wklejto.pl

Dodane przez: ~Anonim (2019-01-25 10:09) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Windows at 2019-01-25 10:02:36
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 221 GB (46%) free of 477 GB
Total RAM: 3071 MB (41% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:02:39, on 2019-01-25
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe
C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe
C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe
C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe
C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe
C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Windows.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://pl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10438__171013__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GammaControl] False
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize 
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A202E64BA604ECEF88F03C5AFA5E3129] "C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [SteamServerBrowser] C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WC Assistant (WCAssistantService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 7936 bytes
 
======Listing Processes======
 
 
 
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b71fa7ef-0858-4cf9-ab85-adba0baad48e -SystemEventPortName:HostProcess-b79fc978-0e58-417e-bfe5-6144750043ed -IoCancelEventPortName:HostProcess-89a31bff-0f1c-4a5a-b058-736ca5eabeec -NonStateChangingEventPortName:HostProcess-6bba1d58-ea11-443b-8643-fd6c5820b404 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:038c3c79-fdb1-44b3-ab64-e0737fa6b820 -DeviceGroupId:WpdFsGroup
\??\C:\Windows\system32\conhost.exe "487939023922565574-226035802-502112751-1605017154875608603-402820685-884449589
"C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe" 
C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe --type=crashpad-handler /prefetch:7 "--database=C:\Users\Windows\AppData\Local\Chromium\User Data\Crashpad" "--metrics-dir=C:\Users\Windows\AppData\Local\Chromium\User Data" --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chromium --annotation=ver=58.0.3014.0-devel --initial-client-data=0x3c,0x40,0x44,0x38,0x9c,0x73eb9944,0x73eb9954,0x73eb9964
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe" --type=gpu-process --field-trial-handle=1088 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x0a20 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.4201 --gpu-driver-date=11-14-2016 --service-request-channel-token=8C48D01BFB47A5BE3D9D39CFBEE4D8EE --mojo-platform-channel-handle=1104 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe" --type=renderer --field-trial-handle=1088 --primordial-pipe-token=E89A886C780103B856A612BD91205F1E --lang=pl --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=E89A886C780103B856A612BD91205F1E --renderer-client-id=3 --mojo-platform-channel-handle=1880 /prefetch:1
"C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe" --type=renderer --field-trial-handle=1088 --primordial-pipe-token=A07E7AA831B6A44644926E09DD84DB6C --lang=pl --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=A07E7AA831B6A44644926E09DD84DB6C --renderer-client-id=5 --mojo-platform-channel-handle=1932 /prefetch:1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe" --type=renderer --field-trial-handle=1088 --primordial-pipe-token=D495711112A2DE25BE0A344467EAB6DC --lang=pl --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=D495711112A2DE25BE0A344467EAB6DC --renderer-client-id=12 --mojo-platform-channel-handle=2880 /prefetch:1
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Windows\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Windows\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=71.0.3578.98 --initial-client-data=0x84,0x88,0x8c,0x80,0x90,0x7fee7c964d0,0x7fee7c964e0,0x7fee7c964f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3504 --on-initialized-event-handle=324 --parent-handle=328 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=14568623674300643685 --mojo-platform-channel-handle=1012 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --service-pipe-token=6592759464986729342 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=6592759464986729342 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2540 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --lang=pl --service-sandbox-type=audio --service-request-channel-token=5795969024263893968 --mojo-platform-channel-handle=4208 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --service-pipe-token=9848119271965809034 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=9848119271965809034 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4308 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --service-pipe-token=17962996446140269153 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=17962996446140269153 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --service-pipe-token=7550480287207200370 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=7550480287207200370 --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --service-pipe-token=403551577620707002 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=403551577620707002 --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
C:\Windows\system32\AUDIODG.EXE 0x72c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --service-pipe-token=10662638698035396727 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=10662638698035396727 --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1928 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=996,12336486245363543365,16778825973642208220,131072 --service-pipe-token=1969991405615380996 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=1969991405615380996 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
"C:\Users\Windows\Downloads\RSITx64.exe" 
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-13 473664]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-13 187968]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-11-14 2397120]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-11-14 1767712]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2017-10-13 2513000]
"GoogleChromeAutoLaunch_A202E64BA604ECEF88F03C5AFA5E3129"=C:\Users\Windows\AppData\Local\chromium\Application\chrome.exe [2017-02-15 829440]
"SteamServerBrowser"=C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe [2017-02-26 228352]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-06-05 2171904]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"GammaControl"=False []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui []
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
 
======List of files/folders created in the last 3 months======
 
2019-01-25 10:02:36 ----D---- C:\rsit
2019-01-25 10:02:36 ----D---- C:\Program Files\trend micro
2019-01-25 09:40:46 ----D---- C:\Windows\Minidump
2019-01-11 23:50:20 ----SHD---- C:\$RECYCLE.BIN
2019-01-11 23:50:08 ----D---- C:\Windows\temp
2019-01-11 23:49:57 ----A---- C:\ComboFix.txt
2018-12-12 11:50:20 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2018-12-12 11:50:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2018-12-12 11:50:20 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2018-12-12 11:50:20 ----A---- C:\Windows\system32\XAudio2_7.dll
2018-12-12 11:50:20 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2018-12-12 11:50:20 ----A---- C:\Windows\system32\xactengine3_7.dll
2018-12-12 11:50:19 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2018-12-12 11:50:19 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2018-12-12 11:50:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2018-12-12 11:50:19 ----A---- C:\Windows\system32\d3dx11_43.dll
2018-12-12 11:50:19 ----A---- C:\Windows\system32\d3dcsx_43.dll
2018-12-12 11:50:19 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2018-12-12 11:50:18 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2018-12-12 11:50:18 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2018-12-12 11:50:18 ----A---- C:\Windows\system32\D3DX9_43.dll
2018-12-12 11:50:18 ----A---- C:\Windows\system32\d3dx10_43.dll
2018-12-12 11:50:17 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2018-12-12 11:50:17 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2018-12-12 11:50:17 ----A---- C:\Windows\system32\XAudio2_6.dll
2018-12-12 11:50:17 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2018-12-12 11:50:16 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2018-12-12 11:50:16 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2018-12-12 11:50:16 ----A---- C:\Windows\system32\xactengine3_6.dll
2018-12-12 11:50:16 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2018-12-12 11:50:15 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2018-12-12 11:50:15 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2018-12-12 11:50:15 ----A---- C:\Windows\system32\XAudio2_5.dll
2018-12-12 11:50:15 ----A---- C:\Windows\system32\xactengine3_5.dll
2018-12-12 11:50:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2018-12-12 11:50:14 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2018-12-12 11:50:12 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2018-12-12 11:50:12 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2018-12-12 11:50:12 ----A---- C:\Windows\system32\d3dx11_42.dll
2018-12-12 11:50:12 ----A---- C:\Windows\system32\d3dcsx_42.dll
2018-12-12 11:50:11 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2018-12-12 11:50:11 ----A---- C:\Windows\system32\d3dx10_42.dll
2018-12-12 11:50:10 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2018-12-12 11:50:10 ----A---- C:\Windows\system32\D3DX9_42.dll
2018-12-12 11:50:09 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2018-12-12 11:50:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2018-12-12 11:50:09 ----A---- C:\Windows\system32\d3dx10_41.dll
2018-12-12 11:50:09 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2018-12-12 11:50:07 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2018-12-12 11:50:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2018-12-12 11:50:07 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2018-12-12 11:50:07 ----A---- C:\Windows\system32\XAudio2_4.dll
2018-12-12 11:50:07 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2018-12-12 11:50:07 ----A---- C:\Windows\system32\D3DX9_41.dll
2018-12-12 11:50:06 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2018-12-12 11:50:06 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2018-12-12 11:50:06 ----A---- C:\Windows\system32\xactengine3_4.dll
2018-12-12 11:50:06 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2018-12-12 11:50:05 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2018-12-12 11:50:05 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2018-12-12 11:50:05 ----A---- C:\Windows\system32\d3dx10_40.dll
2018-12-12 11:50:05 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2018-12-12 11:50:04 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2018-12-12 11:50:04 ----A---- C:\Windows\system32\D3DX9_40.dll
2018-12-12 11:50:03 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2018-12-12 11:50:03 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2018-12-12 11:50:03 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2018-12-12 11:50:03 ----A---- C:\Windows\system32\XAudio2_3.dll
2018-12-12 11:50:03 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2018-12-12 11:50:03 ----A---- C:\Windows\system32\xactengine3_3.dll
2018-12-12 11:50:02 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2018-12-12 11:50:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2018-12-12 11:50:02 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2018-12-12 11:50:02 ----A---- C:\Windows\system32\XAudio2_2.dll
2018-12-12 11:50:02 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2018-12-12 11:50:02 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2018-12-12 11:50:01 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2018-12-12 11:50:01 ----A---- C:\Windows\system32\xactengine3_2.dll
2018-12-12 11:50:01 ----A---- C:\Windows\system32\d3dx10_39.dll
2018-12-12 11:50:01 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2018-12-12 11:50:00 ----A---- C:\Windows\system32\D3DX9_39.dll
2018-12-12 11:49:59 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2018-12-12 11:49:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2018-12-12 11:49:59 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2018-12-12 11:49:59 ----A---- C:\Windows\system32\XAudio2_1.dll
2018-12-12 11:49:59 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2018-12-12 11:49:59 ----A---- C:\Windows\system32\xactengine3_1.dll
2018-12-12 11:49:58 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2018-12-12 11:49:58 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2018-12-12 11:49:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2018-12-12 11:49:58 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2018-12-12 11:49:58 ----A---- C:\Windows\system32\d3dx10_38.dll
2018-12-12 11:49:58 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2018-12-12 11:49:57 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2018-12-12 11:49:57 ----A---- C:\Windows\system32\D3DX9_38.dll
2018-12-12 11:49:56 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2018-12-12 11:49:56 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2018-12-12 11:49:56 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2018-12-12 11:49:56 ----A---- C:\Windows\system32\XAudio2_0.dll
2018-12-12 11:49:56 ----A---- C:\Windows\system32\xactengine3_0.dll
2018-12-12 11:49:56 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2018-12-12 11:49:54 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2018-12-12 11:49:54 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2018-12-12 11:49:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2018-12-12 11:49:54 ----A---- C:\Windows\system32\D3DX9_37.dll
2018-12-12 11:49:54 ----A---- C:\Windows\system32\d3dx10_37.dll
2018-12-12 11:49:54 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2018-12-12 11:49:53 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2018-12-12 11:49:53 ----A---- C:\Windows\system32\xactengine2_10.dll
2018-12-12 11:49:52 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2018-12-12 11:49:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2018-12-12 11:49:52 ----A---- C:\Windows\system32\d3dx10_36.dll
2018-12-12 11:49:52 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2018-12-12 11:49:51 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2018-12-12 11:49:51 ----A---- C:\Windows\system32\d3dx9_36.dll
2018-12-12 11:49:50 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2018-12-12 11:49:50 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2018-12-12 11:49:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2018-12-12 11:49:50 ----A---- C:\Windows\system32\xactengine2_9.dll
2018-12-12 11:49:50 ----A---- C:\Windows\system32\d3dx10_35.dll
2018-12-12 11:49:50 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2018-12-12 11:49:49 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2018-12-12 11:49:49 ----A---- C:\Windows\system32\d3dx9_35.dll
2018-12-12 11:49:48 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2018-12-12 11:49:48 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2018-12-12 11:49:48 ----A---- C:\Windows\system32\xactengine2_8.dll
2018-12-12 11:49:48 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2018-12-12 11:49:47 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2018-12-12 11:49:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2018-12-12 11:49:47 ----A---- C:\Windows\system32\d3dx10_34.dll
2018-12-12 11:49:47 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2018-12-12 11:49:46 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2018-12-12 11:49:46 ----A---- C:\Windows\system32\xinput1_3.dll
2018-12-12 11:49:46 ----A---- C:\Windows\system32\d3dx9_34.dll
2018-12-12 11:49:45 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2018-12-12 11:49:45 ----A---- C:\Windows\system32\xactengine2_7.dll
2018-12-12 11:49:44 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2018-12-12 11:49:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2018-12-12 11:49:44 ----A---- C:\Windows\system32\d3dx10_33.dll
2018-12-12 11:49:44 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2018-12-12 11:49:43 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2018-12-12 11:49:43 ----A---- C:\Windows\system32\d3dx9_33.dll
2018-12-12 11:49:42 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2018-12-12 11:49:42 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2018-12-12 11:49:42 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2018-12-12 11:49:42 ----A---- C:\Windows\system32\xactengine2_6.dll
2018-12-12 11:49:42 ----A---- C:\Windows\system32\xactengine2_5.dll
2018-12-12 11:49:42 ----A---- C:\Windows\system32\d3dx10.dll
2018-12-12 11:49:41 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2018-12-12 11:49:41 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2018-12-12 11:49:41 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2018-12-12 11:49:41 ----A---- C:\Windows\system32\xactengine2_4.dll
2018-12-12 11:49:41 ----A---- C:\Windows\system32\x3daudio1_1.dll
2018-12-12 11:49:41 ----A---- C:\Windows\system32\d3dx9_32.dll
2018-12-12 11:49:40 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2018-12-12 11:49:40 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2018-12-12 11:49:40 ----A---- C:\Windows\system32\xactengine2_3.dll
2018-12-12 11:49:40 ----A---- C:\Windows\system32\d3dx9_31.dll
2018-12-12 11:49:39 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2018-12-12 11:49:39 ----A---- C:\Windows\system32\xinput1_2.dll
 
======List of files/folders modified in the last 3 months======
 
2019-01-25 10:02:39 ----D---- C:\Windows\Prefetch
2019-01-25 10:02:36 ----RD---- C:\Program Files
2019-01-25 09:40:46 ----D---- C:\Windows
2019-01-25 09:40:44 ----D---- C:\ProgramData\NVIDIA
2019-01-24 14:01:43 ----D---- C:\Windows\system32\config
2019-01-24 13:49:08 ----SHD---- C:\System Volume Information
2019-01-24 13:26:54 ----D---- C:\Windows\System32
2019-01-24 13:26:54 ----D---- C:\Windows\inf
2019-01-24 13:26:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-01-23 19:19:50 ----D---- C:\Users\Windows\AppData\Roaming\TS3Client
2019-01-23 09:46:53 ----D---- C:\Users\Windows\AppData\Roaming\uTorrent
2019-01-12 11:59:30 ----D---- C:\Windows\system32\drivers
2019-01-11 23:50:16 ----D---- C:\Qoobox
2019-01-11 23:42:01 ----A---- C:\Windows\system.ini
2019-01-11 23:41:46 ----D---- C:\Windows\system32\drivers\etc
2019-01-11 23:39:29 ----RD---- C:\Program Files (x86)
2019-01-11 23:35:57 ----D---- C:\Windows\SYSWOW64\drivers
2019-01-11 23:35:57 ----D---- C:\Windows\SysWOW64
2019-01-11 23:35:57 ----D---- C:\Windows\AppPatch
2019-01-11 23:35:56 ----D---- C:\Program Files (x86)\Common Files
2019-01-11 23:15:15 ----D---- C:\ProgramData
2019-01-11 23:13:27 ----D---- C:\Program Files (x86)\Gameforge
2019-01-11 23:07:48 ----D---- C:\Windows\system32\Tasks
2019-01-11 22:47:44 ----D---- C:\Windows\winsxs
2019-01-11 22:34:05 ----D---- C:\Windows\Microsoft.NET
2019-01-11 22:33:24 ----D---- C:\ProgramData\AVAST Software
2018-12-22 00:01:29 ----D---- C:\Program Files (x86)\Steam
2018-12-21 19:18:54 ----D---- C:\Windows\LiveKernelReports
2018-12-19 10:19:13 ----SHD---- C:\Windows\Installer
2018-12-12 11:49:37 ----RSD---- C:\Windows\assembly
2018-12-08 18:05:36 ----D---- C:\Windows\system32\catroot2
2018-12-08 12:03:08 ----D---- C:\Windows\system32\NDF
2018-11-14 15:58:55 ----D---- C:\Program Files (x86)\TeamViewer
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-19 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-11-14 27584]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-11-14 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-06-02 1207808]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-12-15 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-12-15 47672]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2016-08-20 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2016-08-20 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2016-08-20 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2016-08-20 29696]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys []
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-11-14 1163712]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-11-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-11-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-11-14 426040]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 WCAssistantService;WC Assistant; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [2017-10-13 25704]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-11-14 3632576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-13 153168]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-13 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-11-26 1684256]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-10-13 1255736]
S4 aspnet_state;„Usługa stanu ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
 
-----------------EOF-----------------
 
Wygenerowano w 0.061s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!