• Ogłoszenie:

Powolne działanie komputera - standard

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Powolne działanie komputera - standard

Postprzez holi12 23 Lip 2016, 22:07

reklama
Witam serdecznie :) melduję powolne działąnie komputer...nagłe zwisy itp.
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-07-23 18:36:45
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000022 TOSHIBA_MQ01ABF050 rev.AM0P2C 465,76GB
Running: 0pytelwo.exe; Driver: C:\Users\Dawid\AppData\Local\Temp\kwedafob.sys


---- User code sections - GMER 2.2 ----

? C:\WINDOWS\system32\apphelp.dll [3480] entry point in ".rdata" section 0000000072260380

---- Threads - GMER 2.2 ----

Thread C:\WINDOWS\system32\csrss.exe [5376:2948] fffff96017e84030

---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 287830664
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 4474
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime 18345
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime 715
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime 2242
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp 5208
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeLibraryInitTime 154
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime 363
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime 1611
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp 5727
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeIoTime 1202
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime 431
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeMapTime 31
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeUnmapTime 1
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAllocateTime 3
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp 7450
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp 7541
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp 14686
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime 7531
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState 18331
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime 6158
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime 533
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberSharedBufferTime 4
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime 14828
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime 5782
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeInitTime 305
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime 18
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime 2986
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelAnimationTime 79
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed 419892
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten 0x16 0x74 0x02 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed 41931
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten 0xB2 0x54 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberWriteRate 123
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberCompressRate 31
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate 108
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate 83
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FileRuns 4
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberChecksumTime 375
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberChecksumIoTime 22
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelChecksumTime 273
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelChecksumIoTime 112
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime 4098
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime 660
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp 0xDC 0x19 0x6F 0x0E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\606dc7fd06b4
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{7C357E7B-5963-4769-B5CA-45D78FDCED7C}@DefunctTimestamp 0x88 0x25 0x92 0x57 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{8622BF99-2004-4D5A-A4DA-F3A557C60833}@DefunctTimestamp 0x6C 0x61 0x93 0x57 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 2681
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 762
Reg HKLM\SYSTEM\CurrentControlSet\Services\SynTP\Parameters@DetectTimeMS 2144
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}@LeaseObtainedTime 1469285031
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}@T1 1469286831
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}@T2 1469288181
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}@LeaseTerminatesTime 1469288631
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeConfidence 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xA7 0x87 0x13 0xD2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xA7 0xEF 0xD7 0x33 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xA7 0x1F 0x4F 0x70 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeTickCount 0xA0 0xC8 0xF8 0x0E ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\1@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\1@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\2@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\2@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\3@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\3@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\4@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\4@RwMask 0x64 0x62 0x03 0x00 ...

---- Disk sectors - GMER 2.2 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.2 ----


Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20-07-2016
Uruchomiony przez Dawid (2016-07-20 18:54:18)
Uruchomiony z C:\Users\Dawid\Desktop
Windows 10 Home Wersja 1511 (X64) (2016-04-12 02:56:21)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-3987013258-1122006406-2270890607-500 - Administrator - Disabled)
Dawid (S-1-5-21-3987013258-1122006406-2270890607-1002 - Administrator - Enabled) => C:\Users\Dawid
Gość (S-1-5-21-3987013258-1122006406-2270890607-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-3987013258-1122006406-2270890607-503 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

AcGasSynchro 11.2.0.3 (HKLM-x32\...\Ac Gas Synchro 11.2.0.3_is1) (Version: - )
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.47.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\Adobe Shockwave Player) (Version: 10.2.0.22 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{A30D3EA3-B90A-DDD5-949E-6DDE67E64FE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Autko (HKLM-x32\...\Autko) (Version: - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.2.0.0 - Vondos Media GmbH) <==== UWAGA
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PL (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
KMSnano 25 (HKLM\...\KMSnano 25_is1) (Version: KMSnano 25 - )
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 pl)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 7 Lite (HKLM-x32\...\Nero7Lite_is1) (Version: 7.11.10.0 - UpdatePack.nl)
Odkurzacz (HKLM-x32\...\Odkurzacz 14.2_is1) (Version: 14.2.0.4492 - FranmoSoftware - Maciej Opaliński)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Rejestracja użytkownika drukarki Canon MG2900 series (HKLM-x32\...\Rejestracja użytkownika drukarki Canon MG2900 series) (Version: - ‭Canon Inc.)
SkinPack Creator 10.0 (HKLM-x32\...\SkinPack Creator) (Version: 10.0 - SkinPack)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.9.201606210840 - Sony Mobile Communications Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated)
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-3987013258-1122006406-2270890607-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Dawid\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe (Microsoft Corporation)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {20FED343-B9D0-4ECE-BA38-6F47104F0E06} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {446D458C-DB0C-44D1-BDF7-3104E602E87B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {47EDE0DB-E90F-4C2B-A6DB-538B58F88FC9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {8A212D89-0889-4741-8436-5FC3698C0246} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-653L6ES-Dawid DESKTOP-653L6ES => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {A167E677-E3D6-4C78-B855-0F6153080E5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {B17E9195-A4F8-4947-BC51-52F43AE03DE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CE6C81E2-9893-48EC-B49A-9E120A5EC5CF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {DCA2ACE9-9FEB-4ECD-9E0E-54D9EBF708BF} - System32\Tasks\{3B19CC9B-73C2-761A-1CA0-1EC57529C729} => C:\Users\Dawid\AppData\Roaming\PRICEF~1\UPDATE~1.EXE <==== UWAGA
Task: {F34FB86C-A3A8-4A3B-9184-1240EBE8E24F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\{3B19CC9B-73C2-761A-1CA0-1EC57529C729}.job =>

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

==================== Załadowane moduły (filtrowane) ==============

2015-08-06 22:39 - 2015-08-06 22:39 - 00127488 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-12-11 10:20 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 14:56 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 14:56 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 19:32 - 2016-02-13 19:32 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 14:56 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 14:56 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 14:56 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 14:56 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-29 19:26 - 2016-06-29 19:27 - 03790336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-06-29 19:26 - 2016-06-29 19:27 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-04 22:08 - 2016-06-04 22:08 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-04 22:08 - 2016-06-04 22:08 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-04 22:08 - 2016-06-04 22:08 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-06-04 22:08 - 2016-06-04 22:08 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-07-20 18:54 - 2016-07-20 18:54 - 00380928 _____ () C:\Users\Dawid\Desktop\0pytelwo.exe

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\ProgramData:3f80b7866a646e [1702]
AlternateDataStreams: C:\Users\All Users:3f80b7866a646e [1702]
AlternateDataStreams: C:\Users\Dawid:474a7c3e0fe8 [4268]
AlternateDataStreams: C:\ProgramData\Application Data:fe93a19e34e9a [416]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:3f80b7866a646e [1702]
AlternateDataStreams: C:\Users\Dawid\Dane aplikacji:3fcd5a2881972d [1650]
AlternateDataStreams: C:\Users\Dawid\Ustawienia lokalne:1475c9ba438062 [9260]
AlternateDataStreams: C:\Users\Dawid\AppData\Local:1475c9ba438062 [9260]
AlternateDataStreams: C:\Users\Dawid\AppData\Roaming:3fcd5a2881972d [1650]
AlternateDataStreams: C:\Users\Dawid\AppData\Local\Dane aplikacji:1475c9ba438062 [9260]
AlternateDataStreams: C:\Users\Dawid\AppData\Local\Historia:7fe30ec3baa0 [4850]
AlternateDataStreams: C:\Users\Dawid\AppData\Local\Temp:39d01db6b44768e [3634]

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ==========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2015-07-10 13:04 - 2016-04-06 17:28 - 00002024 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Wykryto więcej niż wyliczono: 4 linii.


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.179.1.62 - 62.179.1.63
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKLM\...\StartupApproved\Run: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "ChomikBox"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "safe_urls768"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F7E09646-77B2-424D-869F-37F14832DA1C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7879E834-9A66-4762-B688-83B26A621625}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{639D4D92-4218-45AE-A6E7-FECFC0B36EE4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{06356808-872C-4F66-A284-000408467632}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{943990F7-B78C-43C6-8597-8CE13A82DEA1}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{895F6591-B45B-43C1-8431-3022A2627120}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{FFB42C20-2B9F-4898-B857-5B8C22695D02}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{C51CC7D5-81C1-43F7-9ADD-80A9E8581A24}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AE95B395-DDAE-426B-B8FF-22D65CD8BAFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B6DF5F84-C7E0-45D3-A474-01AA38A003FF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CF607E63-0A2E-421A-A8E7-53AE38413A6F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A57B46A2-5F70-4241-BA1D-97616EF912DC}] => (Allow) C:\Program Files\KMSnano\data\qemu-system-i386.exe
FirewallRules: [{ECBDAC2A-3A66-4136-B89F-C12A5B1ACD92}] => (Allow) C:\Program Files\KMSnano\data\qemu-system-i386.exe
FirewallRules: [{324F166A-2A4F-4455-A8DB-948A68594202}] => (Block) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{71C74AAF-F477-4AF0-8627-87D3AFEBE073}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{8B555C14-162B-4984-A733-FF05989A2A44}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{1F71D06C-36C7-432B-BC9F-84E53351AD04}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe

==================== Punkty Przywracania systemu =========================

03-07-2016 20:34:22 Zaplanowany punkt kontrolny
06-07-2016 09:36:18 Xperia Companion
13-07-2016 15:26:11 Windows Update
13-07-2016 15:27:01 Windows Update
17-07-2016 14:48:19 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (07/18/2016 12:47:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: AdaptiveSleepService.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x55c40c49
Nazwa modułu powodującego błąd: AdaptiveSleepService.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x55c40c49
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000000b9f4
Identyfikator procesu powodującego błąd: 0x7c
Godzina uruchomienia aplikacji powodującej błąd: 0xAdaptiveSleepService.exe0
Ścieżka aplikacji powodującej błąd: AdaptiveSleepService.exe1
Ścieżka modułu powodującego błąd: AdaptiveSleepService.exe2
Identyfikator raportu: AdaptiveSleepService.exe3
Pełna nazwa pakietu powodującego błąd: AdaptiveSleepService.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: AdaptiveSleepService.exe5

Error: (07/16/2016 01:22:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: AdaptiveSleepService.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x55c40c49
Nazwa modułu powodującego błąd: AdaptiveSleepService.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x55c40c49
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000000b9f4
Identyfikator procesu powodującego błąd: 0x1734
Godzina uruchomienia aplikacji powodującej błąd: 0xAdaptiveSleepService.exe0
Ścieżka aplikacji powodującej błąd: AdaptiveSleepService.exe1
Ścieżka modułu powodującego błąd: AdaptiveSleepService.exe2
Identyfikator raportu: AdaptiveSleepService.exe3
Pełna nazwa pakietu powodującego błąd: AdaptiveSleepService.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: AdaptiveSleepService.exe5


Dziennik System:
=============
Error: (07/20/2016 05:53:16 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-653L6ES)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-3987013258-1122006406-2270890607-1002-0-ntuser.dat

Error: (07/20/2016 05:52:56 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-653L6ES)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-3987013258-1122006406-2270890607-1002-0-ntuser.dat

Error: (07/19/2016 03:52:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_fb78ff niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/19/2016 03:52:07 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (07/19/2016 02:03:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_9e6278 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/19/2016 02:03:59 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (07/19/2016 10:21:55 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (07/19/2016 09:17:48 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-653L6ES)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-3987013258-1122006406-2270890607-1002-0-ntuser.dat

Error: (07/19/2016 09:17:32 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-653L6ES)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-3987013258-1122006406-2270890607-1002-0-ntuser.dat

Error: (07/18/2016 12:22:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_2ad1e5 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


CodeIntegrity:
===================================
Date: 2016-07-18 10:00:49.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-17 23:40:01.692
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-16 10:22:21.703
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-15 22:18:32.130
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-07-15 03:47:14.686
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-15 03:37:08.591
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-07-13 16:47:08.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-07-03 20:05:43.063
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-29 19:22:01.769
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 09:12:58.755
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Statystyki pamięci ===========================

Procesor: AMD A6-6310 APU with AMD Radeon R4 Graphics
Procent pamięci w użyciu: 21%
Całkowita pamięć fizyczna: 11209.01 MB
Dostępna pamięć fizyczna: 8789.87 MB
Całkowita pamięć wirtualna: 12937.01 MB
Dostępna pamięć wirtualna: 10451.81 MB

==================== Dyski ================================

Drive c: (Windows) (Fixed) (Total:226.68 GB) (Free:178.56 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.25 GB) (Free:1.47 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
Drive g: (Dysk) (Fixed) (Total:224.72 GB) (Free:220.09 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D0AE0B88)

Partition: GPT.

==================== Koniec Addition.txt ============================


Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-07-2016
Uruchomiony przez Dawid (administrator) DESKTOP-653L6ES (20-07-2016 18:52:50)
Uruchomiony z C:\Users\Dawid\Desktop
Załadowane profile: Dawid (Dostępne profile: Dawid)
Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8510680 2015-07-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\Run: [safe_urls768] => C:\Users\Dawid\AppData\Roaming\Browser-Security\s768.exe [2548944 2016-06-20] ()
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\MountPoints2: {85a1ef9e-48e8-11e6-9bf6-fc3fdb5a2802} - "F:\startme.exe"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\MountPoints2: {8a3bc3e7-fc25-11e5-9bd6-606dc7fd06b4} - "H:\AutoRun.exe"

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}: [DhcpNameServer] 62.179.1.62 62.179.1.63
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM-x32 -> {5566B8A0-43BE-470F-82C5-2D5EAAFE3893} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3987013258-1122006406-2270890607-1002 -> {5566B8A0-43BE-470F-82C5-2D5EAAFE3893} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\6bkymo1i.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=pl-pl
hxxps://www.google.pl/?gws_rd=ssl
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\6bkymo1i.default\user.js [2016-07-13]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll [2007-04-30] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\6bkymo1i.default\searchplugins\bing-.xml [2016-06-18]
FF Extension: Bing Search - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\6bkymo1i.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-06-18]
FF Extension: Browser-Security - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\6bkymo1i.default\Extensions\firefox@browser-security.de.xpi [2016-07-13]
FF Extension: Adblock Plus - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\6bkymo1i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-08-06] () [Brak podpisu cyfrowego]
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-06] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego]
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2286848 2016-04-10] (Broadcom Corporation.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [298200 2015-07-24] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260216 2016-04-10] (Synaptics Incorporated)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-08-18] (Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [18968 2015-08-18] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-08-18] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [82704 2015-08-18] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-08-18] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-08-18] (Advanced Micro Devices)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208176 2016-04-10] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7551240 2015-12-11] (Broadcom Corporation)
S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [954368 2016-03-29] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [84992 2016-03-29] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 FTDIBUS; C:\Windows\system32\drivers\opcomusb.sys [69320 2009-10-22] (FTDI Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2016-07-06] (Sony Mobile Communications)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-20] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [67704 2016-04-10] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-07-20 18:52 - 2016-07-20 18:53 - 00014162 _____ C:\Users\Dawid\Desktop\FRST.txt
2016-07-20 18:52 - 2016-07-20 18:52 - 00000000 ____D C:\FRST
2016-07-20 18:43 - 2016-07-20 18:52 - 02393600 _____ (Farbar) C:\Users\Dawid\Desktop\FRST64.exe
2016-07-17 23:52 - 2016-07-17 23:52 - 00007578 _____ C:\Users\Dawid\Desktop\Documents\DiagReport_2005 (5)_Vectra-C Signum_Pojazd__Informacje o kodach błędów w pojeździe_201607172351.txt
2016-07-17 23:40 - 2016-07-17 23:40 - 00503432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-17 21:24 - 2016-07-18 12:59 - 00000000 ____D C:\Users\Dawid
2016-07-17 14:41 - 2016-07-17 14:41 - 00000000 ____D C:\AMD
2016-07-16 11:00 - 2016-07-16 11:00 - 00001163 _____ C:\Users\Dawid\Desktop\Odkurzacz.lnk
2016-07-16 11:00 - 2016-07-16 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz
2016-07-15 03:39 - 2016-07-16 10:55 - 00003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 17:40 - 2016-07-13 17:40 - 00000000 ____D C:\Users\Dawid\AppData\LocalLow\Adobe
2016-07-13 17:38 - 2016-07-14 21:11 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-13 17:38 - 2016-07-13 22:42 - 00000000 ____D C:\ProgramData\Adobe
2016-07-13 17:38 - 2016-07-13 17:38 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Browser-Security
2016-07-13 17:38 - 2016-07-13 17:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-07-13 14:59 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-13 14:59 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 14:59 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-13 14:59 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-13 14:59 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-13 14:59 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-13 14:59 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-13 14:59 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-13 14:59 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-13 14:59 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-13 14:59 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-13 14:59 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-13 14:59 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-13 14:59 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-13 14:59 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-13 14:59 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-13 14:59 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-13 14:59 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-13 14:58 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-13 14:58 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 14:58 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-13 14:58 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-13 14:58 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-13 14:58 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-13 14:58 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-13 14:58 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-13 14:58 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 14:58 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-13 14:58 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-13 14:58 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-13 14:58 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-13 14:58 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-13 14:58 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-13 14:58 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-13 14:58 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-13 14:58 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-13 14:58 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-13 14:58 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-13 14:58 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-13 14:58 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-13 14:58 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-13 14:58 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-13 14:58 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-13 14:58 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-13 14:58 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-13 14:58 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-13 14:58 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-13 14:58 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-13 14:58 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-13 14:58 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-13 14:58 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-13 14:58 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-13 14:58 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-13 14:58 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-13 14:58 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-13 14:58 - 2016-07-01 05:53 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-07-13 14:58 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-13 14:58 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-13 14:58 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-13 14:58 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-13 14:58 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-13 14:58 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-13 14:58 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-13 14:58 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-13 14:58 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-13 14:58 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-13 14:58 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-13 14:58 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-13 14:58 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-13 14:58 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-13 14:58 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-13 14:58 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-13 14:58 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-13 14:58 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-13 14:58 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-13 14:58 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-13 14:58 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-13 14:58 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-13 14:58 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-13 14:58 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-13 14:58 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-13 14:58 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-13 14:58 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-13 14:58 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-13 14:58 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-13 14:58 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-13 14:58 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-13 14:58 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-13 14:58 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-13 14:58 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-13 14:58 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-13 14:58 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-13 14:58 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-13 14:58 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-13 14:58 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-13 14:58 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-13 14:58 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-13 14:58 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-13 14:58 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 14:58 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-13 14:58 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-13 14:58 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-13 14:58 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-13 14:58 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-13 14:58 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-13 14:58 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-13 14:58 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-13 14:58 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-13 14:58 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-13 14:58 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-13 14:58 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-13 14:58 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-13 14:58 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-13 14:58 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-13 14:58 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-13 14:58 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-13 14:58 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-13 14:58 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-13 14:58 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-13 14:58 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-13 14:58 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-13 14:58 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-13 14:58 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-13 14:57 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-13 14:57 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-13 14:57 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-13 14:57 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-13 14:57 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-13 14:57 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-13 14:57 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-13 14:57 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-13 14:57 - 2016-07-01 06:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-13 14:57 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-13 14:57 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 14:57 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-13 14:57 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-13 14:57 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-13 14:57 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-13 14:57 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-13 14:57 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-13 14:57 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-13 14:57 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-13 14:57 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-13 14:57 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-13 14:57 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-13 14:57 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-13 14:57 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-13 14:57 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-13 14:57 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-13 14:57 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-13 14:57 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-13 14:57 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-13 14:57 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-13 14:57 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-13 14:57 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-13 14:57 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-13 14:57 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-13 14:57 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-13 14:57 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-13 14:57 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-13 14:57 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 14:57 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-13 14:57 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-13 14:57 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-13 14:57 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-13 14:57 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-13 14:57 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-13 14:57 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-13 14:57 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-13 14:57 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-13 14:57 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-13 14:57 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-13 14:57 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-13 14:57 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-13 14:57 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-13 14:57 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-13 14:57 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-13 14:57 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-13 14:57 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-13 14:57 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-13 14:57 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 14:57 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-13 14:57 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-13 14:57 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-13 14:57 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-13 14:57 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-13 14:57 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-13 14:57 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-13 14:57 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-13 14:57 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-13 14:57 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-13 14:57 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-13 14:57 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-13 14:57 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-13 14:57 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-13 14:57 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-13 14:57 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-13 14:57 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-13 14:57 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 14:57 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-13 14:57 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-13 14:57 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-13 14:57 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 14:57 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-13 14:57 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-13 14:57 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-13 14:57 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-13 14:57 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-13 14:57 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-13 14:57 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-13 14:57 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-13 14:57 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-13 14:57 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-13 14:57 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-13 14:57 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 14:57 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-13 14:57 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-13 14:57 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-13 14:57 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-13 14:57 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-13 14:57 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-13 14:57 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-13 14:57 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-13 14:57 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-13 14:57 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-13 14:57 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-13 14:57 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-13 14:57 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-13 14:57 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-13 14:57 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-13 14:57 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-13 14:57 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-13 14:57 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-13 14:57 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-13 14:57 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-13 14:57 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 14:57 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-13 14:57 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-13 14:57 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-13 14:57 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-13 14:57 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-13 14:57 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-13 14:57 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-13 14:57 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-13 14:57 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-13 14:57 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-13 14:57 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-13 14:57 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-13 14:57 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-13 14:57 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 14:57 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-13 14:57 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 14:57 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-13 14:57 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-13 14:57 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-13 14:57 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 14:57 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 14:57 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-13 14:57 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-13 14:57 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-13 14:57 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-13 14:57 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-13 14:57 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-13 14:57 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-13 14:57 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-13 14:57 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 14:57 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-13 14:57 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-13 14:57 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 14:56 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-13 14:56 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-13 14:56 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-13 14:56 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-13 14:56 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-13 14:56 - 2016-07-01 06:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 14:56 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-13 14:56 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-13 14:56 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-13 14:56 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-13 14:56 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-13 14:56 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-13 14:56 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-13 14:56 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-13 14:56 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-13 14:56 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-13 14:56 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-13 14:56 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-13 14:56 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-13 14:56 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-13 14:56 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-13 14:56 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-13 14:56 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-13 14:56 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-13 14:56 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-13 14:56 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-13 14:56 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 14:56 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-13 14:56 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-13 14:56 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-13 14:56 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-13 14:56 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 14:56 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-13 14:56 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-13 14:56 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-13 14:56 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-13 14:56 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-13 14:56 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-13 14:56 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-13 14:56 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-13 14:56 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-13 14:56 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-13 14:56 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-13 14:56 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-13 14:56 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-13 14:56 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 14:56 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-13 14:56 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 14:56 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-13 14:56 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 14:56 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-13 14:56 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-13 14:56 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-13 14:56 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-13 14:56 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-13 14:56 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-13 14:56 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-13 14:56 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-13 14:56 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-13 14:56 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-13 14:56 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-13 14:56 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-13 14:56 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-13 14:56 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-13 14:56 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-13 14:56 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-13 14:56 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-13 14:56 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-13 14:56 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-13 14:56 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-11 12:22 - 2016-07-11 12:22 - 00006859 _____ C:\Users\Dawid\Desktop\Documents\CV agnieszka rejowska.odt
2016-07-06 09:40 - 2016-07-06 09:40 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-07-06 09:40 - 2016-07-06 09:40 - 00030424 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggsomc.sys
2016-07-06 09:40 - 2016-07-06 09:40 - 00016088 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggflt.sys
2016-07-06 09:40 - 2016-07-06 09:40 - 00000000 ____D C:\Users\Dawid\.oracle_jre_usage
2016-07-06 09:39 - 2016-07-06 09:39 - 00000000 ____D C:\ProgramData\Sony Mobile
2016-07-06 09:39 - 2016-07-06 09:39 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\Users\Dawid\Desktop\Documents\Sony
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Apple Computer
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\Program Files (x86)\Sony

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-07-20 18:40 - 2016-04-06 19:09 - 00021632 _____ C:\Users\Dawid\Desktop\Documents\Finanse.xlsx
2016-07-20 18:02 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-20 18:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-20 17:56 - 2016-04-15 04:00 - 00004226 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{11D30258-9327-4EAE-8A7D-0A6876793C6E}
2016-07-20 17:52 - 2016-04-07 19:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-19 13:28 - 2016-04-07 21:03 - 00005352 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-653L6ES-Dawid DESKTOP-653L6ES
2016-07-18 10:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-17 23:47 - 2016-04-12 04:30 - 02046684 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-17 23:47 - 2016-02-13 19:29 - 00889558 _____ C:\WINDOWS\system32\perfh015.dat
2016-07-17 23:47 - 2016-02-13 19:29 - 00193172 _____ C:\WINDOWS\system32\perfc015.dat
2016-07-17 23:47 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-17 23:41 - 2015-12-11 09:56 - 01297224 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2016-07-17 23:40 - 2016-02-13 19:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-17 14:49 - 2015-12-11 09:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-16 11:08 - 2016-04-12 05:23 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-16 11:00 - 2016-06-05 12:24 - 00000000 ____D C:\Program Files (x86)\Odkurzacz
2016-07-15 03:37 - 2016-02-13 19:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-15 03:35 - 2016-04-12 04:26 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-07-15 03:35 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-15 03:33 - 2016-02-13 19:39 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-13 17:40 - 2016-04-07 15:17 - 00000000 ____D C:\Users\Dawid\AppData\Local\Adobe
2016-07-13 17:40 - 2016-04-06 13:14 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Adobe
2016-07-13 15:35 - 2016-04-10 09:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-13 15:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-13 15:31 - 2016-04-10 09:55 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-07 02:39 - 2016-05-07 17:55 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-02 06:37 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:37 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-01 07:05 - 2016-02-13 19:50 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-06-29 19:31 - 2016-06-18 18:44 - 00000000 ____D C:\ProgramData\Skype
2016-06-20 23:00 - 2016-04-06 13:14 - 00000000 ____D C:\Users\Dawid\AppData\Local\Packages
2016-06-20 22:40 - 2016-06-18 18:44 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Skype

==================== Pliki w katalogu głównym wybranych folderów =======

2016-04-07 13:42 - 2016-04-07 15:19 - 0007605 _____ () C:\Users\Dawid\AppData\Local\resmon.resmoncfg
2016-07-17 03:25 - 2016-06-17 21:21 - 0000000 ____N () C:\ProgramData\Application Data

Pliki do przeniesienia lub usunięcia:
====================
C:\Windows\Tasks\{3B19CC9B-73C2-761A-1CA0-1EC57529C729}.job


Niektóre pliki w TEMP:
====================
C:\Users\Dawid\AppData\Local\Temp\odk_setup.exe
C:\Users\Dawid\AppData\Local\Temp\tmpC823.exe


==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


LastRegBack: 2016-07-11 13:23

==================== Koniec FRST.txt ============================

Rezultat skanowania skrótów użytkowników (x64) Wersja: 20-07-2016
Uruchomiony przez Dawid (2016-07-20 18:55:35)
Uruchomiony z C:\Users\Dawid\Desktop
Tryb startu: Normal

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Usuń błąd Runtime Error.lnk -> C:\Program Files (x86)\Odkurzacz\fix_midas.bat ()


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Dawid\Desktop\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Dawid\Desktop\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Dawid\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Dawid\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Dawid\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Dawid ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\SrpnFiles\SrpnFiles.lnk -> C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe (New Unity Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk -> C:\Windows\DevicesFlow\DevicesFlow.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Xperia Companion\Xperia Companion.lnk -> C:\Windows\Installer\{87971D31-1246-4141-8424-6ECC64D96E1D}\CompanionIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack Creator\Skin Pack Installer System Menu.lnk -> C:\SkinPack Creator\SP.exe (SkinPack)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack Creator\Uninstall.lnk -> C:\SkinPack Creator\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack Creator\Website.lnk -> C:\SkinPack Creator\SkinPack Creator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja użytkownika drukarki Canon MG2900 series\Rejestracja użytkownika.LNK -> C:\Program Files (x86)\Canon\IJEREG\MG2900 series\IJEREG.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Odkurzacz.lnk -> C:\Program Files (x86)\Odkurzacz\odkurzacz.exe (FranmoSoftware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Usuń Odkurzacz.lnk -> C:\Program Files (x86)\Odkurzacz\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero Burning ROM.lnk -> C:\Program Files (x86)\Nero\Nero Burning ROM\nero.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Extra\Nero BurnRights.lnk -> C:\Program Files (x86)\Nero\Nero Toolkit\Nero BurnRights\NeroBurnRights.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Extra\Nero CD-DVD Speed.lnk -> C:\Program Files (x86)\Nero\Nero Toolkit\Nero CD-DVD Speed\CDSpeed.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Extra\Nero DriveSpeed.lnk -> C:\Program Files (x86)\Nero\Nero Toolkit\Nero DriveSpeed\DriveSpeed.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Extra\Nero InfoTool.lnk -> C:\Program Files (x86)\Nero\Nero Toolkit\Nero InfoTool\InfoTool.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Wyślij do programu OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Centrum przekazywania pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Dziennik telemetryczny dla pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Menedżer nagrywania programu Lync.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Preferencje językowe pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Telemetryczny pulpit nawigacyjny dla pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano\Log KMSnano.lnk -> C:\Program Files\KMSnano\Log.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano\Uninstall KMSnano.lnk -> C:\Program Files\KMSnano\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\Bitstream Font Navigator (64-Bit).lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X6\FontNav64\FontNav.exe (Bitstream Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\Corel CAPTURE X6 (64-Bit).lnk -> c:\Windows\Installer\{1967EF95-E00B-4669-8B1C-A589BE8BF24F}\NewShortcut6_C2D12190778B49D7B6847BAECAE7BE9D.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\Corel CONNECT X6 (64-Bit).lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Connect64\Connect.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\Corel PHOTO-PAINT X6 (64-Bit).lnk -> c:\Windows\Installer\{D7C2687D-924E-4485-B367-C7D95CBF8DDD}\NewShortcut4_1B93EBAA624B47A7847E8976FF2E037B.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\CorelDRAW X6 (64-Bit).lnk -> c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut1_41AAC0AC880545E6A1C81230F4159C30.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\Duplexing Wizard (64-Bit).lnk -> c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut10_449D396305C74241ABE7BA91391CF9B4.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\Video Tutorials X6 (64-Bit).lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X6\VideoBrowser64\VideoBrowser.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\Documentation\Macro Programming Guide.lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Data\Macro Programming Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Quick Menu\Quick Menu.lnk -> C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Image Garden\My Image Garden.lnk -> C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk -> C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Tool\IJ Network Tool.lnk -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcGasSynchro II\ACGasSynchro 11.2.0.3.lnk -> C:\Program Files (x86)\AcGasSynchro II\ACGasSynchro.exe (AC S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcGasSynchro II\Uninstall.lnk -> C:\Program Files (x86)\AcGasSynchro II\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\Users\Dawid\Links\Desktop.lnk -> C:\Users\Dawid\Desktop ()
Shortcut: C:\Users\Dawid\Links\Downloads.lnk -> C:\Users\Dawid\Desktop\Downloads ()
Shortcut: C:\Users\Dawid\Desktop\ACGasSynchro.lnk -> C:\Program Files (x86)\AcGasSynchro II\ACGasSynchro.exe (AC S.A.)
Shortcut: C:\Users\Dawid\Desktop\Autko.lnk -> C:\Program Files\Autko\Autko.exe (Marcin Dominikowski)
Shortcut: C:\Users\Dawid\Desktop\Komputer.lnk -> System Folder
Shortcut: C:\Users\Dawid\Desktop\Odkurzacz.lnk -> C:\Program Files (x86)\Odkurzacz\odkurzacz.exe (FranmoSoftware)
Shortcut: C:\Users\Dawid\Desktop\OPCOM Pro.lnk -> C:\Users\Dawid\Desktop\Documents\Opel Signum\OP-COM Pro\OP-COM PL Professional 100219A\op-com pl+.exe (Auto-M3 Ltd.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Dawid\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-304
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autko\Autko WWW.lnk -> C:\Program Files\Autko\Autko.url ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autko\Autko.lnk -> C:\Program Files\Autko\Autko.exe (Marcin Dominikowski)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autko\Licencja.lnk -> C:\Program Files\Autko\Licencja.txt ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autko\Odinstaluj.lnk -> C:\Program Files\Autko\uninstall.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autko\Zmiany.lnk -> C:\Program Files\Autko\Zmiany.txt ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Windows.PurchaseDialog_cw5n1h2txyewy\Microsoft.Windows.PurchaseDialog.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Windows.ContactSupport_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Weather.TheWeatherChannelforHP_t3yemqpq4kp7p\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_qj0v5chwq8f2g\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\Microsoft.XboxIdentityProvider.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\Microsoft.XboxGameCallableUI.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxApp_8wekyb3d8bbwe\Microsoft.XboxApp.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsStore_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsPhone_8wekyb3d8bbwe\CompanionApp.App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsMaps_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsFeedback_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\microsoft.windowslive.calendar.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\microsoft.windowslive.mail.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCamera_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.Photos_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaUI.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.People_8wekyb3d8bbwe\x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\microsoft.onenoteim.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\Microsoft.MicrosoftOfficeHub.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.LockApp_cw5n1h2txyewy\WindowsDefaultLockScreen.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Getstarted_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BioEnrollment_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Appconnector_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.AccountsControl_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.3DBuilder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\king.com.CandyCrushSodaSaga_kgqvnymyfvs32\App.lnk -> CandyCrushSodaSaga
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\Amazon.com.Amazon_343d40qqvtj1t\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\9E2F88E3.Twitter_wgeqdkkx372wm\x554f661dyd360y462cy8743yf8a99b7d41dbx.lnk -> Tile and icon assets
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\Application Shortcuts\26720RandomSaladGamesLLC.HeartsDeluxe_kx24dqmazqk8j\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk ->
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk ->
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-304
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk ->
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero Express.lnk -> C:\Program Files (x86)\Nero\Nero Burning ROM\nero.exe (Nero AG) -> /w
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Setup\Nero ProductSetup.lnk -> C:\Program Files (x86)\Common Files\Ahead\Nero Web\SetupX.exe (Nero AG) -> MODE="update"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\DTS Audio Control Panel.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> shell32.dll,Control_RunDLL RTSnMg64.cpl,,
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe () -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano\Check KMSnano.lnk -> C:\Program Files\KMSnano\TriggerKMS.exe () -> /pause
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano\KMSnano.lnk -> C:\Program Files\KMSnano\KMSELDI.exe (@ByELDI) -> /qemu /silent /log /backup /music
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Documentation.lnk -> C:\Program Files\HP\Documentation\platform_guides\languages\index.html () -> /Arguments:Shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Media Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)\Documentation\CorelDRAW Graphics Suite X6 Guidebook.lnk -> c:\Windows\Installer\{CCE7423E-1D84-4CD3-9E32-220EC9358D97}\NewShortcut1_2D4561AA1380433B9EC818E5007E4288.exe (Flexera Software, Inc.) -> Help\GB.pdf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk -> C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) -> /mn
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\BTR.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \BTR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\allegro.pl .lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Dawid\AppData\Local\ReinvokedComically\allegro.pl.smenu.URL
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Booking .lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Dawid\AppData\Local\ReinvokedComically\Booking.smenu.URL
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Dawid\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "


InternetURL: C:\Users\Dawid\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Dawid\Favorites\Links\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=en_gb&pf=all&s=amazon&tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\Links\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=398438&label=webslice
InternetURL: C:\Users\Dawid\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cmnb&s=TripAdvisor_iefavsbar&tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\HP\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=en_gb&pf=all&s=amazon&tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\HP\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=398438&label=iefav
InternetURL: C:\Users\Dawid\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cmnb&s=TripAdvisor_iefav&tp=iefavs
InternetURL: C:\Users\Default\Favorites\Links\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=en_gb&pf=all&s=amazon&tp=iefavs
InternetURL: C:\Users\Default\Favorites\Links\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=398438&label=webslice
InternetURL: C:\Users\Default\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cmnb&s=TripAdvisor_iefavsbar&tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=en_gb&pf=all&s=amazon&tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=398438&label=iefav
InternetURL: C:\Users\Default\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cmnb&s=TripAdvisor_iefav&tp=iefavs

==================== Koniec Shortcut.txt =============================
holi12
~user
 
Posty: 653
Dołączenie: 17 Mar 2006, 00:47
Pochwały: 5



Powolne działanie komputera - standard

Postprzez ordynat 24 Lip 2016, 07:53

1) Odinstaluj ten program:
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.2.0.0 - Vondos Media GmbH) <==== UWAGA


2) Otwórz Notatnik i wklej w nim:
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\Run: [safe_urls768] => C:\Users\Dawid\AppData\Roaming\Browser-Security\s768.exe [2548944 2016-06-20] ()
FF user.js: detected! => C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\6bkymo1i.default\user.js [2016-07-13]
RemoveDirectory: C:\Users\Dawid\AppData\Roaming\Browser-Security
AlternateDataStreams: C:\ProgramData:3f80b7866a646e [1702]
AlternateDataStreams: C:\Users\All Users:3f80b7866a646e [1702]
AlternateDataStreams: C:\Users\Dawid:474a7c3e0fe8 [4268]
AlternateDataStreams: C:\ProgramData\Application Data:fe93a19e34e9a [416]
AlternateDataStreams: C:\ProgramData\Dane aplikacji:3f80b7866a646e [1702]
AlternateDataStreams: C:\Users\Dawid\Dane aplikacji:3fcd5a2881972d [1650]
AlternateDataStreams: C:\Users\Dawid\Ustawienia lokalne:1475c9ba438062 [9260]
AlternateDataStreams: C:\Users\Dawid\AppData\Local:1475c9ba438062 [9260]
AlternateDataStreams: C:\Users\Dawid\AppData\Roaming:3fcd5a2881972d [1650]
AlternateDataStreams: C:\Users\Dawid\AppData\Local\Dane aplikacji:1475c9ba438062 [9260]
AlternateDataStreams: C:\Users\Dawid\AppData\Local\Historia:7fe30ec3baa0 [4850]
AlternateDataStreams: C:\Users\Dawid\AppData\Local\Temp:39d01db6b44768e [3634]
Task: {DCA2ACE9-9FEB-4ECD-9E0E-54D9EBF708BF} - System32\Tasks\{3B19CC9B-73C2-761A-1CA0-1EC57529C729} => C:\Users\Dawid\AppData\Roaming\PRICEF~1\UPDATE~1.EXE <==== UWAGA
C:\Users\Dawid\AppData\Roaming\PRICEF~1
HOSTS:
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

3)
SearchScopes: HKLM-x32 -> {5566B8A0-43BE-470F-82C5-2D5EAAFE3893} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3987013258-1122006406-2270890607-1002 -> {5566B8A0-43BE-470F-82C5-2D5EAAFE3893} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\allegro.pl .lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Dawid\AppData\Local\ReinvokedComically\allegro.pl.smenu.URL
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Booking .lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Dawid\AppData\Local\ReinvokedComically\Booking.smenu.URL
InternetURL: C:\Users\Dawid\Favorites\Links\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\Links\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=3 ... l=webslice
InternetURL: C:\Users\Dawid\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\HP\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\HP\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=3 ... abel=iefav
InternetURL: C:\Users\Dawid\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Default\Favorites\Links\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Default\Favorites\Links\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=3 ... l=webslice
InternetURL: C:\Users\Default\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=3 ... abel=iefav
InternetURL: C:\Users\Default\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs

To Twoje ustawienia?
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Powolne działanie komputera - standard

Postprzez holi12 24 Lip 2016, 09:52

nie, nie mam z tymi ustawieniami nic wspólnego :-)
holi12
~user
 
Posty: 653
Dołączenie: 17 Mar 2006, 00:47
Pochwały: 5



Powolne działanie komputera - standard

Postprzez ordynat 24 Lip 2016, 11:47

Otwórz Notatnik i wklej w nim:
SearchScopes: HKLM-x32 -> {5566B8A0-43BE-470F-82C5-2D5EAAFE3893} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3987013258-1122006406-2270890607-1002 -> {5566B8A0-43BE-470F-82C5-2D5EAAFE3893} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\allegro.pl .lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Dawid\AppData\Local\ReinvokedComically\allegro.pl.smenu.URL
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Booking .lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Dawid\AppData\Local\ReinvokedComically\Booking.smenu.URL
InternetURL: C:\Users\Dawid\Favorites\Links\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\Links\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=3 ... l=webslice
InternetURL: C:\Users\Dawid\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\HP\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Dawid\Favorites\HP\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=3 ... abel=iefav
InternetURL: C:\Users\Dawid\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Default\Favorites\Links\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Default\Favorites\Links\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=3 ... l=webslice
InternetURL: C:\Users\Default\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\Amazon.co.uk – Online Shopping.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=3 ... abel=iefav
InternetURL: C:\Users\Default\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iefavs
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).
.

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Powolne działanie komputera - standard

Postprzez holi12 26 Lip 2016, 10:59

Nie zabezpieczyłem kompa, a za wszelką cenę chciałem pobrać narzędzie do Canona (MP TOOL) i coś zaś powpadało:(
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-07-26 10:56:11
Windows 6.2.9200 x64
Running: 0pytelwo.exe


---- Services - GMER 2.2 ----

Service System32\drivers\gfdcf.sys (*** hidden *** ) [BOOT] cclj <-- ROOTKIT !!!
Service C:\Users\Dawid\AppData\Local\Apps\2.0\abril.exe (*** hidden *** ) [AUTO] ProntSpooler <-- ROOTKIT !!!
Service C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair19c1 (*** hidden *** ) [AUTO] QQRepair19c1 <-- ROOTKIT !!!

---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control@LastBootSucceeded 0
Reg HKLM\SYSTEM\CurrentControlSet\Control@LastBootShutdown 0
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0x54 0xAE 0xBA 0xF0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0x9E 0x2D 0xF4 0x89 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0xB6 0xCC 0xBD 0xF0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0x6A 0xF2 0xF8 0x89 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@pl-PL 42
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\AUO46EC0_29_07DD_96^2C810189EECE038A98A62577535DC9B9@Timestamp 0x6D 0x54 0x75 0xF2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 788
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations \??\C:\WINDOWS\system32\drivers\ptnsykcr.sys??\??\C:\Program Files\????\??\??\C:\Program Files\????\??\??\C:\WINDOWS\Temp\26.tmp??\??\C:\WINDOWS\Temp\23.tmp??\??\C:\Users\Dawid\AppData\Local\Temp\TAOAccelerator64.sys26-9-46??\??\C:\WINDOWS\Temp\24.tmp??\??\C:\Program Files (x86)\AAFE2FAC-1469471782-E511-90AB-FC3FDB5A2802\hnsb3B05.tmp??\??\C:\Program Files (x86)\AAFE2FAC-1469471782-E511-90AB-FC3FDB5A2802\hnsb3B05.tmp??\??\C:\Program Files (x86)\AAFE2FAC-1469471782-E511-90AB-FC3FDB5A2802\jnsc2410.tmp??\??\C:\Program Files (x86)\AAFE2FAC-1469471782-E511-90AB-FC3FDB5A2802\jnsc2410.tmp??\??\C:\Program Files (x86)\AAFE2FAC-1469471782-E511-90AB-FC3FDB5A2802\knsg93E.tmpfs??\??\C:\Program Files (x86)\AAFE2FAC-1469471782-E511-90AB-FC3FDB5A2802\knsg93E.tmpfs??\??\C:\WINDOWS\Temp\25.tmp??\??\C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMTrayPlugin\QMTrayDetector\QMTrayDetector.dll.bak_6505??\??\C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TAOClient.dll.src_8349?!\??\C:\Program Files (x86)\Tencent\QQPC
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@AllowProtectedRenames 1
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber 2710527
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -769459987
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId 44
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 479697134
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 4890
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime 4896
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID 7bd772a6-79dc-4d0b-9cfa-addd288
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\AutoLogger\WdiContextLog@FileCounter 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\amdsata\Parameters\Device-1@AmdSataCounter 60
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance@1008 0x22 0x32 0x29 0xDD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\606dc7fd06b4
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj@ImagePath System32\drivers\gfdcf.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj@qoewqt \??\C:\WINDOWS\assembly\owgmeb
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj@kmftarfe C:\WINDOWS
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj@vtemlt 307110
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj@Group System Reserved
Reg HKLM\SYSTEM\CurrentControlSet\Services\cclj
Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{a80a2918-311b-4c1f-a9ec-daca36df404d}@LastProbeTime 1469524326
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{8622BF99-2004-4D5A-A4DA-F3A557C60833}@InterfaceName Reusable ISATAP Interface {8622BF99-2004-4D5A-A4DA-F3A557C60833}
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{8622BF99-2004-4D5A-A4DA-F3A557C60833}@ReusableType 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive@Start 4
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive@ImagePath \??\C:\WINDOWS\system32\drivers\KuaiZipDrive.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive@DisplayName KuaiZipDrive
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive@DependOnService RPCSS?
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive@DeleteFlag 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\KuaiZipDrive
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Tag 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@ImagePath system32\drivers\MBAMSwissArmy.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Group System Reserved
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy
Reg HKLM\SYSTEM\CurrentControlSet\Services\ProntSpooler@ImagePath "C:\Users\Dawid\AppData\Local\Apps\2.0\abril.exe"
Reg HKLM\SYSTEM\CurrentControlSet\Services\ProntSpooler
Reg HKLM\SYSTEM\CurrentControlSet\Services\QQRepair19c1
Reg HKLM\SYSTEM\CurrentControlSet\Services\QQRepair19c1@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\QQRepair19c1@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\QQRepair19c1@Type 16
Reg HKLM\SYSTEM\CurrentControlSet\Services\QQRepair19c1@ImagePath "C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair19c1"?
Reg HKLM\SYSTEM\CurrentControlSet\Services\QQRepair19c1@Group COM Infrastructure
Reg HKLM\SYSTEM\CurrentControlSet\Services\QQRepair19c1@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\Services\QQRepair19c1
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ?wt.?, ?lip ?26 ?16, 09:20:52 AM???????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 2789
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 820
Reg HKLM\SYSTEM\CurrentControlSet\Services\SRepairDrv@LastName 6593
Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 41
Reg HKLM\SYSTEM\CurrentControlSet\Services\SynTP\Parameters@DetectTimeMS 323
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}@LeaseObtainedTime 1469520727
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}@T1 1469522527
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}@T2 1469523877
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}@LeaseTerminatesTime 1469524327
Reg HKLM\SYSTEM\CurrentControlSet\Services\TPM@OsBootCount 61
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x92 0x21 0x54 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x92 0x89 0x18 0x42 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x92 0xB9 0x8F 0x7E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeTickCount 0x2E 0x9D 0x41 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\{ED269846-851F-462b-9AEA-2F7FDFB1D4E1}\Parameters@v1 1
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\1@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\1@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\2@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\2@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\3@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\3@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\4@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\4@RwMask 0x64 0x62 0x03 0x00 ...

---- EOF - GMER 2.2 ----


Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 25-07-2016
Uruchomiony przez Dawid (administrator) DESKTOP-653L6ES (26-07-2016 10:32:02)
Uruchomiony z C:\Users\Dawid\Desktop
Załadowane profile: Dawid (Dostępne profile: Dawid)
Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCRTP.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\ProgramData\ApppazmaL\ApppazmaL.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\ProgramData\CloudPrinter\CloudPrinter.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(YahooChrome) C:\ProgramData\yahoochrome_D\desktop267.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCRealTimeSpeedup.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.486_none_7640e086266ea227\TiWorker.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCTray.exe [364776 2016-07-26] (Tencent)
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\MountPoints2: {85a1ef9e-48e8-11e6-9bf6-fc3fdb5a2802} - "F:\startme.exe"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\MountPoints2: {8a3bc3e7-fc25-11e5-9bd6-606dc7fd06b4} - "H:\AutoRun.exe"
AppInit_DLLs: C:\ProgramData\ApppazmaL\Zottex.dll => C:\ProgramData\ApppazmaL\Zottex.dll [363008 2016-07-26] ()
AppInit_DLLs-x32: C:\ProgramData\ApppazmaL\Icelax.dll => C:\ProgramData\ApppazmaL\Icelax.dll [257536 2016-07-26] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMGCShellExt64.dll [2016-07-26] (Tencent)
GroupPolicy: Ograniczenia - Chrome <======= UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{9b48c7f6-b41d-465b-9aea-f20e72361f74}: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{a06f40be-97e5-4330-97bf-4cb97b03354e}: [DhcpNameServer] 62.179.1.62 62.179.1.63
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.hao123.com/?tn=93205588_hao_pg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.hao123.com/?tn=93205588_hao_pg
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TSWebMon64.dat [2016-07-26] (Tencent)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.zingload.com/?type=ll&uid=70466a72-e2e2-486c-8197-698353adcfa0

FireFox:
========
FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Profiles\uwxj3omx.default
FF NewTab: C:\\ProgramData\\ApppazmaLs\\ff.NT
FF DefaultSearchEngine: trotux
FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=trotux
FF SelectedSearchEngine: trotux
FF Homepage: C:\\ProgramData\\ApppazmaLs\\ff.HP
FF Keyword.URL: hxxp://www.trotux.com/search/?z=8db012b323f05f554c9e587g4z5q2t5w2g2q2q2e6q&from=clc&uid=TOSHIBAXMQ01ABF050_Y5UPP3HQTXXY5UPP3HQT&type=sp&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-26] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\npQMExtensionsMozilla.dll [2016-07-26] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll [2007-04-30] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dawid\AppData\Roaming\Profiles\uwxj3omx.default\searchplugins\a8qt83bw.xml [2016-07-26]
FF Extension: GsearchFinder - C:\Users\Dawid\AppData\Roaming\Profiles\uwxj3omx.default\Extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi [2016-07-26]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.zingload.com/?type=ll&uid=70466a72-e2e2-486c-8197-698353adcfa0

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-08-06] () [Brak podpisu cyfrowego]
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-06] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego]
R2 ApppazmaL; C:\ProgramData\\ApppazmaL\\ApppazmaL.exe [392704 2016-07-26] () [Brak podpisu cyfrowego]
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2286848 2016-04-10] (Broadcom Corporation.)
R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [676352 2016-07-26] () [Brak podpisu cyfrowego]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-07-26] (DotC United Inc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCRTP.exe [315920 2016-07-26] (Tencent)
U2 QQRepairfa5; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairfa5 [208616 2016-07-26] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [208616 2016-07-26] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [298200 2015-07-24] (Realtek Semiconductor)
R2 saiyitechnology; C:\ProgramData\yahoochrome_D\desktop267.exe [236768 2016-07-21] (YahooChrome)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260216 2016-04-10] (Synaptics Incorporated)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-08-18] (Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S3 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 FastCompress; C:\Program Files (x86)\FastCompress-Zip\Fast_Support.exe [X]
S2 PlevechatigisNodifierThwapy.exe; "C:\Program Files (x86)\Biziied\PlevechatigisNodifierThwapy.exe" {C25DA384-2010-45A4-A1ED-BFA540D4789B} {9DC74CD5-24EA-4ADE-9C42-608A8CE17116} [X]
S2 ProntSpooler; Brak ImagePath

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [18968 2015-08-18] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-08-18] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [82704 2015-08-18] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-08-18] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-08-18] (Advanced Micro Devices)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208176 2016-04-10] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7551240 2015-12-11] (Broadcom Corporation)
S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [954368 2016-03-29] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [84992 2016-03-29] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 FTDIBUS; C:\Windows\system32\drivers\opcomusb.sys [69320 2009-10-22] (FTDI Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2016-07-06] (Sony Mobile Communications)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-26] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-07-26] (DotC United Inc)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMUdisk64.sys [184312 2016-07-19] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQSysMonX64.sys [152568 2016-07-26] (电脑管家)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [67704 2016-04-10] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\softaal64.sys [42488 2016-07-26] (Tencent)
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [239096 2016-07-26] ()
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [97880 2016-07-26] (Tencent)
R2 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys [141816 2016-07-26] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [95224 2016-07-26] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TS888x64.sys [38520 2016-07-26] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TSDefenseBT64.sys [28984 2016-07-26] (Tencent)
R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TsNetHlpX64.sys [55800 2016-07-26] ()
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TSSysKit64.sys [94712 2016-07-26] (电脑管家)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-07-04] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S1 ptnsykcr; \??\C:\WINDOWS\system32\drivers\ptnsykcr.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-07-26 10:32 - 2016-07-26 10:32 - 00017095 _____ C:\Users\Dawid\Desktop\FRST.txt
2016-07-26 10:31 - 2016-07-26 10:31 - 00000000 ____D C:\Users\Dawid\Desktop\FRST-OlderVersion
2016-07-26 10:27 - 2016-07-26 10:27 - 00000000 ____D C:\ProgramData\ApppazmaLs
2016-07-26 10:26 - 2016-07-26 10:26 - 00038520 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys
2016-07-26 10:25 - 2016-07-26 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-07-26 10:24 - 2016-07-26 10:25 - 00504152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-26 10:22 - 2016-07-26 10:25 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-26 10:22 - 2016-07-26 10:22 - 00003906 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-07-26 10:00 - 2016-07-26 10:00 - 00250912 _____ C:\WINDOWS\SysWOW64\kz.exe
2016-07-26 09:46 - 2016-07-26 09:57 - 00000000 ____D C:\Users\Dawid\AppData\Local\AAFE2FAC-1469526414-E511-90AB-FC3FDB5A2802
2016-07-26 09:45 - 2016-07-26 10:26 - 00000000 ____D C:\ProgramData\TXQMPC
2016-07-26 09:45 - 2016-07-26 09:45 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-07-26 09:45 - 2016-07-26 09:41 - 00141816 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-07-26 09:45 - 2016-07-26 09:41 - 00097880 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2016-07-26 09:44 - 2016-07-26 09:41 - 00095224 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-07-26 09:36 - 2016-07-26 09:36 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-07-26 09:35 - 2016-07-26 10:13 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Tencent
2016-07-26 09:30 - 2016-07-26 10:25 - 00000000 ____D C:\ProgramData\Tencent
2016-07-26 09:22 - 2016-07-26 10:27 - 00000000 ____D C:\ProgramData\ApppazmaL
2016-07-26 09:22 - 2016-07-26 09:22 - 00000534 _____ C:\zingload.xml
2016-07-26 09:22 - 2016-07-26 09:22 - 00000266 __RSH C:\ProgramData\ntuser.pol
2016-07-26 09:22 - 2016-06-29 08:55 - 55135848 _____ C:\Users\Dawid\AppData\Roaming\qqpcmgr_v11.7.17772.224_73233_Silence.exe
2016-07-26 09:21 - 2016-07-26 09:21 - 00092872 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys
2016-07-26 09:21 - 2016-07-26 09:21 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Softlink
2016-07-26 09:21 - 2016-07-26 09:21 - 00000000 ____D C:\ProgramData\yahoochrome_D
2016-07-26 09:21 - 2016-07-17 05:03 - 01609728 _____ C:\Users\Dawid\AppData\Roaming\crfeaDlr.exe
2016-07-26 09:21 - 2016-07-06 07:10 - 01609728 _____ C:\Users\Dawid\AppData\Roaming\YoyNotepad.exe
2016-07-26 09:20 - 2016-07-26 10:00 - 00000000 ____D C:\Program Files\żěŃą
2016-07-26 09:20 - 2016-07-26 09:36 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Kuaizip
2016-07-26 09:20 - 2016-07-11 11:34 - 01608704 _____ C:\Users\Dawid\AppData\Roaming\InstallDingjDlr.exe
2016-07-26 09:20 - 2016-07-06 09:49 - 01613824 _____ C:\Users\Dawid\AppData\Roaming\YellowSend.exe
2016-07-26 09:19 - 2016-07-24 08:19 - 01615872 _____ C:\Users\Dawid\AppData\Roaming\kpzip.exe
2016-07-26 09:18 - 2016-07-26 09:18 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\MCorp
2016-07-26 09:18 - 2016-07-13 04:29 - 00344576 _____ C:\Users\Dawid\AppData\Roaming\RandomDelJiheReg.exe
2016-07-26 09:12 - 2016-07-26 09:12 - 00001624 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-07-26 09:12 - 2016-07-26 09:12 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-07-26 09:06 - 2016-07-26 09:22 - 00000000 ____D C:\ProgramData\CloudPrinter
2016-07-26 09:06 - 2016-07-26 09:19 - 07616340 _____ C:\Users\Dawid\AppData\Roaming\setup.apk
2016-07-26 09:06 - 2016-07-26 09:19 - 00732869 _____ C:\Users\Dawid\AppData\Roaming\xdo.zip
2016-07-26 09:06 - 2016-07-26 09:06 - 07105536 _____ C:\Users\Dawid\AppData\Roaming\agent.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 01881260 _____ C:\Users\Dawid\AppData\Roaming\GreenDincof.tst
2016-07-26 09:06 - 2016-07-26 09:06 - 00126464 _____ C:\Users\Dawid\AppData\Roaming\noah.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 00126464 _____ C:\Users\Dawid\AppData\Roaming\lobby.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 00072713 _____ C:\Users\Dawid\AppData\Roaming\Danis.tst
2016-07-26 09:06 - 2016-07-26 09:06 - 00070896 _____ C:\Users\Dawid\AppData\Roaming\Config.xml
2016-07-26 09:06 - 2016-07-26 09:06 - 00054272 _____ C:\Users\Dawid\AppData\Roaming\ApplicationHosting.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 00018432 _____ C:\Users\Dawid\AppData\Roaming\Main.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 00005568 _____ C:\Users\Dawid\AppData\Roaming\md.xml
2016-07-26 09:06 - 2016-07-26 09:06 - 00000000 ____D C:\Users\Dawid\AppData\Local\UCBrowser
2016-07-26 09:06 - 2016-07-26 09:03 - 00676352 _____ C:\Users\Dawid\AppData\Roaming\GreenDincof.exe
2016-07-26 09:06 - 2016-07-26 09:03 - 00676352 _____ C:\Users\Dawid\AppData\Roaming\Danis.exe
2016-07-26 09:06 - 2016-07-04 14:46 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys
2016-07-26 09:05 - 2016-07-26 10:14 - 00000000 ____D C:\Program Files (x86)\host
2016-07-26 09:05 - 2016-07-26 10:08 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-07-26 09:05 - 2016-07-05 07:58 - 09216000 _____ (eee) C:\Users\Dawid\AppData\Roaming\THREADAPP.exe
2016-07-26 09:04 - 2016-07-26 09:07 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-07-26 09:04 - 2016-07-26 09:04 - 00848437 _____ C:\Users\Dawid\AppData\Roaming\Yearin.bin
2016-07-26 09:04 - 2016-07-26 09:04 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-07-26 09:04 - 2016-07-26 09:04 - 00000000 ____D C:\Program Files\Caster
2016-07-26 09:04 - 2016-02-18 10:10 - 05267952 _____ () C:\Users\Dawid\AppData\Roaming\ziptool_wc-9015_setup.exe
2016-07-26 09:03 - 2016-07-26 10:29 - 00000000 ____D C:\Users\Dawid\AppData\Local\Apps\2.0
2016-07-26 09:03 - 2016-07-26 10:26 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\UPUpdata
2016-07-26 09:03 - 2016-07-26 10:13 - 00000000 ____D C:\Program Files (x86)\mpck
2016-07-26 09:03 - 2016-07-26 10:09 - 00000000 ____D C:\Program Files (x86)\badu
2016-07-26 09:03 - 2016-07-26 09:04 - 00018336 _____ C:\Users\Dawid\AppData\Roaming\InstallationConfiguration.xml
2016-07-26 09:03 - 2016-07-26 09:04 - 00009102 _____ C:\WINDOWS\System32\Tasks\Plevechatigis Nodifier
2016-07-26 09:03 - 2016-07-26 09:03 - 00129024 _____ C:\Users\Dawid\AppData\Roaming\Installer.dat
2016-07-26 09:03 - 2016-07-26 09:03 - 00003142 _____ C:\WINDOWS\System32\Tasks\tasklist
2016-07-25 20:37 - 2016-07-25 20:34 - 00000209 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-07-25 20:36 - 2016-07-26 09:16 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\ASPackage
2016-07-25 19:51 - 2016-07-25 19:51 - 00000000 ___HD C:\ProgramData\CanonIJSIP
2016-07-24 10:13 - 2016-07-26 10:19 - 00001580 _____ C:\Users\Dawid\Desktop\Firefox.lnk
2016-07-24 09:54 - 2016-07-24 13:27 - 00005098 _____ C:\Users\Dawid\Desktop\Documents\Fixlog.txt
2016-07-24 09:54 - 2016-07-24 13:27 - 00000000 ____D C:\Users\Dawid\Desktop\Documents\FRST-OlderVersion
2016-07-20 19:06 - 2016-07-24 10:12 - 00000000 ____D C:\WINDOWS\Minidump
2016-07-20 18:55 - 2016-07-20 18:55 - 00049260 _____ C:\Users\Dawid\Desktop\Documents\Shortcut.txt
2016-07-20 18:54 - 2016-07-20 18:55 - 00031612 _____ C:\Users\Dawid\Desktop\Documents\Addition.txt
2016-07-20 18:54 - 2016-07-20 18:54 - 00380928 _____ C:\Users\Dawid\Desktop\0pytelwo.exe
2016-07-20 18:52 - 2016-07-26 10:32 - 00000000 ____D C:\FRST
2016-07-20 18:52 - 2016-07-20 18:55 - 00088816 _____ C:\Users\Dawid\Desktop\Documents\FRST.txt
2016-07-20 18:43 - 2016-07-26 10:31 - 02394112 _____ (Farbar) C:\Users\Dawid\Desktop\FRST64.exe
2016-07-17 23:52 - 2016-07-17 23:52 - 00007578 _____ C:\Users\Dawid\Desktop\Documents\DiagReport_2005 (5)_Vectra-C Signum_Pojazd__Informacje o kodach błędów w pojeździe_201607172351.txt
2016-07-17 21:24 - 2016-07-24 21:07 - 00000000 ____D C:\Users\Dawid
2016-07-17 14:41 - 2016-07-17 14:41 - 00000000 ____D C:\AMD
2016-07-16 11:00 - 2016-07-26 10:19 - 00001163 _____ C:\Users\Dawid\Desktop\Odkurzacz.lnk
2016-07-16 11:00 - 2016-07-16 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz
2016-07-13 17:40 - 2016-07-13 17:40 - 00000000 ____D C:\Users\Dawid\AppData\LocalLow\Adobe
2016-07-13 17:38 - 2016-07-26 10:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-13 17:38 - 2016-07-13 22:42 - 00000000 ____D C:\ProgramData\Adobe
2016-07-13 17:38 - 2016-07-13 17:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-07-13 14:59 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-13 14:59 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 14:59 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-13 14:59 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-13 14:59 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-13 14:59 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-13 14:59 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-13 14:59 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-13 14:59 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-13 14:59 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-13 14:59 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-13 14:59 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-13 14:59 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-13 14:59 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-13 14:59 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-13 14:59 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-13 14:59 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-13 14:59 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-13 14:58 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-13 14:58 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 14:58 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-13 14:58 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-13 14:58 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-13 14:58 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-13 14:58 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-13 14:58 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-13 14:58 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-13 14:58 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 14:58 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-13 14:58 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-13 14:58 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-13 14:58 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-13 14:58 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-13 14:58 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-13 14:58 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-13 14:58 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-13 14:58 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-13 14:58 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-13 14:58 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-13 14:58 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-13 14:58 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-13 14:58 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-13 14:58 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-13 14:58 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-13 14:58 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-13 14:58 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-13 14:58 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-13 14:58 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-13 14:58 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-13 14:58 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-13 14:58 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-13 14:58 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-13 14:58 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-13 14:58 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-13 14:58 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-13 14:58 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-13 14:58 - 2016-07-01 05:53 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-07-13 14:58 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-13 14:58 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-13 14:58 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-13 14:58 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-13 14:58 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-13 14:58 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-13 14:58 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-13 14:58 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-13 14:58 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-13 14:58 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-13 14:58 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-13 14:58 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-13 14:58 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-13 14:58 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-13 14:58 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-13 14:58 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-13 14:58 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-13 14:58 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-13 14:58 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-13 14:58 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-13 14:58 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-13 14:58 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-13 14:58 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-13 14:58 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-13 14:58 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-13 14:58 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-13 14:58 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-13 14:58 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-13 14:58 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-13 14:58 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-13 14:58 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-13 14:58 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-13 14:58 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-13 14:58 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-13 14:58 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-13 14:58 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-13 14:58 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-13 14:58 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-13 14:58 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-13 14:58 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-13 14:58 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-13 14:58 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-13 14:58 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-13 14:58 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-13 14:58 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-13 14:58 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-13 14:58 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-13 14:58 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-13 14:58 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-13 14:58 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-13 14:58 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-13 14:58 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-13 14:58 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 14:58 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-13 14:58 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-13 14:58 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-13 14:58 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-13 14:58 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-13 14:58 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-13 14:58 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 14:58 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-13 14:58 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-13 14:58 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-13 14:58 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-13 14:58 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-13 14:58 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-13 14:58 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-13 14:58 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-13 14:58 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-13 14:58 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-13 14:58 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-13 14:58 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-13 14:58 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-13 14:58 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-13 14:58 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-13 14:58 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-13 14:58 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-13 14:58 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-13 14:58 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-13 14:58 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-13 14:58 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-13 14:57 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-13 14:57 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-13 14:57 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-13 14:57 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-13 14:57 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-13 14:57 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-13 14:57 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-13 14:57 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-13 14:57 - 2016-07-01 06:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-13 14:57 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-13 14:57 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 14:57 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-13 14:57 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-13 14:57 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-13 14:57 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-13 14:57 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-13 14:57 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-13 14:57 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-13 14:57 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-13 14:57 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-13 14:57 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-13 14:57 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-13 14:57 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-13 14:57 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-13 14:57 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-13 14:57 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-13 14:57 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-13 14:57 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-13 14:57 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-13 14:57 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-13 14:57 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-13 14:57 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-13 14:57 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-13 14:57 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-13 14:57 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-13 14:57 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-13 14:57 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-13 14:57 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 14:57 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-13 14:57 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-13 14:57 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-13 14:57 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-13 14:57 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-13 14:57 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-13 14:57 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-13 14:57 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-13 14:57 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-13 14:57 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-13 14:57 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-13 14:57 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-13 14:57 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-13 14:57 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-13 14:57 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-13 14:57 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-13 14:57 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-13 14:57 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-13 14:57 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-13 14:57 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 14:57 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-13 14:57 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-13 14:57 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-13 14:57 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-13 14:57 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-13 14:57 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-13 14:57 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-13 14:57 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-13 14:57 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-13 14:57 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-13 14:57 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-13 14:57 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-13 14:57 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-13 14:57 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-13 14:57 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-13 14:57 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-13 14:57 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-13 14:57 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-13 14:57 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-13 14:57 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-13 14:57 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-13 14:57 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-13 14:57 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-13 14:57 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 14:57 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-13 14:57 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-13 14:57 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-13 14:57 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 14:57 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-13 14:57 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-13 14:57 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-13 14:57 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-13 14:57 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-13 14:57 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-13 14:57 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-13 14:57 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-13 14:57 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-13 14:57 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-13 14:57 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-13 14:57 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 14:57 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-13 14:57 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-13 14:57 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-13 14:57 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-13 14:57 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-13 14:57 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-13 14:57 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-13 14:57 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-13 14:57 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-13 14:57 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-13 14:57 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-13 14:57 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-13 14:57 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-13 14:57 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-13 14:57 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-13 14:57 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-13 14:57 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-13 14:57 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-13 14:57 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-13 14:57 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-13 14:57 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-13 14:57 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 14:57 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-13 14:57 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-13 14:57 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-13 14:57 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-13 14:57 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-13 14:57 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-13 14:57 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-13 14:57 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-13 14:57 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-13 14:57 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-13 14:57 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-13 14:57 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-13 14:57 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-13 14:57 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-13 14:57 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-13 14:57 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-13 14:57 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-13 14:57 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-13 14:57 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 14:57 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-13 14:57 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 14:57 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-13 14:57 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-13 14:57 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-13 14:57 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 14:57 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 14:57 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-13 14:57 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-13 14:57 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-13 14:57 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-13 14:57 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-13 14:57 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-13 14:57 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-13 14:57 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-13 14:57 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-13 14:57 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 14:57 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-13 14:57 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-13 14:57 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-13 14:56 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 14:56 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-13 14:56 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-13 14:56 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-13 14:56 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-13 14:56 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-13 14:56 - 2016-07-01 06:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 14:56 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-13 14:56 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-13 14:56 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-13 14:56 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-13 14:56 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-13 14:56 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-13 14:56 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-13 14:56 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-13 14:56 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-13 14:56 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-13 14:56 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-13 14:56 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-13 14:56 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-13 14:56 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-13 14:56 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-13 14:56 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-13 14:56 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-13 14:56 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-13 14:56 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-13 14:56 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-13 14:56 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 14:56 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-13 14:56 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-13 14:56 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-13 14:56 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-13 14:56 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 14:56 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-13 14:56 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-13 14:56 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-13 14:56 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-13 14:56 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-13 14:56 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-13 14:56 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-13 14:56 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-13 14:56 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-13 14:56 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-13 14:56 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-13 14:56 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-13 14:56 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-13 14:56 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-13 14:56 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 14:56 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-13 14:56 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 14:56 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-13 14:56 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 14:56 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-13 14:56 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-13 14:56 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-13 14:56 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-13 14:56 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-13 14:56 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-13 14:56 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-13 14:56 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-13 14:56 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-13 14:56 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-13 14:56 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-13 14:56 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-13 14:56 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-13 14:56 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-13 14:56 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-13 14:56 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-13 14:56 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-13 14:56 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-13 14:56 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-13 14:56 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-13 14:56 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-13 14:56 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-11 12:22 - 2016-07-11 12:22 - 00006859 _____ C:\Users\Dawid\Desktop\Documents\CV agnieszka rejowska.odt
2016-07-06 09:40 - 2016-07-06 09:40 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-07-06 09:40 - 2016-07-06 09:40 - 00030424 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggsomc.sys
2016-07-06 09:40 - 2016-07-06 09:40 - 00016088 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggflt.sys
2016-07-06 09:40 - 2016-07-06 09:40 - 00000000 ____D C:\Users\Dawid\.oracle_jre_usage
2016-07-06 09:39 - 2016-07-06 09:39 - 00000000 ____D C:\ProgramData\Sony Mobile
2016-07-06 09:39 - 2016-07-06 09:39 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\Users\Dawid\Desktop\Documents\Sony
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Apple Computer
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-07-06 09:37 - 2016-07-06 09:37 - 00000000 ____D C:\Program Files (x86)\Sony
2016-06-28 03:12 - 2016-06-28 03:12 - 00314434 ____N C:\Users\Dawid\AppData\Roaming\EYapp.apk

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-07-26 10:30 - 2016-04-12 04:30 - 02046748 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-26 10:30 - 2016-02-13 19:29 - 00889558 _____ C:\WINDOWS\system32\perfh015.dat
2016-07-26 10:30 - 2016-02-13 19:29 - 00193172 _____ C:\WINDOWS\system32\perfc015.dat
2016-07-26 10:30 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-26 10:26 - 2016-04-07 19:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-26 10:26 - 2015-12-11 09:56 - 01496330 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2016-07-26 10:25 - 2016-02-13 19:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-26 10:24 - 2016-04-12 04:26 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-07-26 10:24 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-26 10:21 - 2016-04-07 15:17 - 00000000 ____D C:\Users\Dawid\AppData\Local\Adobe
2016-07-26 10:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-07-26 10:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-07-26 10:20 - 2016-04-12 04:40 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-07-26 10:20 - 2016-04-06 13:24 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-26 10:19 - 2016-05-20 22:49 - 00001925 _____ C:\Users\Dawid\Desktop\OPCOM Pro.lnk
2016-07-26 10:19 - 2016-04-26 14:25 - 00000914 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-26 10:19 - 2016-04-21 11:48 - 00001156 _____ C:\Users\Dawid\Desktop\ACGasSynchro.lnk
2016-07-26 10:19 - 2016-04-10 09:29 - 00000860 _____ C:\Users\Dawid\Desktop\Autko.lnk
2016-07-26 10:19 - 2016-04-06 17:28 - 00001866 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\allegro.pl .lnk
2016-07-26 10:19 - 2016-04-06 17:28 - 00001854 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Booking .lnk
2016-07-26 10:19 - 2016-04-06 14:34 - 00000440 _____ C:\Users\Dawid\Desktop\Komputer.lnk
2016-07-26 10:19 - 2016-04-06 13:20 - 00002418 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-26 09:59 - 2016-05-15 16:01 - 00000000 ____D C:\Program Files\KMSnano
2016-07-26 09:59 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-26 09:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-26 09:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-07-26 09:22 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-07-26 09:08 - 2016-04-07 21:03 - 00005352 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-653L6ES-Dawid DESKTOP-653L6ES
2016-07-25 20:15 - 2016-04-06 19:09 - 00012069 _____ C:\Users\Dawid\Desktop\Documents\Kilometrówka.xlsx
2016-07-25 19:10 - 2016-04-15 04:00 - 00004226 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{11D30258-9327-4EAE-8A7D-0A6876793C6E}
2016-07-25 14:58 - 2016-04-06 19:09 - 00021774 _____ C:\Users\Dawid\Desktop\Documents\Finanse.xlsx
2016-07-24 09:55 - 2016-04-06 23:16 - 00000000 ____D C:\Users\Dawid\AppData\LocalLow\Temp
2016-07-18 10:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-17 14:49 - 2015-12-11 09:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-16 11:08 - 2016-04-12 05:23 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-16 11:00 - 2016-06-05 12:24 - 00000000 ____D C:\Program Files (x86)\Odkurzacz
2016-07-15 03:37 - 2016-02-13 19:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-15 03:33 - 2016-02-13 19:39 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-15 03:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-13 17:40 - 2016-04-06 13:14 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Adobe
2016-07-13 15:35 - 2016-04-10 09:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-13 15:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-13 15:31 - 2016-04-10 09:55 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-07 02:39 - 2016-05-07 17:55 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-02 06:37 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:37 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-01 07:05 - 2016-02-13 19:50 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-06-29 19:31 - 2016-06-18 18:44 - 00000000 ____D C:\ProgramData\Skype

==================== Pliki w katalogu głównym wybranych folderów =======

2016-04-26 14:24 - 2016-04-26 14:24 - 0000009 ____N () C:\Users\Dawid\AppData\Roaming\a.bat
2010-08-28 22:43 - 2010-08-28 22:43 - 0577335 ____N () C:\Users\Dawid\AppData\Roaming\adb.exe
2010-08-28 22:43 - 2010-08-28 22:43 - 0096256 ____N (Google, inc) C:\Users\Dawid\AppData\Roaming\AdbWinApi.dll
2010-08-28 22:43 - 2010-08-28 22:43 - 0060928 ____N (Google, inc) C:\Users\Dawid\AppData\Roaming\AdbWinUsbApi.dll
2016-07-26 09:06 - 2016-07-26 09:06 - 7105536 _____ () C:\Users\Dawid\AppData\Roaming\agent.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 0054272 _____ () C:\Users\Dawid\AppData\Roaming\ApplicationHosting.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 0070896 _____ () C:\Users\Dawid\AppData\Roaming\Config.xml
2016-07-26 09:21 - 2016-07-17 05:03 - 1609728 _____ () C:\Users\Dawid\AppData\Roaming\crfeaDlr.exe
2016-07-26 09:06 - 2016-07-26 09:03 - 0676352 _____ () C:\Users\Dawid\AppData\Roaming\Danis.exe
2016-07-26 09:06 - 2016-07-26 09:06 - 0072713 _____ () C:\Users\Dawid\AppData\Roaming\Danis.tst
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\Dawid\AppData\Roaming\EYapp.apk
2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 ____N () C:\Users\Dawid\AppData\Roaming\fastboot.exe
2016-07-26 09:06 - 2016-07-26 09:03 - 0676352 _____ () C:\Users\Dawid\AppData\Roaming\GreenDincof.exe
2016-07-26 09:06 - 2016-07-26 09:06 - 1881260 _____ () C:\Users\Dawid\AppData\Roaming\GreenDincof.tst
2016-07-26 09:03 - 2016-07-26 09:04 - 0018336 _____ () C:\Users\Dawid\AppData\Roaming\InstallationConfiguration.xml
2016-07-26 09:20 - 2016-07-11 11:34 - 1608704 _____ () C:\Users\Dawid\AppData\Roaming\InstallDingjDlr.exe
2016-07-26 09:03 - 2016-07-26 09:03 - 0129024 _____ () C:\Users\Dawid\AppData\Roaming\Installer.dat
2016-07-26 09:19 - 2016-07-24 08:19 - 1615872 _____ () C:\Users\Dawid\AppData\Roaming\kpzip.exe
2016-07-26 09:06 - 2016-07-26 09:06 - 0126464 _____ () C:\Users\Dawid\AppData\Roaming\lobby.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 0018432 _____ () C:\Users\Dawid\AppData\Roaming\Main.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 0005568 _____ () C:\Users\Dawid\AppData\Roaming\md.xml
2016-07-26 09:06 - 2016-07-26 09:06 - 0126464 _____ () C:\Users\Dawid\AppData\Roaming\noah.dat
2016-07-26 09:22 - 2016-06-29 08:55 - 55135848 _____ () C:\Users\Dawid\AppData\Roaming\qqpcmgr_v11.7.17772.224_73233_Silence.exe
2016-07-26 09:18 - 2016-07-13 04:29 - 0344576 _____ () C:\Users\Dawid\AppData\Roaming\RandomDelJiheReg.exe
2016-07-26 09:06 - 2016-07-26 09:19 - 7616340 _____ () C:\Users\Dawid\AppData\Roaming\setup.apk
2016-07-26 09:05 - 2016-07-05 07:58 - 9216000 _____ (eee) C:\Users\Dawid\AppData\Roaming\THREADAPP.exe
2016-07-26 09:06 - 2016-07-26 09:19 - 0732869 _____ () C:\Users\Dawid\AppData\Roaming\xdo.zip
2016-07-26 09:04 - 2016-07-26 09:04 - 0848437 _____ () C:\Users\Dawid\AppData\Roaming\Yearin.bin
2016-07-26 09:20 - 2016-07-06 09:49 - 1613824 _____ () C:\Users\Dawid\AppData\Roaming\YellowSend.exe
2016-07-26 09:21 - 2016-07-06 07:10 - 1609728 _____ () C:\Users\Dawid\AppData\Roaming\YoyNotepad.exe
2016-07-26 09:04 - 2016-02-18 10:10 - 5267952 _____ () C:\Users\Dawid\AppData\Roaming\ziptool_wc-9015_setup.exe
2016-04-07 13:42 - 2016-04-07 15:19 - 0007605 _____ () C:\Users\Dawid\AppData\Local\resmon.resmoncfg
2016-07-17 03:25 - 2016-06-17 21:21 - 0000000 _____ () C:\ProgramData\Application Data

Pliki do przeniesienia lub usunięcia:
====================
C:\Windows\Tasks\{3B19CC9B-73C2-761A-1CA0-1EC57529C729}.job


Niektóre pliki w TEMP:
====================
C:\Users\Dawid\AppData\Local\Temp\146951761670466tmp.exe
C:\Users\Dawid\AppData\Local\Temp\1B6DA8FE0I.exe
C:\Users\Dawid\AppData\Local\Temp\4KBY465GTH.exe
C:\Users\Dawid\AppData\Local\Temp\6QE7CR1PPH.exe
C:\Users\Dawid\AppData\Local\Temp\8098.tmp.exe
C:\Users\Dawid\AppData\Local\Temp\A6RLI5WK18.exe
C:\Users\Dawid\AppData\Local\Temp\A8DNFEJWBG.exe
C:\Users\Dawid\AppData\Local\Temp\Browser_V5.6.14087.7_f_4730_(Build1607010949).exe
C:\Users\Dawid\AppData\Local\Temp\CD95KL2RKV.exe
C:\Users\Dawid\AppData\Local\Temp\L1MCF5Z00K.exe
C:\Users\Dawid\AppData\Local\Temp\nsl34C9.tmp.exe
C:\Users\Dawid\AppData\Local\Temp\QQPCMgr_Setup.exe
C:\Users\Dawid\AppData\Local\Temp\QS22EAWW16.exe
C:\Users\Dawid\AppData\Local\Temp\setup.exe
C:\Users\Dawid\AppData\Local\Temp\SYTWYHTTCR.exe
C:\Users\Dawid\AppData\Local\Temp\VOLI2HWOWU.exe
C:\Users\Dawid\AppData\Local\Temp\W8BH3VP6PV.exe
C:\Users\Dawid\AppData\Local\Temp\Z32JVTCPGE.exe


==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


LastRegBack: 2016-07-21 18:22

==================== Koniec FRST.txt ============================


Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 25-07-2016
Uruchomiony przez Dawid (2016-07-26 10:34:01)
Uruchomiony z C:\Users\Dawid\Desktop
Windows 10 Home Wersja 1511 (X64) (2016-04-12 02:56:21)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-3987013258-1122006406-2270890607-500 - Administrator - Disabled)
Dawid (S-1-5-21-3987013258-1122006406-2270890607-1002 - Administrator - Enabled) => C:\Users\Dawid
Gość (S-1-5-21-3987013258-1122006406-2270890607-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-3987013258-1122006406-2270890607-503 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

AcGasSynchro 11.2.0.3 (HKLM-x32\...\Ac Gas Synchro 11.2.0.3_is1) (Version: - )
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.47.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\Adobe Shockwave Player) (Version: 10.2.0.22 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{A30D3EA3-B90A-DDD5-949E-6DDE67E64FE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Autko (HKLM-x32\...\Autko) (Version: - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PL (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 pl)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 7 Lite (HKLM-x32\...\Nero7Lite_is1) (Version: 7.11.10.0 - UpdatePack.nl)
Odkurzacz (HKLM-x32\...\Odkurzacz 14.2_is1) (Version: 14.2.0.4492 - FranmoSoftware - Maciej Opaliński)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Rejestracja użytkownika drukarki Canon MG2900 series (HKLM-x32\...\Rejestracja użytkownika drukarki Canon MG2900 series) (Version: - ‭Canon Inc.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.9.201606210840 - Sony Mobile Communications Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated)
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-3987013258-1122006406-2270890607-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Dawid\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe (Microsoft Corporation)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {1791E9AD-5450-4317-ADC8-349286A5AEC1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-26] (Adobe Systems Incorporated)
Task: {446D458C-DB0C-44D1-BDF7-3104E602E87B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {47D9B6F3-9D95-4FA0-8BB4-61237DB10AFA} - System32\Tasks\tasklist => C:\Users\Dawid\AppData\Roaming\UPUpdata\service72564.exe
Task: {47EDE0DB-E90F-4C2B-A6DB-538B58F88FC9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {8A212D89-0889-4741-8436-5FC3698C0246} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-653L6ES-Dawid DESKTOP-653L6ES => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {B17E9195-A4F8-4947-BC51-52F43AE03DE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BA864FFF-8DC7-4B1D-998F-68CB024EA314} - System32\Tasks\Plevechatigis Nodifier => C:\Program Files (x86)\Biziied\PlevechatigisNodifierAtigertain.exe
Task: {CE6C81E2-9893-48EC-B49A-9E120A5EC5CF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F34FB86C-A3A8-4A3B-9184-1240EBE8E24F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\{3B19CC9B-73C2-761A-1CA0-1EC57529C729}.job =>

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA

==================== Załadowane moduły (filtrowane) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-08-06 22:39 - 2015-08-06 22:39 - 00127488 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-07-26 09:22 - 2016-07-26 09:05 - 00392704 _____ () C:\ProgramData\ApppazmaL\ApppazmaL.exe
2016-07-26 09:06 - 2016-07-26 09:03 - 00676352 _____ () C:\ProgramData\CloudPrinter\CloudPrinter.exe
2015-12-11 10:20 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-07-13 14:56 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 14:56 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 19:32 - 2016-02-13 19:32 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 14:58 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 14:56 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 14:56 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 14:56 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 14:56 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-06 22:39 - 2015-08-06 22:39 - 00138752 _____ () c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-26 09:40 - 2016-07-26 09:40 - 00114280 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMAntiInject.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\zlib.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00491112 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\sqlite.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\tinyxml.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00049256 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00073320 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2016-07-26 09:40 - 2016-02-28 00:55 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\oDayProtect.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00134760 _____ () c:\program files (x86)\tencent\qqpcmgr\11.7.17772.224\qmrtpcontroller.dll
2016-07-26 09:39 - 2016-07-26 09:39 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\arkGraphic.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\xImage.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\GF.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\xGraphic32.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\libpng.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\libjpegturbo.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\jgImage.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\jgIOStub.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\libexpatw.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00171624 _____ () c:\program files (x86)\tencent\qqpcmgr\11.7.17772.224\qmhipslogpolicy.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00085608 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\MemDefrag.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00364136 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll
2016-07-26 09:49 - 2016-06-21 20:05 - 00106088 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\WebkitCheckPlugin.dll
2016-07-26 09:39 - 2016-07-26 09:39 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\DlForQd.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00267368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\Win10ToastNotification.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00253544 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMWlanMacDll.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\GF.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\xGraphic32.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\zlib.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\libexpatw.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\tinyxml.dll
2016-07-26 09:39 - 2016-07-26 09:39 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\arkGraphic.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\jgImage.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\jgIOStub.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\libpng.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\libjpegturbo.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\Users\Dawid\AppData\Local\Historia:7fe30ec3baa0 [4850]

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ==========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2015-07-10 13:04 - 2016-07-25 20:34 - 00000209 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.179.1.62 - 62.179.1.63
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKLM\...\StartupApproved\Run: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "ChomikBox"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\...\StartupApproved\Run: => "safe_urls768"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F7E09646-77B2-424D-869F-37F14832DA1C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7879E834-9A66-4762-B688-83B26A621625}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{639D4D92-4218-45AE-A6E7-FECFC0B36EE4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{06356808-872C-4F66-A284-000408467632}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{943990F7-B78C-43C6-8597-8CE13A82DEA1}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{895F6591-B45B-43C1-8431-3022A2627120}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{FFB42C20-2B9F-4898-B857-5B8C22695D02}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{C51CC7D5-81C1-43F7-9ADD-80A9E8581A24}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AE95B395-DDAE-426B-B8FF-22D65CD8BAFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B6DF5F84-C7E0-45D3-A474-01AA38A003FF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CF607E63-0A2E-421A-A8E7-53AE38413A6F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{324F166A-2A4F-4455-A8DB-948A68594202}] => (Block) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{71C74AAF-F477-4AF0-8627-87D3AFEBE073}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{8B555C14-162B-4984-A733-FF05989A2A44}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{1F71D06C-36C7-432B-BC9F-84E53351AD04}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{5CEA3D4F-C645-4002-8503-07F69F38FA15}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{A2852915-3524-485B-8975-14EE2477FC20}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCTray.exe
FirewallRules: [{E5A05790-F83D-4B01-BCAD-CE0C458FEAD8}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCMgr.exe
FirewallRules: [{92679831-6261-455C-803F-9F22CCC99670}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCRTP.exe
FirewallRules: [{9D71622A-CF12-4F1F-B319-F89F9547225D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMDL.exe
FirewallRules: [{D920149C-48B1-467E-8FE5-F1C23801BCC9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\bugreport.exe
FirewallRules: [{442D83A1-4191-4B4E-A664-1829E0C7BD28}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCFileOpen.exe
FirewallRules: [{DB4C3DCE-7431-4DEB-8A57-7BCD7A8AD42D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCLeakScan.exe
FirewallRules: [{79B14B72-66F3-4336-878C-4CF2A14F188E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPConfig.exe
FirewallRules: [{A9DF3A2E-BAE4-4200-9B4B-24EA463A3235}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCSoftMgr.exe
FirewallRules: [{F7A41260-8FC4-4EB9-B7A3-27D0063B762A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{35837460-13D7-43DD-B7F2-CFC6B3ACE72A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCBTU.exe
FirewallRules: [{BC3E368C-330F-4CCC-8200-682591D14B59}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCClinic.exe
FirewallRules: [{2949E07E-6E66-4D83-8F0B-A4EE3A5A7BC5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCLaunch.exe
FirewallRules: [{47A04DA7-265A-403F-AE2C-0DD2B4D7AF51}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{93CCC51E-B86F-4185-96D3-52C81326E5C1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCSoftGame.exe
FirewallRules: [{4DAABFA3-247B-4DC6-AD22-0086F6F49F68}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCSysOptimize.exe
FirewallRules: [{B9599F1B-43B7-4D2A-83EC-5030808403B5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCUpdateAVLib.exe
FirewallRules: [{6018444C-A164-46B5-A0B9-E159042CFA1F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQRepair.exe
FirewallRules: [{D6DE3A1F-4521-4EB4-A551-D067F8D93EDF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\Uninst.exe
FirewallRules: [{1C7CA804-C82E-4F75-8B4E-F92AB172A1EB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCPatch.exe
FirewallRules: [{CBFF8BAA-46B7-4234-BC3F-6A9349DD6AD9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TpkUpdate.exe
FirewallRules: [{2CC03119-B47B-472E-A4AF-10547BDDA132}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMAccountProtection.exe
FirewallRules: [{F0A34B27-C4E1-43F5-BA1E-8E7AB8AC6739}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMAdBlock.exe
FirewallRules: [TCP Query User{6DF28DE8-6890-4E6D-BE4D-01C3FFCDA09B}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe] => (Block) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [UDP Query User{A817CEF6-4BD2-419C-A455-01936F513BE8}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe] => (Block) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{21BF185E-67AC-4AEB-955E-B9DF2929E65A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{64FDD823-2623-4925-A700-5E561A401FCB}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe

==================== Punkty Przywracania systemu =========================

06-07-2016 09:36:18 Xperia Companion
13-07-2016 15:26:11 Windows Update
13-07-2016 15:27:01 Windows Update
17-07-2016 14:48:19 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (07/26/2016 10:27:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (07/26/2016 10:23:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "5.6.14087.7,language="&#x2a;",type="win32",version="5.6.14087.7"1".
Nie można odnaleźć zestawu zależnego 5.6.14087.7,language="&#x2a;",type="win32",version="5.6.14087.7".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (07/26/2016 10:23:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "5.6.14087.7,language="&#x2a;",type="win32",version="5.6.14087.7"1".
Nie można odnaleźć zestawu zależnego 5.6.14087.7,language="&#x2a;",type="win32",version="5.6.14087.7".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.


Dziennik System:
=============
Error: (07/26/2016 10:27:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Plevechatigis Nodifier z powodu następującego błędu:
%%2 = Nie można odnaleźć określonego pliku.


Error: (07/26/2016 10:27:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Pront Spooler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (07/26/2016 10:25:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi FastCompress z powodu następującego błędu:
%%2 = Nie można odnaleźć określonego pliku.


Error: (07/26/2016 10:23:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_3cff7 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/26/2016 10:23:35 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny


CodeIntegrity:
===================================
Date: 2016-07-26 10:24:41.848
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-26 09:11:31.978
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-25 17:36:57.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-24 14:18:51.373
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-24 13:28:18.851
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-24 11:15:37.939
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-24 09:56:45.276
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-21 18:23:52.866
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-07-20 19:06:28.412
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-18 10:00:49.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Statystyki pamięci ===========================

Procesor: AMD A6-6310 APU with AMD Radeon R4 Graphics
Procent pamięci w użyciu: 17%
Całkowita pamięć fizyczna: 11209.01 MB
Dostępna pamięć fizyczna: 9263.82 MB
Całkowita pamięć wirtualna: 12937.01 MB
Dostępna pamięć wirtualna: 11111.1 MB

==================== Dyski ================================

Drive c: (Windows) (Fixed) (Total:226.68 GB) (Free:177.3 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.25 GB) (Free:1.47 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
Drive g: (Dysk) (Fixed) (Total:224.72 GB) (Free:220.09 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D0AE0B88)

Partition: GPT.

==================== Koniec Addition.txt ============================
holi12
~user
 
Posty: 653
Dołączenie: 17 Mar 2006, 00:47
Pochwały: 5



Powolne działanie komputera - standard

Postprzez ordynat 26 Lip 2016, 15:09

Tym razem wpadłeś w niezłe bagno!

1) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SKANUJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
Pokaż raport z niego "C".

2) Zrób nowe logi FRST.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Powolne działanie komputera - standard

Postprzez holi12 26 Lip 2016, 16:30

nie da się. ADW się zawiesza odrazu na starcie usuwania.
holi12
~user
 
Posty: 653
Dołączenie: 17 Mar 2006, 00:47
Pochwały: 5



Powolne działanie komputera - standard

Postprzez ordynat 26 Lip 2016, 17:14

Wyłącz Antywirusa na czas używania Adw-Cleanera.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Powolne działanie komputera - standard

Postprzez holi12 26 Lip 2016, 17:58

też nic nie dało
holi12
~user
 
Posty: 653
Dołączenie: 17 Mar 2006, 00:47
Pochwały: 5



Powolne działanie komputera - standard

Postprzez ordynat 26 Lip 2016, 18:59

no cóż, trzeba zacząć bez tego .




zaraz ....
Ostatnio edytowany przez ordynat, 26 Lip 2016, 19:16, edytowano w sumie 1 raz
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Powolne działanie komputera - standard

Postprzez holi12 26 Lip 2016, 19:15

usunięte.
holi12
~user
 
Posty: 653
Dołączenie: 17 Mar 2006, 00:47
Pochwały: 5



Powolne działanie komputera - standard

Postprzez ordynat 26 Lip 2016, 19:37

Na razie dam tylko częściowe usuwanie, bo nie mam czasu.

Otwórz Notatnik i wklej w nim:
Reg: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /v PendingFileRenameOperations /t REG_MULTI_SZ /d "" /f
CMD: for %i in ("D:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\*.dll") do regsvr32 /s /u %i
CMD: for %i in ("D:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\*.dll") do C:\Windows\SysWOW64\regsvr32.exe /s /u %i
Reg: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /v PendingFileRenameOperations /t REG_MULTI_SZ /d "" /f
CMD: for %i in ("C:\Program Files\żěŃą\X86\*.dll") do regsvr32.exe /s /u %i
CMD: for %i in ("C:\Program Files (x86)\Tencent\QQPCMgr\11.4.26194.901\*.dll") do C:\Windows\SysWOW64\regsvr32.exe /s /u %i
FirewallRules: [{5CEA3D4F-C645-4002-8503-07F69F38FA15}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{A2852915-3524-485B-8975-14EE2477FC20}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCTray.exe
FirewallRules: [{E5A05790-F83D-4B01-BCAD-CE0C458FEAD8}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCMgr.exe
FirewallRules: [{92679831-6261-455C-803F-9F22CCC99670}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCRTP.exe
FirewallRules: [{9D71622A-CF12-4F1F-B319-F89F9547225D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMDL.exe
FirewallRules: [{D920149C-48B1-467E-8FE5-F1C23801BCC9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\bugreport.exe
FirewallRules: [{442D83A1-4191-4B4E-A664-1829E0C7BD28}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCFileOpen.exe
FirewallRules: [{DB4C3DCE-7431-4DEB-8A57-7BCD7A8AD42D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCLeakScan.exe
FirewallRules: [{79B14B72-66F3-4336-878C-4CF2A14F188E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPConfig.exe
FirewallRules: [{A9DF3A2E-BAE4-4200-9B4B-24EA463A3235}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCSoftMgr.exe
FirewallRules: [{F7A41260-8FC4-4EB9-B7A3-27D0063B762A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{35837460-13D7-43DD-B7F2-CFC6B3ACE72A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCBTU.exe
FirewallRules: [{BC3E368C-330F-4CCC-8200-682591D14B59}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCClinic.exe
FirewallRules: [{2949E07E-6E66-4D83-8F0B-A4EE3A5A7BC5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCLaunch.exe
FirewallRules: [{47A04DA7-265A-403F-AE2C-0DD2B4D7AF51}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{93CCC51E-B86F-4185-96D3-52C81326E5C1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCSoftGame.exe
FirewallRules: [{4DAABFA3-247B-4DC6-AD22-0086F6F49F68}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCSysOptimize.exe
FirewallRules: [{B9599F1B-43B7-4D2A-83EC-5030808403B5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCUpdateAVLib.exe
FirewallRules: [{6018444C-A164-46B5-A0B9-E159042CFA1F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQRepair.exe
FirewallRules: [{D6DE3A1F-4521-4EB4-A551-D067F8D93EDF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\Uninst.exe
FirewallRules: [{1C7CA804-C82E-4F75-8B4E-F92AB172A1EB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCPatch.exe
FirewallRules: [{CBFF8BAA-46B7-4234-BC3F-6A9349DD6AD9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TpkUpdate.exe
FirewallRules: [{2CC03119-B47B-472E-A4AF-10547BDDA132}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMAccountProtection.exe
FirewallRules: [{F0A34B27-C4E1-43F5-BA1E-8E7AB8AC6739}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMAdBlock.exe
FirewallRules: [TCP Query User{6DF28DE8-6890-4E6D-BE4D-01C3FFCDA09B}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe] => (Block) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [UDP Query User{A817CEF6-4BD2-419C-A455-01936F513BE8}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe] => (Block) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{21BF185E-67AC-4AEB-955E-B9DF2929E65A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{64FDD823-2623-4925-A700-5E561A401FCB}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
RemoveDirectory: C:\program files (x86)\common files\tencent
RemoveDirectory: C:\Program Files (x86)\Tencent
RemoveDirectory: C:\Program Files (x86)\UCBrowser
RemoveDirectory: C:\Program Files (x86)\Biziied
RemoveDirectory: C:\Users\Dawid\AppData\Roaming\UPUpdata
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
2016-04-26 14:24 - 2016-04-26 14:24 - 0000009 ____N () C:\Users\Dawid\AppData\Roaming\a.bat
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
2016-07-26 09:40 - 2016-07-26 09:40 - 00114280 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMAntiInject.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\zlib.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00491112 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\sqlite.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\tinyxml.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00049256 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00073320 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2016-07-26 09:40 - 2016-02-28 00:55 - 00036128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\oDayProtect.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00134760 _____ () c:\program files (x86)\tencent\qqpcmgr\11.7.17772.224\qmrtpcontroller.dll
2016-07-26 09:39 - 2016-07-26 09:39 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\arkGraphic.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\xImage.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\GF.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\xGraphic32.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\libpng.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\libjpegturbo.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\jgImage.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\jgIOStub.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\libexpatw.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00171624 _____ () c:\program files (x86)\tencent\qqpcmgr\11.7.17772.224\qmhipslogpolicy.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00085608 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\MemDefrag.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00364136 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\OperationFileCloudMgr.dll
2016-07-26 09:49 - 2016-06-21 20:05 - 00106088 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMTrayPlugin\QMAutoTaskPlugin\SubPlugins\WebkitCheckPlugin.dll
2016-07-26 09:39 - 2016-07-26 09:39 - 00379232 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\DlForQd.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00267368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\Win10ToastNotification.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00253544 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMWlanMacDll.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 02156896 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\GF.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00092512 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\xGraphic32.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\zlib.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\libexpatw.dll
2016-07-26 09:41 - 2016-07-26 09:41 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\tinyxml.dll
2016-07-26 09:39 - 2016-07-26 09:39 - 00342368 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\arkGraphic.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00045408 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\jgImage.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\jgIOStub.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\libpng.dll
2016-07-26 09:40 - 2016-07-26 09:40 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\plugins\QMNetMon\libjpegturbo.dll
Task: C:\WINDOWS\Tasks\{3B19CC9B-73C2-761A-1CA0-1EC57529C729}.job =>
Task: {47D9B6F3-9D95-4FA0-8BB4-61237DB10AFA} - System32\Tasks\tasklist => C:\Users\Dawid\AppData\Roaming\UPUpdata\service72564.exe
Task: {BA864FFF-8DC7-4B1D-998F-68CB024EA314} - System32\Tasks\Plevechatigis Nodifier => C:\Program Files (x86)\Biziied\PlevechatigisNodifierAtigertain.exe
2016-07-26 09:06 - 2016-07-26 09:06 - 7105536 _____ () C:\Users\Dawid\AppData\Roaming\agent.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 0054272 _____ () C:\Users\Dawid\AppData\Roaming\ApplicationHosting.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 0070896 _____ () C:\Users\Dawid\AppData\Roaming\Config.xml
2016-07-26 09:21 - 2016-07-17 05:03 - 1609728 _____ () C:\Users\Dawid\AppData\Roaming\crfeaDlr.exe
2016-07-26 09:06 - 2016-07-26 09:03 - 0676352 _____ () C:\Users\Dawid\AppData\Roaming\Danis.exe
2016-07-26 09:06 - 2016-07-26 09:06 - 0072713 _____ () C:\Users\Dawid\AppData\Roaming\Danis.tst
2016-06-28 03:12 - 2016-06-28 03:12 - 0314434 ____N () C:\Users\Dawid\AppData\Roaming\EYapp.apk
2010-08-28 22:43 - 2010-08-28 22:43 - 0356009 ____N () C:\Users\Dawid\AppData\Roaming\fastboot.exe
2016-07-26 09:06 - 2016-07-26 09:03 - 0676352 _____ () C:\Users\Dawid\AppData\Roaming\GreenDincof.exe
2016-07-26 09:06 - 2016-07-26 09:06 - 1881260 _____ () C:\Users\Dawid\AppData\Roaming\GreenDincof.tst
2016-07-26 09:03 - 2016-07-26 09:04 - 0018336 _____ () C:\Users\Dawid\AppData\Roaming\InstallationConfiguration.xml
2016-07-26 09:20 - 2016-07-11 11:34 - 1608704 _____ () C:\Users\Dawid\AppData\Roaming\InstallDingjDlr.exe
2016-07-26 09:03 - 2016-07-26 09:03 - 0129024 _____ () C:\Users\Dawid\AppData\Roaming\Installer.dat
2016-07-26 09:19 - 2016-07-24 08:19 - 1615872 _____ () C:\Users\Dawid\AppData\Roaming\kpzip.exe
2016-07-26 09:06 - 2016-07-26 09:06 - 0126464 _____ () C:\Users\Dawid\AppData\Roaming\lobby.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 0018432 _____ () C:\Users\Dawid\AppData\Roaming\Main.dat
2016-07-26 09:06 - 2016-07-26 09:06 - 0005568 _____ () C:\Users\Dawid\AppData\Roaming\md.xml
2016-07-26 09:06 - 2016-07-26 09:06 - 0126464 _____ () C:\Users\Dawid\AppData\Roaming\noah.dat
2016-07-26 09:22 - 2016-06-29 08:55 - 55135848 _____ () C:\Users\Dawid\AppData\Roaming\qqpcmgr_v11.7.17772.224_73233_Silence.exe
2016-07-26 09:18 - 2016-07-13 04:29 - 0344576 _____ () C:\Users\Dawid\AppData\Roaming\RandomDelJiheReg.exe
2016-07-26 09:06 - 2016-07-26 09:19 - 7616340 _____ () C:\Users\Dawid\AppData\Roaming\setup.apk
2016-07-26 09:05 - 2016-07-05 07:58 - 9216000 _____ (eee) C:\Users\Dawid\AppData\Roaming\THREADAPP.exe
2016-07-26 09:06 - 2016-07-26 09:19 - 0732869 _____ () C:\Users\Dawid\AppData\Roaming\xdo.zip
2016-07-26 09:04 - 2016-07-26 09:04 - 0848437 _____ () C:\Users\Dawid\AppData\Roaming\Yearin.bin
2016-07-26 09:20 - 2016-07-06 09:49 - 1613824 _____ () C:\Users\Dawid\AppData\Roaming\YellowSend.exe
2016-07-26 09:21 - 2016-07-06 07:10 - 1609728 _____ () C:\Users\Dawid\AppData\Roaming\YoyNotepad.exe
2016-07-26 09:04 - 2016-02-18 10:10 - 5267952 _____ () C:\Users\Dawid\AppData\Roaming\ziptool_wc-9015_setup.exe
2016-07-26 09:03 - 2016-07-26 10:13 - 00000000 ____D C:\Program Files (x86)\mpck
2016-07-26 09:03 - 2016-07-26 10:09 - 00000000 ____D C:\Program Files (x86)\badu
2016-07-26 09:06 - 2016-07-26 09:06 - 00000000 ____D C:\Users\Dawid\AppData\Local\UCBrowser
2016-07-26 09:06 - 2016-07-26 09:03 - 00676352 _____ C:\Users\Dawid\AppData\Roaming\GreenDincof.exe
2016-07-26 09:06 - 2016-07-26 09:03 - 00676352 _____ C:\Users\Dawid\AppData\Roaming\Danis.exe
2016-07-26 09:06 - 2016-07-04 14:46 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys
2016-07-26 09:05 - 2016-07-26 10:14 - 00000000 ____D C:\Program Files (x86)\host
2016-07-26 09:05 - 2016-07-26 10:08 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-07-26 09:05 - 2016-07-05 07:58 - 09216000 _____ (eee) C:\Users\Dawid\AppData\Roaming\THREADAPP.exe
2016-07-26 09:04 - 2016-07-26 09:07 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-07-26 09:04 - 2016-07-26 09:04 - 00848437 _____ C:\Users\Dawid\AppData\Roaming\Yearin.bin
2016-07-26 09:04 - 2016-07-26 09:04 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-07-26 09:04 - 2016-07-26 09:04 - 00000000 ____D C:\Program Files\Caster
2016-07-26 09:04 - 2016-02-18 10:10 - 05267952 _____ () C:\Users\Dawid\AppData\Roaming\ziptool_wc-9015_setup.exe
2016-07-26 09:03 - 2016-07-26 10:29 - 00000000 ____D C:\Users\Dawid\AppData\Local\Apps\2.0
2016-07-26 09:03 - 2016-07-26 10:26 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\UPUpdata
2016-07-26 09:03 - 2016-07-26 10:13 - 00000000 ____D C:\Program Files (x86)\mpck
2016-07-26 09:03 - 2016-07-26 10:09 - 00000000 ____D C:\Program Files (x86)\badu
2016-07-26 09:19 - 2016-07-24 08:19 - 01615872 _____ C:\Users\Dawid\AppData\Roaming\kpzip.exe
2016-07-26 09:18 - 2016-07-26 09:18 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\MCorp
2016-07-26 09:18 - 2016-07-13 04:29 - 00344576 _____ C:\Users\Dawid\AppData\Roaming\RandomDelJiheReg.exe
2016-07-26 09:12 - 2016-07-26 09:12 - 00001624 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-07-26 09:12 - 2016-07-26 09:12 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-07-26 09:06 - 2016-07-26 09:22 - 00000000 ____D C:\ProgramData\CloudPrinter
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-07-26] (DotC United Inc)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMUdisk64.sys [184312 2016-07-19] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQSysMonX64.sys [152568 2016-07-26] (电脑管家)
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\softaal64.sys [42488 2016-07-26] (Tencent)
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [239096 2016-07-26] ()
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [97880 2016-07-26] (Tencent)
R2 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys [141816 2016-07-26] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [95224 2016-07-26] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TS888x64.sys [38520 2016-07-26] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TSDefenseBT64.sys [28984 2016-07-26] (Tencent)
R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TsNetHlpX64.sys [55800 2016-07-26] ()
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TSSysKit64.sys [94712 2016-07-26] (电脑管家)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-07-04] (Huorong Borui (Beijing) Technology Co., Ltd.)
S1 ptnsykcr; \??\C:\WINDOWS\system32\drivers\ptnsykcr.sys [X]
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-07-26] (DotC United Inc)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCRTP.exe [315920 2016-07-26] (Tencent)
U2 QQRepairfa5; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairfa5 [208616 2016-07-26] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [208616 2016-07-26] ()
S3 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 FastCompress; C:\Program Files (x86)\FastCompress-Zip\Fast_Support.exe [X]
S2 PlevechatigisNodifierThwapy.exe; "C:\Program Files (x86)\Biziied\PlevechatigisNodifierThwapy.exe" {C25DA384-2010-45A4-A1ED-BFA540D4789B} {9DC74CD5-24EA-4ADE-9C42-608A8CE17116} [X]
S2 ProntSpooler; Brak ImagePath
FF Extension: GsearchFinder - C:\Users\Dawid\AppData\Roaming\Profiles\uwxj3omx.default\Extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi [2016-07-26]
HOSTS:
EmptyTemp:

>>Menu Notatnika >> Plik >>
>>Zapisz jako >>
Nazwa pliku: fixlist
Zapisz jako typ: Dokumenty tekstowe
Kodowanie: UTF -8
>>Zapisz
Plik umieść w folderze C:\Users\Dawid\Desktop
Uruchom FRST i kliknij przycisk Fix (NAPRAW).
Daj z tego log.

2) zrób nowe logi FRST.
przed skanem zaznacz: Additional.txt Shortcut.txt,

Logi (tekst) wklejaj na http://wklejto.pl/, a w poście daj tylko linki.(czyli skopiuj adres z paska adresów)

Zajrzę tu po 21:00
.

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Powolne działanie komputera - standard

Postprzez holi12 26 Lip 2016, 20:36

http://www.wklejto.pl/258840
http://www.wklejto.pl/258841
http://www.wklejto.pl/258842
holi12
~user
 
Posty: 653
Dołączenie: 17 Mar 2006, 00:47
Pochwały: 5



Powolne działanie komputera - standard

Postprzez ordynat 26 Lip 2016, 20:58

Logi (tekst) wklejaj na http://wklejto.pl/

Logi są zniekształcone - na "wklejto" trzeba wklejać tekst, a nie plik.
Popraw to.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Powolne działanie komputera - standard

Postprzez holi12 26 Lip 2016, 22:56

http://www.wklejto.pl/258849
http://www.wklejto.pl/258850
http://www.wklejto.pl/258851

:)
holi12
~user
 
Posty: 653
Dołączenie: 17 Mar 2006, 00:47
Pochwały: 5



Powolne działanie komputera - standard

Postprzez ordynat 27 Lip 2016, 08:12

Uruchom Registry DeleteEx http://www.novirusthanks.org/products/registry-deleteex/ .
Zaznacz opcję "Recursively delete all subkeys". W pasku adresów po kolei wklej te ścieżki i je usuń:

HKLM\SYSTEM\CurrentControlSet\Services\MPCKpt
HKLM\SYSTEM\CurrentControlSet\Services\MPCProtectService[\b]

Zresetuj system.

2. Wejdź do folderu C:\Program Files\MPC Cleaner i uruchom deinstalato r(np. uninstall.exe), o ile plik nadal jest. Zresetuj system.

3) Sprawdź, czy w tych folderach nie ma też plików deinstalacyjnych:
C:\Program Files (x86)\Tencent
C:\Program Files\żěŃą
jeśli są, to ich użyj.

4) Otwórz Notatnik i wklej w nim:
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQBrowser
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QQBrowser
FirewallRules: [{51550532-BDC5-4DFC-840A-B3657EC6A8A4}] => (Allow) C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe
FirewallRules: [{83B16C92-A0D4-4273-A00A-F1F1582089D2}] => (Allow) C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe
FirewallRules: [{100E63F1-4D06-4CFC-975C-9D190A0474CC}] => (Allow) C:\Users\Dawid\AppData\Roaming\QB\BugReport.exe
FirewallRules: [{8D2D738F-7014-411A-BE2C-409C69D837B9}] => (Allow) C:\Users\Dawid\AppData\Roaming\QB\BugReport.exe
FirewallRules: [{CAAB599D-16D6-428C-9274-B40914ED214E}] => (Allow) C:\Users\Dawid\AppData\Local\Tencent\QQBrowser\User Data\Liveup\Temp\QQBrowserLiveup.exe
FirewallRules: [{A1226BE2-1711-400E-AF52-096EF1286BFE}] => (Allow) C:\Users\Dawid\AppData\Local\Tencent\QQBrowser\User Data\Liveup\Temp\QQBrowserLiveup.exe
FirewallRules: [{2568FCFD-359B-439E-AB31-287D2F37A741}] => (Allow) C:\Users\Dawid\AppData\Roaming\QB\9.3.7743.400\qqbrowser.exe
FirewallRules: [{252C1247-CB5E-4784-9F31-90F4C3913B98}] => (Allow) C:\Users\Dawid\AppData\Roaming\QB\9.3.7743.400\qqbrowser.exe
RemoveDirectory: C:\Users\Dawid\AppData\Local\Tencent
RemoveDirectory: C:\Program Files (x86)\SrpnFiles
RemoveDirectory: C:\ProgramData\ApppazmaL
RemoveDirectory: C:\Program Files (x86)\MPC Cleaner
RemoveDirectory: C:\Users\Dawid\AppData\Roaming\QB
FirewallRules: [{06356808-872C-4F66-A284-000408467632}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{943990F7-B78C-43C6-8597-8CE13A82DEA1}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{895F6591-B45B-43C1-8431-3022A2627120}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{FFB42C20-2B9F-4898-B857-5B8C22695D02}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v QQPCTray /f
Reg: reg delete HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v safe_urls768 /f
Reg: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /v PendingFileRenameOperations /t REG_MULTI_SZ /d "" /f
CMD: for %i in ("D:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\*.dll") do regsvr32 /s /u %i
CMD: for %i in ("D:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\*.dll") do C:\Windows\SysWOW64\regsvr32.exe /s /u %i
Reg: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /v PendingFileRenameOperations /t REG_MULTI_SZ /d "" /f
CMD: for %i in ("C:\Program Files\żěŃą\X86\*.dll") do regsvr32.exe /s /u %i
CMD: for %i in ("C:\Program Files (x86)\Tencent\QQPCMgr\11.4.26194.901\*.dll") do C:\Windows\SysWOW64\regsvr32.exe /s /u %i
AlternateDataStreams: C:\Users\Dawid\AppData\Local\Historia:7fe30ec3baa0 [4850]
ShortcutWithArgument: C:\Users\Dawid\Desktop\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://yeabests.cc
Task: C:\WINDOWS\Tasks\QQBrowser Updater Task(Core).job => C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe <==== UWAGA
Task: C:\WINDOWS\Tasks\QQBrowser Updater Task.job => C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe <==== UWAGA
Task: {E04F0559-21E4-4705-B571-C711330F186A} - System32\Tasks\psv_Fix-Plus => /c regedit.exe /s "C:\ProgramData\ApppazmaL\Eco-Fix.reg" &amp; del "C:\ProgramData\ApppazmaL\Eco-Fix.reg" &amp; SCHTASKS /Delete /TN "psv_Fix-Plus" /F <==== UWAGA
Task: {4CA2452D-3839-4C7E-8AD2-6FA09B58B813} - System32\Tasks\QQBrowser Updater Task(Core) => C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe [2016-07-26] (Tencent) <==== UWAGA
Task: {353A6D92-D525-437D-86F0-F93A6E81C1FA} - System32\Tasks\QQBrowser Updater Task => C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe [2016-07-26] (Tencent) <==== UWAGA
Task: {3EDD45FC-A04A-4D9B-AF4A-0298D1CE5F07} - System32\Tasks\psv_Zaamdex => /c regedit.exe /s "C:\ProgramData\ApppazmaL\Greendom.reg" &amp; del "C:\ProgramData\ApppazmaL\Greendom.reg" &amp; SCHTASKS /Delete /TN "psv_Zaamdex" /F <==== UWAGA
AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
C:\Users\Dawid\AppData\Roaming\TXQBINSTX2.EXE
2016-07-26 10:19 - 2016-04-06 17:28 - 00001866 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\allegro.pl .lnk
2016-07-26 10:19 - 2016-04-06 17:28 - 00001854 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Booking .lnk
2016-07-25 20:37 - 2016-07-25 20:34 - 00000209 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-07-25 20:36 - 2016-07-26 09:16 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\ASPackage
2016-07-26 09:21 - 2016-07-26 09:21 - 00092872 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys
2016-07-26 09:21 - 2016-07-26 09:21 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Softlink
2016-07-26 09:20 - 2016-07-26 10:00 - 00000000 ____D C:\Program Files\żěŃą
2016-07-26 09:20 - 2016-07-26 09:36 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Kuaizip
2016-07-26 09:04 - 2016-07-26 09:07 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-07-26 09:04 - 2016-07-26 09:04 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-07-26 09:46 - 2016-07-26 09:57 - 00000000 ____D C:\Users\Dawid\AppData\Local\AAFE2FAC-1469526414-E511-90AB-FC3FDB5A2802
2016-07-26 09:45 - 2016-07-26 19:55 - 00000000 ____D C:\ProgramData\TXQMPC
2016-07-26 09:45 - 2016-07-26 09:45 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-07-26 09:45 - 2016-07-26 09:41 - 00141816 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-07-26 09:45 - 2016-07-26 09:41 - 00097880 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2016-07-26 09:44 - 2016-07-26 09:41 - 00095224 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-07-26 09:36 - 2016-07-26 09:36 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-07-26 09:35 - 2016-07-26 19:43 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Tencent
2016-07-26 09:30 - 2016-07-26 19:48 - 00000000 ____D C:\ProgramData\Tencent
2016-07-26 09:22 - 2016-07-26 09:22 - 00000534 _____ C:\zingload.xml
2016-07-26 10:26 - 2016-07-26 19:29 - 00038520 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys
2016-07-26 18:07 - 2016-07-26 18:07 - 00000000 ____D C:\QMDownload
2016-07-26 16:28 - 2016-07-26 16:28 - 00003330 _____ C:\WINDOWS\System32\Tasks\psv_Fix-Plus
2016-07-26 15:46 - 2016-07-26 15:46 - 00003330 _____ C:\WINDOWS\System32\Tasks\psv_Zaamdex
2016-07-26 19:59 - 2016-07-26 19:59 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\MCorp
2016-07-26 19:54 - 2016-07-26 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-07-26 19:43 - 2016-07-26 19:54 - 00000314 _____ C:\WINDOWS\Tasks\QQBrowser Updater Task(Core).job
2016-07-26 19:43 - 2016-07-26 19:54 - 00000310 _____ C:\WINDOWS\Tasks\QQBrowser Updater Task.job
2016-07-26 19:43 - 2016-07-26 19:51 - 00129016 _____ (Tencent Inc.) C:\WINDOWS\system32\Drivers\TsQBDrv.sys
2016-07-26 19:43 - 2016-07-26 19:43 - 00003274 _____ C:\WINDOWS\System32\Tasks\QQBrowser Updater Task
2016-07-26 19:43 - 2016-07-26 19:43 - 00002660 _____ C:\WINDOWS\System32\Tasks\QQBrowser Updater Task(Core)
2016-07-26 19:43 - 2016-07-26 19:42 - 00089528 _____ (Tencent Inc.) C:\WINDOWS\system32\Drivers\TsQBDrv.sys.old
2016-07-26 19:42 - 2016-07-26 20:02 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\QB
2016-07-26 19:42 - 2016-07-26 19:42 - 45331960 _____ (Tencent Inc.) C:\Users\Dawid\AppData\Roaming\TXQBINSTX2.EXE
2016-07-26 19:42 - 2016-07-26 19:42 - 00000000 ____D C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-07-26 19:42 - 2016-07-26 19:42 - 00000000 ____D C:\Users\Dawid\AppData\Local\Tencent
U3 ACVEACSWETQB; Brak ImagePath
U3 browsersrvqb; Brak ImagePath
U3 tencentqbserv; Brak ImagePath
U4 UCGuard; Brak ImagePath
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [239096 2016-07-26] ()
S3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [97880 2016-07-26] (Tencent)
R2 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys [141816 2016-07-26] (Tencent Technology(Shenzhen) Company Limited)
R1 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [95224 2016-07-26] (电脑管家)
S1 TsDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TSDefenseBT64.sys [28984 2016-07-26] (Tencent)
R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TsNetHlpX64.sys [55800 2016-07-26] ()
R1 TsQBDrv; C:\WINDOWS\system32\drivers\TsQBDrv.sys [129016 2016-07-26] (Tencent Inc.)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TSSysKit64.sys [94712 2016-07-26] (电脑管家)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-07-26] (DotC United Inc)
R2 qqsysmonx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQSysMonX64.sys [152568 2016-07-26] (电脑管家)
S2 ApppazmaL; C:\ProgramData\\ApppazmaL\\ApppazmaL.exe -f "C:\ProgramData\\ApppazmaL\\ApppazmaL.dat" -l -a
S2 QQRepair1914; "C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1914" [X]
U2 QQRepair1dae; "C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1dae" [X]
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [X]
S2 saiyitechnology; C:\ProgramData\yahoochrome_D\desktop267.exe [X]
R2 TxQBService; C:\Users\Dawid\AppData\Roaming\QB\TsService.exe [1173776 2016-07-26] (Tencent Inc.)
R2 QQPCRtp; C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCRTP.exe [315920 2016-07-26] (Tencent)
startMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.zingload.com/?type=ll&uid=70466a72-e2e2-486c-8197-698353adcfa0
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\npQMExtensionsMozilla.dll [2016-07-26] (Tencent Technology (Shenzhen) Company Limited)
FF Keyword.URL: hxxp://www.trotux.com/search/?z=8db012b323f05f554c9e587g4z5q2t5w2g2q2q2e6q&from=clc&uid=TOSHIBAXMQ01ABF050_Y5UPP3HQTXXY5UPP3HQT&type=sp&q=
FF NewTab: C:\\ProgramData\\ApppazmaLs\\ff.NT
FF DefaultSearchEngine: trotux
FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=trotux
FF SelectedSearchEngine: trotux
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.zingload.com/?type=ll&uid=70466a72-e2e2-486c-8197-698353adcfa0
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\TSWebMon64.dat [2016-07-26] (Tencent)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.hao123.com/?tn=93205588_hao_pg
HKU\S-1-5-21-3987013258-1122006406-2270890607-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.hao123.com/?tn=93205588_hao_pg
AppInit_DLLs: C:\ProgramData\ApppazmaL\Zottex.dll => Brak pliku
AppInit_DLLs-x32: C:\ProgramData\ApppazmaL\Whitefresh.dll => Brak pliku
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QMGCShellExt64.dll [2016-07-26] (Tencent)
ShellIconOverlayIdentifiers: [QBOverlayIcon] -> {96959DE7-C855-42BD-8382-2AAABF2A8F52} => C:\Users\Dawid\AppData\Local\Tencent\QQBrowser\User Data\IconOverlay\QBShellIcon16327e.dll [2016-07-26] (Tencent)
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.7.17772.224\QQPCTRAY.EXE [364776 2016-07-26] (Tencent)
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件\QQ浏览器\QQ浏览器.lnk -> C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe (Tencent) -> -sc=startmenushortcut -fixlaunch=0
C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QQ浏览器.lnk -> C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe (Tencent) -> -sc=quicklaunchshortcut -fixlaunch=0
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\QQ浏览器.lnk -> C:\Users\Dawid\AppData\Roaming\QB\QQBrowser.exe (Tencent) -> -sc=quicklaunchpinedshortcut -fixlaunch=0
C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QQ浏览器.lnk
C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\QQ浏览器.lnk
C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件\QQ浏览器\卸载QQ浏览器.lnk
CMD: fltmc instances
EmptyTemp:

>>Menu Notatnika >> Plik >>
>>Zapisz jako >>
Nazwa pliku: [b]fixlist

Zapisz jako typ: Dokumenty tekstowe
Kodowanie: Unicode
>>Zapisz
Plik umieść w folderze C:\Users\Dawid\Desktop\Czyszczenie
Uruchom FRST i kliknij przycisk Fix (NAPRAW).
Daj z tego log.

5) Zrób nowe logi FRST.
Przed skanem zaznacz "Addition.txt" oraz "Shortcut.txt"
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 10 gości

cron