wklejto.pl

Dodane przez: ~ZooMM (2019-03-14 21:59) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
686.
687.
688.
689.
690.
691.
692.
693.
694.
695.
696.
697.
698.
699.
700.
701.
702.
703.
704.
705.
706.
707.
708.
709.
710.
711.
712.
713.
714.
715.
716.
717.
718.
719.
720.
721.
722.
723.
724.
725.
726.
727.
728.
729.
730.
731.
732.
733.
734.
735.
736.
737.
738.
739.
740.
741.
742.
743.
744.
745.
746.
747.
748.
749.
750.
751.
752.
753.
754.
755.
756.
757.
758.
759.
760.
761.
762.
763.
764.
765.
766.
767.
768.
769.
770.
771.
772.
773.
774.
775.
776.
777.
778.
779.
780.
781.
782.
783.
784.
785.
786.
787.
788.
789.
790.
791.
792.
793.
794.
795.
796.
797.
798.
799.
800.
801.
802.
803.
804.
805.
806.
807.
808.
809.
810.
811.
812.
813.
814.
815.
816.
817.
818.
819.
820.
821.
822.
823.
824.
825.
826.
827.
828.
829.
830.
831.
832.
833.
834.
835.
836.
837.
838.
839.
840.
841.
842.
843.
844.
845.
846.
847.
848.
849.
850.
851.
852.
853.
854.
855.
856.
857.
858.
859.
860.
861.
862.
863.
864.
865.
866.
867.
868.
869.
870.
871.
872.
873.
874.
875.
876.
877.
878.
879.
880.
881.
882.
883.
884.
885.
886.
887.
888.
889.
890.
891.
892.
893.
894.
895.
896.
897.
898.
899.
900.
901.
902.
903.
904.
905.
906.
907.
908.
909.
910.
911.
912.
913.
914.
915.
916.
917.
918.
919.
920.
921.
922.
923.
924.
925.
926.
927.
928.
929.
930.
931.
932.
933.
934.
935.
936.
937.
938.
939.
940.
941.
942.
943.
944.
945.
946.
947.
948.
949.
950.
951.
952.
953.
954.
955.
956.
957.
958.
959.
960.
961.
962.
963.
964.
965.
966.
967.
968.
969.
970.
971.
972.
973.
974.
975.
976.
977.
978.
979.
980.
981.
982.
983.
984.
985.
986.
987.
988.
989.
990.
991.
992.
993.
994.
995.
996.
997.
998.
999.
1000.
1001.
1002.
1003.
1004.
1005.
1006.
1007.
1008.
1009.
1010.
1011.
1012.
1013.
1014.
1015.
1016.
1017.
1018.
1019.
1020.
1021.
1022.
1023.
1024.
1025.
1026.
1027.
1028.
1029.
1030.
1031.
1032.
1033.
1034.
1035.
1036.
1037.
1038.
1039.
1040.
1041.
1042.
1043.
1044.
1045.
1046.
1047.
1048.
1049.
1050.
1051.
1052.
1053.
1054.
1055.
1056.
1057.
1058.
1059.
1060.
1061.
1062.
1063.
1064.
1065.
1066.
1067.
1068.
1069.
1070.
1071.
1072.
1073.
1074.
1075.
1076.
1077.
1078.
1079.
1080.
1081.
1082.
1083.
1084.
1085.
1086.
1087.
1088.
1089.
1090.
1091.
1092.
1093.
1094.
1095.
1096.
1097.
1098.
1099.
1100.
1101.
1102.
1103.
1104.
1105.
1106.
1107.
1108.
1109.
1110.
1111.
1112.
1113.
1114.
1115.
1116.
1117.
1118.
1119.
1120.
1121.
1122.
1123.
1124.
1125.
1126.
1127.
1128.
1129.
1130.
1131.
1132.
1133.
1134.
1135.
1136.
1137.
1138.
1139.
1140.
1141.
1142.
1143.
1144.
1145.
1146.
1147.
1148.
1149.
1150.
1151.
1152.
1153.
1154.
1155.
1156.
1157.
1158.
1159.
1160.
1161.
1162.
1163.
1164.
1165.
1166.
1167.
1168.
1169.
1170.
1171.
1172.
1173.
1174.
1175.
1176.
1177.
1178.
1179.
1180.
1181.
1182.
1183.
1184.
1185.
1186.
1187.
1188.
1189.
1190.
1191.
1192.
1193.
1194.
1195.
1196.
1197.
1198.
1199.
1200.
1201.
1202.
1203.
1204.
1205.
1206.
1207.
1208.
1209.
1210.
1211.
1212.
1213.
1214.
1215.
1216.
1217.
1218.
1219.
1220.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomek at 2019-03-14 21:56:55
Microsoft Windows 10 Home 
System drive C: has 25 GB (21%) free of 121 GB
Total RAM: 16315 MB (66% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:56, on 14.03.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Users\Tomek\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe
C:\Users\Tomek\AppData\Roaming\uTorrent Web\utweb.exe
C:\Users\Tomek\AppData\Roaming\ujt5dzgmsjy\gw5ykgz52d1.exe
C:\Users\Tomek\AppData\Local\Temp\is-V0IPD.tmp\gw5ykgz52d1.tmp
C:\Users\Tomek\AppData\Roaming\yyamdasyx0t\lb5ssndxryx.exe
C:\Users\Tomek\AppData\Local\Temp\is-O7ONQ.tmp\lb5ssndxryx.tmp
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Users\Tomek\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Users\Tomek\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\trend micro\Tomek.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-C6UafLcg6L_siz4TqSaxfg-jMPLYscwP8eY4PBb3M48tQFqVtaFyR7vsRstzdo3XgJI6NNXle0WCWpu2qTkmd-NupdzEPI0C_8TCkEtsdhGyAVlRS3sKqp4Im0ofJvNVH8h3RBeN6mTJlwme8v48qwTNdqCQ,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-C6UafLcg6L_siz4TqSaxfg-jMPLYscwP8eY4PBb3M48tQFqVtaFyR7vsRstzdo3XgJI6NNXle0WCWpu2qTkmd-NupdzEPI0C_8TCkEtsdhGyAVlRS3sKqp4Im0ofJvNVH8h3RBeN6mTJlwme8v48qwTNdqCQ,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-C6UafLcg6L_siz4TqSaxfg-jMPLYscwP8eY4PBb3M48tQFqVtaFyR7vsRstzdo3XgJI6NNXle0WCWpu2qTkmd-NupdzEPI0C_8TCkEtsdhGyAVlRS3sKqp4Im0ofJvNVH8h3RBeN6mTJlwme8v48qwTNdqCQ,,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-C6UafLcg6L_siz4TqSaxfg-jMPLYscwP8eY4PBb3M48tQFqVtaFyR7vsRstzdo3XgFz8aqPE5MpCFcILakjGTnYBor_os5pCC_3jpKLSvJIH2tjBTJLa4gXOaXWREmJHq-mHEgvxdthvMTEPr2gscf6U5C5A,,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-C6UafLcg6L_siz4TqSaxfg-jMPLYscwP8eY4PBb3M48tQFqVtaFyR7vsRstzdo3XgJI6NNXle0WCWpu2qTkmd-NupdzEPI0C_8TCkEtsdhGyAVlRS3sKqp4Im0ofJvNVH8h3RBeN6mTJlwme8v48qwTNdqCQ,,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {0E2877D3-2641-4970-B794-A553E295428D} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: YoutubeAdBlock - {33594515-D1AE-4483-BD6B-76A43DEACD5D} - C:\Program Files (x86)\PdUEJHwTcIE\k9nObfmCp.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [CLMLServer_For_P2G11] "C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tomek\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Discord] C:\Users\Tomek\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [EADM] "E:\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Spotify] C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [SteamServerBrowser] C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe
O4 - HKCU\..\Run: [Chromium] "c:\users\tomek\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKCU\..\Run: [utweb] "C:\Users\Tomek\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED
O4 - HKCU\..\Run: [3877674] "C:\Users\Tomek\AppData\Roaming\ujt5dzgmsjy\gw5ykgz52d1.exe" /VERYSILENT
O4 - HKCU\..\Run: [9281220] "C:\Users\Tomek\AppData\Roaming\yyamdasyx0t\lb5ssndxryx.exe" /VERYSILENT
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'USŁUGA SIECIOWA')
O4 - Startup: Facebook Gameroom.lnk = C:\Users\Tomek\AppData\Local\Facebook\Games\FacebookGameroom.exe
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ProgramData\Voyasollam\Indigoity.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: AsRogAuraService - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe
O23 - Service: Usługa Kaspersky Anti-Virus 18.0.0 (AVP18.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: SCP DS3 Service (Ds3Service) - Scarlet.Crush Productions - C:\Program Files\DS3_service\ScpService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.75\elevation_service.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_18.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe
O23 - Service: Usługa Kaspersky Secure Connection 3.0.0 (KSDE3.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - E:\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - E:\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 18444 bytes
 
======Listing Processes======
 
 
 
 
 
 
 
 
 
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
winlogon.exe
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
 
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe" -r
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files\DS3_service\ScpService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
 
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
dashost.exe {a3f2c9e2-ffa4-44d9-9b05f88daf7b29db}
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"E:\Origin\OriginWebHelperService.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe" -hidden
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
C:\Windows\System32\smartscreen.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Tomek\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x10de --gpu-device-id=0x1c03 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --lang=en-US --log-file="C:\Users\Tomek\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --service-request-channel-token=B1B1DCD7BCBFE39B31AC4A63BCC07EA9 --mojo-platform-channel-handle=2024 /prefetch:2
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-browser-side-navigation --no-sandbox --disable-gpu-compositing --service-pipe-token=AC5B216DF1313E10C6D47F43987601D9 --lang=en-US --lang=en-US --log-file="C:\Users\Tomek\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=AC5B216DF1313E10C6D47F43987601D9 --renderer-client-id=2 --mojo-platform-channel-handle=2052 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Windows\System32\SecurityHealthSystray.exe" 
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
 
 
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe" -r
 
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\Users\Tomek\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
 
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe" -hidden
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe" 
"C:\Users\Tomek\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED
"C:\Users\Tomek\AppData\Roaming\ujt5dzgmsjy\gw5ykgz52d1.exe" /VERYSILENT
"C:\Users\Tomek\AppData\Local\Temp\is-V0IPD.tmp\gw5ykgz52d1.tmp" /SL5="$2053E,481408,289280,C:\Users\Tomek\AppData\Roaming\ujt5dzgmsjy\gw5ykgz52d1.exe" /VERYSILENT
"C:\Users\Tomek\AppData\Roaming\yyamdasyx0t\lb5ssndxryx.exe" /VERYSILENT
"C:\Users\Tomek\AppData\Local\Temp\is-O7ONQ.tmp\lb5ssndxryx.tmp" /SL5="$E0574,481408,289280,C:\Users\Tomek\AppData\Roaming\yyamdasyx0t\lb5ssndxryx.exe" /VERYSILENT
"C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe" -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Users\Tomek\AppData\Local\Facebook\Games\FacebookGameroom.exe" fbgames://windows_startup/
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan-16380 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"
"C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe" 
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe"  /hide
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --disable-databases --primordial-pipe-token=760181A83B1EE73DB6BDDDCB3CD788BE --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Tomek\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.98 Safari/537.36 CreativeCloud/4.4.1.298" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=760181A83B1EE73DB6BDDDCB3CD788BE --renderer-client-id=2 --mojo-platform-channel-handle=2876 /prefetch:1
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --disable-databases --primordial-pipe-token=6A2E0F0D327AA721655E24A1E2BF0810 --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Tomek\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.98 Safari/537.36 CreativeCloud/4.4.1.298" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=6A2E0F0D327AA721655E24A1E2BF0810 --renderer-client-id=3 --mojo-platform-channel-handle=3336 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
"Facebook Gameroom Browser.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Tomek\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 CanvasFrame/1.4.1.* Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.4.1.*]" --supports-dual-gpus=false --gpu-driver-bug-workarounds=6,17,18,21,37,65 --gpu-vendor-id=0x10de --gpu-device-id=0x1c03 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8813 --gpu-driver-date=10-27-2017 --lang=en-US --log-file="C:\Users\Tomek\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 CanvasFrame/1.4.1.* Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.4.1.*]" --service-request-channel-token=ADD21C2E42AAFC637FBE3E025826DB48 --mojo-platform-channel-handle=2464 /prefetch:2
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\AUDIODG.EXE 0x5b8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Tomek\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Tomek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=73.0.3683.75 --initial-client-data=0x224,0x228,0x22c,0x220,0x230,0x7ffc7b286830,0x7ffc7b286840,0x7ffc7b286850
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5180 --on-initialized-event-handle=712 --parent-handle=716 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=6843200833271630395 --mojo-platform-channel-handle=1664 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --lang=pl --service-sandbox-type=network --service-request-channel-token=16831277322107709681 --mojo-platform-channel-handle=2000 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=10585433460856907641 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10585433460856907641 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=3477995058140100528 --lang=pl --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3477995058140100528 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3060 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=2875485623837139219 --lang=pl --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2875485623837139219 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=13279545087077765267 --lang=pl --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13279545087077765267 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2680 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=4758247311975840430 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4758247311975840430 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=1677285440038740784 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1677285440038740784 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=12475898222841945243 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12475898222841945243 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3124 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=10928387846725191582 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10928387846725191582 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2764 /prefetch:1
"C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe" 
C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tomek\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Tomek\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443/ --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.1.1.348 --initial-client-data=0x540,0x510,0x5bc,0x53c,0x5b0,0x6a87bf70,0x6a87bf80,0x6a87bf8c
"C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --disable-features=ExtendedMouseButtons --disable-d3d11 --log-file="C:\Users\Tomek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.1.348 --lang=pl --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="C:\Users\Tomek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.1.348 --lang=pl --service-request-channel-token=10971596952331880589 --mojo-platform-channel-handle=1872 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --disable-features=ExtendedMouseButtons --service-pipe-token=11621630998829232880 --lang=pl --log-file="C:\Users\Tomek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.1.348 --disable-spell-checking --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11621630998829232880 --renderer-client-id=3 --mojo-platform-channel-handle=3184 /prefetch:1
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=13083053621094392162 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13083053621094392162 --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=8281333600484663038 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8281333600484663038 --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8908 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=11047798314934263446 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11047798314934263446 --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,8988773324078218321,10858799374163462267,131072 --service-pipe-token=17457456297292311477 --lang=pl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17457456297292311477 --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8476 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3961432204-3820564081-1209684141-10019_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3961432204-3820564081-1209684141-10019 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"  "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 776 780 788 8192 784 
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomek\Desktop\logi\RSITx64.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
 
=========Mozilla firefox=========
 
ProfilePath - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\chsr6629.default
 
prefs.js - "browser.startup.homepage" -  "https://www.google.com/"
 
"light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.161.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
 
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-01 1429352]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33594515-D1AE-4483-BD6B-76A43DEACD5D}]
YoutubeAdBlock - C:\Program Files (x86)\PdUEJHwTcIE\tP81cXe1.dll [2019-03-13 732672]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - E:\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-05-01 1150312]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-07 158696]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33594515-D1AE-4483-BD6B-76A43DEACD5D}]
YoutubeAdBlock - C:\Program Files (x86)\PdUEJHwTcIE\k9nObfmCp.dll [2019-03-13 499712]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-31 474688]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-31 188992]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4853DF44-7D6B-48E9-9258-D800EEE54AF6} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-01 1429352]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4853DF44-7D6B-48E9-9258-D800EEE54AF6} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-05-01 1150312]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13 2675176]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe []
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Tomek\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-03-02 1507144]
"Discord"=C:\Users\Tomek\AppData\Local\Discord\app-0.0.305\Discord.exe [2019-03-07 81780056]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]
"EADM"=E:\Origin\Origin.exe [2019-03-05 3113768]
"Spotify"=C:\Users\Tomek\AppData\Roaming\Spotify\Spotify.exe [2019-03-07 25610984]
"SteamServerBrowser"=C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe [2017-02-26 228352]
"Chromium"=c:\users\tomek\appdata\local\chromium\application\chrome.exe [2017-09-22 4149760]
"utweb"=C:\Users\Tomek\AppData\Roaming\uTorrent Web\utweb.exe [2019-01-15 5413080]
"3877674"=C:\Users\Tomek\AppData\Roaming\ujt5dzgmsjy\gw5ykgz52d1.exe [2019-03-13 859918]
"9281220"=C:\Users\Tomek\AppData\Roaming\yyamdasyx0t\lb5ssndxryx.exe [2019-03-13 859918]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2018-02-14 2409936]
"CLMLServer_For_P2G11"=C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe [2017-03-23 118552]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-12 204136]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2019-02-11 5890504]
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
 
C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Gameroom.lnk - C:\Users\Tomek\AppData\Local\Facebook\Games\FacebookGameroom.exe
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\Voyasollam\Doning.dll"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 month======
 
2019-03-14 21:40:18 ----D---- C:\rsit
2019-03-14 21:40:18 ----D---- C:\Program Files\trend micro
2019-03-13 17:14:45 ----D---- C:\AdwCleaner
2019-03-13 16:39:03 ----D---- C:\ProgramData\Mozilla
2019-03-13 16:37:11 ----D---- C:\Program Files (x86)\InterLok
2019-03-13 16:27:06 ----D---- C:\Users\Tomek\AppData\Roaming\yyamdasyx0t
2019-03-13 16:27:06 ----D---- C:\Program Files\FN4Q4K3AU7
2019-03-13 16:26:54 ----D---- C:\ProgramData\DQtKumvopDKCWKVB
2019-03-13 16:26:54 ----D---- C:\Program Files (x86)\KfnsJXyRyJHoDyJWuMR
2019-03-13 16:26:54 ----D---- C:\Program Files (x86)\EhGTHpYbMZVU2
2019-03-13 16:26:54 ----D---- C:\Program Files (x86)\bqzrWnnidGJDC
2019-03-13 16:26:53 ----D---- C:\Program Files (x86)\PdUEJHwTcIE
2019-03-13 16:26:53 ----D---- C:\Program Files (x86)\NDeBlRjARAUn
2019-03-13 16:26:45 ----D---- C:\Program Files (x86)\aeVSlgaHU
2019-03-13 16:25:21 ----D---- C:\Program Files (x86)\SmartData
2019-03-13 16:25:10 ----D---- C:\Program Files\A67YSJFGJI
2019-03-13 16:25:07 ----D---- C:\Users\Tomek\AppData\Roaming\ujt5dzgmsjy
2019-03-13 16:24:51 ----D---- C:\Program Files (x86)\Frank
2019-03-12 23:40:06 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\SYSWOW64\mfh264enc.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\system32\mfh264enc.dll
2019-03-12 23:40:06 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2019-03-12 23:40:05 ----A---- C:\WINDOWS\system32\mfsvr.dll
2019-03-12 23:40:05 ----A---- C:\WINDOWS\system32\mfps.dll
2019-03-12 23:40:05 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-03-12 23:40:05 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2019-03-12 23:40:05 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-03-12 23:40:05 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-03-12 23:39:59 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-03-12 23:39:59 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2019-03-12 23:39:58 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2019-03-12 23:39:58 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2019-03-12 23:39:58 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2019-03-12 23:39:58 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-03-12 23:39:58 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-03-12 23:39:57 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-03-12 23:39:57 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-03-12 23:39:57 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-03-12 23:39:57 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-03-12 23:39:57 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-03-12 23:39:56 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-03-12 23:39:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\SYSWOW64\srumsvc.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\SharedRealitySvc.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\nshwfp.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\nltest.exe
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\nettrace.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\lpasvc.dll
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2019-03-12 23:39:55 ----A---- C:\WINDOWS\system32\drivers\MbbCx.sys
2019-03-12 23:39:54 ----A---- C:\WINDOWS\system32\msi.dll
2019-03-12 23:39:54 ----A---- C:\WINDOWS\system32\itss.dll
2019-03-12 23:39:54 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-03-12 23:39:54 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-03-12 23:39:53 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-12 23:39:53 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-03-12 23:39:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-03-12 23:39:52 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-03-12 23:39:52 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-03-12 23:39:51 ----A---- C:\WINDOWS\system32\werui.dll
2019-03-12 23:39:51 ----A---- C:\WINDOWS\system32\jscript.dll
2019-03-12 23:39:51 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-03-12 23:39:51 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2019-03-12 23:39:50 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\spacebridge.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\SecureBioSysprep.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\resutils.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\ResourceMapper.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\mispace.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\DataUsageHandlers.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-03-12 23:39:50 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-12 23:39:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2019-03-12 23:39:49 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-03-12 23:39:49 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-03-12 23:39:49 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2019-03-12 23:39:49 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-03-12 23:39:49 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2019-03-12 23:39:49 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-03-12 23:39:49 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2019-03-12 23:39:48 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-03-12 23:39:47 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2019-03-12 23:39:47 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-03-12 23:39:47 ----A---- C:\WINDOWS\SYSWOW64\ttdwriter.dll
2019-03-12 23:39:47 ----A---- C:\WINDOWS\SYSWOW64\ttdrecordcpu.dll
2019-03-12 23:39:47 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-12 23:39:47 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2019-03-12 23:39:47 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll
2019-03-12 23:39:47 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2019-03-12 23:39:46 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2019-03-12 23:39:45 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2019-03-12 23:39:45 ----A---- C:\WINDOWS\SYSWOW64\dsound.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-03-12 23:39:45 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-03-12 23:39:43 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-03-12 23:39:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-03-12 23:39:43 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-03-12 23:39:43 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-03-12 23:39:43 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2019-03-12 23:39:43 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2019-03-12 23:39:42 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-03-12 23:39:42 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-03-12 23:39:42 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-03-12 23:39:42 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-03-12 23:39:42 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-03-12 23:39:42 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-03-12 23:39:42 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-03-12 23:39:42 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2019-03-12 23:39:42 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\winresume.exe
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\winload.exe
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\wimserv.exe
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\wimgapi.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\srpapi.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\SRH.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\msctf.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\invagent.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\dwmcore.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\devinv.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\aitstatic.exe
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\aeinv.dll
2019-03-12 23:39:41 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-03-12 23:39:40 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-12 23:39:40 ----A---- C:\WINDOWS\system32\generaltel.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\SYSWOW64\pidgenx.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\shell32.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\RMapi.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\pidgenx.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\ngctasks.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-12 23:39:39 ----A---- C:\WINDOWS\system32\APMon.dll
2019-03-12 23:39:38 ----A---- C:\WINDOWS\system32\msxml3.dll
2019-03-12 23:39:38 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2019-03-12 23:39:38 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\win32k.sys
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\rdpcore.dll
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\rdpbase.dll
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\moshostcore.dll
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\MapRouter.dll
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\cryptngc.dll
2019-03-12 23:39:37 ----A---- C:\WINDOWS\system32\bisrv.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\wpnprv.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\wpncore.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\ttdwriter.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\ttdrecordcpu.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\MapsStore.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\ISM.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\InputHost.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-12 23:39:36 ----A---- C:\WINDOWS\system32\BingMaps.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\smartscreen.exe
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\D3D12.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\cloudAP.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\cdp.dll
2019-03-12 23:39:35 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2019-03-12 23:39:34 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-12 23:39:34 ----A---- C:\WINDOWS\system32\smbwmiv2.dll
2019-03-12 23:39:34 ----A---- C:\WINDOWS\system32\ReAgent.dll
2019-03-12 23:39:34 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-12 23:39:34 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-12 23:39:34 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-12 23:39:34 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-12 23:39:33 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-03-12 23:39:33 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2019-03-12 23:39:33 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2019-03-12 23:39:33 ----A---- C:\WINDOWS\explorer.exe
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\wlansvc.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\localspl.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\dsound.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-12 23:39:32 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-03-12 23:39:31 ----A---- C:\WINDOWS\SYSWOW64\BioCredProv.dll
2019-03-12 23:39:31 ----A---- C:\WINDOWS\system32\winbio.dll
2019-03-12 23:39:31 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2019-03-12 23:39:31 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-03-12 23:39:31 ----A---- C:\WINDOWS\system32\BioCredProv.dll
2019-03-12 23:39:27 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-03-12 23:39:27 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-03-12 23:39:27 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2019-03-12 23:39:27 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-03-12 23:39:27 ----A---- C:\WINDOWS\system32\wer.dll
2019-03-12 23:39:27 ----A---- C:\WINDOWS\system32\usocore.dll
2019-03-12 23:39:27 ----A---- C:\WINDOWS\system32\upshared.dll
2019-03-12 23:39:27 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-03-12 23:39:27 ----A---- C:\WINDOWS\system32\srumsvc.dll
2019-03-12 23:39:27 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\wldp.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\w32tm.exe
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\w32time.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\tzres.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\tcbloader.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\ptpprov.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\propsys.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\dcntel.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\ci.dll
2019-03-12 23:39:26 ----A---- C:\WINDOWS\system32\aepic.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\winbio.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\w32tm.exe
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\system32\tdh.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2019-03-12 23:39:25 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-12 23:39:24 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2019-03-12 23:39:24 ----A---- C:\WINDOWS\system32\rdpudd.dll
2019-03-12 23:39:24 ----A---- C:\WINDOWS\system32\rdpnano.dll
2019-03-12 23:39:24 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2019-03-12 23:39:24 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-03-12 23:39:24 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-03-12 23:39:24 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-03-12 23:39:24 ----A---- C:\WINDOWS\system32\drivers\storqosflt.sys
2019-03-12 23:39:24 ----A---- C:\WINDOWS\system32\computecore.dll
2019-03-12 23:39:23 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2019-03-12 23:39:23 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-03-12 23:39:23 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2019-03-12 23:39:23 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-03-12 23:39:23 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2019-03-12 18:52:59 ----A---- C:\WINDOWS\SYSWOW64\msvcr71.dll
2019-03-12 18:52:59 ----A---- C:\WINDOWS\SYSWOW64\msvcp71.dll
2019-03-12 18:48:56 ----D---- C:\Program Files\Steinberg
2019-03-12 18:48:56 ----D---- C:\Program Files\Klanghelm
2019-03-12 18:48:56 ----D---- C:\Program Files\Common Files\VST3
2019-03-12 18:48:56 ----D---- C:\Program Files\Common Files\Avid
2019-03-12 18:48:56 ----D---- C:\Program Files (x86)\Steinberg
2019-03-12 18:04:34 ----D---- C:\Users\Tomek\AppData\Roaming\uTorrent Web
2019-02-25 16:07:33 ----A---- C:\ProgramData\ntuser.dat
2019-02-20 11:43:22 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2019-02-17 04:27:54 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2019-02-17 04:27:54 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-17 04:27:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2019-02-17 04:27:53 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2019-02-17 04:27:53 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2019-02-17 04:27:53 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2019-02-17 04:27:49 ----A---- C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-17 04:27:49 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-02-17 04:27:48 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-02-17 04:27:48 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2019-02-17 04:27:46 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-02-17 04:27:45 ----A---- C:\WINDOWS\system32\termsrv.dll
2019-02-17 04:27:45 ----A---- C:\WINDOWS\system32\sysmain.dll
2019-02-17 04:27:45 ----A---- C:\WINDOWS\system32\SpaceControl.dll
2019-02-17 04:27:45 ----A---- C:\WINDOWS\system32\SpaceAgent.exe
2019-02-17 04:27:45 ----A---- C:\WINDOWS\system32\PktMon.exe
2019-02-17 04:27:45 ----A---- C:\WINDOWS\system32\nlahc.dll
2019-02-17 04:27:45 ----A---- C:\WINDOWS\system32\AcLayers.dll
2019-02-17 04:27:45 ----A---- C:\WINDOWS\system32\AcGenral.dll
2019-02-17 04:27:44 ----A---- C:\WINDOWS\system32\systemreset.exe
2019-02-17 04:27:44 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-17 04:27:44 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2019-02-17 04:27:41 ----A---- C:\WINDOWS\system32\StorSvc.dll
2019-02-17 04:27:40 ----A---- C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-17 04:27:40 ----A---- C:\WINDOWS\system32\discan.dll
2019-02-17 04:27:39 ----A---- C:\WINDOWS\SYSWOW64\setupcln.dll
2019-02-17 04:27:39 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2019-02-17 04:27:39 ----A---- C:\WINDOWS\SYSWOW64\rasppp.dll
2019-02-17 04:27:39 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2019-02-17 04:27:39 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2019-02-17 04:27:38 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-02-17 04:27:38 ----A---- C:\WINDOWS\SYSWOW64\wincredui.dll
2019-02-17 04:27:38 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2019-02-17 04:27:38 ----A---- C:\WINDOWS\SYSWOW64\nslookup.exe
2019-02-17 04:27:38 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-02-17 04:27:38 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\spopk.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2019-02-17 04:27:37 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2019-02-17 04:27:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-17 04:27:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-17 04:27:36 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2019-02-17 04:27:36 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2019-02-17 04:27:36 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2019-02-17 04:27:36 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2019-02-17 04:27:36 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-02-17 04:27:35 ----A---- C:\WINDOWS\system32\wininet.dll
2019-02-17 04:27:35 ----A---- C:\WINDOWS\system32\wincredui.dll
2019-02-17 04:27:35 ----A---- C:\WINDOWS\system32\nslookup.exe
2019-02-17 04:27:34 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2019-02-17 04:27:33 ----A---- C:\WINDOWS\system32\smss.exe
2019-02-17 04:27:33 ----A---- C:\WINDOWS\system32\kdnet.dll
2019-02-17 04:27:33 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2019-02-17 04:27:33 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2019-02-17 04:27:32 ----A---- C:\WINDOWS\system32\uReFS.dll
2019-02-17 04:27:32 ----A---- C:\WINDOWS\system32\spopk.dll
2019-02-17 04:27:32 ----A---- C:\WINDOWS\system32\schedsvc.dll
2019-02-17 04:27:32 ----A---- C:\WINDOWS\system32\refsutil.exe
2019-02-17 04:27:32 ----A---- C:\WINDOWS\system32\mfc42u.dll
2019-02-17 04:27:32 ----A---- C:\WINDOWS\system32\mfc42.dll
2019-02-17 04:27:31 ----A---- C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-17 04:27:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-17 04:27:31 ----A---- C:\WINDOWS\system32\apphelp.dll
2019-02-17 04:27:30 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-17 04:27:30 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-17 04:27:30 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-17 04:27:30 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-17 04:27:30 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\vpnike.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\setupcln.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\setupapi.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\rasppp.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\rasman.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\rasapi32.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\npmproxy.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\ncsi.dll
2019-02-17 04:27:29 ----A---- C:\WINDOWS\system32\lpkinstall.exe
2019-02-17 04:27:28 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-17 04:27:28 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2019-02-17 04:27:28 ----A---- C:\WINDOWS\system32\SensorService.dll
2019-02-17 04:27:28 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-17 04:27:28 ----A---- C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
2019-02-17 04:27:28 ----A---- C:\WINDOWS\system32\BTAGService.dll
2019-02-17 04:27:27 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-17 04:27:27 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-17 04:27:27 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-17 04:27:27 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2019-02-17 04:27:27 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-17 04:27:27 ----A---- C:\WINDOWS\system32\InputService.dll
2019-02-17 04:27:27 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2019-02-17 04:27:26 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2019-02-17 04:27:26 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2019-02-17 04:27:25 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-17 04:27:24 ----A---- C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-17 04:27:24 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-02-17 04:27:24 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\umpo-overrides.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\mf.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-02-17 04:27:23 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\netiohlp.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\MTF.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\mswsock.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\drvstore.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\dnsapi.dll
2019-02-17 04:27:22 ----A---- C:\WINDOWS\system32\container.dll
2019-02-17 04:27:21 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2019-02-17 04:27:21 ----A---- C:\WINDOWS\SYSWOW64\NtlmShared.dll
2019-02-17 04:27:21 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2019-02-17 04:27:20 ----A---- C:\WINDOWS\SYSWOW64\netiohlp.dll
2019-02-17 04:27:20 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2019-02-17 04:27:20 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2019-02-17 04:27:20 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2019-02-17 04:27:20 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2019-02-17 04:27:20 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2019-02-17 04:27:20 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2019-02-17 04:27:20 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
 
======List of files/folders modified in the last 1 month======
 
2019-03-14 21:49:39 ----D---- C:\WINDOWS\Prefetch
2019-03-14 21:49:30 ----D---- C:\WINDOWS\Temp
2019-03-14 21:42:00 ----D---- C:\WINDOWS\system32\sru
2019-03-14 21:40:18 ----RD---- C:\Program Files
2019-03-14 21:40:15 ----D---- C:\Users\Tomek\AppData\Roaming\Spotify
2019-03-14 21:30:14 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-03-14 20:59:13 ----D---- C:\Users\Tomek\AppData\Roaming\discord
2019-03-14 20:45:45 ----D---- C:\WINDOWS\System32
2019-03-14 20:45:45 ----D---- C:\WINDOWS\INF
2019-03-14 20:45:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-14 20:45:02 ----D---- C:\ProgramData\Origin
2019-03-14 20:42:23 ----D---- C:\Users\Tomek\AppData\Roaming\Skype
2019-03-14 20:41:48 ----D---- C:\ProgramData\Kaspersky Lab
2019-03-14 20:41:37 ----D---- C:\ProgramData\NVIDIA
2019-03-14 20:41:33 ----D---- C:\WINDOWS\system32\Tasks
2019-03-14 20:40:41 ----D---- C:\WINDOWS\system32\WDI
2019-03-14 20:39:41 ----D---- C:\Program Files\DS3_service
2019-03-14 20:39:40 ----SHD---- C:\System Volume Information
2019-03-14 20:39:06 ----D---- C:\WINDOWS\system32\catroot2
2019-03-14 19:04:27 ----RD---- C:\WINDOWS\Microsoft.NET
2019-03-14 15:04:55 ----HD---- C:\Program Files\WindowsApps
2019-03-14 15:04:55 ----D---- C:\WINDOWS\AppReadiness
2019-03-13 23:11:29 ----D---- C:\WINDOWS\system32\SleepStudy
2019-03-13 18:00:01 ----D---- C:\WINDOWS\system32\LogFiles
2019-03-13 17:58:00 ----D---- C:\WINDOWS\Logs
2019-03-13 17:50:26 ----D---- C:\WINDOWS\system32\config
2019-03-13 17:46:22 ----SHDC---- C:\WINDOWS\Installer
2019-03-13 17:45:59 ----RD---- C:\Program Files (x86)
2019-03-13 17:45:49 ----D---- C:\Program Files (x86)\Google
2019-03-13 17:16:18 ----D---- C:\Program Files\Mozilla Firefox
2019-03-13 17:16:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-13 17:15:19 ----HD---- C:\ProgramData
2019-03-13 17:15:19 ----D---- C:\WINDOWS\Tasks
2019-03-13 17:15:18 ----D---- C:\WINDOWS\SysWOW64
2019-03-13 16:58:11 ----D---- C:\Program Files (x86)\Common Files
2019-03-13 16:40:37 ----D---- C:\Users\Tomek\AppData\Roaming\Image-Line
2019-03-13 16:37:36 ----D---- C:\WINDOWS\system32\CatRoot
2019-03-13 16:37:19 ----D---- C:\WINDOWS\system32\DriverStore
2019-03-13 16:37:11 ----D---- C:\WINDOWS\system32\drivers
2019-03-13 16:27:33 ----RSD---- C:\WINDOWS\assembly
2019-03-13 16:26:27 ----D---- C:\WINDOWS\system32\GroupPolicy
2019-03-13 16:26:00 ----D---- C:\Windows
2019-03-13 16:25:01 ----SD---- C:\Users\Tomek\AppData\Roaming\Microsoft
2019-03-13 07:55:05 ----D---- C:\WINDOWS\WinSxS
2019-03-13 03:24:46 ----D---- C:\WINDOWS\TextInput
2019-03-13 03:24:46 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2019-03-13 03:24:46 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2019-03-13 03:24:46 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2019-03-13 03:24:46 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\zh-CN
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\wbem
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\uk-UA
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\th-TH
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\pl-PL
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\oobe
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\migration
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\Boot
2019-03-13 03:24:46 ----D---- C:\WINDOWS\system32\appraiser
2019-03-13 03:24:45 ----RSD---- C:\WINDOWS\Fonts
2019-03-13 03:24:45 ----RD---- C:\Program Files\Windows Defender
2019-03-13 03:24:45 ----D---- C:\WINDOWS\ShellExperiences
2019-03-13 03:24:45 ----D---- C:\WINDOWS\bcastdvr
2019-03-13 03:24:45 ----D---- C:\WINDOWS\apppatch
2019-03-13 03:24:45 ----D---- C:\Program Files\internet explorer
2019-03-13 03:24:45 ----D---- C:\Program Files (x86)\Internet Explorer
2019-03-13 00:47:51 ----D---- C:\WINDOWS\system32\Macromed
2019-03-13 00:47:50 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-03-12 23:40:36 ----D---- C:\WINDOWS\CbsTemp
2019-03-12 23:39:24 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2019-03-12 23:37:54 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-03-12 23:37:52 ----D---- C:\WINDOWS\system32\MRT
2019-03-12 23:36:19 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-03-12 20:54:07 ----D---- C:\Users\Tomek\AppData\Roaming\REAPER
2019-03-12 18:48:56 ----D---- C:\Program Files\Common Files
2019-03-07 23:03:50 ----D---- C:\Users\Tomek\AppData\Roaming\Origin
2019-03-07 19:32:45 ----D---- C:\Program Files\Common Files\microsoft shared
2019-03-07 19:32:20 ----D---- C:\Program Files\Microsoft Office
2019-03-06 13:53:22 ----D---- C:\WINDOWS\LiveKernelReports
2019-03-01 15:04:03 ----D---- C:\Users\Tomek\AppData\Roaming\.minecraft
2019-02-25 16:07:35 ----D---- C:\Program Files (x86)\Kaspersky Lab
2019-02-22 23:57:44 ----D---- C:\WINDOWS\system32\drivers\wd
2019-02-17 23:28:57 ----D---- C:\WINDOWS\servicing
2019-02-17 05:04:42 ----D---- C:\WINDOWS\SYSWOW64\oobe
2019-02-17 05:04:42 ----D---- C:\WINDOWS\SYSWOW64\Dism
2019-02-17 05:04:42 ----D---- C:\WINDOWS\system32\migwiz
2019-02-17 05:04:42 ----D---- C:\WINDOWS\system32\en-US
2019-02-17 05:04:42 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-02-17 05:04:42 ----D---- C:\WINDOWS\system32\Dism
2019-02-17 05:04:41 ----D---- C:\WINDOWS\ShellComponents
2019-02-17 04:24:41 ----D---- C:\WINDOWS\debug
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\WINDOWS\syste
Wygenerowano w 0.139s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!