OTL

Kolorwanie:
Status:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875
OTL logfile created on: 2019-01-26 21:01:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\kuba\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19236)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 4,07 Gb Available Physical Memory | 51,17% Memory free
15,90 Gb Paging File | 10,59 Gb Available in Paging File | 66,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 322,17 Gb Total Space | 45,49 Gb Free Space | 14,12% Space Free | Partition Type: NTFS
Drive D: | 609,25 Gb Total Space | 184,42 Gb Free Space | 30,27% Space Free | Partition Type: NTFS
 
Computer Name: KUBA-KOMPUTER | User Name: kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2019-01-26 21:00:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kuba\Desktop\OTL.exe
PRC - [2019-01-15 21:07:32 | 003,139,400 | ---- | M] (Electronic Arts) -- D:\Origin\OriginWebHelperService.exe
PRC - [2018-12-21 07:32:25 | 000,292,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
PRC - [2018-12-13 06:45:52 | 002,709,480 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
PRC - [2018-12-13 06:45:50 | 002,917,864 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
PRC - [2018-10-18 20:08:18 | 000,073,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
PRC - [2018-10-06 10:14:54 | 000,942,416 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2018-08-13 23:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2018-04-24 06:51:50 | 000,818,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
PRC - [2018-04-24 06:51:48 | 002,386,384 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
PRC - [2018-04-12 20:33:16 | 000,143,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
PRC - [2018-02-27 20:08:36 | 034,523,072 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
PRC - [2018-01-02 09:38:46 | 015,057,048 | ---- | M] (Node.js) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
PRC - [2017-12-05 00:33:20 | 001,077,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2017-01-16 07:26:42 | 000,752,224 | ---- | M] (DEVGURU Co., LTD.) -- D:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
PRC - [2016-06-25 07:52:02 | 001,531,904 | ---- | M] (RemoteMouse.net) -- C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
PRC - [2016-06-25 07:52:02 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
PRC - [2014-03-17 15:59:50 | 000,162,800 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
PRC - [2012-04-11 10:41:04 | 000,097,280 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
PRC - [2012-01-23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009-09-30 17:57:20 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Xbox 360 Accessories\XBoxStat.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2019-01-10 19:33:44 | 002,407,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7be433698e1e8320da1f840cd4847a5b\System.Web.Extensions.ni.dll
MOD - [2019-01-10 19:33:42 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\700ec5495fc5b9b62e063b4f899b7e48\System.Web.Abstractions.ni.dll
MOD - [2019-01-10 19:30:26 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\59ce675a73f7ac63081bc116a48a2f8a\System.Core.ni.dll
MOD - [2019-01-09 21:05:08 | 011,934,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\28ba525f25599f2f7e1bb04c2bc61ccc\System.Web.ni.dll
MOD - [2019-01-09 21:04:02 | 005,469,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b065f84b49a27b648015c08fab8cd00e\System.Xml.ni.dll
MOD - [2019-01-09 21:03:58 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d22616370e881379e5a7c30ee1e75a6\System.Configuration.ni.dll
MOD - [2019-01-09 21:03:35 | 008,005,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\0a65164b17e5c64bacdc694ea2439c43\System.ni.dll
MOD - [2018-11-15 14:04:45 | 011,516,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f8420d8c6ede777377fcff48a4beaa2a\mscorlib.ni.dll
MOD - [2018-04-12 20:33:16 | 000,823,336 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanMessage5.dll
MOD - [2018-04-12 20:33:16 | 000,714,792 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanControl.dll
MOD - [2018-04-12 20:33:16 | 000,271,400 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
MOD - [2018-04-12 20:33:16 | 000,150,568 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
MOD - [2018-04-12 20:33:16 | 000,142,376 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
MOD - [2018-04-12 20:33:16 | 000,141,864 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
MOD - [2018-04-12 20:33:16 | 000,111,144 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
MOD - [2018-04-12 20:33:16 | 000,110,120 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
MOD - [2018-02-27 20:08:36 | 034,523,072 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2018-12-28 00:25:14 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2018-08-13 22:49:28 | 001,391,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2018-07-26 09:50:36 | 002,330,224 | ---- | M] (ESET) [On_Demand | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrnEpfw)
SRV:[b]64bit:[/b] - [2018-07-26 09:50:36 | 002,330,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2018-05-16 20:22:46 | 000,472,968 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2014-08-16 22:21:42 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012-03-22 20:11:28 | 000,825,032 | ---- | M] (Cambridge Silicon Radio Limited) [Auto | Running] -- C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe -- (CsrBtService)
SRV:[b]64bit:[/b] - [2012-03-22 20:11:16 | 001,041,616 | ---- | M] (Cambridge Silicon Radio Limited) [Auto | Running] -- C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe -- (CsrBtOBEXService)
SRV:[b]64bit:[/b] - [2012-03-22 20:11:08 | 000,465,624 | ---- | M] (Cambridge Silicon Radio Limited) [Auto | Running] -- C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe -- (CSRBtAudioService)
SRV:[b]64bit:[/b] - [2012-03-22 20:11:00 | 000,064,216 | ---- | M] (Cambridge Silicon Radio Limited) [Auto | Running] -- C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe -- (BtSwitcherService)
SRV - [2019-01-15 21:07:32 | 003,139,400 | ---- | M] (Electronic Arts) [Auto | Running] -- D:\Origin\OriginWebHelperService.exe -- (Origin Web Helper Service)
SRV - [2019-01-15 21:07:31 | 002,279,232 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- D:\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2019-01-08 17:27:27 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2019-01-05 00:33:46 | 001,684,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2018-12-29 14:27:02 | 007,172,680 | ---- | M] (GOG.com) [On_Demand | Stopped] -- C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe -- (GalaxyCommunication)
SRV - [2018-12-29 14:24:57 | 000,707,144 | ---- | M] (GOG.com) [On_Demand | Stopped] -- D:\GOG Galaxy\GalaxyClientService.exe -- (GalaxyClientService)
SRV - [2018-12-13 06:45:52 | 002,709,480 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService)
SRV - [2018-12-13 06:45:50 | 002,917,864 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe -- (AGMService)
SRV - [2018-12-12 06:11:56 | 000,443,872 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe -- (GoogleChromeElevationService)
SRV - [2018-11-23 11:20:00 | 003,364,808 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2018-10-18 20:08:18 | 000,073,048 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe -- (chromoting)
SRV - [2018-08-26 20:15:47 | 007,252,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2018-08-13 23:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2018-07-04 20:28:12 | 000,781,440 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2018-06-11 19:57:04 | 000,009,728 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- D:\Hirez\HiPatchService.exe -- (HiPatchService)
SRV - [2018-04-24 06:51:50 | 000,818,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe -- (AdobeUpdateService)
SRV - [2018-03-26 15:24:54 | 000,107,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2017-10-09 19:24:08 | 005,248,456 | ---- | M] (SoftEther VPN Project at University of Tsukuba, Japan.) [Auto | Running] -- D:\SoftEther VPN Client\vpnclient_x64.exe -- (SEVPNCLIENT)
SRV - [2017-06-21 08:25:02 | 000,492,768 | ---- | M] (Wondershare) [Auto | Running] -- C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe -- (WsAppService)
SRV - [2017-01-16 07:26:42 | 000,752,224 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- D:\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2016-10-20 12:29:00 | 007,801,944 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2016-06-25 07:52:02 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe -- (RemoteMouseService)
SRV - [2016-05-27 13:04:16 | 000,419,248 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2016-03-22 21:22:16 | 000,056,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe -- (VSStandardCollectorService140)
SRV - [2015-06-18 13:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- D:\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2014-03-20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014-03-17 15:59:50 | 000,162,800 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2012-01-23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011-04-26 13:54:12 | 002,702,848 | ---- | M] (MAGIXOn_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010-11-21 04:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010-11-21 04:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010-11-21 04:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2018-11-08 16:40:44 | 000,223,000 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VBoxNetLwf.sys -- (VBoxNetLwf)
DRV:[b]64bit:[/b] - [2018-11-08 16:40:42 | 000,213,216 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp6.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2018-08-12 15:54:39 | 000,038,432 | ---- | M] (SoftEther Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Neo_0058.sys -- (Neo_VPN2)
DRV:[b]64bit:[/b] - [2018-07-26 09:50:35 | 000,196,112 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2018-07-26 09:50:35 | 000,143,624 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2018-07-26 09:50:35 | 000,110,376 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2018-05-27 19:54:44 | 001,059,776 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2018-05-16 20:23:02 | 000,544,136 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2018-05-16 20:21:22 | 044,673,416 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2017-12-13 08:34:42 | 000,028,128 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uvhid.sys -- (uvhid)
DRV:[b]64bit:[/b] - [2017-10-09 19:25:11 | 000,038,432 | ---- | M] (SoftEther Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Neo_0074.sys -- (Neo_VPN)
DRV:[b]64bit:[/b] - [2017-10-09 19:24:38 | 000,050,208 | ---- | M] (SoftEther Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\see.sys -- (SEE)
DRV:[b]64bit:[/b] - [2017-09-02 00:15:08 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2017-05-18 22:17:46 | 000,043,920 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_conn_usb_driver.sys -- (ss_conn_usb_driver)
DRV:[b]64bit:[/b] - [2017-05-18 22:17:30 | 000,166,288 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2017-05-18 22:17:28 | 000,131,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2017-04-21 03:16:36 | 000,045,560 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapwindscribe0901.sys -- (tapwindscribe0901)
DRV:[b]64bit:[/b] - [2017-03-29 13:21:42 | 000,075,088 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapnordvpn.sys -- (tapnordvpn)
DRV:[b]64bit:[/b] - [2016-12-18 23:01:30 | 000,009,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmulti.sys -- (vmulti)
DRV:[b]64bit:[/b] - [2016-11-03 17:46:10 | 000,039,704 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2016-08-16 02:18:34 | 000,159,936 | ---- | M] (MBB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb2ser.sys -- (wdm_usb)
DRV:[b]64bit:[/b] - [2016-06-29 18:46:22 | 000,021,656 | ---- | M] (Echobit, LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evolve.sys -- (EvolveVirtualAdapter)
DRV:[b]64bit:[/b] - [2016-02-10 14:21:28 | 000,137,280 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2016-01-22 06:34:28 | 000,010,240 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\maxjoypad.sys -- (maxjoypad)
DRV:[b]64bit:[/b] - [2016-01-14 07:37:36 | 000,229,088 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:[b]64bit:[/b] - [2016-01-14 07:37:36 | 000,108,768 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:[b]64bit:[/b] - [2015-11-12 18:27:12 | 000,029,688 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dfx12x64.sys -- (DFX12)
DRV:[b]64bit:[/b] - [2015-11-06 20:57:05 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2015-09-16 04:29:46 | 000,253,384 | ---- | M] (BigNox Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\XQHDrv.sys -- (XQHDrv)
DRV:[b]64bit:[/b] - [2015-08-31 19:25:56 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1)
DRV:[b]64bit:[/b] - [2015-03-30 02:38:36 | 000,085,704 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:[b]64bit:[/b] - [2015-03-30 02:38:36 | 000,043,720 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:[b]64bit:[/b] - [2014-12-29 05:07:36 | 000,049,304 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv.sys -- (ManyCam)
DRV:[b]64bit:[/b] - [2014-12-29 04:56:08 | 000,035,992 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:[b]64bit:[/b] - [2014-02-16 17:23:54 | 000,060,640 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2013-11-04 10:50:54 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:[b]64bit:[/b] - [2013-02-12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2013-02-12 05:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:36 | 000,023,752 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\csrusbfilter.sys -- (csrusbfilter)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:34 | 000,047,296 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\csrusb.sys -- (csrusb)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:32 | 000,061,128 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\csrserial.sys -- (csrserial)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:30 | 000,039,616 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\csrpan.sys -- (csrpan)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:28 | 000,029,896 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\csrhidmini.sys -- (csrhidmini)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:26 | 000,038,080 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\csrhfgcc.sys -- (csrhfgcc)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:22 | 002,784,968 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CsrBtPort.sys -- (CsrBtPort)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:20 | 000,099,520 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\csrbthav.sys -- (csr_bthav)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:18 | 000,039,120 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CsrBthAudioHF.sys -- (CsrBthAudioHF)
DRV:[b]64bit:[/b] - [2012-03-22 20:08:16 | 000,026,304 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\csravrcp.sys -- (csravrcp)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009-08-13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2017-08-27 15:44:40 | 000,014,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2015-09-16 04:29:46 | 000,253,384 | ---- | M] (BigNox Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\XQHDrv.sys -- (XQHDrv)
DRV - [2012-10-25 19:45:52 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-PL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 5A 06 EF C7 D7 D2 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = C1 E5 9B EF C7 D7 D2 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
IE - HKCU\..\SearchScopes\{7FABE414-A696-44A1-5844-47827766ED70}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.191.2: C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2: C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: D:\VLC\npvlc.dll (VideoLAN)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\kuba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
 
[2016-03-09 17:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kuba\AppData\Roaming\mozilla\Extensions
[2018-07-11 12:38:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kuba\AppData\Roaming\mozilla\SystemExtensionsDev
[2018-11-19 16:15:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kuba\AppData\Roaming\mozilla\Firefox\Profiles\zhk574j5.KubS-1542640526892\extensions
[2018-11-19 16:26:19 | 000,049,869 | ---- | M] () (No name found) -- C:\Users\kuba\AppData\Roaming\mozilla\firefox\profiles\zhk574j5.KubS-1542640526892\features\{9a2c76e2-1b32-4eda-bd57-f2a918f408c9}\fxmonitor@mozilla.org.xpi
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\3.1.3_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.2_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejaaogemoligmkbmeafkhnaegkggihf\2.1.1_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.17.7_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\4.7.54_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\~
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efgciaombdjbpmepfcndmfidlklafhcc\4.1_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffgfedebnhmhkcfhhjoikplfafgpihpo\1.1.2.1_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\2.0.9_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\70.0.3538.21_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.37.0_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\goficmpcgcnombioohjcgdhbaloknabb\7.5.56_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm\2.6.2_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik\1.5.21_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmjadonkmcblbkocpaaefjbceiijfdg\2.2_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm\2.1.0_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jangaedeekciafhlanphhnalogmhefmo\10_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg\1.0_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi\1.7_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf\0.0.0.2_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.6.2_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik\1.3.10_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge\1.0.2_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifcedlhcekpmjjldegileefcnjohlee\2.4_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\
CHR - Extension: No name found = C:\Users\kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\1.0_0\
 
O1 HOSTS File: ([2018-02-02 16:23:32 | 000,000,002 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\SysWOW64\Msdxm6.ocx (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeGCInvoker-1.0] C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems, Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [CsrAudioguiCtrl] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe (Cambridge Silicon Radio Limited)
O4:[b]64bit:[/b] - HKLM..\Run: [CSRHarmonySkypePlugin] C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe (Cambridge Silicon Radio Limited)
O4:[b]64bit:[/b] - HKLM..\Run: [CsrHCRPServer] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe (Cambridge Silicon Radio Limited)
O4:[b]64bit:[/b] - HKLM..\Run: [CsrSyncMLServer] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [HarmonyUserStartup] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe (Cambridge Silicon Radio Limited)
O4:[b]64bit:[/b] - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe (Advanced Micro Devices, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [TrayApplication] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe (Cambridge Silicon Radio Limited)
O4:[b]64bit:[/b] - HKLM..\Run: [vksts] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe (Cambridge Silicon Radio Limited)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [XboxStat] C:\Program Files (x86)\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CCleaner Smart Cleaning] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
O4 - HKCU..\Run: [Codec Pack Update Checker]  File not found
O4 - HKCU..\Run: [CubeDesktop]  File not found
O4 - HKCU..\Run: [GalaxyClient]  File not found
O4 - HKCU..\Run: [SideSync] C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Users\kuba\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerMenu.lnk =  File not found
O4 - Startup: C:\Users\kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk = C:\Users\kuba\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 0
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:[b]64bit:[/b] - ..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Zaufane witryny)
O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Zaufane witryny)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BC4C262-106C-4B40-B63A-708A5531128F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{848240A3-1F49-469D-9F53-B2999283FF06}: DhcpNameServer = 192.168.42.129
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\vnd.ms.radio - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\SysWOW64\Msdxm6.ocx (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016-03-06 20:15:46 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0afa7a9e-b66c-11e7-b326-00ac140dd3a7}\Shell - "" = AutoRun
O33 - MountPoints2\{0afa7a9e-b66c-11e7-b326-00ac140dd3a7}\Shell\AutoRun\command - "" = F:\HiSuiteDownLoader.exe
O33 - MountPoints2\{1d8e0549-8241-11e5-a5be-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1d8e0549-8241-11e5-a5be-806e6f6e6963}\Shell\AutoRun\command - "" = E:\DVDSetup.exe
O33 - MountPoints2\{293831de-84ba-11e5-bf35-d8cb8a5dc01b}\Shell - "" = AutoRun
O33 - MountPoints2\{293831de-84ba-11e5-bf35-d8cb8a5dc01b}\Shell\AutoRun\command - "" = J:\Setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\start.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2019-01-26 21:14:28 | 000,000,000 | ---D | C] -- C:\Users\kuba\Desktop\kupa
[2019-01-26 20:59:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\kuba\Desktop\OTL.exe
[2019-01-26 12:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2019-01-26 12:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2019-01-25 18:46:55 | 000,000,000 | ---D | C] -- C:\Users\kuba\Desktop\BeamNG.drive_v0.15.0.3
[2019-01-17 20:08:28 | 000,028,128 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\uvhid.sys
[2019-01-17 20:08:28 | 000,007,680 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys
[2019-01-17 20:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Unified Remote
[2019-01-15 21:22:42 | 001,032,248 | ---- | C] (Akeo Consulting) -- C:\Users\kuba\Desktop\rufus-3.4.exe
[2019-01-13 16:09:17 | 000,000,000 | ---D | C] -- C:\Users\kuba\AppData\Roaming\LindenLab
[2019-01-13 16:09:10 | 000,000,000 | ---D | C] -- C:\Users\kuba\AppData\Local\Speech Graphics
[2019-01-13 16:08:58 | 000,000,000 | ---D | C] -- C:\Users\kuba\Documents\Sansar
[2019-01-13 15:27:00 | 000,000,000 | ---D | C] -- C:\Users\kuba\AppData\Local\LindenLab
[2019-01-13 12:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises
[2019-01-13 12:57:20 | 000,000,000 | ---D | C] -- C:\Program Files\Highresolution Enterprises
[2019-01-11 14:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
[2019-01-09 15:42:24 | 005,552,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2019-01-09 15:42:24 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2019-01-09 15:42:23 | 004,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2019-01-09 15:42:23 | 003,960,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2019-01-09 15:42:23 | 002,135,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2019-01-09 15:42:23 | 002,060,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2019-01-09 15:42:23 | 001,664,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2019-01-09 15:42:23 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2019-01-09 15:42:23 | 000,790,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2019-01-09 15:42:23 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2019-01-09 15:42:21 | 005,778,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2019-01-09 15:42:21 | 000,969,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2019-01-09 15:42:21 | 000,708,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2019-01-09 15:42:21 | 000,631,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2019-01-09 15:42:21 | 000,262,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2019-01-09 15:42:20 | 001,211,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2019-01-09 15:42:20 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2019-01-09 15:42:20 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2019-01-09 15:42:20 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2019-01-09 15:42:20 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2019-01-09 15:42:20 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2019-01-09 15:42:20 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2019-01-09 15:42:20 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2019-01-09 15:42:20 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2019-01-09 15:42:20 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2019-01-09 15:42:20 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2019-01-09 15:42:20 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2019-01-09 15:42:20 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2019-01-09 15:42:20 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2019-01-09 15:42:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2019-01-09 15:42:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2019-01-09 15:42:19 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2019-01-09 15:42:19 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2019-01-09 15:42:19 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2019-01-09 15:42:19 | 000,663,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2019-01-09 15:42:19 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2019-01-09 15:42:19 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2019-01-09 15:42:19 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2019-01-09 15:42:19 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2019-01-09 15:42:19 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2019-01-09 15:42:19 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2019-01-09 15:42:19 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2019-01-09 15:42:19 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2019-01-09 15:42:19 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2019-01-09 15:42:19 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2019-01-09 15:42:19 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2019-01-09 15:42:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2019-01-09 15:42:19 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp
[2019-01-09 15:42:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2019-01-09 15:42:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2019-01-09 15:42:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2019-01-09 15:42:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2019-01-09 15:42:19 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2019-01-09 15:42:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2019-01-09 15:42:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2019-01-09 15:42:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2019-01-09 15:42:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2019-01-09 15:42:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2019-01-09 15:42:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2019-01-09 15:42:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2019-01-09 15:42:19 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2019-01-09 15:42:19 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2019-01-09 15:42:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2019-01-09 15:42:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2019-01-09 15:42:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2019-01-09 15:42:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2019-01-09 15:42:18 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2019-01-09 15:42:18 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2019-01-09 15:42:18 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2019-01-09 15:42:18 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2019-01-09 15:42:18 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2019-01-09 15:42:18 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2019-01-09 15:42:18 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2019-01-09 15:42:18 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2019-01-09 15:42:18 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2019-01-09 15:42:18 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2019-01-09 15:42:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2019-01-09 15:42:18 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2019-01-09 15:42:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2019-01-09 15:42:18 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2019-01-09 15:42:18 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kmddsp.tsp
[2019-01-09 15:42:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2019-01-09 15:42:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2019-01-09 15:42:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2019-01-09 15:42:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2019-01-09 15:42:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2019-01-09 15:42:17 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2019-01-09 15:42:17 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2019-01-09 15:42:17 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2019-01-09 15:42:17 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2019-01-09 15:42:17 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2019-01-09 15:42:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2019-01-09 15:42:17 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2019-01-09 15:42:17 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2019-01-09 15:42:17 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2019-01-09 15:42:17 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2019-01-09 15:42:17 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rascfg.dll
[2019-01-09 15:42:17 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2019-01-09 15:42:17 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2019-01-09 15:42:17 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2019-01-09 15:42:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rascfg.dll
[2019-01-09 15:42:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2019-01-09 15:42:17 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2019-01-09 15:42:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2019-01-09 15:42:17 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2019-01-09 15:42:17 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2019-01-09 15:42:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2019-01-09 15:42:17 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2019-01-09 15:42:17 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp
[2019-01-09 15:42:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2019-01-09 15:42:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2019-01-09 15:42:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2019-01-09 15:42:17 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ndptsp.tsp
[2019-01-09 15:42:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2019-01-09 15:42:17 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2019-01-09 15:42:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmxs.dll
[2019-01-09 15:42:17 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2019-01-09 15:42:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmxs.dll
[2019-01-09 15:42:17 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2019-01-09 15:42:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasser.dll
[2019-01-09 15:42:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasser.dll
[2019-01-09 15:42:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2019-01-09 15:42:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2019-01-08 15:01:53 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisRtl.dll
[2019-01-08 15:01:53 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisRtl.dll
[2019-01-08 15:01:53 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ahadmin.dll
[2019-01-08 15:01:53 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admwprox.dll
[2019-01-08 15:01:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admwprox.dll
[2019-01-08 15:01:53 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisreset.exe
[2019-01-08 15:01:53 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisreset.exe
[2019-01-08 15:01:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ahadmin.dll
[2019-01-08 15:01:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wamregps.dll
[2019-01-08 15:01:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisrstap.dll
[2019-01-08 15:01:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wamregps.dll
[2019-01-08 15:01:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisrstap.dll
[2019-01-07 22:42:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2019-01-07 22:42:41 | 000,000,000 | ---D | C] -- C:\inetpub
[2019-01-07 22:42:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2019-01-07 15:19:15 | 000,000,000 | ---D | C] -- C:\Users\kuba\Desktop\gokart homemade
[2019-01-05 16:02:38 | 000,000,000 | ---D | C] -- C:\Users\kuba\AppData\Roaming\pl.skmedix.bootstrap.Bootstrap
[2019-01-03 19:58:31 | 000,000,000 | ---D | C] -- C:\Users\kuba\Desktop\Serwery Minecraft
[2019-01-01 15:45:51 | 000,000,000 | ---D | C] -- C:\Users\kuba\Desktop\idle_master
[2019-01-01 10:23:33 | 000,000,000 | ---D | C] -- C:\Users\kuba\AppData\Roaming\twitch-electron
[2018-12-27 22:55:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2018-12-27 22:38:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2018-12-27 22:34:31 | 000,144,664 | ---- | C] (MAPILab Ltd. & Add-in Express Ltd.) -- C:\Windows\SysWow64\secman.dll
[2009-07-14 02:14:20 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Users\kuba\AppData\Local\eaJEcJMejNE.exe
[2009-07-14 02:14:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Users\kuba\tytY.exe
[65 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[20 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\kuba\Documents\*.tmp files -> C:\Users\kuba\Documents\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2019-01-26 21:00:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kuba\Desktop\OTL.exe
[2019-01-26 20:21:00 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2019-01-26 18:10:21 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2019-01-26 18:10:21 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2019-01-26 17:59:35 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2019-01-26 17:59:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2019-01-26 17:58:43 | 2109,743,103 | -HS- | M] () -- C:\hiberfil.sys
[2019-01-26 16:50:38 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2019-01-26 14:20:15 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2019-01-26 13:59:18 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\subinacl.exe
[2019-01-26 13:09:22 | 005,300,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2019-01-26 13:07:34 | 000,001,018 | ---- | M] () -- C:\Users\kuba\Documents\cc_20190126_130730.reg
[2019-01-26 13:06:19 | 000,012,750 | ---- | M] () -- C:\Users\kuba\Documents\cc_20190126_130612.reg
[2019-01-26 13:00:55 | 000,884,150 | ---- | M] () -- C:\Users\kuba\Documents\cc_20190126_130024.reg
[2019-01-25 18:26:40 | 001,780,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2019-01-25 18:26:40 | 000,782,788 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2019-01-25 18:26:40 | 000,691,610 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2019-01-25 18:26:40 | 000,172,282 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2019-01-25 18:26:40 | 000,133,940 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2019-01-25 18:23:05 | 000,000,002 | ---- | M] () -- C:\Users\kuba\AppData\Local\imw.ini
[2019-01-25 18:22:44 | 000,011,950 | ---- | M] () -- C:\Users\kuba\Desktop\beamng_drive-v0_15_0_3.torrent
[2019-01-19 11:12:21 | 000,000,600 | ---- | M] () -- C:\Users\kuba\AppData\Roaming\winscp.rnd
[2019-01-17 17:51:05 | 000,000,998 | ---- | M] () -- C:\Users\kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk
[2019-01-17 17:11:11 | 000,001,003 | ---- | M] () -- C:\Users\kuba\Desktop\WiresharkPortable.lnk
[2019-01-15 21:22:51 | 001,032,248 | ---- | M] (Akeo Consulting) -- C:\Users\kuba\Desktop\rufus-3.4.exe
[2019-01-14 21:34:34 | 000,018,484 | ---- | M] () -- C:\Users\kuba\Desktop\Scena.schematic
[2019-01-13 16:27:40 | 000,000,132 | ---- | M] () -- C:\Users\kuba\AppData\Roaming\Preferencje CC formatu PNG firmy Adobe
[2019-01-13 14:29:16 | 000,039,604 | ---- | M] () -- C:\Users\kuba\Desktop\mountain-village-server-logo_1024x1024.jpg
[2019-01-09 17:48:10 | 001,752,080 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2019-01-08 17:27:27 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2019-01-08 17:27:27 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2019-01-06 20:31:57 | 000,205,957 | ---- | M] () -- C:\Users\kuba\Desktop\orebfuscator-4.4.3.jar
[2019-01-05 20:28:59 | 000,702,583 | ---- | M] () -- C:\Users\kuba\Desktop\ChestShop.jar
[2019-01-05 16:39:16 | 000,028,831 | ---- | M] () -- C:\Users\kuba\Desktop\Config.yml
[2019-01-05 12:52:07 | 000,005,462 | ---- | M] () -- C:\Users\kuba\Desktop\YouTube-1.6.2.jar
[2019-01-04 21:49:05 | 003,597,865 | ---- | M] () -- C:\Users\kuba\Desktop\b-Compilator.jar
[2019-01-03 21:45:19 | 000,000,202 | ---- | M] () -- C:\Users\kuba\Desktop\Saints Row IV.url
[2019-01-03 19:46:05 | 000,000,506 | ---- | M] () -- C:\Users\kuba\AppData\Roaming\jd-gui.cfg
[2018-12-28 21:03:35 | 000,631,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018-12-28 21:02:51 | 005,552,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018-12-28 21:02:10 | 000,708,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018-12-28 21:02:10 | 000,262,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018-12-28 21:01:05 | 001,664,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018-12-28 20:59:50 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2018-12-28 20:59:50 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018-12-28 20:59:50 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2018-12-28 20:59:50 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018-12-28 20:59:49 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2018-12-28 20:59:49 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018-12-28 20:59:49 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2018-12-28 20:59:49 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2018-12-28 20:59:49 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2018-12-28 20:59:49 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2018-12-28 20:59:48 | 001,211,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018-12-28 20:59:48 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2018-12-28 20:59:47 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018-12-28 20:59:47 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2018-12-28 20:59:44 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2018-12-28 20:59:44 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018-12-28 20:59:40 | 001,472,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018-12-28 20:59:40 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2018-12-28 20:59:40 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018-12-28 20:59:21 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018-12-28 20:59:21 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2018-12-28 20:59:10 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018-12-28 20:59:09 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018-12-28 20:59:08 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018-12-28 20:59:08 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018-12-28 20:59:08 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2018-12-28 20:59:08 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2018-12-28 20:59:08 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2018-12-28 20:59:08 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2018-12-28 20:59:08 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2018-12-28 20:59:08 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2018-12-28 20:59:08 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2018-12-28 20:59:08 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2018-12-28 20:59:08 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2018-12-28 20:59:07 | 000,880,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018-12-28 20:59:07 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018-12-28 20:51:13 | 004,055,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2018-12-28 20:51:12 | 003,960,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2018-12-28 20:48:58 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018-12-28 20:48:55 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2018-12-28 20:48:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018-12-28 20:48:50 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2018-12-28 20:48:37 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018-12-28 20:48:35 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018-12-28 20:48:35 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018-12-28 20:48:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2018-12-28 20:48:35 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2018-12-28 20:48:35 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2018-12-28 20:48:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2018-12-28 20:48:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2018-12-28 20:48:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2018-12-28 20:48:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2018-12-28 20:48:35 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2018-12-28 20:48:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2018-12-28 20:34:55 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018-12-28 20:34:52 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018-12-28 20:34:18 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2018-12-28 20:31:52 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2018-12-28 20:31:24 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2018-12-28 20:31:05 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2018-12-28 20:30:51 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2018-12-28 20:27:45 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2018-12-28 20:27:42 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018-12-28 20:27:41 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018-12-28 20:27:40 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2018-12-28 20:27:40 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2018-12-28 20:26:50 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2018-12-28 20:26:50 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2018-12-28 20:26:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2018-12-28 20:26:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2018-12-28 00:50:46 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2018-12-28 00:37:22 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2018-12-28 00:36:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2018-12-28 00:36:37 | 000,576,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2018-12-28 00:36:34 | 000,417,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2018-12-28 00:36:04 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2018-12-28 00:31:13 | 005,778,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2018-12-28 00:28:47 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2018-12-28 00:26:20 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2018-12-28 00:25:14 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2018-12-28 00:25:12 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2018-12-28 00:25:01 | 000,790,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2018-12-28 00:24:53 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2018-12-28 00:17:37 | 000,969,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2018-12-28 00:14:29 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2018-12-28 00:07:59 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2018-12-28 00:07:38 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2018-12-28 00:06:42 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2018-12-28 00:05:34 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2018-12-28 00:04:52 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2018-12-28 00:04:41 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2018-12-28 00:03:50 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2018-12-28 00:03:48 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2018-12-28 00:03:14 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2018-12-28 00:01:14 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2018-12-27 23:59:32 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2018-12-27 23:58:36 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2018-12-27 23:56:50 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2018-12-27 23:55:50 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2018-12-27 23:55:44 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2018-12-27 23:55:22 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2018-12-27 23:48:32 | 000,809,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2018-12-27 23:48:22 | 000,728,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2018-12-27 23:46:03 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2018-12-27 23:45:52 | 002,135,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2018-12-27 23:43:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2018-12-27 23:42:34 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2018-12-27 23:42:05 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2018-12-27 23:39:45 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2018-12-27 23:39:09 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2018-12-27 23:36:30 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2018-12-27 23:29:04 | 002,060,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2018-12-27 23:28:30 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2018-12-27 23:11:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2018-12-27 23:06:06 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2018-12-27 22:38:51 | 000,000,656 | ---- | M] () -- C:\Users\Public\Desktop\Smart Switch.lnk
[65 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[20 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\kuba\Documents\*.tmp files -> C:\Users\kuba\Documents\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2019-01-26 20:21:00 | 000,002,302 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2019-01-26 20:21:00 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2019-01-26 13:07:33 | 000,001,018 | ---- | C] () -- C:\Users\kuba\Documents\cc_20190126_130730.reg
[2019-01-26 13:06:14 | 000,012,750 | ---- | C] () -- C:\Users\kuba\Documents\cc_20190126_130612.reg
[2019-01-26 13:00:29 | 000,884,150 | ---- | C] () -- C:\Users\kuba\Documents\cc_20190126_130024.reg
[2019-01-25 18:23:05 | 000,000,002 | ---- | C] () -- C:\Users\kuba\AppData\Local\imw.ini
[2019-01-25 18:22:35 | 000,011,950 | ---- | C] () -- C:\Users\kuba\Desktop\beamng_drive-v0_15_0_3.torrent
[2019-01-17 17:51:05 | 000,000,998 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk
[2019-01-17 17:11:11 | 000,001,003 | ---- | C] () -- C:\Users\kuba\Desktop\WiresharkPortable.lnk
[2019-01-16 21:29:31 | 000,361,472 | ---- | C] () -- C:\Users\kuba\Desktop\WakeOnLanMonitor.exe
[2019-01-14 21:38:35 | 006,878,379 | ---- | C] () -- C:\Users\kuba\Desktop\Faithful+1.12.2-rv4.zip
[2019-01-14 21:34:46 | 000,018,484 | ---- | C] () -- C:\Users\kuba\Desktop\Scena.schematic
[2019-01-13 14:29:16 | 000,039,604 | ---- | C] () -- C:\Users\kuba\Desktop\mountain-village-server-logo_1024x1024.jpg
[2019-01-10 15:25:01 | 000,136,192 | ---- | C] () -- C:\Users\kuba\Desktop\LOIC.exe
[2019-01-06 20:31:46 | 000,205,957 | ---- | C] () -- C:\Users\kuba\Desktop\orebfuscator-4.4.3.jar
[2019-01-05 20:28:54 | 000,702,583 | ---- | C] () -- C:\Users\kuba\Desktop\ChestShop.jar
[2019-01-05 16:29:58 | 000,028,831 | ---- | C] () -- C:\Users\kuba\Desktop\Config.yml
[2019-01-04 21:47:14 | 003,597,865 | ---- | C] () -- C:\Users\kuba\Desktop\b-Compilator.jar
[2019-01-04 21:45:22 | 000,005,462 | ---- | C] () -- C:\Users\kuba\Desktop\YouTube-1.6.2.jar
[2019-01-03 21:45:19 | 000,000,202 | ---- | C] () -- C:\Users\kuba\Desktop\Saints Row IV.url
[2018-12-27 22:36:15 | 000,000,656 | ---- | C] () -- C:\Users\Public\Desktop\Smart Switch.lnk
[2018-11-24 18:44:44 | 000,000,506 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\jd-gui.cfg
[2018-11-17 13:07:48 | 000,001,312 | ---- | C] () -- C:\Users\kuba\permissions.yml
[2018-10-15 20:37:01 | 000,000,000 | ---- | C] () -- C:\Users\kuba\adb
[2018-07-15 20:36:23 | 000,000,039 | ---- | C] () -- C:\Users\kuba\AppData\Local\kritadisplayrc
[2018-05-16 20:23:28 | 000,356,744 | ---- | C] () -- C:\Windows\SysWow64\GameManager32.dll
[2018-05-16 20:22:24 | 000,326,024 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe
[2018-05-16 20:21:02 | 000,352,648 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2018-05-10 15:45:08 | 000,000,600 | ---- | C] () -- C:\Users\kuba\AppData\Local\PUTTY.RND
[2018-04-24 16:12:01 | 000,000,132 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\Preferencje CC formatu GIF firmy Adobe
[2018-04-04 14:58:04 | 000,001,641 | ---- | C] () -- C:\Users\kuba\AppData\Local\recently-used.xbel
[2018-03-24 12:02:40 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\msvcrt10.dll
[2018-03-02 03:04:08 | 000,828,216 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-1-70-0.dll
[2018-03-02 03:03:58 | 000,575,800 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-1-70-0.exe
[2017-12-16 21:00:52 | 000,007,626 | ---- | C] () -- C:\Users\kuba\AppData\Local\Resmon.ResmonCfg
[2017-12-11 15:35:48 | 000,967,450 | ---- | C] () -- C:\Windows\unins002.exe
[2017-12-11 15:35:48 | 000,001,938 | ---- | C] () -- C:\Windows\unins002.dat
[2017-11-02 21:15:40 | 000,798,520 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-65-0.dll
[2017-11-02 21:15:26 | 000,490,808 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-65-0.exe
[2017-09-14 00:20:30 | 000,798,008 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-61-0.dll
[2017-09-14 00:20:14 | 000,490,296 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-61-0.exe
[2017-08-14 17:15:22 | 000,000,232 | ---- | C] () -- C:\Windows\SysWow64\dllhost.exe.config
[2017-08-09 10:29:12 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2017-06-15 20:32:56 | 000,525,088 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-51-0.dll
[2017-06-15 20:32:50 | 000,233,760 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-51-0.exe
[2017-06-05 19:48:55 | 000,000,063 | ---- | C] () -- C:\Users\kuba\AppData\Local\emaildefaults
[2017-06-05 19:48:18 | 000,015,900 | ---- | C] () -- C:\Users\kuba\AppData\Local\kritarc
[2017-05-20 19:54:56 | 000,000,060 | ---- | C] () -- C:\ProgramData\SoftwareUpdateTemp.xml
[2017-02-18 08:39:09 | 001,938,537 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\Medfresh.bin
[2017-02-18 08:38:54 | 001,909,789 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\Techstring.tst
[2017-02-18 08:38:36 | 000,126,464 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\lobby.dat
[2017-02-18 08:38:36 | 000,054,272 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\ApplicationHosting.dat
[2017-02-18 08:38:35 | 000,072,787 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\Fasestock.tst
[2017-01-27 23:05:24 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-39-1.exe
[2017-01-27 23:04:54 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-39-1.dll
[2017-01-16 11:04:35 | 000,000,092 | ---- | C] () -- C:\Users\kuba\AppData\Local\fusioncache.dat
[2016-12-27 14:19:15 | 003,351,566 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\tor.exe
[2016-12-10 14:12:46 | 000,003,584 | ---- | C] () -- C:\Users\kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016-08-29 12:03:10 | 000,000,132 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\Preferencje CC formatu Targa firmy Adobe
[2016-05-02 10:18:05 | 003,118,534 | ---- | C] () -- C:\Program Files (x86)\LogMeIn Hamachi.rar
[2016-03-30 05:33:40 | 000,000,132 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\Preferencje CC formatu PNG firmy Adobe
[2016-03-30 05:30:07 | 000,000,132 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\Preferencje CC filtra Adobe IllExport
[2016-03-14 15:43:51 | 000,000,055 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\MouseServer.ini
[2016-02-06 11:56:03 | 000,000,000 | -HS- | C] () -- C:\Users\kuba\AppData\Local\LumaEmu
[2016-01-31 11:33:27 | 000,000,024 | ---- | C] () -- C:\Users\kuba\PokeBlock.config
[2015-12-26 18:20:57 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015-11-27 17:59:43 | 000,000,600 | ---- | C] () -- C:\Users\kuba\AppData\Roaming\winscp.rnd
[2015-11-03 17:22:27 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2015-07-03 20:05:38 | 000,002,092 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-727411061-3885270544-3697033259-1000\$R4H1DHS\maps\structures\stairs\0\n.dat
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2018-08-13 16:54:39 | 014,183,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018-08-13 16:40:58 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >


Copyrights 2014-2021 © Wklejaj.pl Wszelkie prawa zastrzeżone.