My laptop doesn't turn off. When I try to restart or shut down the system the screen goes black after windows log off screen but the computer is still running and I get the blue screen after 10 minutes and the laptop restarts.
This problem has occurred before and I managed to solve it by restoring windows, reinstalling drivers, web browsers, antivirus (I was getting some error while trying to update it) and doing some other stuff, so I don't really know what was the problem.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18921
Run by ogin at 9:06:58 on 2018-02-28
Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.12234.10286 [GMT 1:00]
.
AV: Bitdefender Antivirus Free Antimalware *Enabled/Updated* {3FB17364-4FCC-0FA7-6BBF-973897395371}
SP: Bitdefender Antivirus Free Antimalware *Enabled/Updated* {84D09280-69F6-0029-510F-AC4AECBE19CC}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\ogin\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
C:\Windows\system32\wbem\wmiprvse.exe
D:\Użytkownicy\ogin\Pobrane\dds.scr
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - <orphaned>
uRun: [f.lux] "C:\Users\ogin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 217.113.224.135 217.113.224.36
TCP: Interfaces\{94B4E6BF-FB28-4D0E-9D47-F7A310E36353} : DHCPNameServer = 217.113.224.135 217.113.224.36
SSODL: WebCheck - <orphaned>
x64-BHO: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - <orphaned>
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ogin\AppData\Roaming\Mozilla\Firefox\Profiles\g0x5904o.default\
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 atc;atc;C:\Windows\System32\drivers\atc.sys [2018-2-23 1177720]
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2017-10-5 1725800]
R0 BdDci;BdDci Service;C:\Windows\System32\drivers\bddci.sys [2018-2-23 154888]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2018-2-23 191784]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2017-10-5 89600]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-2-27 2319848]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 ProductAgentService;ProductAgentService;C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-10-5 1269824]
R2 updatesrv;Bitdefender Update Service;C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [2017-10-5 100392]
R2 vsservppl;Bitdefender Correlation Service;C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [2017-10-5 100392]
R3 edrsensor;edrsensor;C:\Windows\System32\drivers\edrsensor.sys [2017-10-5 248336]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2012-7-31 175928]
R3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2012-7-16 26208]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-2-28 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-2-28 181248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-4 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-3 128608]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-2-27 116224]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2018-2-7 19456]
S3 StorSvc;Usługa magazynu;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2018-2-7 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2018-2-7 30208]
S3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2017-10-5 1255736]
S4 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-9-20 817760]
S4 FoxitReaderService;Foxit Reader Service;C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2017-10-20 1659456]
S4 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-2-29 30520]
S4 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-6-19 1646608]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 317408]
.
=============== Created Last 30 ================
.
2018-02-28 07:52:38 -------- d-----w- C:\Windows\System32\tmp00004828
2018-02-27 09:49:35 -------- d-----w- C:\Users\ogin\AppData\Roaming\LibreOffice
2018-02-27 09:25:50 -------- d-----w- C:\Program Files (x86)\LibreOffice
2018-02-27 09:13:31 -------- d-----w- C:\Windows\System32\tmp00007e30
2018-02-27 08:08:29 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign924e0e39fd6b51ed
2018-02-26 22:50:59 -------- d-----w- C:\Windows\System32\tmp00000d92
2018-02-26 21:20:34 -------- d-----w- C:\Windows\System32\tmp000067b2
2018-02-26 00:04:16 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigndca1b95786b32ff8
2018-02-25 23:54:03 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignef11396bbbfa61c0
2018-02-25 23:53:02 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigndb783900d0e5e95d
2018-02-25 23:53:02 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign1eae3e1977c7a67a
2018-02-25 23:40:31 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignd87469fed99faab7
2018-02-25 23:36:45 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3f91c557915ea4a4
2018-02-25 23:31:50 -------- d-----w- C:\Program Files (x86)\MSECache
2018-02-25 22:53:04 -------- d-----w- C:\Windows\System32\tmp00007972
2018-02-24 11:32:23 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignd6de1e03110e8f6f
2018-02-24 11:17:29 -------- d-----w- C:\Windows\System32\tmp00005340
2018-02-23 11:35:57 191784 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2018-02-23 11:35:51 154888 ----a-w- C:\Windows\System32\drivers\bddci.sys
2018-02-23 11:35:50 1177720 ----a-w- C:\Windows\System32\drivers\atc.sys
2018-02-22 12:55:42 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign216c5a383e2e7bef
2018-02-22 12:55:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignde83b22e8aed9032
2018-02-22 12:55:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2c3ff15fdf18b842
2018-02-22 11:48:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2d29c62d3fa70c9c
2018-02-20 20:13:11 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign209ce961ec7b3c4b
2018-02-20 09:02:46 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign72ebb72d30e4c93a
2018-02-20 09:01:52 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign5cbd8d891340fe27
2018-02-20 08:50:50 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne571d1ea29e019aa
2018-02-20 08:50:49 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign841ed80208f8e2af
2018-02-20 08:50:49 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6994c3a6ea5bdbdb
2018-02-20 08:45:33 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3aa2b9440b974920
2018-02-20 08:40:57 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6e3cf2f1e1611400
2018-02-19 22:02:31 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign73f3aa24e1903a76
2018-02-16 01:22:59 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2e892974f9f31943
2018-02-15 18:10:08 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignb1e9bb737668a48d
2018-02-15 18:06:32 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigndea8a639420f85e4
2018-02-15 18:06:32 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigna609bea8967b5b5d
2018-02-14 08:11:44 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignbc81a14ec3a385c1
2018-02-13 23:23:52 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignad9c0cc76a7f497b
2018-02-12 19:08:11 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6156eb5c661cbc3b
2018-02-12 19:08:08 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignbd1a5803e25a9105
2018-02-12 19:08:08 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign804f01cfde46d1cc
2018-02-12 10:48:20 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign7a1937b4f28644b2
2018-02-08 21:42:10 83792 ----a-w- C:\Windows\SysWow64\vcruntime140.dll
2018-02-08 21:42:10 440120 ----a-w- C:\Windows\SysWow64\msvcp140.dll
2018-02-08 21:42:10 267592 ----a-w- C:\Windows\SysWow64\vccorlib140.dll
2018-02-08 21:42:10 244032 ----a-w- C:\Windows\SysWow64\concrt140.dll
2018-02-08 10:21:50 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign80d3610b3dab0fe1
2018-02-07 22:38:48 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign7b6eaccf4a594faa
2018-02-07 19:13:44 856064 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll
2018-02-07 19:13:44 7077376 ----a-w- C:\Windows\System32\mstscax.dll
2018-02-07 19:13:44 6131200 ----a-w- C:\Windows\SysWow64\mstscax.dll
2018-02-07 19:13:44 429568 ----a-w- C:\Windows\System32\wksprt.exe
2018-02-07 19:13:44 1057792 ----a-w- C:\Windows\System32\rdvidcrl.dll
2018-02-07 19:13:43 62976 ----a-w- C:\Windows\System32\tsgqec.dll
2018-02-07 19:13:43 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2018-02-07 19:13:41 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2018-02-07 19:09:36 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigna68a4bd2827f6603
2018-02-07 19:08:46 71224 ----a-w- C:\Windows\System32\nvshext.dll
2018-02-07 19:08:46 6475466 ----a-w- C:\Windows\System32\nvcoproc.bin
2018-02-07 19:08:46 6368192 ----a-w- C:\Windows\System32\nvcpl.dll
2018-02-07 19:08:46 393784 ----a-w- C:\Windows\System32\nvmctray.dll
2018-02-07 19:08:46 2993720 ----a-w- C:\Windows\System32\nvsvc64.dll
2018-02-07 19:08:46 2563128 ----a-w- C:\Windows\System32\nvsvcr.dll
2018-02-07 19:08:46 1201088 ----a-w- C:\Windows\System32\nvvsvc.exe
2018-02-07 19:08:35 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2018-02-07 18:27:48 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign1e70cf1201b7bd5c
2018-02-07 16:07:17 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign4b22afaeb2dcd612
2018-02-07 15:44:14 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignf05275b42d6749bb
2018-02-07 13:37:35 -------- d-----w- C:\Users\ogin\AppData\Local\HP_Inc
2018-02-07 13:29:55 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2018-02-07 13:23:34 -------- d-----w- C:\Windows\SysWow64\SDA
2018-02-07 13:23:33 -------- d-----w- C:\Program Files (x86)\JMicron
2018-02-07 13:18:27 89888 ----a-w- C:\Windows\System32\NicInstC.dll
2018-02-07 13:18:27 73480 ----a-w- C:\Windows\System32\e1cmsg.dll
2018-02-07 13:18:27 495376 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2018-02-07 13:12:18 -------- d-----w- C:\Users\ogin\AppData\Roaming\IDT
2018-02-07 13:12:15 -------- d-----w- C:\ProgramData\HP Inc
2018-02-07 13:12:10 -------- d-----w- C:\System.sav
2018-02-07 13:10:45 -------- d-----w- C:\Users\ogin\AppData\Roaming\hpqLog
2018-02-07 13:10:27 -------- d-----w- C:\Users\ogin\AppData\Local\Hewlett-Packard
2018-02-07 12:01:35 -------- d-----w- C:\Program Files\Malwarebytes
2018-02-07 11:59:44 -------- d-----w- C:\Users\ogin\AppData\Local\CrashDumps
2018-02-07 11:46:45 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign4aed85987bc15022
2018-02-07 11:25:40 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6acdd550012d25fb
2018-02-07 11:25:37 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign49fcaeb9baddc437
2018-02-07 11:25:37 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign49bd478d4f6e8f8a
2018-02-07 11:03:18 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigna306a659b055b986
2018-02-07 11:01:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignd69e78bd8e05b7b6
2018-02-07 11:01:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign267c80b9a1488712
2018-02-07 10:56:12 3181568 ----a-w- C:\Windows\System32\rdpcorets.dll
2018-02-07 10:56:12 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2018-02-07 10:56:12 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2018-02-07 10:14:59 -------- d-s---w- C:\Windows\System32\CompatTel
2018-02-07 10:14:59 -------- d-----w- C:\Windows\System32\appraiser
2018-02-07 10:05:21 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2018-02-07 10:05:18 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2018-02-07 10:05:18 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2018-02-07 10:05:18 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2018-02-07 10:05:18 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2018-02-07 10:05:18 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2018-02-07 10:05:18 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2018-02-07 10:05:18 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2018-02-07 10:05:18 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2018-02-07 10:05:17 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2018-02-07 10:05:17 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2018-02-07 10:03:13 2560 ----a-w- C:\Windows\System32\drivers\pl-PL\wdf01000.sys.mui
2018-02-07 10:01:50 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2018-02-07 10:01:50 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2018-02-07 10:01:49 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2018-02-07 10:01:49 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2018-02-07 09:56:16 -------- d-----w- C:\Windows\Migration
2018-02-07 09:55:04 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2018-02-07 09:55:04 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2018-02-07 09:55:03 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2018-02-07 09:55:03 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2018-02-07 09:55:03 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2018-02-07 09:55:03 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2018-02-07 09:55:03 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2018-02-07 09:52:57 92160 ----a-w- C:\Windows\SysWow64\sechost.dll
2018-02-07 09:51:19 3229696 ----a-w- C:\Windows\explorer.exe
2018-02-07 09:51:19 2972672 ----a-w- C:\Windows\SysWow64\explorer.exe
2018-02-07 09:49:58 950272 ----a-w- C:\Windows\System32\perftrack.dll
2018-02-07 08:49:17 -------- d-----w- C:\Windows\pss
2018-02-07 08:17:51 30242 ----a-w- C:\ProgramData\agent.update.1517991468.bdinstall.bin
2018-02-06 18:24:11 22483 ----a-w- C:\ProgramData\agent.uninstall.1517941447.bdinstall.bin
2018-02-06 18:10:05 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3d9a8b1d926d808d
2018-02-06 18:10:03 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignc393e9a8e12c313b
2018-02-06 18:10:03 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign85cb01ec83ece471
2018-02-06 13:10:29 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign659cef8b8db91998
2018-02-06 13:04:54 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2127fbd07c6d2d55
2018-02-06 13:04:43 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigna891c9241a39a6da
2018-02-06 13:04:43 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign9b0ea52f9c8c492e
2018-02-06 10:52:37 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigndb601679adb4b6b1
2018-02-06 05:13:59 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign79017e44dc58a9ad
2018-02-05 17:53:55 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignb57fd35fb80711dd
2018-02-05 17:53:46 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign99d1d87492efad83
2018-02-05 17:53:46 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign0caf4d65ef96d520
2018-02-05 14:05:59 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign8b95773e88410c2f
2018-02-05 14:05:57 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3dd0cef07d0ce76d
2018-02-05 14:05:57 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3566540ea2833b71
2018-02-04 21:19:34 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign69c0a902bd9634bd
2018-02-04 21:18:24 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign64191917c0b05bd1
2018-02-03 21:31:06 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne337689e0ffc90b8
2018-02-03 21:31:04 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign46943f9a2c604c8d
2018-02-03 21:31:04 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign35dd43d9291c5763
2018-02-03 21:23:06 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign5064c96e4c3ebe58
2018-02-03 21:23:01 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne591cf21167c8e13
2018-02-03 21:23:01 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign1375d6f863ecf024
2018-02-02 13:46:50 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignfc0a9f93b36e089b
2018-02-02 12:13:02 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign06c9e1e7e741dacf
2018-02-02 11:59:56 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne5228326e6be3f19
2018-02-02 11:45:42 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign7f7224015cb7b9e8
2018-02-01 23:02:49 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign8c82e6efae5a705c
2018-02-01 22:37:06 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignc28dcf3c971d2fc0
2018-02-01 21:23:26 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6ef37e6e00d63861
2018-02-01 21:09:12 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign0a97881a7bd16cb4
2018-02-01 20:35:24 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignf98d5a29d6edd8ba
2018-02-01 20:19:23 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign152d9a289372f8ed
2018-02-01 18:34:04 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign51aa98a23d2a8a61
2018-02-01 18:19:47 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne6bd9c3cc7119abb
2018-02-01 13:04:57 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign1ab8d4201cf503d1
2018-02-01 13:01:14 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6d1a68d840ff8185
2018-02-01 11:52:32 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign8726c10a45ce14bb
2018-02-01 10:31:00 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2a2d16bd12b05bbf
2018-02-01 10:25:56 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign94c743f8172140f8
2018-02-01 10:25:50 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignbb9f3d12d7b41979
2018-02-01 10:20:19 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignab91b76b09c58292
2018-02-01 10:04:06 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign43b2e7596aff849e
2018-02-01 09:46:11 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignfd147bf63b1aa338
2018-02-01 08:33:55 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne5ba2b1680fc5418
2018-02-01 08:20:28 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign8a3cafb4dcb9058e
2018-01-31 20:07:03 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignbf59b898aa6ba18c
2018-01-31 17:02:28 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign4727274b1ce0c98b
2018-01-29 21:38:18 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2bf1b6d8c581ac30
2018-01-29 21:26:01 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign62cce8239c57eda6
.
==================== Find3M ====================
.
2018-02-27 08:04:28 130067560 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2018-02-23 11:35:40 248336 ----a-w- C:\Windows\System32\drivers\edrsensor.sys
2018-02-23 11:35:38 1725800 ----a-w- C:\Windows\System32\drivers\avc3.sys
2018-02-10 07:30:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-02-10 07:29:53 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-02-10 07:17:49 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-02-10 07:17:14 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-02-10 07:17:07 417280 ----a-w- C:\Windows\System32\html.iec
2018-02-10 07:16:59 577536 ----a-w- C:\Windows\System32\vbscript.dll
2018-02-10 07:16:41 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-02-10 07:09:15 5782016 ----a-w- C:\Windows\System32\jscript9.dll
2018-02-10 07:06:41 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-02-10 07:06:40 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-02-10 07:06:13 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-02-10 07:01:11 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-02-10 06:52:40 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-02-10 06:52:14 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-02-10 06:33:03 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-02-10 06:32:50 2134528 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-02-10 06:27:22 3241472 ----a-w- C:\Windows\System32\wininet.dll
2018-02-10 06:08:05 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-02-10 05:57:53 499712 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-02-10 05:57:39 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-02-10 05:57:10 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-02-10 05:57:03 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-02-10 05:56:17 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-02-10 05:49:28 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-02-10 05:49:11 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-02-10 05:39:12 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-02-10 05:38:50 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-02-10 05:35:10 4498944 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-02-10 05:27:03 2058752 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-02-10 05:26:56 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-02-10 05:14:08 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-01-12 16:46:20 631680 ----a-w- C:\Windows\System32\winresume.efi
2018-01-12 16:44:05 708328 ----a-w- C:\Windows\System32\winload.efi
2018-01-12 16:44:05 5581544 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-01-12 16:44:05 1894120 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2018-01-12 16:44:04 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-01-12 16:44:04 377064 ----a-w- C:\Windows\System32\drivers\netio.sys
2018-01-12 16:44:04 287976 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2018-01-12 16:44:04 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-01-12 16:44:03 371432 ----a-w- C:\Windows\System32\clfs.sys
2018-01-12 16:33:04 1665384 ----a-w- C:\Windows\System32\ntdll.dll
2018-01-12 16:29:27 4014312 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-01-12 16:29:27 3959016 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-01-12 16:27:57 4834816 ----a-w- C:\Windows\System32\xpsrchvw.exe
2018-01-12 16:27:42 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-01-12 16:16:32 3405824 ----a-w- C:\Windows\SysWow64\xpsrchvw.exe
2018-01-12 16:16:01 30208 ----a-w- C:\Windows\System32\drivers\hidusb.sys
2018-01-12 16:16:00 76288 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2018-01-12 16:15:59 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2018-01-12 16:11:24 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-01-12 16:11:20 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-01-12 16:11:18 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-01-12 16:10:34 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-01-12 16:07:15 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-01-12 16:06:18 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-01-12 16:03:18 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-01-12 16:02:42 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-01-12 16:02:40 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-01-12 16:02:09 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-01-12 16:01:53 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-01-12 16:01:49 112640 ----a-w- C:\Windows\System32\smss.exe
2018-01-12 15:57:56 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-01-12 15:57:55 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-01-12 15:57:54 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-01-12 15:57:53 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-01-12 15:57:00 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-01-12 15:56:51 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-01-12 15:56:51 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-12 15:56:51 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-12 15:56:51 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-01-11 16:41:11 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2018-01-11 16:22:57 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2018-01-11 16:09:02 3224064 ----a-w- C:\Windows\System32\win32k.sys
2018-01-05 16:31:12 151552 ----a-w- C:\Windows\System32\t2embed.dll
2018-01-05 16:31:02 41472 ----a-w- C:\Windows\System32\lpk.dll
2018-01-05 16:30:58 100864 ----a-w- C:\Windows\System32\fontsub.dll
2018-01-05 16:30:56 14336 ----a-w- C:\Windows\System32\dciman32.dll
2018-01-05 16:30:55 46080 ----a-w- C:\Windows\System32\atmlib.dll
2018-01-05 16:25:54 383720 ----a-w- C:\Windows\System32\atmfd.dll
2018-01-05 16:14:01 309480 ----a-w- C:\Windows\SysWow64\atmfd.dll
2018-01-05 16:11:37 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2018-01-05 16:11:35 111104 ----a-w- C:\Windows\SysWow64\t2embed.dll
2018-01-05 16:11:25 71168 ----a-w- C:\Windows\SysWow64\fontsub.dll
2018-01-05 16:11:23 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2018-01-05 15:50:51 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2018-01-01 16:12:27 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2018-01-01 02:21:11 948968 ----a-w- C:\Windows\System32\drivers\ndis.sys
2018-01-01 02:21:11 288488 ----a-w- C:\Windows\System32\drivers\fltMgr.sys
2018-01-01 02:21:11 213736 ----a-w- C:\Windows\System32\drivers\rdyboost.sys
2018-01-01 02:21:11 1680616 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2018-01-01 02:21:10 114408 ----a-w- C:\Windows\System32\consent.exe
2018-01-01 02:04:05 559616 ----a-w- C:\Windows\System32\spoolsv.exe
2018-01-01 01:59:59 1806848 ----a-w- C:\Windows\SysWow64\authui.dll
2018-01-01 01:59:58 309760 ----a-w- C:\Windows\SysWow64\actxprxy.dll
2018-01-01 01:55:16 88576 ----a-w- C:\Windows\System32\drivers\wanarp.sys
2018-01-01 01:55:09 58368 ----a-w- C:\Windows\System32\drivers\ndproxy.sys
2018-01-01 01:55:07 24064 ----a-w- C:\Windows\System32\drivers\ndistapi.sys
.
============= FINISH: 9:07:14,58 ===============
This problem has occurred before and I managed to solve it by restoring windows, reinstalling drivers, web browsers, antivirus (I was getting some error while trying to update it) and doing some other stuff, so I don't really know what was the problem.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18921
Run by ogin at 9:06:58 on 2018-02-28
Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.12234.10286 [GMT 1:00]
.
AV: Bitdefender Antivirus Free Antimalware *Enabled/Updated* {3FB17364-4FCC-0FA7-6BBF-973897395371}
SP: Bitdefender Antivirus Free Antimalware *Enabled/Updated* {84D09280-69F6-0029-510F-AC4AECBE19CC}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\ogin\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
C:\Windows\system32\wbem\wmiprvse.exe
D:\Użytkownicy\ogin\Pobrane\dds.scr
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - <orphaned>
uRun: [f.lux] "C:\Users\ogin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 217.113.224.135 217.113.224.36
TCP: Interfaces\{94B4E6BF-FB28-4D0E-9D47-F7A310E36353} : DHCPNameServer = 217.113.224.135 217.113.224.36
SSODL: WebCheck - <orphaned>
x64-BHO: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - <orphaned>
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ogin\AppData\Roaming\Mozilla\Firefox\Profiles\g0x5904o.default\
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 atc;atc;C:\Windows\System32\drivers\atc.sys [2018-2-23 1177720]
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2017-10-5 1725800]
R0 BdDci;BdDci Service;C:\Windows\System32\drivers\bddci.sys [2018-2-23 154888]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2018-2-23 191784]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2017-10-5 89600]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-2-27 2319848]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 ProductAgentService;ProductAgentService;C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-10-5 1269824]
R2 updatesrv;Bitdefender Update Service;C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [2017-10-5 100392]
R2 vsservppl;Bitdefender Correlation Service;C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [2017-10-5 100392]
R3 edrsensor;edrsensor;C:\Windows\System32\drivers\edrsensor.sys [2017-10-5 248336]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2012-7-31 175928]
R3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2012-7-16 26208]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-2-28 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-2-28 181248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-4 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-3 128608]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-2-27 116224]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2018-2-7 19456]
S3 StorSvc;Usługa magazynu;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2018-2-7 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2018-2-7 30208]
S3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2017-10-5 1255736]
S4 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-9-20 817760]
S4 FoxitReaderService;Foxit Reader Service;C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2017-10-20 1659456]
S4 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-2-29 30520]
S4 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-6-19 1646608]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 317408]
.
=============== Created Last 30 ================
.
2018-02-28 07:52:38 -------- d-----w- C:\Windows\System32\tmp00004828
2018-02-27 09:49:35 -------- d-----w- C:\Users\ogin\AppData\Roaming\LibreOffice
2018-02-27 09:25:50 -------- d-----w- C:\Program Files (x86)\LibreOffice
2018-02-27 09:13:31 -------- d-----w- C:\Windows\System32\tmp00007e30
2018-02-27 08:08:29 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign924e0e39fd6b51ed
2018-02-26 22:50:59 -------- d-----w- C:\Windows\System32\tmp00000d92
2018-02-26 21:20:34 -------- d-----w- C:\Windows\System32\tmp000067b2
2018-02-26 00:04:16 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigndca1b95786b32ff8
2018-02-25 23:54:03 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignef11396bbbfa61c0
2018-02-25 23:53:02 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigndb783900d0e5e95d
2018-02-25 23:53:02 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign1eae3e1977c7a67a
2018-02-25 23:40:31 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignd87469fed99faab7
2018-02-25 23:36:45 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3f91c557915ea4a4
2018-02-25 23:31:50 -------- d-----w- C:\Program Files (x86)\MSECache
2018-02-25 22:53:04 -------- d-----w- C:\Windows\System32\tmp00007972
2018-02-24 11:32:23 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignd6de1e03110e8f6f
2018-02-24 11:17:29 -------- d-----w- C:\Windows\System32\tmp00005340
2018-02-23 11:35:57 191784 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2018-02-23 11:35:51 154888 ----a-w- C:\Windows\System32\drivers\bddci.sys
2018-02-23 11:35:50 1177720 ----a-w- C:\Windows\System32\drivers\atc.sys
2018-02-22 12:55:42 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign216c5a383e2e7bef
2018-02-22 12:55:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignde83b22e8aed9032
2018-02-22 12:55:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2c3ff15fdf18b842
2018-02-22 11:48:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2d29c62d3fa70c9c
2018-02-20 20:13:11 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign209ce961ec7b3c4b
2018-02-20 09:02:46 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign72ebb72d30e4c93a
2018-02-20 09:01:52 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign5cbd8d891340fe27
2018-02-20 08:50:50 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne571d1ea29e019aa
2018-02-20 08:50:49 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign841ed80208f8e2af
2018-02-20 08:50:49 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6994c3a6ea5bdbdb
2018-02-20 08:45:33 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3aa2b9440b974920
2018-02-20 08:40:57 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6e3cf2f1e1611400
2018-02-19 22:02:31 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign73f3aa24e1903a76
2018-02-16 01:22:59 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2e892974f9f31943
2018-02-15 18:10:08 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignb1e9bb737668a48d
2018-02-15 18:06:32 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigndea8a639420f85e4
2018-02-15 18:06:32 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigna609bea8967b5b5d
2018-02-14 08:11:44 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignbc81a14ec3a385c1
2018-02-13 23:23:52 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignad9c0cc76a7f497b
2018-02-12 19:08:11 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6156eb5c661cbc3b
2018-02-12 19:08:08 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignbd1a5803e25a9105
2018-02-12 19:08:08 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign804f01cfde46d1cc
2018-02-12 10:48:20 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign7a1937b4f28644b2
2018-02-08 21:42:10 83792 ----a-w- C:\Windows\SysWow64\vcruntime140.dll
2018-02-08 21:42:10 440120 ----a-w- C:\Windows\SysWow64\msvcp140.dll
2018-02-08 21:42:10 267592 ----a-w- C:\Windows\SysWow64\vccorlib140.dll
2018-02-08 21:42:10 244032 ----a-w- C:\Windows\SysWow64\concrt140.dll
2018-02-08 10:21:50 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign80d3610b3dab0fe1
2018-02-07 22:38:48 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign7b6eaccf4a594faa
2018-02-07 19:13:44 856064 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll
2018-02-07 19:13:44 7077376 ----a-w- C:\Windows\System32\mstscax.dll
2018-02-07 19:13:44 6131200 ----a-w- C:\Windows\SysWow64\mstscax.dll
2018-02-07 19:13:44 429568 ----a-w- C:\Windows\System32\wksprt.exe
2018-02-07 19:13:44 1057792 ----a-w- C:\Windows\System32\rdvidcrl.dll
2018-02-07 19:13:43 62976 ----a-w- C:\Windows\System32\tsgqec.dll
2018-02-07 19:13:43 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2018-02-07 19:13:41 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2018-02-07 19:09:36 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigna68a4bd2827f6603
2018-02-07 19:08:46 71224 ----a-w- C:\Windows\System32\nvshext.dll
2018-02-07 19:08:46 6475466 ----a-w- C:\Windows\System32\nvcoproc.bin
2018-02-07 19:08:46 6368192 ----a-w- C:\Windows\System32\nvcpl.dll
2018-02-07 19:08:46 393784 ----a-w- C:\Windows\System32\nvmctray.dll
2018-02-07 19:08:46 2993720 ----a-w- C:\Windows\System32\nvsvc64.dll
2018-02-07 19:08:46 2563128 ----a-w- C:\Windows\System32\nvsvcr.dll
2018-02-07 19:08:46 1201088 ----a-w- C:\Windows\System32\nvvsvc.exe
2018-02-07 19:08:35 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2018-02-07 18:27:48 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign1e70cf1201b7bd5c
2018-02-07 16:07:17 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign4b22afaeb2dcd612
2018-02-07 15:44:14 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignf05275b42d6749bb
2018-02-07 13:37:35 -------- d-----w- C:\Users\ogin\AppData\Local\HP_Inc
2018-02-07 13:29:55 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2018-02-07 13:23:34 -------- d-----w- C:\Windows\SysWow64\SDA
2018-02-07 13:23:33 -------- d-----w- C:\Program Files (x86)\JMicron
2018-02-07 13:18:27 89888 ----a-w- C:\Windows\System32\NicInstC.dll
2018-02-07 13:18:27 73480 ----a-w- C:\Windows\System32\e1cmsg.dll
2018-02-07 13:18:27 495376 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2018-02-07 13:12:18 -------- d-----w- C:\Users\ogin\AppData\Roaming\IDT
2018-02-07 13:12:15 -------- d-----w- C:\ProgramData\HP Inc
2018-02-07 13:12:10 -------- d-----w- C:\System.sav
2018-02-07 13:10:45 -------- d-----w- C:\Users\ogin\AppData\Roaming\hpqLog
2018-02-07 13:10:27 -------- d-----w- C:\Users\ogin\AppData\Local\Hewlett-Packard
2018-02-07 12:01:35 -------- d-----w- C:\Program Files\Malwarebytes
2018-02-07 11:59:44 -------- d-----w- C:\Users\ogin\AppData\Local\CrashDumps
2018-02-07 11:46:45 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign4aed85987bc15022
2018-02-07 11:25:40 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6acdd550012d25fb
2018-02-07 11:25:37 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign49fcaeb9baddc437
2018-02-07 11:25:37 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign49bd478d4f6e8f8a
2018-02-07 11:03:18 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigna306a659b055b986
2018-02-07 11:01:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignd69e78bd8e05b7b6
2018-02-07 11:01:41 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign267c80b9a1488712
2018-02-07 10:56:12 3181568 ----a-w- C:\Windows\System32\rdpcorets.dll
2018-02-07 10:56:12 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2018-02-07 10:56:12 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2018-02-07 10:14:59 -------- d-s---w- C:\Windows\System32\CompatTel
2018-02-07 10:14:59 -------- d-----w- C:\Windows\System32\appraiser
2018-02-07 10:05:21 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2018-02-07 10:05:18 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2018-02-07 10:05:18 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2018-02-07 10:05:18 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2018-02-07 10:05:18 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2018-02-07 10:05:18 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2018-02-07 10:05:18 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2018-02-07 10:05:18 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2018-02-07 10:05:18 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2018-02-07 10:05:17 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2018-02-07 10:05:17 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2018-02-07 10:03:13 2560 ----a-w- C:\Windows\System32\drivers\pl-PL\wdf01000.sys.mui
2018-02-07 10:01:50 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2018-02-07 10:01:50 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2018-02-07 10:01:49 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2018-02-07 10:01:49 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2018-02-07 09:56:16 -------- d-----w- C:\Windows\Migration
2018-02-07 09:55:04 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2018-02-07 09:55:04 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2018-02-07 09:55:03 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2018-02-07 09:55:03 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2018-02-07 09:55:03 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2018-02-07 09:55:03 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2018-02-07 09:55:03 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2018-02-07 09:52:57 92160 ----a-w- C:\Windows\SysWow64\sechost.dll
2018-02-07 09:51:19 3229696 ----a-w- C:\Windows\explorer.exe
2018-02-07 09:51:19 2972672 ----a-w- C:\Windows\SysWow64\explorer.exe
2018-02-07 09:49:58 950272 ----a-w- C:\Windows\System32\perftrack.dll
2018-02-07 08:49:17 -------- d-----w- C:\Windows\pss
2018-02-07 08:17:51 30242 ----a-w- C:\ProgramData\agent.update.1517991468.bdinstall.bin
2018-02-06 18:24:11 22483 ----a-w- C:\ProgramData\agent.uninstall.1517941447.bdinstall.bin
2018-02-06 18:10:05 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3d9a8b1d926d808d
2018-02-06 18:10:03 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignc393e9a8e12c313b
2018-02-06 18:10:03 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign85cb01ec83ece471
2018-02-06 13:10:29 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign659cef8b8db91998
2018-02-06 13:04:54 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2127fbd07c6d2d55
2018-02-06 13:04:43 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigna891c9241a39a6da
2018-02-06 13:04:43 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign9b0ea52f9c8c492e
2018-02-06 10:52:37 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigndb601679adb4b6b1
2018-02-06 05:13:59 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign79017e44dc58a9ad
2018-02-05 17:53:55 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignb57fd35fb80711dd
2018-02-05 17:53:46 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign99d1d87492efad83
2018-02-05 17:53:46 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign0caf4d65ef96d520
2018-02-05 14:05:59 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign8b95773e88410c2f
2018-02-05 14:05:57 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3dd0cef07d0ce76d
2018-02-05 14:05:57 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign3566540ea2833b71
2018-02-04 21:19:34 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign69c0a902bd9634bd
2018-02-04 21:18:24 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign64191917c0b05bd1
2018-02-03 21:31:06 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne337689e0ffc90b8
2018-02-03 21:31:04 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign46943f9a2c604c8d
2018-02-03 21:31:04 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign35dd43d9291c5763
2018-02-03 21:23:06 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign5064c96e4c3ebe58
2018-02-03 21:23:01 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne591cf21167c8e13
2018-02-03 21:23:01 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign1375d6f863ecf024
2018-02-02 13:46:50 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignfc0a9f93b36e089b
2018-02-02 12:13:02 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign06c9e1e7e741dacf
2018-02-02 11:59:56 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne5228326e6be3f19
2018-02-02 11:45:42 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign7f7224015cb7b9e8
2018-02-01 23:02:49 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign8c82e6efae5a705c
2018-02-01 22:37:06 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignc28dcf3c971d2fc0
2018-02-01 21:23:26 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6ef37e6e00d63861
2018-02-01 21:09:12 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign0a97881a7bd16cb4
2018-02-01 20:35:24 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignf98d5a29d6edd8ba
2018-02-01 20:19:23 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign152d9a289372f8ed
2018-02-01 18:34:04 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign51aa98a23d2a8a61
2018-02-01 18:19:47 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne6bd9c3cc7119abb
2018-02-01 13:04:57 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign1ab8d4201cf503d1
2018-02-01 13:01:14 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign6d1a68d840ff8185
2018-02-01 11:52:32 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign8726c10a45ce14bb
2018-02-01 10:31:00 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2a2d16bd12b05bbf
2018-02-01 10:25:56 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign94c743f8172140f8
2018-02-01 10:25:50 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignbb9f3d12d7b41979
2018-02-01 10:20:19 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignab91b76b09c58292
2018-02-01 10:04:06 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign43b2e7596aff849e
2018-02-01 09:46:11 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignfd147bf63b1aa338
2018-02-01 08:33:55 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsigne5ba2b1680fc5418
2018-02-01 08:20:28 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign8a3cafb4dcb9058e
2018-01-31 20:07:03 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsignbf59b898aa6ba18c
2018-01-31 17:02:28 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign4727274b1ce0c98b
2018-01-29 21:38:18 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign2bf1b6d8c581ac30
2018-01-29 21:26:01 -------- d-----w- C:\Users\ogin\AppData\Local\Tempzxpsign62cce8239c57eda6
.
==================== Find3M ====================
.
2018-02-27 08:04:28 130067560 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2018-02-23 11:35:40 248336 ----a-w- C:\Windows\System32\drivers\edrsensor.sys
2018-02-23 11:35:38 1725800 ----a-w- C:\Windows\System32\drivers\avc3.sys
2018-02-10 07:30:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-02-10 07:29:53 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-02-10 07:17:49 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-02-10 07:17:14 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-02-10 07:17:07 417280 ----a-w- C:\Windows\System32\html.iec
2018-02-10 07:16:59 577536 ----a-w- C:\Windows\System32\vbscript.dll
2018-02-10 07:16:41 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-02-10 07:09:15 5782016 ----a-w- C:\Windows\System32\jscript9.dll
2018-02-10 07:06:41 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-02-10 07:06:40 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-02-10 07:06:13 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-02-10 07:01:11 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-02-10 06:52:40 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-02-10 06:52:14 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-02-10 06:33:03 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-02-10 06:32:50 2134528 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-02-10 06:27:22 3241472 ----a-w- C:\Windows\System32\wininet.dll
2018-02-10 06:08:05 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-02-10 05:57:53 499712 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-02-10 05:57:39 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-02-10 05:57:10 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-02-10 05:57:03 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-02-10 05:56:17 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-02-10 05:49:28 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-02-10 05:49:11 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-02-10 05:39:12 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-02-10 05:38:50 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-02-10 05:35:10 4498944 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-02-10 05:27:03 2058752 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-02-10 05:26:56 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-02-10 05:14:08 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-01-12 16:46:20 631680 ----a-w- C:\Windows\System32\winresume.efi
2018-01-12 16:44:05 708328 ----a-w- C:\Windows\System32\winload.efi
2018-01-12 16:44:05 5581544 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-01-12 16:44:05 1894120 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2018-01-12 16:44:04 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-01-12 16:44:04 377064 ----a-w- C:\Windows\System32\drivers\netio.sys
2018-01-12 16:44:04 287976 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2018-01-12 16:44:04 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-01-12 16:44:03 371432 ----a-w- C:\Windows\System32\clfs.sys
2018-01-12 16:33:04 1665384 ----a-w- C:\Windows\System32\ntdll.dll
2018-01-12 16:29:27 4014312 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-01-12 16:29:27 3959016 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-01-12 16:27:57 4834816 ----a-w- C:\Windows\System32\xpsrchvw.exe
2018-01-12 16:27:42 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-01-12 16:16:32 3405824 ----a-w- C:\Windows\SysWow64\xpsrchvw.exe
2018-01-12 16:16:01 30208 ----a-w- C:\Windows\System32\drivers\hidusb.sys
2018-01-12 16:16:00 76288 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2018-01-12 16:15:59 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2018-01-12 16:11:24 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-01-12 16:11:20 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-01-12 16:11:18 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-01-12 16:10:34 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-01-12 16:07:15 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-01-12 16:06:18 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-01-12 16:03:18 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-01-12 16:02:42 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-01-12 16:02:40 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-01-12 16:02:09 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-01-12 16:01:53 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-01-12 16:01:49 112640 ----a-w- C:\Windows\System32\smss.exe
2018-01-12 15:57:56 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-01-12 15:57:55 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-01-12 15:57:54 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-01-12 15:57:53 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-01-12 15:57:00 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-01-12 15:56:51 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-01-12 15:56:51 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-12 15:56:51 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-12 15:56:51 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-01-11 16:41:11 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2018-01-11 16:22:57 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2018-01-11 16:09:02 3224064 ----a-w- C:\Windows\System32\win32k.sys
2018-01-05 16:31:12 151552 ----a-w- C:\Windows\System32\t2embed.dll
2018-01-05 16:31:02 41472 ----a-w- C:\Windows\System32\lpk.dll
2018-01-05 16:30:58 100864 ----a-w- C:\Windows\System32\fontsub.dll
2018-01-05 16:30:56 14336 ----a-w- C:\Windows\System32\dciman32.dll
2018-01-05 16:30:55 46080 ----a-w- C:\Windows\System32\atmlib.dll
2018-01-05 16:25:54 383720 ----a-w- C:\Windows\System32\atmfd.dll
2018-01-05 16:14:01 309480 ----a-w- C:\Windows\SysWow64\atmfd.dll
2018-01-05 16:11:37 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2018-01-05 16:11:35 111104 ----a-w- C:\Windows\SysWow64\t2embed.dll
2018-01-05 16:11:25 71168 ----a-w- C:\Windows\SysWow64\fontsub.dll
2018-01-05 16:11:23 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2018-01-05 15:50:51 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2018-01-01 16:12:27 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2018-01-01 02:21:11 948968 ----a-w- C:\Windows\System32\drivers\ndis.sys
2018-01-01 02:21:11 288488 ----a-w- C:\Windows\System32\drivers\fltMgr.sys
2018-01-01 02:21:11 213736 ----a-w- C:\Windows\System32\drivers\rdyboost.sys
2018-01-01 02:21:11 1680616 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2018-01-01 02:21:10 114408 ----a-w- C:\Windows\System32\consent.exe
2018-01-01 02:04:05 559616 ----a-w- C:\Windows\System32\spoolsv.exe
2018-01-01 01:59:59 1806848 ----a-w- C:\Windows\SysWow64\authui.dll
2018-01-01 01:59:58 309760 ----a-w- C:\Windows\SysWow64\actxprxy.dll
2018-01-01 01:55:16 88576 ----a-w- C:\Windows\System32\drivers\wanarp.sys
2018-01-01 01:55:09 58368 ----a-w- C:\Windows\System32\drivers\ndproxy.sys
2018-01-01 01:55:07 24064 ----a-w- C:\Windows\System32\drivers\ndistapi.sys
.
============= FINISH: 9:07:14,58 ===============