Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01 Ran by Герберт (administrator) on ГЕРБЕРТ-ПК (25-05-2018 23:36:11) Running from C:\Users\Герберт\Desktop Loaded Profiles: Герберт (Available Profiles: Герберт) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Русский (Россия) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Windows\SysWOW64\ASGT.exe () C:\ProgramData\Microsoft\SpwiControl\4_7_1\SpwiControl.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [2220608 2018-05-14] (QIHU 360 SOFTWARE CO. LIMITED) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 192.168.3.1 Tcpip\..\Interfaces\{97678F74-67B6-40A1-99AA-4285EC995319}: [DhcpNameServer] 192.168.3.1 192.168.3.1 Internet Explorer: ================== HKU\S-1-5-21-3698359554-1639482360-1336285663-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlVOCDRhYvqM9u559jcwhzlbw2vm-1nbetmsTK6ses6lhiYjcr0Zf3gBPqZX7cmhA7_C7DHCDg1v4eR-m4nCcTeP3qAVy1L-_nc7qnpG-NqgAYxoJBvGZtG22R0-qejBwTQbWnDGdB7Fjw47WJcN3DBau6SiLKlD3h_sH-fXkg,,&q={searchTerms} HKU\S-1-5-21-3698359554-1639482360-1336285663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlVOCDRhYvqM9u559jcwhzlbw2vm-1nbetmsTK6ses6lhiYjcr0Zf3gBPqZX7cmhA7_C7DHCDg1v4eRy3MbeVFbwDtc_guKFiQj39Y_Pzh7MxCKbbP0--93VpgWS0X4LDogOGICXS6yE0x4RYdOrbMbHm-vmvpPr9S26ww7U6Q,, SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKU\S-1-5-21-3698359554-1639482360-1336285663-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B2138819D-A1F9-4A94-8981-E47CF182D727%7D&gp=812209 SearchScopes: HKU\S-1-5-21-3698359554-1639482360-1336285663-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B2138819D-A1F9-4A94-8981-E47CF182D727%7D&gp=812209 BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-06-26] (Siber Systems Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-03-02] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2018-05-14] (Qihu 360 Software Co., Ltd.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-02] (Oracle Corporation) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-06-26] (Siber Systems Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2017-09-28] (Qihu 360 Software Co., Ltd.) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-06-26] (Siber Systems Inc.) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-06-26] (Siber Systems Inc.) FireFox: ======== FF DefaultProfile: 6itoe68p.default FF ProfilePath: C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default [2018-05-25] FF user.js: detected! => C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\user.js [2017-06-30] FF Homepage: Mozilla\Firefox\Profiles\6itoe68p.default -> about:home FF NewTab: Mozilla\Firefox\Profiles\6itoe68p.default -> C:\\ProgramData\\Voyasollams\\ff.NT FF Session Restore: Mozilla\Firefox\Profiles\6itoe68p.default -> is enabled. FF HomepageOverride: Mozilla\Firefox\Profiles\6itoe68p.default -> Enabled: homepage@mail.ru FF NewTabOverride: Mozilla\Firefox\Profiles\6itoe68p.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} FF Extension: (System Table) - C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\Extensions\214028@modext.tech.xpi [2018-02-28] FF Extension: (No Name) - C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\Extensions\homepage@mail.ru.xpi [2018-05-23] [not signed] FF Extension: (Бесплатный прокси-сервер VPN Hotspot Shield — разблокировка сайтов) - C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\Extensions\hotspot-shield@anchorfree.com.xpi [2018-05-22] FF Extension: (Защита от веб-угроз 360) - C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\Extensions\InternetProtection@360safe.com.xpi [2018-03-05] FF Extension: (No Name) - C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\Extensions\search@mail.ru.xpi [2018-05-23] [not signed] FF Extension: (Webmaster SAPE) - C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\Extensions\toolbar@sape.ru.xpi [2018-05-25] [Legacy] FF Extension: (RDS bar (seo: тиц, pr, dmoz, yandex)) - C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\Extensions\{40AC5270-A9D0-11DE-B979-F0B655D89593}.xpi [2018-05-17] FF Extension: (No Name) - C:\Users\Герберт\AppData\Roaming\Mozilla\Firefox\Profiles\6itoe68p.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi [2018-05-23] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-09] () FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-02] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-09] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) Chrome: ======= CHR res: Infected resources.pak (Adware script). Reinstall Chrome. <==== ATTENTION CHR HomePage: Default -> inline.go.mail.ru CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=dse&q={searchTerms}&fr=chxtn12.0.23 CHR DefaultSearchKeyword: Default -> inline.go.mail.ru CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms} CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\Герберт\AppData\Local\Google\Chrome\User Data\Default [2018-05-25] CHR Extension: (Google Chrome Update Service) - C:\Users\Герберт\AppData\Local\Google\Chrome\User Data\Default\Extensions\egefklfmaeogcfhelnamdhgknndnpeim [2018-05-23] [UpdateUrl: hxxp://adsmeneger.club/update.xml] <==== ATTENTION CHR Extension: (Защита от веб-угроз 360) - C:\Users\Герберт\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2018-05-23] CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Герберт\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif [2018-05-25] CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Герберт\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-23] CHR Extension: (Chrome Media Router) - C:\Users\Герберт\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-23] CHR Extension: (RoboForm Password Manager) - C:\Users\Герберт\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2018-05-23] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-08-18] () [File not signed] S2 AUEPLauncher; C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe [9216 2017-11-27] () [File not signed] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6998536 2017-12-11] () S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-05-18] (EasyAntiCheat Ltd) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [37888 2011-05-21] () [File not signed] R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [963136 2018-05-25] (Qihoo 360 Technology Co. Ltd.) R2 SpwiControl; C:\ProgramData\Microsoft\SpwiControl\4_7_1\SpwiControl.exe [15360 2018-03-21] () [File not signed] <==== ATTENTION R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт) S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [183416 2018-01-12] (360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2018-05-14] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2018-05-14] (360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2018-05-14] (360.cn) S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [49088 2017-05-17] (360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [435296 2018-05-14] (360.cn) R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [87672 2018-01-12] (360.cn) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [211064 2018-05-14] (360.cn) S3 CMUAC; C:\Windows\System32\DRIVERS\CMUAC.SYS [390656 2014-01-08] (C-Media Inc.) R3 cpuz140; C:\Users\08FB~1\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [43840 2018-05-25] (CPUID) <==== ATTENTION R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94440 2017-05-07] (Корпорация Майкрософт) S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [30720 2005-04-14] (The OpenVPN Project) [File not signed] R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363752 2017-07-07] (Корпорация Майкрософт) S1 HWiNFO32; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [X] R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-05-25 23:18 - 2018-05-25 23:19 - 000009872 _____ C:\Users\Герберт\Desktop\Fixlog.txt 2018-05-25 22:56 - 2018-05-25 23:36 - 000015621 _____ C:\Users\Герберт\Desktop\FRST.txt 2018-05-25 22:55 - 2018-05-25 22:55 - 002413056 _____ (Farbar) C:\Users\Герберт\Desktop\FRST64.exe 2018-05-25 22:29 - 2018-05-25 22:29 - 523188272 ____N C:\Windows\MEMORY.DMP 2018-05-25 22:29 - 2018-05-25 22:29 - 000276592 _____ C:\Windows\Minidump\052518-30997-01.dmp 2018-05-25 22:11 - 2018-05-25 22:11 - 000000000 ____D C:\Users\Герберт\Downloads\avz4 2018-05-25 21:43 - 2018-05-25 23:36 - 000000000 ____D C:\FRST 2018-05-25 21:38 - 2018-05-25 21:38 - 010112832 _____ C:\Users\Герберт\Downloads\avz4.zip 2018-05-25 21:10 - 2018-05-25 21:10 - 000001179 _____ C:\Users\Герберт\Desktop\AIDA64 Extreme.lnk 2018-05-25 21:10 - 2018-05-25 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire 2018-05-25 21:10 - 2018-05-25 21:10 - 000000000 ____D C:\Program Files (x86)\FinalWire 2018-05-25 20:44 - 2018-05-25 20:54 - 051349248 _____ (FinalWire Ltd. ) C:\Users\Герберт\Downloads\aida64extreme597.exe 2018-05-24 02:23 - 2018-05-25 20:34 - 000000000 ____D C:\Program Files (x86)\SpeedFan 2018-05-24 02:23 - 2018-05-24 02:23 - 000001011 _____ C:\Users\Герберт\Desktop\SpeedFan.lnk 2018-05-24 02:23 - 2018-05-24 02:23 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo 2018-05-24 02:23 - 2018-05-24 02:23 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2018-05-24 01:52 - 2018-05-24 01:57 - 495897448 _____ (AMD Inc.) C:\Users\Герберт\Downloads\win7-64bit-radeon-software-adrenalin-edition-18.5.1-may23.exe 2018-05-24 01:36 - 2018-05-24 01:36 - 000000000 ____D C:\Users\Герберт\Desktop\Печати 2018-05-24 01:31 - 2018-05-24 01:31 - 000054650 _____ C:\Users\Герберт\Desktop\Печати.rar 2018-05-23 23:58 - 2018-05-23 23:58 - 025975000 _____ (AMD Inc.) C:\Users\Герберт\Downloads\radeon-adrenalin-18.5.1-minimalsetup-180522_64bit.exe 2018-05-23 23:09 - 2018-05-23 23:09 - 000000052 _____ C:\Users\Герберт\Desktop\фцвфвфв.txt 2018-05-23 22:47 - 2018-05-23 22:47 - 000029784 _____ C:\Users\Герберт\Desktop\spb_pe4ati-stampi_ru_Yandex_(Saint_Petersburg)_(2018-04-27)_-_(2018-03-21).xlsx 2018-05-23 22:45 - 2018-05-24 00:35 - 000013646 _____ C:\Users\Герберт\Desktop\печати-штампы_москва_Yandex_(Moscow)_(2018-04-27)_-_(2018-03-21).xlsx 2018-05-23 22:34 - 2018-05-23 22:34 - 000000001 _RHOT C:\Users\Герберт\AppData\Local\Optimizer 2018-05-23 22:34 - 2018-05-23 22:34 - 000000001 _RHOT C:\Users\Герберт\AppData\Local\agent.dat 2018-05-23 22:34 - 2018-05-23 22:34 - 000000001 _RHOT C:\Program Files (x86)\Multitimer 2018-05-23 22:22 - 2018-05-23 22:22 - 007271632 _____ (Malwarebytes) C:\Users\Герберт\Desktop\adwcleaner_7.1.1.exe 2018-05-23 22:21 - 2018-05-23 22:22 - 000000000 ____D C:\AdwCleaner 2018-05-23 22:08 - 2018-05-23 22:08 - 000000000 ____D C:\Program Files\UL9ZP55AEX 2018-05-23 22:07 - 2018-05-23 22:20 - 000000000 ____D C:\Program Files\5OHGYIQ2OI 2018-05-23 22:02 - 2018-05-25 20:58 - 000000000 ____D C:\Program Files\X9WOWLNMNA 2018-05-23 22:02 - 2018-05-25 20:58 - 000000000 ____D C:\Program Files\W96M8V77UG 2018-05-23 22:02 - 2018-05-23 22:28 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\0d2dvdzipr2 2018-05-23 22:02 - 2018-05-23 22:20 - 000000000 ____D C:\Program Files\4XE52B8T74 2018-05-23 22:02 - 2018-05-23 22:20 - 000000000 ____D C:\Program Files (x86)\lmnj1bbuvry 2018-05-23 22:02 - 2018-05-23 22:16 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\IObit 2018-05-23 22:02 - 2018-05-23 22:02 - 000064688 _____ C:\Users\Герберт\AppData\Roaming\run2.exe 2018-05-23 22:02 - 2018-05-23 22:02 - 000002478 _____ C:\Windows\System32\Tasks\Opera Software Updater 2018-05-23 22:01 - 2018-05-24 00:50 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\1337 2018-05-23 22:01 - 2018-05-23 22:20 - 000000000 ____D C:\Users\Герберт\AppData\Local\Elements Browser 2018-05-23 12:30 - 2018-05-23 12:30 - 000037093 _____ C:\Windows\uninstaller.dat 2018-05-20 17:01 - 2018-05-25 23:21 - 000003030 _____ C:\Windows\System32\Tasks\MSIAfterburner 2018-05-20 15:22 - 2018-05-20 16:32 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2018-05-20 15:22 - 2018-05-20 15:22 - 000001090 _____ C:\Users\Герберт\Desktop\MSI Afterburner.lnk 2018-05-20 15:22 - 2018-05-20 15:22 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2018-05-20 15:17 - 2018-05-20 15:17 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z 2018-05-20 15:17 - 2018-05-20 15:17 - 000000000 ____D C:\Program Files (x86)\GPU-Z 2018-05-20 14:09 - 2018-05-20 14:09 - 000000995 _____ C:\Users\Public\Desktop\Furmark.lnk 2018-05-20 14:09 - 2018-05-20 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Furmark 2018-05-20 14:09 - 2018-05-20 14:09 - 000000000 ____D C:\Program Files (x86)\Furmark 2018-05-20 13:28 - 2018-05-20 13:28 - 000000022 _____ C:\Windows\GPU-Z.INI 2018-05-18 15:04 - 2018-05-18 15:04 - 000001153 _____ C:\Users\Public\Desktop\360 Total Security.lnk 2018-05-18 12:58 - 2018-05-18 12:58 - 000079749 _____ C:\Users\Герберт\Desktop\Книга1.xlsx 2018-05-18 12:16 - 2018-05-18 12:16 - 000012472 _____ C:\Users\Герберт\Desktop\Разбивка cornertent.ru_перезапуск_МАЙ.csv 2018-05-18 11:12 - 2018-05-18 11:12 - 000025218 _____ C:\Users\Герберт\Desktop\Разбивка cornertent.ru_перезапуск_МАЙ.xlsx 2018-05-18 11:11 - 2018-05-21 23:46 - 000000000 ____D C:\Users\Герберт\Downloads\Telegram Desktop 2018-05-18 02:49 - 2018-05-18 21:57 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\EasyAntiCheat 2018-05-18 02:21 - 2018-05-18 02:21 - 000000202 _____ C:\Users\Герберт\Desktop\Darwin Project.url 2018-05-16 22:25 - 2018-05-16 22:25 - 001232264 _____ (AMD) C:\Windows\system32\coinst_18.10.dll 2018-05-16 22:24 - 2018-05-16 22:24 - 009990664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2018-05-16 22:24 - 2018-05-16 22:24 - 000164440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2018-05-16 22:24 - 2018-05-16 22:24 - 000146960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2018-05-16 22:24 - 2018-05-16 22:24 - 000009936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll 2018-05-16 22:24 - 2018-05-16 22:24 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll 2018-05-16 22:23 - 2018-05-16 22:23 - 011894144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdvt.dll 2018-05-16 22:23 - 2018-05-16 22:23 - 000544136 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2018-05-16 22:23 - 2018-05-16 22:23 - 000476552 _____ (AMD) C:\Windows\system32\atitmm64.dll 2018-05-16 22:23 - 2018-05-16 22:23 - 000469896 _____ C:\Windows\system32\dgtrayicon.exe 2018-05-16 22:23 - 2018-05-16 22:23 - 000448392 _____ C:\Windows\system32\GameManager64.dll 2018-05-16 22:23 - 2018-05-16 22:23 - 000356744 _____ C:\Windows\SysWOW64\GameManager32.dll 2018-05-16 22:23 - 2018-05-16 22:23 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2018-05-16 22:23 - 2018-05-16 22:23 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2018-05-16 22:23 - 2018-05-16 22:23 - 000115592 _____ (AMD) C:\Windows\system32\atimuixx.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 013544168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 012427184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6t.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 011882832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000704392 _____ (AMD) C:\Windows\system32\atieclxx.exe 2018-05-16 22:22 - 2018-05-16 22:22 - 000472968 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2018-05-16 22:22 - 2018-05-16 22:22 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000405896 _____ C:\Windows\system32\atieah64.exe 2018-05-16 22:22 - 2018-05-16 22:22 - 000342920 _____ C:\Windows\system32\clinfo.exe 2018-05-16 22:22 - 2018-05-16 22:22 - 000326024 _____ C:\Windows\SysWOW64\atieah32.exe 2018-05-16 22:22 - 2018-05-16 22:22 - 000196488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000175288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000153640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000142216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000120680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000105736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2018-05-16 22:22 - 2018-05-16 22:22 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 044673416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2018-05-16 22:21 - 2018-05-16 22:21 - 016489352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 002726792 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 001581720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 001059720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 001059720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000556936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000467848 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000437128 _____ C:\Windows\system32\amdgfxinfo64.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000352648 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe 2018-05-16 22:21 - 2018-05-16 22:21 - 000305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys 2018-05-16 22:21 - 2018-05-16 22:21 - 000171400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000150920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000148360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000141704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000124296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe 2018-05-16 22:21 - 2018-05-16 22:21 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000036744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll 2018-05-16 22:21 - 2018-05-16 22:21 - 000033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 053600648 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 029714312 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 025181064 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 016095624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 014063496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 013600136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 000866184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 000694152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 000139144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 000135560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll 2018-05-16 22:20 - 2018-05-16 22:20 - 000117128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll 2018-05-16 21:41 - 2018-05-16 21:41 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap 2018-05-16 21:41 - 2018-05-16 21:41 - 003437632 _____ C:\Windows\system32\atiumd6a.cap 2018-05-16 21:36 - 2018-05-16 21:36 - 000890728 _____ C:\Windows\SysWOW64\atiapfxx.blb 2018-05-16 21:36 - 2018-05-16 21:36 - 000890728 _____ C:\Windows\system32\atiapfxx.blb 2018-05-14 09:43 - 2018-05-24 01:13 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Telegram Desktop 2018-05-14 09:43 - 2018-05-14 09:43 - 000000995 _____ C:\Users\Герберт\Desktop\Telegram.lnk 2018-05-14 09:43 - 2018-05-14 09:43 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2018-05-13 12:57 - 2018-05-13 12:57 - 000000000 ____D C:\Users\Герберт\AppData\Local\GameAnalytics 2018-05-13 12:57 - 2018-05-13 12:57 - 000000000 ____D C:\Users\Герберт\AppData\Local\Darwin 2018-05-13 12:57 - 2018-05-13 12:57 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2018-05-13 01:59 - 2018-05-13 01:59 - 000000000 ____D C:\Users\Герберт\AppData\Local\GameCenter 2018-05-09 16:21 - 2018-04-23 21:57 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-05-09 16:21 - 2018-04-23 21:02 - 000348832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-05-09 16:21 - 2018-04-23 03:35 - 005583552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-05-09 16:21 - 2018-04-23 03:35 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-05-09 16:21 - 2018-04-23 03:35 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-05-09 16:21 - 2018-04-23 03:35 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-05-09 16:21 - 2018-04-23 03:35 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-05-09 16:21 - 2018-04-23 03:12 - 004047040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-05-09 16:21 - 2018-04-23 03:12 - 003958464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-05-09 16:21 - 2018-04-23 03:10 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-05-09 16:21 - 2018-04-23 03:07 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000512512 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 03:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:44 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-05-09 16:21 - 2018-04-23 02:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:32 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-05-09 16:21 - 2018-04-23 02:32 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-05-09 16:21 - 2018-04-23 02:32 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-05-09 16:21 - 2018-04-23 02:31 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-05-09 16:21 - 2018-04-23 02:28 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-05-09 16:21 - 2018-04-23 02:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2018-05-09 16:21 - 2018-04-23 02:27 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-05-09 16:21 - 2018-04-23 02:25 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-05-09 16:21 - 2018-04-23 02:24 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-05-09 16:21 - 2018-04-23 02:24 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-05-09 16:21 - 2018-04-23 02:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll 2018-05-09 16:21 - 2018-04-23 02:23 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-05-09 16:21 - 2018-04-23 02:23 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-05-09 16:21 - 2018-04-23 02:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-05-09 16:21 - 2018-04-23 02:19 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-05-09 16:21 - 2018-04-23 02:19 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-05-09 16:21 - 2018-04-23 02:19 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-05-09 16:21 - 2018-04-23 02:19 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-05-09 16:21 - 2018-04-23 02:18 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-05-09 16:21 - 2018-04-23 02:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-05-09 16:21 - 2018-04-23 02:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-05-09 16:21 - 2018-04-22 11:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-05-09 16:21 - 2018-04-22 10:53 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2018-05-09 16:21 - 2018-04-22 10:53 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2018-05-09 16:21 - 2018-04-22 10:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-05-09 16:21 - 2018-04-22 10:39 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2018-05-09 16:21 - 2018-04-22 10:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-05-09 16:21 - 2018-04-22 10:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-05-09 16:21 - 2018-04-22 10:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2018-05-09 16:21 - 2018-04-22 10:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2018-05-09 16:21 - 2018-04-22 10:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-05-09 16:21 - 2018-04-22 10:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2018-05-09 16:21 - 2018-04-22 10:30 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2018-05-09 16:21 - 2018-04-22 10:27 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-05-09 16:21 - 2018-04-22 10:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-05-09 16:21 - 2018-04-22 10:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-05-09 16:21 - 2018-04-22 10:26 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2018-05-09 16:21 - 2018-04-22 10:26 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2018-05-09 16:21 - 2018-04-22 10:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-05-09 16:21 - 2018-04-22 10:18 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2018-05-09 16:21 - 2018-04-22 10:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2018-05-09 16:21 - 2018-04-22 10:15 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-05-09 16:21 - 2018-04-22 10:08 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2018-05-09 16:21 - 2018-04-22 10:08 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2018-05-09 16:21 - 2018-04-22 10:07 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2018-05-09 16:21 - 2018-04-22 10:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-05-09 16:21 - 2018-04-22 10:04 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2018-05-09 16:21 - 2018-04-22 10:04 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-05-09 16:21 - 2018-04-22 10:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2018-05-09 16:21 - 2018-04-22 10:03 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2018-05-09 16:21 - 2018-04-22 10:03 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2018-05-09 16:21 - 2018-04-22 10:02 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-05-09 16:21 - 2018-04-22 10:02 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2018-05-09 16:21 - 2018-04-22 10:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-05-09 16:21 - 2018-04-22 10:00 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2018-05-09 16:21 - 2018-04-22 09:57 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2018-05-09 16:21 - 2018-04-22 09:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2018-05-09 16:21 - 2018-04-22 09:55 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2018-05-09 16:21 - 2018-04-22 09:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-05-09 16:21 - 2018-04-22 09:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-05-09 16:21 - 2018-04-22 09:53 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2018-05-09 16:21 - 2018-04-22 09:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-05-09 16:21 - 2018-04-22 09:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-05-09 16:21 - 2018-04-22 09:49 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-05-09 16:21 - 2018-04-22 09:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-05-09 16:21 - 2018-04-22 09:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-05-09 16:21 - 2018-04-22 09:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2018-05-09 16:21 - 2018-04-22 09:45 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2018-05-09 16:21 - 2018-04-22 09:40 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2018-05-09 16:21 - 2018-04-22 09:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2018-05-09 16:21 - 2018-04-22 09:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2018-05-09 16:21 - 2018-04-22 09:37 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2018-05-09 16:21 - 2018-04-22 09:37 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2018-05-09 16:21 - 2018-04-22 09:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2018-05-09 16:21 - 2018-04-22 09:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2018-05-09 16:21 - 2018-04-22 09:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-05-09 16:21 - 2018-04-22 09:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-05-09 16:21 - 2018-04-22 09:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2018-05-09 16:21 - 2018-04-22 09:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-05-09 16:21 - 2018-04-22 09:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-05-09 16:21 - 2018-04-22 09:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-05-09 16:21 - 2018-04-22 09:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2018-05-09 16:21 - 2018-04-22 09:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-05-09 16:21 - 2018-04-22 09:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-05-09 16:21 - 2018-04-22 09:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-05-09 16:21 - 2018-04-22 09:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-05-09 16:21 - 2018-04-22 09:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-05-09 16:21 - 2018-04-18 19:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2018-05-09 16:21 - 2018-04-18 19:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll 2018-05-09 16:21 - 2018-04-18 18:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2018-05-09 16:21 - 2018-04-18 18:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll 2018-05-09 16:21 - 2018-04-18 18:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe 2018-05-09 16:21 - 2018-04-18 18:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe 2018-05-09 16:21 - 2018-04-11 19:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2018-05-09 16:21 - 2018-04-11 19:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2018-05-09 16:21 - 2018-04-11 19:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll 2018-05-09 16:21 - 2018-04-11 19:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2018-05-09 16:21 - 2018-04-10 22:45 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-05-09 16:21 - 2018-04-10 19:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2018-05-09 16:21 - 2018-04-10 19:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2018-05-09 16:21 - 2018-04-10 19:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2018-05-09 16:21 - 2018-04-10 19:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2018-05-09 16:21 - 2018-04-10 19:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2018-05-09 16:21 - 2018-04-10 19:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2018-05-09 16:21 - 2018-04-10 19:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2018-05-09 16:21 - 2018-04-10 18:54 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-05-09 16:21 - 2018-04-10 18:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2018-05-09 16:21 - 2018-04-10 18:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2018-05-09 16:21 - 2018-04-10 18:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2018-05-09 16:21 - 2018-04-07 19:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2018-05-09 16:21 - 2018-03-19 01:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2018-05-09 16:21 - 2018-03-19 01:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2018-05-09 16:21 - 2018-03-14 20:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2018-05-09 16:21 - 2018-03-14 20:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2018-05-09 16:21 - 2018-03-14 20:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2018-05-09 16:21 - 2018-03-14 20:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2018-05-09 16:21 - 2018-03-14 20:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2018-05-09 16:21 - 2018-03-14 19:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2018-05-09 16:21 - 2018-03-14 19:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2018-05-09 16:21 - 2018-03-14 19:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2018-05-09 16:21 - 2018-03-14 19:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2018-05-09 16:21 - 2018-03-14 19:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2018-05-09 16:21 - 2018-03-14 19:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2018-05-09 16:21 - 2018-03-14 19:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2018-05-09 16:21 - 2018-03-14 19:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2018-05-09 16:21 - 2018-03-14 19:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2018-05-09 16:21 - 2018-03-14 19:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2018-05-09 16:21 - 2018-03-14 19:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2018-05-06 23:39 - 2018-05-06 23:39 - 000031404 _____ C:\Users\Герберт\Desktop\желтые страницы -Симкредит.xlsx 2018-04-28 15:09 - 2018-05-12 17:14 - 000000000 ___RD C:\Users\Герберт\YandexDisk-Aas@webvbi.ru 2018-04-28 15:08 - 2018-04-28 15:08 - 000001973 _____ C:\Users\Герберт\Desktop\Яндекс.Диск.lnk 2018-04-28 15:08 - 2018-04-28 15:08 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс.Диск 2018-04-28 15:01 - 2018-04-28 15:01 - 000001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2018-04-28 15:01 - 2018-04-28 15:01 - 000001109 _____ C:\Users\Герберт\Desktop\KeePass 2.lnk 2018-04-28 15:01 - 2018-04-28 15:01 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2018-04-28 14:35 - 2018-04-28 14:35 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk 2018-04-28 10:29 - 2018-04-28 10:29 - 000512955 _____ C:\Users\Герберт\Desktop\Цены на сайте2.pdf 2018-04-28 10:13 - 2018-05-22 23:43 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\KeePass 2018-04-28 09:57 - 2018-04-28 15:09 - 000000000 ___RD C:\Users\Герберт\YandexDisk 2018-04-28 09:57 - 2018-04-28 09:57 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Yandex 2018-04-28 09:57 - 2018-04-28 09:57 - 000000000 ____D C:\Users\Герберт\AppData\LocalLow\Yandex 2018-04-28 09:57 - 2018-04-28 09:57 - 000000000 ____D C:\Users\Герберт\AppData\Local\Yandex 2018-04-28 09:57 - 2018-04-28 09:57 - 000000000 ____D C:\Users\Все пользователи\Yandex 2018-04-28 09:57 - 2018-04-28 09:57 - 000000000 ____D C:\ProgramData\Yandex 2018-04-28 09:57 - 2018-04-28 09:57 - 000000000 ____D C:\Program Files\Yandex 2018-04-28 09:57 - 2018-04-28 09:57 - 000000000 ____D C:\Program Files (x86)\Yandex 2018-04-27 15:59 - 2018-04-27 15:59 - 000252928 _____ C:\Users\Герберт\Downloads\Сертификат стажировка.pub 2018-04-26 22:49 - 2018-05-23 21:58 - 006189568 _____ C:\Users\Герберт\Desktop\Копия www_mysbor_ru.xls ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-05-25 23:34 - 2017-06-03 12:38 - 000000000 ____D C:\Users\Герберт\AppData\LocalLow\360WD 2018-05-25 23:27 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-05-25 23:27 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-05-25 23:23 - 2017-06-03 12:46 - 000000000 ____D C:\Users\Герберт\AppData\LocalLow\Mozilla 2018-05-25 23:21 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-05-25 23:20 - 2017-12-12 01:57 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2018-05-25 23:20 - 2017-06-03 12:46 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-05-25 23:20 - 2017-06-03 12:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-05-25 23:19 - 2017-06-03 12:51 - 000000000 ___SD C:\Users\Герберт\AppData\LocalLow\Temp 2018-05-25 22:47 - 2017-06-03 12:46 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Mozilla 2018-05-25 22:29 - 2017-06-19 01:32 - 000000000 ____D C:\Windows\Minidump 2018-05-25 22:21 - 2017-06-03 12:39 - 000003868 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1496482777 2018-05-25 22:21 - 2017-06-03 12:39 - 000000000 ____D C:\Program Files\Opera 2018-05-25 21:41 - 2017-06-03 13:36 - 000000000 ____D C:\Users\Все пользователи\Microsoft Help 2018-05-25 21:40 - 2017-06-03 12:37 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\360safe 2018-05-25 21:23 - 2009-07-14 08:08 - 000032518 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-05-25 20:59 - 2018-01-29 15:50 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\360DrvMgr 2018-05-25 20:58 - 2017-06-03 13:34 - 000000000 __SHD C:\Users\Все пользователи\360Quarant 2018-05-25 20:58 - 2017-06-03 13:34 - 000000000 __SHD C:\ProgramData\360Quarant 2018-05-25 20:58 - 2017-06-03 13:34 - 000000000 __SHD C:\$360Section 2018-05-25 00:26 - 2017-06-28 14:55 - 000000000 ____D C:\Windows\pss 2018-05-24 02:12 - 2017-06-03 12:50 - 000000000 ____D C:\Program Files\AMD 2018-05-24 02:11 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2018-05-24 02:10 - 2017-12-12 01:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-05-24 02:08 - 2017-06-05 20:21 - 000000000 ____D C:\AMD 2018-05-24 01:41 - 2017-06-07 21:48 - 000000000 ____D C:\Users\Герберт\AppData\Local\Joxi 2018-05-24 01:34 - 2017-06-26 19:01 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\ICQ 2018-05-24 01:11 - 2018-02-05 22:31 - 000000061 _____ C:\Users\Все пользователи\SoftwareUpdateTemp.xml 2018-05-24 01:11 - 2018-02-05 22:31 - 000000061 _____ C:\ProgramData\SoftwareUpdateTemp.xml 2018-05-24 00:45 - 2017-09-07 09:12 - 000000000 ____D C:\Users\Герберт\Downloads\ICQ 2018-05-23 23:10 - 2018-03-06 15:33 - 000436824 _____ C:\Windows\system32\FNTCACHE.DAT 2018-05-23 22:36 - 2017-06-03 12:37 - 000000000 ____D C:\Users\Все пользователи\360safe 2018-05-23 22:36 - 2017-06-03 12:37 - 000000000 ____D C:\ProgramData\360safe 2018-05-23 22:35 - 2018-03-06 16:32 - 000115608 _____ C:\Users\Герберт\AppData\Local\GDIPFONTCACHEV1.DAT 2018-05-23 22:34 - 2017-10-12 00:19 - 000000000 ____D C:\Users\Все пользователи\Чистилка 2018-05-23 22:34 - 2017-10-12 00:19 - 000000000 ____D C:\ProgramData\Чистилка 2018-05-23 22:33 - 2017-06-03 12:42 - 000000000 ____D C:\Program Files (x86)\Google 2018-05-23 22:30 - 2017-10-12 00:19 - 002310408 _____ C:\Users\Герберт\Desktop\chistilka.exe 2018-05-23 22:30 - 2011-04-12 16:26 - 000724340 _____ C:\Windows\system32\perfh019.dat 2018-05-23 22:30 - 2011-04-12 16:26 - 000150656 _____ C:\Windows\system32\perfc019.dat 2018-05-23 22:30 - 2009-07-14 08:13 - 001648402 _____ C:\Windows\system32\PerfStringBackup.INI 2018-05-23 22:23 - 2017-06-03 12:46 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-05-23 22:23 - 2017-06-03 12:46 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk 2018-05-23 22:23 - 2017-06-03 12:42 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-05-23 22:23 - 2017-06-03 12:42 - 000002209 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-05-23 22:20 - 2017-12-12 01:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard 2018-05-23 22:20 - 2017-06-03 12:39 - 000000000 ____D C:\Users\Герберт\AppData\Local\Opera Software 2018-05-23 01:48 - 2018-03-09 01:55 - 000000093 _____ C:\Users\Герберт\Desktop\твитч.txt 2018-05-22 15:37 - 2018-01-21 17:28 - 000000000 ____D C:\Users\Герберт\Desktop\ШКОЛА и институт С КОМПА 2018-05-18 15:04 - 2017-06-03 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center 2018-05-18 02:21 - 2017-06-03 12:51 - 000000000 ____D C:\Users\Герберт\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-05-18 00:24 - 2017-06-03 12:42 - 000003402 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-05-18 00:24 - 2017-06-03 12:42 - 000003274 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-05-16 22:24 - 2018-02-01 03:12 - 012517800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2018-05-16 22:24 - 2018-02-01 03:12 - 000177312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2018-05-16 22:24 - 2015-12-04 20:45 - 000200008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2018-05-16 22:22 - 2018-02-01 03:11 - 012412240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2018-05-16 22:22 - 2018-02-01 03:11 - 000166280 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2018-05-16 22:22 - 2015-12-04 20:45 - 016363808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2018-05-16 22:22 - 2015-12-04 19:43 - 000226184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2018-05-16 22:22 - 2015-12-04 19:43 - 000146824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2018-05-16 22:21 - 2018-02-01 03:10 - 067909512 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2018-05-16 22:21 - 2018-02-01 03:10 - 031604104 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll 2018-05-16 22:21 - 2018-02-01 03:10 - 003128200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll 2018-05-16 22:21 - 2015-12-04 20:45 - 001997352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2018-05-16 22:21 - 2015-12-04 19:43 - 001468808 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2018-05-16 22:20 - 2018-02-01 03:09 - 000157576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll 2018-05-16 22:19 - 2015-12-04 19:59 - 035889032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2018-05-14 14:25 - 2017-06-03 12:38 - 000086248 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys 2018-05-14 14:25 - 2017-06-03 12:37 - 000435296 _____ (360.cn) C:\Windows\system32\Drivers\360fsflt.sys 2018-05-14 14:25 - 2017-06-03 12:37 - 000330472 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys 2018-05-14 14:25 - 2017-06-03 12:37 - 000211064 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.SYS 2018-05-14 14:25 - 2017-06-03 12:37 - 000086248 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys 2018-05-13 12:57 - 2017-06-03 15:39 - 000000000 ____D C:\Users\Герберт\AppData\Local\UnrealEngine 2018-05-12 18:21 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\rescache 2018-05-12 03:02 - 2017-06-03 12:53 - 001622452 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-05-10 01:16 - 2017-06-03 15:02 - 000000000 ____D C:\Windows\system32\MRT 2018-05-10 01:12 - 2017-10-11 00:39 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-05-10 01:12 - 2017-06-03 15:01 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-05-09 17:04 - 2017-07-06 11:02 - 000004548 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-05-09 17:04 - 2017-07-06 11:02 - 000004390 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-05-09 17:04 - 2017-06-03 12:29 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-05-09 17:04 - 2017-06-03 12:29 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-05-09 17:04 - 2017-06-03 12:29 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-05-09 17:04 - 2017-06-03 12:29 - 000000000 ____D C:\Windows\system32\Macromed 2018-05-09 16:15 - 2018-03-13 19:26 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-05-02 18:50 - 2018-02-11 14:24 - 000000122 _____ C:\Users\Герберт\Desktop\стрим.txt 2018-04-28 15:09 - 2017-06-03 11:26 - 000000000 ____D C:\Users\Герберт 2018-04-28 14:35 - 2018-03-04 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ==================== Files in the root of some directories ======= 2018-05-23 22:34 - 2018-05-23 22:34 - 000000001 _RHOT () C:\Program Files (x86)\Multitimer 2018-05-23 22:02 - 2018-05-23 22:02 - 000064688 _____ () C:\Users\Герберт\AppData\Roaming\run2.exe 2018-05-23 22:34 - 2018-05-23 22:34 - 000000001 _RHOT () C:\Users\Герберт\AppData\Local\agent.dat 2018-05-23 22:34 - 2018-05-23 22:34 - 000000001 _RHOT () C:\Users\Герберт\AppData\Local\Optimizer 2017-06-04 16:20 - 2017-06-04 16:20 - 000007602 _____ () C:\Users\Герберт\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-05-18 00:36 ==================== End of FRST.txt ============================