\system32\DRIVERS\usbscan.sys 0F030491BA4A27BD46F8B8ACEEE83F1A C:\WINDOWS\System32\drivers\USBSTOR.SYS 9D168BFA334D47BE404367EB58D4E130 C:\WINDOWS\System32\drivers\usbuhci.sys 064260B3A5868AC894A4943543BC7AB7 C:\WINDOWS\System32\Drivers\usbvideo.sys 5C8F604F6DC74177CDD8372D7B1ADFF0 C:\WINDOWS\System32\drivers\USBXHCI.SYS 44603DA5A87FB491EF59C889EBBB4DDB C:\WINDOWS\system32\DRIVERS\usb8023x.sys B73B55A194BEAF71985211279585A316 C:\WINDOWS\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562 C:\WINDOWS\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD C:\WINDOWS\System32\drivers\vhdmp.sys 8ABB4BABF59F092DF0B43778D8FD1884 C:\WINDOWS\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199 C:\WINDOWS\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38 C:\WINDOWS\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F C:\WINDOWS\System32\drivers\volmgr.sys 436E1A724E7E683F6B612D3D58F04241 C:\WINDOWS\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7 C:\WINDOWS\System32\drivers\volsnap.sys 64CA2B4A49A8EAF495E435623ECCE7DB C:\WINDOWS\System32\drivers\vpci.sys EF31713EE4C7CCFE4049F7E7F15645A2 C:\WINDOWS\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07 C:\WINDOWS\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B C:\WINDOWS\System32\drivers\vwifibus.sys 71066FF95C487327E44C8AF1B72EBE8B C:\WINDOWS\system32\DRIVERS\vwififlt.sys 29AB43937FFDA0B0FB56984226E698C6 C:\WINDOWS\system32\DRIVERS\vwifimp.sys 8B8624A93E3F88CB923AEB05B6313227 C:\WINDOWS\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B C:\WINDOWS\system32\drivers\WdBoot.sys 81285DDC994F03379DB46419300B2DCB C:\WINDOWS\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D C:\WINDOWS\system32\drivers\WdFilter.sys 26B8FED3F3B85F5F0C4BD03FD00B9941 C:\WINDOWS\System32\Drivers\WdNisDrv.sys CE67080F00E0AF32755096CEA6430ABA C:\WINDOWS\System32\DRIVERS\wfplwfs.sys 715ABA3DD164D06457A2A3C92F6EA9D5 C:\WINDOWS\System32\drivers\wimmount.sys 5F66B7BB330AA80067FC66149A692620 C:\WINDOWS\system32\DRIVERS\WinUsb.sys AC263C2F66405589528995AA41040599 C:\WINDOWS\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128 C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09 C:\WINDOWS\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845 C:\WINDOWS\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A C:\WINDOWS\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572 C:\WINDOWS\system32\DRIVERS\wsvd.sys 72B4E9DF6456C43C42A1419B09486045 C:\WINDOWS\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113 C:\WINDOWS\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F C:\WINDOWS\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F C:\WINDOWS\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-06 18:00 - 2017-04-06 18:01 - 00064365 _____ C:\Users\Wojtelllo\Downloads\FRST.txt 2017-04-06 17:59 - 2017-04-06 18:00 - 00000000 ____D C:\FRST 2017-04-06 17:59 - 2017-04-06 17:59 - 02424832 _____ (Farbar) C:\Users\Wojtelllo\Downloads\FRST64.exe 2017-04-06 17:56 - 2017-04-06 17:56 - 01766912 _____ (Farbar) C:\Users\Wojtelllo\Downloads\FRST.exe 2017-04-06 17:54 - 2017-04-06 17:54 - 00003248 _____ C:\WINDOWS\System32\Tasks\{FBACF594-1B01-431E-B012-DFC601346984} 2017-04-06 17:54 - 2017-04-06 17:54 - 00002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-04-06 17:54 - 2017-04-06 17:54 - 00002296 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-04-06 17:42 - 2017-04-06 17:42 - 01129376 _____ (Google Inc.) C:\Users\Wojtelllo\Desktop\ChromeSetup.exe 2017-04-06 16:34 - 2017-04-06 16:34 - 04089296 _____ C:\Users\Wojtelllo\Downloads\adwcleaner_6.045.exe 2017-04-06 16:27 - 2017-03-10 06:34 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-04-06 16:27 - 2017-03-10 06:34 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-04-06 15:45 - 2016-10-20 15:14 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2017-04-06 15:45 - 2016-10-20 15:10 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2017-04-06 15:37 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-04-06 15:37 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-04-06 15:37 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-04-06 15:37 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-04-06 15:37 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-04-06 15:37 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-04-06 15:37 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-04-06 15:37 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-04-06 15:37 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-04-06 15:37 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-04-06 15:37 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-04-06 15:37 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-04-06 15:37 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-04-06 15:37 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-04-06 15:37 - 2017-02-11 06:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-04-06 15:37 - 2017-02-11 06:56 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-04-06 15:37 - 2017-02-10 07:10 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-04-06 15:37 - 2017-02-10 07:08 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-04-06 15:37 - 2017-02-10 07:01 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-04-06 15:37 - 2017-02-10 07:00 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-04-06 15:37 - 2017-02-10 06:59 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-04-06 15:37 - 2017-02-10 02:12 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2017-04-06 15:37 - 2017-02-09 17:16 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-04-06 15:37 - 2017-02-04 21:30 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-04-06 15:37 - 2017-01-05 19:29 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2017-04-06 15:37 - 2016-11-11 04:33 - 01541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-04-06 15:37 - 2016-11-09 19:25 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-04-06 15:37 - 2016-11-02 22:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-04-06 15:37 - 2016-10-27 19:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-04-06 15:37 - 2016-10-05 15:52 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls 2017-04-06 15:37 - 2016-10-05 15:52 - 00513456 _____ C:\WINDOWS\system32\locale.nls 2017-04-06 15:37 - 2016-09-09 16:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2017-04-06 15:37 - 2016-08-27 18:33 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2017-04-06 15:37 - 2016-08-27 18:11 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2017-04-06 15:37 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2017-04-06 15:37 - 2016-02-11 22:16 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-04-06 15:37 - 2016-02-08 22:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2017-04-06 15:37 - 2015-11-10 02:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2017-04-06 15:37 - 2015-10-22 17:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2017-04-06 15:36 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-04-06 15:36 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2017-04-06 15:36 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-04-06 15:36 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-04-06 15:36 - 2017-03-04 09:05 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-04-06 15:36 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-04-06 15:36 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-04-06 15:36 - 2017-03-02 19:25 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-04-06 15:36 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-04-06 15:36 - 2017-02-11 21:25 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-04-06 15:36 - 2017-02-11 07:12 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-04-06 15:36 - 2017-02-11 07:12 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-04-06 15:36 - 2017-02-11 07:00 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-04-06 15:36 - 2017-02-10 21:09 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-04-06 15:36 - 2017-02-10 07:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-04-06 15:36 - 2017-02-10 07:09 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-04-06 15:36 - 2017-02-10 03:31 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-04-06 15:36 - 2017-02-09 17:28 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-04-06 15:36 - 2017-02-09 17:19 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-04-06 15:36 - 2017-02-09 17:16 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-04-06 15:36 - 2017-02-09 16:59 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-04-06 15:36 - 2017-02-09 16:58 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-04-06 15:36 - 2017-02-09 16:58 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-04-06 15:36 - 2017-02-04 22:32 - 07444832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-04-06 15:36 - 2017-02-04 22:30 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-04-06 15:36 - 2017-02-04 22:30 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-04-06 15:36 - 2017-02-04 22:30 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-04-06 15:36 - 2017-02-04 22:30 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-04-06 15:36 - 2017-02-04 21:32 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2017-04-06 15:36 - 2017-02-04 20:14 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-04-06 15:36 - 2017-02-04 19:50 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll 2017-04-06 15:36 - 2017-02-04 19:40 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-04-06 15:36 - 2017-02-04 19:32 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2017-04-06 15:36 - 2017-02-04 19:17 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll 2017-04-06 15:36 - 2017-02-04 19:10 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-04-06 15:36 - 2017-02-04 19:05 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll 2017-04-06 15:36 - 2017-01-21 23:37 - 00567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-04-06 15:36 - 2017-01-21 21:27 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2017-04-06 15:36 - 2017-01-21 21:27 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll 2017-04-06 15:36 - 2017-01-21 21:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-04-06 15:36 - 2017-01-21 21:20 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-04-06 15:36 - 2017-01-21 20:40 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2017-04-06 15:36 - 2017-01-21 20:40 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll 2017-04-06 15:36 - 2017-01-21 20:37 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-04-06 15:36 - 2017-01-21 19:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-04-06 15:36 - 2017-01-21 19:48 - 01437696 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-04-06 15:36 - 2017-01-14 19:49 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2017-04-06 15:36 - 2017-01-11 21:37 - 02345984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-04-06 15:36 - 2017-01-10 21:08 - 01549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-04-06 15:36 - 2017-01-05 20:20 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-04-06 15:36 - 2017-01-05 20:09 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2017-04-06 15:36 - 2017-01-05 19:36 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-04-06 15:36 - 2017-01-05 19:13 - 07796224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-04-06 15:36 - 2017-01-05 18:57 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-04-06 15:36 - 2016-11-19 23:24 - 00152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2017-04-06 15:36 - 2016-11-19 19:22 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2017-04-06 15:36 - 2016-11-16 23:49 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-04-06 15:36 - 2016-11-12 23:06 - 00738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2017-04-06 15:36 - 2016-11-12 21:38 - 00613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2017-04-06 15:36 - 2016-11-09 21:22 - 00681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-04-06 15:36 - 2016-11-05 22:46 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-04-06 15:36 - 2016-11-05 19:57 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2017-04-06 15:36 - 2016-11-05 19:11 - 03606528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2017-04-06 15:36 - 2016-11-05 17:56 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2017-04-06 15:36 - 2016-11-05 17:46 - 02463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2017-04-06 15:36 - 2016-11-02 22:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-04-06 15:36 - 2016-11-02 16:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-04-06 15:36 - 2016-11-02 16:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-04-06 15:36 - 2016-10-27 20:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-04-06 15:36 - 2016-10-13 21:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-04-06 15:36 - 2016-10-13 21:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-04-06 15:36 - 2016-10-12 23:49 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-04-06 15:36 - 2016-10-12 23:11 - 00922968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2017-04-06 15:36 - 2016-10-11 22:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-04-06 15:36 - 2016-10-11 22:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-04-06 15:36 - 2016-10-11 19:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2017-04-06 15:36 - 2016-10-11 18:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2017-04-06 15:36 - 2016-10-11 18:45 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-04-06 15:36 - 2016-10-11 01:31 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-04-06 15:36 - 2016-10-10 23:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-04-06 15:36 - 2016-10-10 23:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-04-06 15:36 - 2016-10-10 20:18 - 00069976 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll 2017-04-06 15:36 - 2016-10-10 20:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys 2017-04-06 15:36 - 2016-10-10 00:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-04-06 15:36 - 2016-10-09 16:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll 2017-04-06 15:36 - 2016-10-09 16:08 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2017-04-06 15:36 - 2016-10-09 16:08 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2017-04-06 15:36 - 2016-10-09 00:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2017-04-06 15:36 - 2016-10-09 00:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-04-06 15:36 - 2016-10-09 00:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2017-04-06 15:36 - 2016-10-08 23:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2017-04-06 15:36 - 2016-10-08 23:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2017-04-06 15:36 - 2016-10-08 23:10 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-04-06 15:36 - 2016-10-08 03:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-04-06 15:36 - 2016-10-08 03:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-04-06 15:36 - 2016-10-05 16:01 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-04-06 15:36 - 2016-10-05 16:00 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-04-06 15:36 - 2016-10-05 16:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2017-04-06 15:36 - 2016-10-05 06:15 - 01969944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2017-04-06 15:36 - 2016-10-05 06:15 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2017-04-06 15:36 - 2016-10-05 06:15 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2017-04-06 15:36 - 2016-10-05 06:15 - 00245320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2017-04-06 15:36 - 2016-10-04 22:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2017-04-06 15:36 - 2016-10-04 22:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-04-06 15:36 - 2016-10-04 22:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-04-06 15:36 - 2016-10-04 22:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-04-06 15:36 - 2016-09-27 22:16 - 00445873 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-04-06 15:36 - 2016-09-21 00:30 - 02462040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-04-06 15:36 - 2016-09-17 20:16 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll 2017-04-06 15:36 - 2016-09-17 19:21 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll 2017-04-06 15:36 - 2016-09-13 00:03 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-04-06 15:36 - 2016-09-12 23:01 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-04-06 15:36 - 2016-09-10 00:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-04-06 15:36 - 2016-09-09 16:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2017-04-06 15:36 - 2016-09-09 16:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-04-06 15:36 - 2016-09-09 16:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2017-04-06 15:36 - 2016-09-09 16:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2017-04-06 15:36 - 2016-09-08 22:41 - 00121176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2017-04-06 15:36 - 2016-09-08 16:00 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2017-04-06 15:36 - 2016-09-08 16:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2017-04-06 15:36 - 2016-09-03 20:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll 2017-04-06 15:36 - 2016-09-03 20:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2017-04-06 15:36 - 2016-09-03 19:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll 2017-04-06 15:36 - 2016-09-03 18:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-04-06 15:36 - 2016-09-03 18:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-04-06 15:36 - 2016-09-03 17:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-04-06 15:36 - 2016-09-02 16:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2017-04-06 15:36 - 2016-09-02 16:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2017-04-06 15:36 - 2016-09-01 16:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2017-04-06 15:36 - 2016-09-01 16:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2017-04-06 15:36 - 2016-09-01 16:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2017-04-06 15:36 - 2016-08-30 16:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2017-04-06 15:36 - 2016-08-30 04:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll 2017-04-06 15:36 - 2016-08-30 04:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2017-04-06 15:36 - 2016-08-30 04:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2017-04-06 15:36 - 2016-08-30 04:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2017-04-06 15:36 - 2016-08-26 06:41 - 22360280 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-04-06 15:36 - 2016-08-26 06:41 - 19789224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-04-06 15:36 - 2016-08-25 22:50 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2017-04-06 15:36 - 2016-08-25 21:40 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2017-04-06 15:36 - 2016-08-22 15:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-04-06 15:36 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-04-06 15:36 - 2016-08-13 02:05 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2017-04-06 15:36 - 2016-08-13 02:03 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys 2017-04-06 15:36 - 2016-08-13 02:02 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2017-04-06 15:36 - 2016-08-13 02:01 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2017-04-06 15:36 - 2016-08-13 00:35 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2017-04-06 15:36 - 2016-08-13 00:19 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2017-04-06 15:36 - 2016-08-12 23:47 - 15431168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-04-06 15:36 - 2016-08-12 23:17 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2017-04-06 15:36 - 2016-08-12 22:52 - 13317120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-04-06 15:36 - 2016-08-12 03:58 - 02315496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2017-04-06 15:36 - 2016-08-12 03:58 - 01946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-04-06 15:36 - 2016-08-11 20:33 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys 2017-04-06 15:36 - 2016-08-11 20:33 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys 2017-04-06 15:36 - 2016-08-11 20:33 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys 2017-04-06 15:36 - 2016-08-11 19:17 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2017-04-06 15:36 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-04-06 15:36 - 2016-08-03 17:42 - 01317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-04-06 15:36 - 2016-08-03 17:36 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-04-06 15:36 - 2016-08-03 17:36 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-04-06 15:36 - 2016-08-03 17:33 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-04-06 15:36 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2017-04-06 15:36 - 2016-07-30 19:12 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2017-04-06 15:36 - 2016-07-30 18:36 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2017-04-06 15:36 - 2016-07-26 15:40 - 00162850 _____ C:\WINDOWS\SysWOW64\C_932.NLS 2017-04-06 15:36 - 2016-07-26 15:40 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS 2017-04-06 15:36 - 2016-07-23 20:18 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-04-06 15:36 - 2016-07-23 20:12 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-04-06 15:36 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-04-06 15:36 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-04-06 15:36 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2017-04-06 15:36 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL 2017-04-06 15:36 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL 2017-04-06 15:36 - 2016-02-08 20:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2017-04-06 15:36 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2017-04-06 15:36 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2017-04-06 15:36 - 2016-01-24 13:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-04-06 15:36 - 2016-01-24 13:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-04-06 15:17 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2017-04-06 15:17 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll 2017-04-06 15:17 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2017-04-06 15:17 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2017-04-06 15:17 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2017-04-06 15:17 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2017-04-06 15:17 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2017-04-06 15:17 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2017-04-06 15:17 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2017-04-06 15:17 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-04-06 15:17 - 2016-01-10 19:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2017-04-06 15:17 - 2016-01-10 19:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2017-04-06 15:17 - 2016-01-10 19:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-04-06 15:17 - 2016-01-10 19:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2017-04-06 15:17 - 2016-01-10 19:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2017-04-06 15:17 - 2016-01-10 18:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2017-04-06 15:17 - 2016-01-10 18:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-04-06 15:17 - 2016-01-10 18:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll 2017-04-06 15:17 - 2016-01-10 18:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2017-04-06 15:17 - 2015-12-05 07:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2017-04-06 15:17 - 2015-12-05 07:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll 2017-04-06 15:17 - 2015-12-03 20:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2017-04-06 15:17 - 2015-12-03 20:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL 2017-04-06 15:17 - 2015-12-03 20:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2017-04-06 15:17 - 2015-12-03 20:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL 2017-04-06 15:17 - 2015-12-03 19:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll 2017-04-06 15:17 - 2015-12-03 19:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL 2017-04-06 15:17 - 2015-12-03 18:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2017-04-06 15:17 - 2015-12-03 18:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2017-04-06 15:17 - 2015-12-02 17:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2017-04-06 15:17 - 2015-12-02 17:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2017-04-06 15:16 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-04-06 15:16 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-04-06 15:16 - 2015-12-03 20:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2017-04-06 15:16 - 2015-12-03 19:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2017-04-06 15:16 - 2015-12-03 19:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2017-04-06 15:16 - 2015-12-03 19:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL 2017-04-06 15:16 - 2015-12-03 19:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2017-04-06 15:16 - 2015-12-03 19:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2017-04-06 15:16 - 2015-12-03 19:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL 2017-04-06 15:15 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-04-06 15:15 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-04-06 15:15 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-04-06 15:15 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2017-04-06 15:15 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2017-04-06 15:15 - 2016-01-10 19:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-04-06 15:15 - 2016-01-10 18:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-04-06 15:15 - 2015-11-05 10:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2017-04-06 15:14 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2017-04-06 15:14 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2017-04-06 15:14 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll 2017-04-06 15:14 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-04-06 15:14 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2017-04-06 15:14 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-04-06 15:14 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll 2017-04-06 15:13 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-04-06 15:13 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-04-06 15:12 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2017-04-06 15:12 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2017-04-06 15:12 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2017-04-06 15:12 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2017-04-06 15:12 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll 2017-04-06 15:12 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll 2017-04-06 15:12 - 2015-11-21 18:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2017-04-06 15:12 - 2015-11-21 18:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2017-04-06 15:12 - 2015-11-21 18:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2017-04-06 15:12 - 2015-11-21 18:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2017-04-06 15:11 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-04-06 15:11 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-04-06 15:11 - 2016-02-06 20:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2017-04-06 15:11 - 2016-02-05 21:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL 2017-04-06 15:11 - 2016-02-05 21:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL 2017-04-06 15:10 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-04-06 15:10 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-04-06 15:10 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-04-06 15:10 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-04-06 15:10 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-04-06 15:10 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2017-04-06 15:10 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-04-06 15:10 - 2016-01-31 21:16 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2017-04-06 15:10 - 2016-01-19 21:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-04-06 15:10 - 2016-01-19 21:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-04-06 15:10 - 2016-01-19 21:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-04-06 15:10 - 2016-01-19 20:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-04-06 15:10 - 2016-01-19 20:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-04-06 15:10 - 2016-01-19 19:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-04-06 15:10 - 2016-01-19 18:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2017-04-06 15:10 - 2015-11-21 20:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2017-04-06 15:10 - 2015-11-21 19:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2017-04-06 15:09 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2017-04-06 15:09 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2017-04-06 15:09 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-04-06 15:09 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2017-04-06 15:09 - 2016-06-21 20:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-04-06 15:09 - 2016-06-21 16:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-04-06 15:09 - 2015-12-28 23:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll 2017-04-06 15:09 - 2015-12-28 22:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll 2017-04-06 15:08 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2017-04-06 15:08 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2017-04-06 15:08 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2017-04-06 15:08 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2017-04-06 15:08 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-04-06 15:08 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2017-04-06 15:08 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-04-06 15:08 - 2016-04-11 08:21 - 00074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2017-04-06 15:08 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2017-04-06 15:08 - 2016-02-04 19:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2017-04-06 15:08 - 2016-02-04 19:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2017-04-06 15:07 - 2015-12-08 21:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2017-04-06 15:07 - 2015-12-08 21:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2017-04-06 08:59 - 2017-04-06 11:56 - 00044032 _____ C:\Users\Wojtelllo\Downloads\Dyspo Bonum.xls 2017-04-06 08:51 - 2017-04-06 08:59 - 00043520 _____ C:\Users\Wojtelllo\Downloads\BW Bonum RecepcjaI-III 2017.xls 2017-04-05 11:33 - 2017-04-05 11:33 - 00135224 _____ C:\Users\Wojtelllo\Downloads\Prezentacja Haidt.pdf 2017-04-05 11:30 - 2017-04-05 11:30 - 00203869 _____ C:\Users\Wojtelllo\Downloads\Prezentacja Haidt (2).pptx 2017-04-05 11:28 - 2017-04-05 11:28 - 00209103 _____ C:\Users\Wojtelllo\Downloads\Prezentacja Haidt (1).pptx 2017-04-05 11:27 - 2017-04-05 11:28 - 00211558 _____ C:\Users\Wojtelllo\Downloads\Prezentacja Haidt.pptx 2017-03-24 23:43 - 2017-03-24 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-03-24 22:26 - 2017-03-25 12:39 - 00000201 _____ C:\Users\Wojtelllo\Documents\PrawkoB2013S.tmp 2017-03-24 22:26 - 2017-03-24 22:26 - 00000095 _____ C:\Users\Wojtelllo\Documents\PrawkoB2013S.ini 2017-03-23 19:52 - 2017-03-23 19:52 - 00177688 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy (8).ods 2017-03-23 19:52 - 2017-03-23 19:52 - 00177688 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy (7).ods 2017-03-23 19:52 - 2017-03-23 19:52 - 00177688 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy (6).ods 2017-03-23 19:52 - 2017-03-23 19:52 - 00177688 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy (5).ods 2017-03-23 19:52 - 2017-03-23 19:52 - 00177688 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy (3).ods 2017-03-23 19:52 - 2017-03-23 19:52 - 00177688 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy (2).ods 2017-03-20 23:56 - 2017-03-23 19:52 - 00177688 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy (4).ods 2017-03-20 18:33 - 2017-03-20 18:35 - 00000000 ____D C:\Users\Wojtelllo\Desktop\Telefon 2017-03-16 09:25 - 2017-03-16 09:25 - 13554870 _____ C:\Users\Wojtelllo\Desktop\Existentialism -Q (2 files merged).pdf 2017-03-16 09:23 - 2017-03-16 09:23 - 13551969 _____ C:\Users\Wojtelllo\Downloads\Existentialism -Q (2 files merged).pdf 2017-03-15 23:39 - 2017-03-15 23:39 - 03037034 _____ C:\Users\Wojtelllo\Downloads\Existentialism -Q.xps 2017-03-15 23:39 - 2017-03-15 23:39 - 02812823 _____ C:\Users\Wojtelllo\Downloads\Existentialism -Quotes.xps 2017-03-13 12:23 - 2017-03-13 12:23 - 11252741 _____ C:\Users\Wojtelllo\Downloads\debata_oksfordzka.pdf 2017-03-13 12:23 - 2017-03-13 12:23 - 11232850 _____ C:\Users\Wojtelllo\Desktop\debata_oksfordzka.pdf 2017-03-12 14:05 - 2017-03-12 14:05 - 07729509 _____ C:\Users\Wojtelllo\Desktop\Jonathan Haidt - Prawy umysł.pdf 2017-03-11 20:58 - 2017-04-06 17:53 - 00000000 ____D C:\Users\Wojtelllo\AppData\LocalLow\Mozilla 2017-03-11 01:17 - 2017-03-11 01:17 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-03-11 01:17 - 2017-03-11 01:17 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-02-28 13:41 - 2017-02-28 13:43 - 922503659 _____ C:\Users\Wojtelllo\Downloads\Hearts of Iron IV - Field Marshal Edition [2016] Version 1.2 [PL] (1).rar 2017-02-28 01:46 - 2017-02-28 01:46 - 00000000 ____D C:\Users\Wojtelllo\Desktop\New folder 2017-02-28 00:56 - 2017-02-28 01:32 - 00000000 ____D C:\Users\Wojtelllo\Desktop\Hot4 2017-02-27 14:04 - 2017-02-27 14:09 - 00000000 ____D C:\Users\Wojtelllo\Desktop\Nagrania Dyktafon 2017-02-27 14:03 - 2017-02-27 14:05 - 00000000 ____D C:\Users\Wojtelllo\Desktop\Tołstoj, Co to jest estetyka 2017-02-19 22:23 - 2017-02-19 22:23 - 00069750 _____ C:\Users\Wojtelllo\Downloads\Islam-Imperium Wiary (Empire of Faith) CD1 PL.txt 2017-02-19 22:23 - 2017-02-19 22:23 - 00069750 _____ C:\Users\Wojtelllo\Desktop\Islam-Imperium Wiary (Empire of Faith) CD1 PL.txt 2017-02-19 22:22 - 2017-02-19 22:22 - 00053820 _____ C:\Users\Wojtelllo\Downloads\Islam-Empire Of Faith PL CD2.txt 2017-02-19 22:19 - 2017-02-19 22:19 - 00086768 _____ C:\Users\Wojtelllo\Downloads\islam.empire.of.faith.(2000).pol.1cd.(3437701).dtc 2017-02-19 13:17 - 2017-02-19 13:17 - 00000000 ____D C:\Users\Wojtelllo\AppData\Local\Macromedia 2017-02-18 13:01 - 2017-03-24 22:56 - 00001307 _____ C:\Users\Public\Desktop\SimCity™.lnk 2017-02-18 13:01 - 2017-02-18 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ 2017-02-18 12:51 - 2017-02-18 12:52 - 00000000 ____D C:\Program Files (x86)\Origin Games 2017-02-18 12:50 - 2017-03-24 22:54 - 00000000 ____D C:\Program Files (x86)\Origin 2017-02-18 12:50 - 2017-02-18 12:50 - 00001020 _____ C:\Users\Public\Desktop\Origin.lnk 2017-02-18 12:49 - 2017-02-18 12:49 - 00000000 ____D C:\Users\Wojtelllo\.QtWebEngineProcess 2017-02-18 12:49 - 2017-02-18 12:49 - 00000000 ____D C:\Users\Wojtelllo\.Origin 2017-02-17 18:18 - 2017-02-17 18:19 - 139968178 _____ C:\Users\Wojtelllo\Desktop\Rzeczywoste Obecnosci.PDF 2017-02-17 18:16 - 2017-02-17 18:16 - 00109800 _____ C:\Users\Wojtelllo\Downloads\JPEGtoPDF.zip 2017-02-17 12:10 - 2017-02-17 12:10 - 00000000 ____D C:\Users\Wojtelllo\AppData\Roaming\PDF Producer 2017-02-17 11:56 - 2017-02-17 18:11 - 00000000 ____D C:\Users\Wojtelllo\AppData\Roaming\PDF Architect 5 2017-02-17 11:56 - 2017-02-17 11:56 - 00000823 _____ C:\Users\Public\Desktop\PDF Architect 5.lnk 2017-02-17 11:56 - 2017-02-17 11:56 - 00000000 ____D C:\Users\Wojtelllo\AppData\Local\PDFCreator 2017-02-17 11:56 - 2017-02-17 11:56 - 00000000 ____D C:\ProgramData\pdfforge 2017-02-17 11:54 - 2017-02-17 12:09 - 00000000 ____D C:\Users\Wojtelllo\Desktop\Rzeczywoste Obecnosci 2017-02-17 11:54 - 2017-02-17 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 5 2017-02-17 11:53 - 2017-02-17 11:55 - 00000000 ____D C:\Program Files\PDF Architect 5 2017-02-17 11:53 - 2017-02-17 11:55 - 00000000 ____D C:\Program Files (x86)\PDF Architect 5 2017-02-17 11:53 - 2017-02-17 11:53 - 00000000 ____D C:\Users\Wojtelllo\Documents\PDF Architect 2017-02-17 11:52 - 2017-02-17 18:11 - 00000000 ____D C:\ProgramData\PDF Architect 5 2017-02-17 11:52 - 2017-02-17 12:13 - 00000000 ____D C:\Program Files\PDFCreator 2017-02-17 11:52 - 2017-02-17 11:52 - 00115200 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2017-02-17 11:52 - 2017-02-17 11:52 - 00000859 _____ C:\Users\Public\Desktop\PDFCreator.lnk 2017-02-17 11:52 - 2017-02-17 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2017-02-17 11:51 - 2017-02-17 11:51 - 28997392 _____ (pdfforge GmbH ) C:\Users\Wojtelllo\Downloads\PDFCreator-2_5_0-Setup.exe 2017-02-15 19:20 - 2017-02-15 19:20 - 00001676 _____ C:\Users\Wojtelllo\Desktop\SimCity.exe - Shortcut.lnk 2017-02-15 12:32 - 2017-02-15 12:32 - 00000000 ____D C:\Users\Wojtelllo\Documents\SimCity 2017-02-15 11:07 - 2017-02-15 11:10 - 942200094 _____ C:\Users\Wojtelllo\Desktop\SC-DE DLC [2013] PL.Part2.rar 2017-02-15 07:57 - 2017-02-15 08:03 - 1782579200 _____ C:\Users\Wojtelllo\Desktop\SC-DE DLC [2013] PL.Part1.rar 2017-02-15 00:57 - 2017-02-15 00:57 - 00001815 _____ C:\Users\Wojtelllo\Desktop\SimCity 4.exe - Shortcut.lnk 2017-02-14 17:51 - 2017-02-15 08:16 - 00000000 ____D C:\Users\Wojtelllo\Documents\SimCity 4 2017-02-14 17:51 - 2017-02-14 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis 2017-02-14 17:50 - 2017-02-14 17:50 - 00000000 ____D C:\Program Files (x86)\Maxis 2017-02-14 17:44 - 2017-02-14 17:46 - 1331759104 _____ C:\Users\Wojtelllo\Downloads\SimCity 4 Deluxe PL.iso 2017-02-11 01:06 - 2017-02-11 01:06 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-02-10 20:43 - 2017-02-10 20:43 - 00015360 ___SH C:\Users\Administrator\Desktop\Thumbs.db 2017-02-10 20:18 - 2017-02-10 20:27 - 00000000 ____D C:\ProgramData\Sony Mobile 2017-02-10 20:18 - 2017-02-10 20:27 - 00000000 ____D C:\Program Files (x86)\Sony Mobile 2017-02-10 20:07 - 2017-02-10 20:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer 2017-02-10 20:07 - 2017-02-10 20:07 - 00000000 ____D C:\Users\Administrator\AppData\Local\CEF 2017-02-10 20:04 - 2017-02-10 20:04 - 00000000 ____D C:\Users\Administrator\Documents\Sony 2017-02-10 19:55 - 2017-02-10 19:56 - 49685376 _____ (Sony) C:\Users\Administrator\Downloads\XperiaCompanion.exe 2017-02-10 19:43 - 2017-02-10 22:33 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1181477252-4154694367-2884869693-500 2017-02-10 19:39 - 2017-02-10 19:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Dropbox 2017-02-10 19:39 - 2017-02-10 19:39 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Canon 2017-02-10 19:38 - 2017-02-10 19:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA 2017-02-10 19:35 - 2017-02-10 19:35 - 00000385 _____ C:\Users\Administrator\AppData\Roaminguser_gensett.xml 2017-02-10 19:34 - 2017-02-10 19:47 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages 2017-02-10 19:34 - 2017-02-10 19:45 - 00002292 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk 2017-02-10 19:34 - 2017-02-10 19:34 - 00001453 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-02-10 19:34 - 2017-02-10 19:34 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2017-02-10 19:32 - 2017-02-11 01:05 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles 2017-02-10 19:32 - 2017-02-10 19:56 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2017-02-10 19:32 - 2017-02-10 19:40 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Bitdefender 2017-02-10 19:32 - 2017-02-10 19:38 - 00000000 ____D C:\Users\Administrator 2017-02-10 19:32 - 2017-02-10 19:32 - 00000020 ___SH C:\Users\Administrator\ntuser.ini 2017-02-10 19:32 - 2017-02-10 19:32 - 00000000 _SHDL C:\Users\Administrator\My Documents 2017-02-10 19:32 - 2017-02-10 19:32 - 00000000 _SHDL C:\Users\Administrator\Documents\My Videos 2017-02-10 19:32 - 2017-02-10 19:32 - 00000000 _SHDL C:\Users\Administrator\Documents\My Pictures 2017-02-10 19:32 - 2017-02-10 19:32 - 00000000 _SHDL C:\Users\Administrator\Documents\My Music 2017-02-10 19:32 - 2017-02-10 19:32 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel 2017-02-10 19:32 - 2014-11-21 10:52 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2017-02-10 19:32 - 2014-11-21 10:52 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2017-02-10 19:32 - 2013-02-04 08:18 - 00000189 _____ C:\Users\Administrator\Desktop\Lenovo Telephony Start Now.url 2017-02-08 16:25 - 2017-02-08 16:25 - 00172190 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy (1).ods 2017-02-07 18:17 - 2017-02-07 18:17 - 00172190 _____ C:\Users\Wojtelllo\Downloads\GRAFIK-godziny-pracy.ods 2017-02-07 00:05 - 2017-02-07 00:05 - 54970576 _____ (Electronic Arts) C:\Users\Wojtelllo\Downloads\OriginThinSetup.exe 2017-02-06 23:23 - 2017-04-06 09:34 - 00000000 ____D C:\Users\Wojtelllo\AppData\Local\Free Download Manager 2017-02-06 23:23 - 2017-02-06 23:23 - 00001139 _____ C:\Users\Public\Desktop\Free Download Manager 5.lnk 2017-02-06 23:23 - 2017-02-06 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager 2017-02-06 23:23 - 2017-02-06 23:23 - 00000000 ____D C:\Program Files\FreeDownloadManager.ORG 2017-02-06 23:22 - 2017-02-06 23:22 - 50109768 _____ (FreeDownloadManager.ORG ) C:\Users\Wojtelllo\Downloads\fdm5_x64_setup.exe 2017-02-06 22:46 - 2017-02-06 22:51 - 00000000 ____D C:\Users\Wojtelllo\Desktop\Pendrive Historia Sztuki 2017-02-06 22:40 - 2017-02-06 22:43 - 1541996544 _____ C:\Users\Wojtelllo\Downloads\debian-live-8.7.1-i386-gnome-desktop.iso 2017-02-03 14:01 - 2017-02-03 14:01 - 00194279 _____ C:\Users\Wojtelllo\Downloads\GRAFIK AKADEMII.pdf 2017-01-31 11:34 - 2017-01-31 11:34 - 00095341 _____ C:\Users\Wojtelllo\Desktop\16189290764 (1).pdf 2017-01-31 11:34 - 2017-01-31 11:34 - 00090590 _____ C:\Users\Wojtelllo\Downloads\16189290764 (1).pdf 2017-01-31 11:22 - 2017-01-31 11:22 - 00893301 _____ C:\Users\Wojtelllo\Documents\IMG_20170131_0001.pdf 2017-01-30 19:43 - 2017-01-30 19:43 - 00090590 _____ C:\Users\Wojtelllo\Downloads\16189290764.pdf 2017-01-19 13:04 - 2017-01-19 13:21 - 2644559899 _____ C:\Users\Wojtelllo\Downloads\Third_Age_Reforged.1.rar 2017-01-19 13:00 - 2017-01-19 13:26 - 1706125838 _____ () C:\Users\Wojtelllo\Downloads\TATW_3.0_Part1of2.exe 2017-01-17 01:44 - 2017-01-17 01:44 - 1184202752 _____ C:\Users\Wojtelllo\Downloads\debian-live-8.7.1-amd64-cinnamon-desktop.iso 2017-01-15 11:18 - 2017-01-15 11:18 - 00014537 _____ C:\Users\Wojtelllo\Downloads\ankieta dla LK (1) (1).docm 2017-01-15 11:16 - 2017-01-15 11:16 - 00014537 _____ C:\Users\Wojtelllo\Downloads\ankieta dla LK (1).docm 2017-01-07 10:38 - 2017-01-07 10:38 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2017-01-07 10:38 - 2017-01-07 10:38 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2017-01-07 10:38 - 2017-01-07 10:38 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2017-01-07 10:38 - 2017-01-07 10:38 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll 2017-01-07 10:38 - 2017-01-07 10:38 - 00000000 ____D C:\Program Files (x86)\OpenAL ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-06 17:57 - 2015-07-29 03:47 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1181477252-4154694367-2884869693-1002 2017-04-06 17:54 - 2014-11-21 10:44 - 00877960 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-04-06 17:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2017-04-06 17:53 - 2015-07-29 03:28 - 00000000 ____D C:\Program Files (x86)\Google 2017-04-06 17:49 - 2016-03-04 11:43 - 00000000 ___RD C:\Users\Wojtelllo\OneDrive 2017-04-06 17:48 - 2015-11-07 16:10 - 00000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2017-04-06 17:48 - 2015-10-12 20:20 - 00000000 __SHD C:\Users\Wojtelllo\IntelGraphicsProfiles 2017-04-06 17:45 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-04-06 17:43 - 2015-12-03 14:24 - 00000000 ____D C:\ProgramData\Napisy24 2017-04-06 17:43 - 2015-07-29 21:55 - 00080000 _____ C:\bdlog.txt 2017-04-06 17:43 - 2013-09-02 21:21 - 00012800 _____ C:\WINDOWS\system32\VfService.trf 2017-04-06 17:30 - 2015-11-07 16:10 - 00000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2017-04-06 16:38 - 2016-09-08 01:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-04-06 16:37 - 2015-11-26 12:36 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2017-04-06 16:37 - 2015-11-26 12:17 - 00000000 ____D C:\AdwCleaner 2017-04-06 16:32 - 2016-09-08 01:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-04-06 16:22 - 2013-08-22 16:44 - 00541176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-04-06 16:21 - 2015-10-10 16:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-04-06 16:21 - 2015-10-10 16:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-04-06 16:19 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2017-04-06 16:16 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2017-04-06 16:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-04-06 16:15 - 2014-11-21 10:25 - 00000000 ____D C:\Program Files\Windows Journal 2017-04-06 16:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-04-06 15:57 - 2015-09-16 21:41 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-04-06 15:55 - 2015-07-28 22:47 - 00000000 ____D C:\Users\Wojtelllo\AppData\Local\Packages 2017-04-06 15:50 - 2015-09-16 21:41 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-04-06 15:47 - 2015-10-13 05:18 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2017-04-06 15:47 - 2015-10-13 05:18 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2017-04-06 15:43 - 2015-10-10 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-04-06 11:57 - 2015-11-11 19:06 - 09331200 ___SH C:\Users\Wojtelllo\Downloads\Thumbs.db 2017-04-06 10:13 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-06 10:11 - 2016-02-17 14:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-04-06 09:41 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2017-04-06 09:34 - 2015-07-29 10:15 - 00000000 ____D C:\Users\Wojtelllo\AppData\Roaming\AIMP3 2017-04-06 08:51 - 2015-10-27 23:39 - 00000000 ____D C:\Users\Wojtelllo\AppData\Roaming\vlc 2017-03-30 17:42 - 2015-10-13 20:10 - 10397696 ___SH C:\Users\Wojtelllo\Desktop\Thumbs.db 2017-03-29 21:10 - 2016-03-31 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2017-03-27 10:21 - 2013-09-02 21:23 - 00000000 ____D C:\ProgramData\Energy Manager 2017-03-26 23:59 - 2015-12-02 20:11 - 00000000 ____D C:\Users\Wojtelllo\AppData\Roaming\Origin 2017-03-26 23:59 - 2015-12-02 20:02 - 00000000 ____D C:\ProgramData\Origin 2017-03-25 12:47 - 2015-11-09 20:33 - 00002038 _____ C:\Users\Wojtelllo\Documents\ax_files.xml 2017-03-24 23:45 - 2015-11-07 16:14 - 00000000 ___RD C:\Users\Wojtelllo\Dropbox 2017-03-24 23:44 - 2015-11-07 16:10 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-03-24 22:31 - 2016-07-08 00:04 - 00000000 ____D C:\Users\Wojtelllo\Documents\Alcohol 52% 2017-03-23 14:29 - 2015-07-30 00:19 - 00000000 ____D C:\Program Files (x86)\Steam 2017-03-19 10:46 - 2016-12-11 15:56 - 00003188 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-03-19 10:46 - 2016-04-21 08:58 - 00002368 _____ C:\Users\Wojtelllo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2017-03-19 10:46 - 2016-02-17 14:54 - 00003196 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1181477252-4154694367-2884869693-1002 2017-03-19 10:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-03-18 11:29 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-16 09:06 - 2016-06-20 17:42 - 00000000 ____D C:\Users\Wojtelllo\AppData\LocalLow\Temp 2017-03-14 14:45 - 2015-10-23 01:07 - 00004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-03-14 14:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-03-14 14:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-03-09 23:34 - 2015-11-07 16:10 - 00000000 ____D C:\Users\Wojtelllo\AppData\Local\Dropbox ==================== Files in the root of some directories ======= 2016-08-23 18:11 - 2016-08-23 18:11 - 0000859 _____ () C:\Users\Wojtelllo\AppData\Local\recently-used.xbel 2016-06-03 23:03 - 2016-06-03 23:07 - 0000000 _____ () C:\Users\Wojtelllo\AppData\Local\{27EF15B1-641C-4A50-ADD3-5C0F2681DC8A} 2015-07-29 21:47 - 2015-07-29 21:47 - 0496628 _____ () C:\ProgramData\1438198763.bdinstall.bin 2013-09-02 21:03 - 2013-09-02 21:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== 2017-02-10 19:56 - 2017-02-10 19:56 - 49239544 _____ (Sony) C:\Users\Administrator\AppData\Local\Temp\xcs4A20.tmp.exe 2017-02-14 17:47 - 2003-08-28 20:02 - 0561152 _____ (Electronic Arts Inc.) C:\Users\Wojtelllo\AppData\Local\Temp\AutoRun.exe 2017-02-14 17:47 - 2003-08-28 19:38 - 1736704 _____ () C:\Users\Wojtelllo\AppData\Local\Temp\AutoRunGUI.dll 2017-01-20 11:36 - 2017-01-20 11:36 - 0739904 _____ (Oracle Corporation) C:\Users\Wojtelllo\AppData\Local\Temp\jre-8u121-windows-au.exe 2016-08-23 15:12 - 2017-03-26 12:58 - 4074250 _____ (Napisy24.pl ) C:\Users\Wojtelllo\AppData\Local\Temp\Napisy24.exe 2016-12-30 16:21 - 2016-12-30 16:21 - 43878872 _____ (Skype Technologies S.A.) C:\Users\Wojtelllo\AppData\Local\Temp\SkypeSetup.exe 2016-03-01 17:56 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Wojtelllo\AppData\Local\Temp\_is1A8C.exe 2016-03-01 18:58 - 2007-11-19 17:03 - 0455600 ____R (Macrovision Corporation) C:\Users\Wojtelllo\AppData\Local\Temp\_is1C2D.exe 2016-03-01 16:51 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Wojtelllo\AppData\Local\Temp\_is2D1E.exe 2016-03-01 19:03 - 2007-11-19 17:04 - 0455600 ____R (Macrovision Corporation) C:\Users\Wojtelllo\AppData\Local\Temp\_is3975.exe 2016-03-01 16:50 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Wojtelllo\AppData\Local\Temp\_is9B7C.exe 2016-03-01 17:39 - 2007-11-19 17:03 - 0455600 ____R (Macrovision Corporation) C:\Users\Wojtelllo\AppData\Local\Temp\_is9DB4.exe 2016-03-01 17:56 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Wojtelllo\AppData\Local\Temp\_isB46F.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} {0ffb50f9-1451-11e3-a52f-ada7ec142c08} {ee58063e-144f-11e3-a52f-806e6f6e6963} {0ffb50f7-1451-11e3-a52f-ada7ec142c08} {ee58063c-144f-11e3-a52f-806e6f6e6963} {ee58063d-144f-11e3-a52f-806e6f6e6963} timeout 0 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {0ffb50fd-1451-11e3-a52f-ada7ec142c08} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Firmware Application (101fffff) ------------------------------- identifier {0ffb50f7-1451-11e3-a52f-ada7ec142c08} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\LrsBootMgr.efi description Lenovo Recovery System Firmware Application (101fffff) ------------------------------- identifier {0ffb50f9-1451-11e3-a52f-ada7ec142c08} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager Firmware Application (101fffff) ------------------------------- identifier {85e29d10-1401-11e3-be71-806e6f6e6963} description EFI Network 0 for IPv4 (0C-54-A5-14-2D-6D) Firmware Application (101fffff) ------------------------------- identifier {ee58063c-144f-11e3-a52f-806e6f6e6963} description EFI USB Device Firmware Application (101fffff) ------------------------------- identifier {ee58063d-144f-11e3-a52f-806e6f6e6963} description EFI DVD/CDROM Firmware Application (101fffff) ------------------------------- identifier {ee58063e-144f-11e3-a52f-806e6f6e6963} description EFI Network Firmware Application (101fffff) ------------------------------- identifier {ee58063f-144f-11e3-a52f-806e6f6e6963} description EFI Network 0 for IPv6 (0C-54-A5-14-2D-6D) Windows Boot Loader ------------------- identifier {0ffb50fa-1451-11e3-a52f-ada7ec142c08} device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{0ffb50fb-1451-11e3-a52f-ada7ec142c08} path \windows\system32\winload.efi description Windows Recovery Environment locale de-DE inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{0ffb50fb-1451-11e3-a52f-ada7ec142c08} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Windows Boot Loader ------------------- identifier {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 8.1 locale en-US inherit {bootloadersettings} recoverysequence {0ffb50ff-1451-11e3-a52f-ada7ec142c08} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {0ffb50fd-1451-11e3-a52f-ada7ec142c08} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {0ffb50ff-1451-11e3-a52f-ada7ec142c08} device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{0ffb5100-1451-11e3-a52f-ada7ec142c08} path \windows\system32\winload.efi description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{0ffb5100-1451-11e3-a52f-ada7ec142c08} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {0ffb50f5-1451-11e3-a52f-ada7ec142c08} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {0ffb50fa-1451-11e3-a52f-ada7ec142c08} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Resume from Hibernate --------------------- identifier {0ffb50fd-1451-11e3-a52f-ada7ec142c08} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {0ffb50ff-1451-11e3-a52f-ada7ec142c08} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {0ffb50fb-1451-11e3-a52f-ada7ec142c08} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume1 ramdisksdipath \Recovery\WindowsRE\boot.sdi Device options -------------- identifier {0ffb50fc-1451-11e3-a52f-ada7ec142c08} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Device options -------------- identifier {0ffb5100-1451-11e3-a52f-ada7ec142c08} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \Recovery\WindowsRE\boot.sdi Setup Ramdisk Options --------------------- identifier {ramdiskoptions} description Ramdisk options ramdisksdidevice boot ramdisksdipath \boot\boot.sdi LastRegBack: 2017-04-06 17:06 ==================== End of FRST.txt ============================