wklejto.pl

Dodane przez: ~Anonim123 (2018-11-29 06:03) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
OTL logfile created on: 2018-11-28 23:47:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Natalka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,89 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 44,53% Memory free
7,77 Gb Paging File | 5,36 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,31 Gb Total Space | 136,30 Gb Free Space | 69,79% Space Free | Partition Type: NTFS
Drive D: | 270,35 Gb Total Space | 202,26 Gb Free Space | 74,81% Space Free | Partition Type: NTFS
 
Computer Name: NATALKA1 | User Name: Natalka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2018-11-28 23:46:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Natalka\Downloads\OTL.exe
PRC - [2018-10-06 19:35:19 | 000,594,224 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
PRC - [2018-10-06 19:32:12 | 000,338,224 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
PRC - [2018-09-22 12:00:49 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
PRC - [2018-08-14 08:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2018-04-17 12:35:34 | 004,586,456 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Natalka\AppData\Local\Akamai\netsession_win.exe
PRC - [2018-02-28 22:37:30 | 000,619,640 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
PRC - [2018-02-28 22:37:30 | 000,617,016 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
PRC - [2014-12-05 03:27:44 | 000,599,944 | ---- | M] (Autodesk Inc.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
PRC - [2014-12-05 03:27:43 | 000,493,960 | ---- | M] (Autodesk Inc.) -- C:\Users\Natalka\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
PRC - [2013-12-12 13:07:08 | 000,019,256 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2013-05-16 19:08:38 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-07-17 13:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-07-17 13:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-06-25 09:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-06-19 01:17:30 | 000,077,824 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe
PRC - [2010-11-21 04:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2018-10-17 19:59:28 | 004,310,296 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2014-12-05 03:27:52 | 000,104,328 | ---- | M] () -- C:\Users\Natalka\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2018-10-12 03:00:18 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2018-10-01 17:52:48 | 001,369,856 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:[b]64bit:[/b] - [2018-09-22 13:14:45 | 000,314,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2018-08-13 22:49:28 | 001,391,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016-08-20 02:28:19 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2015-02-05 19:47:50 | 000,031,160 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV:[b]64bit:[/b] - [2014-04-30 15:33:52 | 000,337,776 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:[b]64bit:[/b] - [2012-04-20 13:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2018-10-06 19:32:25 | 000,416,560 | ---- | M] (AO Kaspersky Lab) [On_Demand | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe -- (klvssbridge64_19.0.0)
SRV - [2018-09-22 13:14:45 | 000,278,344 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2018-08-14 08:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2018-03-26 15:24:54 | 000,107,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2018-02-28 22:37:30 | 000,619,640 | ---- | M] (AO Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe -- (AVP19.0.0)
SRV - [2018-02-28 22:37:30 | 000,617,016 | ---- | M] (AO Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe -- (KSDE3.0.0)
SRV - [2016-08-20 02:31:47 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014-12-05 03:27:44 | 000,599,944 | ---- | M] (Autodesk Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe -- (AdAppMgrSvc)
SRV - [2013-05-16 19:08:38 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-07-17 13:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-07-17 13:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-06-25 09:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-06-19 01:17:30 | 000,077,824 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2018-10-06 21:19:09 | 001,129,056 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2018-10-06 21:18:58 | 000,073,416 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbackupdisk.sys -- (klbackupdisk)
DRV:[b]64bit:[/b] - [2018-10-06 21:18:56 | 000,089,168 | ---- | M] (AO Kaspersky Lab) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:[b]64bit:[/b] - [2018-10-06 21:18:45 | 000,123,144 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klbackupflt.sys -- (klbackupflt)
DRV:[b]64bit:[/b] - [2018-10-06 21:18:24 | 000,219,232 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:[b]64bit:[/b] - [2018-10-06 19:30:22 | 001,193,160 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klhk.sys -- (klhk)
DRV:[b]64bit:[/b] - [2018-09-22 13:20:43 | 000,181,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2018-09-22 13:14:44 | 003,793,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2018-07-26 19:44:00 | 000,161,592 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwtp.sys -- (klwtp)
DRV:[b]64bit:[/b] - [2018-02-24 04:17:48 | 000,203,968 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:[b]64bit:[/b] - [2018-02-20 10:53:38 | 000,528,576 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2018-02-12 15:51:02 | 000,048,080 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kltap.sys -- (kltap)
DRV:[b]64bit:[/b] - [2018-02-12 03:17:12 | 000,056,520 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (klim6)
DRV:[b]64bit:[/b] - [2018-01-27 10:10:16 | 000,243,400 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cm_km.sys -- (cm_km)
DRV:[b]64bit:[/b] - [2018-01-15 04:16:12 | 000,058,056 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:[b]64bit:[/b] - [2017-12-11 10:49:14 | 000,083,496 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2017-11-07 22:56:12 | 000,081,632 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:[b]64bit:[/b] - [2017-05-30 17:51:40 | 000,050,648 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:[b]64bit:[/b] - [2016-08-20 02:30:11 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2016-08-20 02:27:46 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2016-08-20 02:27:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2016-08-20 02:23:12 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2016-08-20 02:23:12 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2016-08-20 02:21:26 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2016-08-20 02:21:26 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013-12-12 13:07:20 | 000,070,928 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:[b]64bit:[/b] - [2013-07-08 21:05:34 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-06-11 22:52:14 | 002,811,904 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2012-02-01 17:06:18 | 000,292,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2018-09-22 13:09:48 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
 
 
 
 
IE - HKU\S-1-5-21-2446104624-580447216-520113299-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-PL
IE - HKU\S-1-5-21-2446104624-580447216-520113299-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 43 86 F5 26 62 52 D4 01  [binary data]
IE - HKU\S-1-5-21-2446104624-580447216-520113299-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 17 2D BC 28 62 52 D4 01  [binary data]
IE - HKU\S-1-5-21-2446104624-580447216-520113299-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-2446104624-580447216-520113299-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2446104624-580447216-520113299-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2446104624-580447216-520113299-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com: C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY FREE 19.0.0\FFEXT\LIGHT_PLUGIN_FIREFOX\ADDON.XPI [2018-10-06 19:32:13 | 000,155,289 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-10-06 19:32:13 | 000,155,289 | ---- | M] ()
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd\20.0.543.401_0\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.2_0\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_1\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7018.903.0.0_0\
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Kaspersky Protection) - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Kaspersky Protection) - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Kaspersky Protection Toolbar) - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Kaspersky Protection Toolbar) - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O4 - HKLM..\Run: [ADSKAppManager] C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe (Autodesk Inc.)
O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2446104624-580447216-520113299-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-2446104624-580447216-520113299-1000..\Run: [Akamai NetSession Interface] C:\Users\Natalka\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-2446104624-580447216-520113299-1000..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-21-2446104624-580447216-520113299-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2446104624-580447216-520113299-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2446104624-580447216-520113299-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  = 
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 37.8.214.2 31.11.202.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{258A2EDF-1230-44E7-A408-09264966DF59}: DhcpNameServer = 37.8.214.2 31.11.202.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1E88C1C-0594-4A39-8746-4C994D838C4D}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2018-10-01 17:05:55 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2018-11-28 21:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2018-11-28 21:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2018-11-28 20:37:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2018-11-28 20:35:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2018-11-28 12:53:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2018-11-18 16:30:55 | 000,000,000 | ---D | C] -- C:\Users\Natalka\Documents\Lumion 6
[2018-11-18 16:09:58 | 000,000,000 | ---D | C] -- C:\Users\Natalka\AppData\Roaming\Quest3D
[2018-11-14 08:54:46 | 002,319,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2018-11-14 08:54:46 | 002,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2018-11-14 08:54:46 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2018-11-14 08:54:46 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2018-11-14 08:54:45 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2018-11-14 08:54:43 | 005,551,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018-11-14 08:54:43 | 001,211,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018-11-14 08:54:43 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2018-11-14 08:54:43 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2018-11-14 08:54:42 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2018-11-14 08:54:42 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2018-11-14 08:54:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2018-11-14 08:54:42 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2018-11-14 08:54:42 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2018-11-14 08:54:42 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2018-11-14 08:54:41 | 004,054,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2018-11-14 08:54:41 | 003,960,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2018-11-14 08:54:41 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2018-11-14 08:54:40 | 005,779,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2018-11-14 08:54:40 | 001,664,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018-11-14 08:54:40 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2018-11-14 08:54:40 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2018-11-14 08:54:40 | 000,969,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2018-11-14 08:54:40 | 000,708,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018-11-14 08:54:40 | 000,262,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018-11-14 08:54:40 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2018-11-14 08:54:40 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2018-11-14 08:54:39 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2018-11-14 08:54:39 | 000,631,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018-11-14 08:54:39 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018-11-14 08:54:39 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018-11-14 08:54:39 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2018-11-14 08:54:39 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2018-11-14 08:54:39 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2018-11-14 08:54:39 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2018-11-14 08:54:39 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2018-11-14 08:54:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2018-11-14 08:54:39 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2018-11-14 08:54:39 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2018-11-14 08:54:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshcon.dll
[2018-11-14 08:54:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dispex.dll
[2018-11-14 08:54:38 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018-11-14 08:54:38 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2018-11-14 08:54:38 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018-11-14 08:54:38 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018-11-14 08:54:38 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2018-11-14 08:54:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshcon.dll
[2018-11-14 08:54:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dispex.dll
[2018-11-14 08:54:37 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2018-11-14 08:54:37 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018-11-14 08:54:37 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2018-11-14 08:54:37 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2018-11-14 08:54:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2018-11-14 08:54:37 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018-11-14 08:54:36 | 000,794,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2018-11-14 08:54:36 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2018-11-14 08:54:36 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2018-11-14 08:54:36 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2018-11-14 08:54:36 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018-11-14 08:54:36 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018-11-14 08:54:36 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2018-11-14 08:54:36 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018-11-14 08:54:36 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2018-11-14 08:54:36 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018-11-14 08:54:36 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2018-11-14 08:54:36 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018-11-14 08:54:36 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2018-11-14 08:54:36 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018-11-14 08:54:36 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2018-11-14 08:54:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2018-11-14 08:54:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2018-11-14 08:54:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2018-11-14 08:54:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018-11-14 08:54:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2018-11-14 08:54:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018-11-14 08:54:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018-11-14 08:54:35 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2018-11-14 08:54:35 | 002,059,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2018-11-14 08:54:35 | 000,662,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2018-11-14 08:54:35 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018-11-14 08:54:35 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2018-11-14 08:54:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2018-11-14 08:54:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018-11-14 08:54:34 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2018-11-14 08:54:34 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2018-11-14 08:54:34 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2018-11-14 08:54:34 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2018-11-14 08:54:34 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2018-11-14 08:54:34 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2018-11-14 08:54:34 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2018-11-14 08:54:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2018-11-14 08:54:34 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2018-11-14 08:54:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2018-11-14 08:54:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2018-11-14 08:54:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2018-11-14 08:54:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018-11-14 08:54:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2018-11-14 08:54:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2018-11-14 08:54:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2018-11-14 08:54:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2018-11-14 08:54:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2018-11-14 08:54:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2018-11-14 08:54:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2018-11-14 08:54:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2018-11-14 08:54:33 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2018-11-14 08:54:33 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2018-11-14 08:54:33 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2018-11-14 08:54:33 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2018-11-14 08:54:33 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2018-11-14 08:54:33 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2018-11-14 08:54:33 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2018-11-14 08:54:33 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2018-11-14 08:54:33 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2018-11-14 08:54:33 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2018-11-14 08:54:33 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2018-11-14 08:54:33 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2018-11-14 08:54:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2018-11-14 08:54:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2018-11-14 08:54:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2018-11-14 08:54:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2018-11-14 08:54:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2018-11-14 08:54:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2018-11-14 08:54:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2018-11-14 08:54:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2018-11-14 08:54:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2018-11-14 08:54:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2018-11-14 08:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2018-11-14 08:54:32 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018-11-14 08:54:32 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018-11-14 08:54:32 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2018-11-14 08:54:32 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2018-11-14 08:54:32 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2018-11-14 08:54:32 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2018-11-14 08:54:32 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2018-11-14 08:54:32 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2018-11-14 08:54:32 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2018-11-14 08:54:32 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2018-11-14 08:54:32 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2018-11-14 08:54:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2018-11-14 08:54:32 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2018-11-14 08:54:32 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2018-11-14 08:54:32 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018-11-14 08:54:32 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018-11-14 08:54:32 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2018-11-14 08:54:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2018-11-14 08:54:32 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2018-11-14 08:54:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2018-11-14 08:54:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2018-11-14 08:54:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2018-11-14 08:54:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2018-11-14 08:54:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2018-11-14 08:54:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2018-11-14 08:54:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2018-11-14 08:54:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2018-11-11 20:44:39 | 000,000,000 | ---D | C] -- C:\Users\Natalka\AppData\Local\ElevatedDiagnostics
[2018-11-10 10:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2018-11-05 20:52:46 | 000,000,000 | ---D | C] -- C:\Users\Natalka\AppData\Local\Microsoft Games
[2018-11-05 20:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2018-11-05 20:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2018-11-05 20:40:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2018-11-05 20:39:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2018-11-05 20:39:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2018-11-05 20:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2018-11-05 20:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2018-11-05 20:34:45 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2018-11-05 20:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2018-11-05 20:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2018-11-05 20:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2018-11-05 20:33:26 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2018-11-05 07:24:03 | 000,000,000 | ---D | C] -- C:\Users\Natalka\Documents\Moje palety
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2018-11-28 23:53:40 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018-11-28 23:53:28 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018-11-28 23:33:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018-11-28 23:33:36 | 3131,207,680 | -HS- | M] () -- C:\hiberfil.sys
[2018-11-28 21:18:47 | 000,000,948 | ---- | M] () -- C:\Users\Natalka\Desktop\Core Temp.lnk
[2018-11-28 21:18:47 | 000,000,165 | ---- | M] () -- C:\Users\Natalka\Desktop\Goodgame Empire.url
[2018-11-28 20:38:30 | 000,001,102 | ---- | M] () -- C:\Users\Natalka\Desktop\EVEREST Home Edition.lnk
[2018-11-28 12:53:33 | 475,622,250 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2018-11-26 21:09:07 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018-11-20 07:52:41 | 001,669,190 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018-11-20 07:52:41 | 000,740,348 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2018-11-20 07:52:41 | 000,654,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018-11-20 07:52:41 | 000,155,890 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2018-11-20 07:52:41 | 000,122,012 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018-11-18 14:58:04 | 005,180,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2018-11-18 14:26:47 | 001,641,796 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2018-11-11 02:29:02 | 005,551,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018-11-11 02:28:59 | 000,708,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018-11-11 02:28:49 | 000,262,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018-11-11 02:27:51 | 000,631,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018-11-11 02:27:47 | 001,664,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018-11-11 02:26:16 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2018-11-11 02:26:16 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018-11-11 02:26:16 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018-11-11 02:26:14 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2018-11-11 02:26:07 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018-11-11 02:26:07 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2018-11-11 02:26:06 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2018-11-11 02:26:06 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2018-11-11 02:26:00 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2018-11-11 02:25:59 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2018-11-11 02:25:57 | 001,211,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018-11-11 02:25:57 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2018-11-11 02:25:52 | 002,072,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2018-11-11 02:25:52 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2018-11-11 02:25:51 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2018-11-11 02:25:48 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018-11-11 02:25:44 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018-11-11 02:25:42 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2018-11-11 02:25:36 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018-11-11 02:25:34 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2018-11-11 02:25:34 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018-11-11 02:24:58 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018-11-11 02:24:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2018-11-11 02:24:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2018-11-11 02:24:39 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018-11-11 02:24:32 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018-11-11 02:24:28 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018-11-11 02:24:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018-11-11 02:24:28 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2018-11-11 02:24:28 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2018-11-11 02:24:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2018-11-11 02:24:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2018-11-11 02:24:27 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2018-11-11 02:24:27 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2018-11-11 02:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2018-11-11 02:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2018-11-11 02:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2018-11-11 02:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2018-11-11 02:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2018-11-11 02:24:26 | 000,880,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018-11-11 02:24:26 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018-11-11 02:14:50 | 004,054,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2018-11-11 02:14:15 | 003,960,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2018-11-11 02:11:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018-11-11 02:10:57 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2018-11-11 02:10:52 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2018-11-11 02:10:44 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018-11-11 02:10:42 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2018-11-11 02:09:59 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018-11-11 02:09:52 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018-11-11 02:09:52 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2018-11-11 02:09:51 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2018-11-11 02:09:51 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2018-11-11 02:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2018-11-11 02:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2018-11-11 02:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2018-11-11 02:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2018-11-11 02:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2018-11-11 02:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2018-11-11 02:09:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018-11-11 02:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2018-11-11 02:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2018-11-11 02:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2018-11-11 02:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2018-11-11 01:53:09 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018-11-11 01:53:05 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018-11-11 01:52:19 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2018-11-11 01:48:53 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2018-11-11 01:48:19 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2018-11-11 01:47:54 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2018-11-11 01:47:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2018-11-11 01:45:37 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2018-11-11 01:43:14 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2018-11-11 01:41:14 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018-11-11 01:41:12 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018-11-11 01:41:12 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2018-11-11 01:41:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2018-11-11 01:40:01 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2018-11-11 01:40:01 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2018-11-11 01:40:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2018-11-11 01:40:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2018-11-05 20:20:48 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\srvany.exe
[2018-11-05 19:45:22 | 000,000,133 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2018-11-28 21:18:47 | 000,000,948 | ---- | C] () -- C:\Users\Natalka\Desktop\Core Temp.lnk
[2018-11-28 21:18:47 | 000,000,165 | ---- | C] () -- C:\Users\Natalka\Desktop\Goodgame Empire.url
[2018-11-28 20:38:30 | 000,001,102 | ---- | C] () -- C:\Users\Natalka\Desktop\EVEREST Home Edition.lnk
[2018-11-28 12:53:33 | 475,622,250 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2018-11-14 13:17:13 | 981,148,704 | ---- | C] () -- C:\Users\Natalka\Desktop\Projekt ogrodu romantycznego - FILM.mp4
[2018-11-05 20:21:23 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2018-11-05 19:45:22 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2018-10-02 09:09:25 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2018-09-22 13:30:47 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2018-09-22 13:14:44 | 000,349,112 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2018-09-22 13:14:44 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2018-09-22 13:14:44 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2018-08-13 16:54:39 | 014,183,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018-08-13 16:40:58 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2018-10-25 13:17:24 | 000,000,000 | ---D | M] -- C:\Users\Natalka\AppData\Roaming\Autodesk
[2018-09-22 13:10:32 | 000,000,000 | ---D | M] -- C:\Users\Natalka\AppData\Roaming\DataWorks
[2018-09-22 14:56:05 | 000,000,000 | ---D | M] -- C:\Users\Natalka\AppData\Roaming\IObit
[2018-09-25 09:59:47 | 000,000,000 | ---D | M] -- C:\Users\Natalka\AppData\Roaming\PhotoScape
[2018-11-18 16:29:51 | 000,000,000 | ---D | M] -- C:\Users\Natalka\AppData\Roaming\Quest3D
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
< End of report >
 
Wygenerowano w 0.096s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!