• Ogłoszenie:

Komputer strasznie długo sie uruchamia

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Komputer strasznie długo sie uruchamia

Postprzez kolezka1 22 Lis 2018, 23:06

reklama
Hej, komputer długo się uruchamia, ma straszne opóźnienia. Po zalogowaniu wszystko chodzi z wielkim opóźnieniem, jednak po jakichś 5 minutach wszystko zaczyna działać już prawidłowo.

OTL logfile created on: 22.11.2018 21:54:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kolez\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17134.0)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy

7,89 Gb Total Physical Memory | 3,94 Gb Available Physical Memory | 50,01% Memory free
9,39 Gb Paging File | 5,12 Gb Available in Paging File | 54,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222,24 Gb Total Space | 4,73 Gb Free Space | 2,13% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-7V20NCE | User Name: kolez | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2018.11.22 21:53:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kolez\Downloads\OTL_[www.programosy.pl].exe
PRC - [2018.10.22 13:37:28 | 000,067,896 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2018.10.22 13:37:24 | 000,110,392 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
PRC - [2018.10.22 13:37:24 | 000,067,384 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2018.10.22 13:37:18 | 000,356,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
PRC - [2018.10.21 12:38:44 | 000,662,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2018.10.21 02:17:40 | 000,068,920 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2018.09.10 10:22:06 | 005,218,792 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
PRC - [2018.09.10 10:22:00 | 002,704,872 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
PRC - [2018.09.10 10:21:58 | 002,910,696 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
PRC - [2018.08.23 21:54:44 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
PRC - [2018.08.13 23:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2017.12.19 18:30:28 | 000,928,280 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2017.12.04 20:19:59 | 000,462,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
PRC - [2017.09.26 02:52:42 | 034,879,568 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
PRC - [2017.09.20 03:04:58 | 000,149,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
PRC - [2017.09.20 02:42:50 | 000,817,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
PRC - [2017.09.20 02:42:50 | 000,397,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
PRC - [2017.09.20 02:42:48 | 002,407,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2017.09.20 02:42:48 | 002,382,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
PRC - [2017.02.14 11:41:16 | 001,078,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2016.12.19 17:35:00 | 015,073,944 | ---- | M] (Node.js) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
PRC - [2016.07.01 10:06:16 | 000,508,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
PRC - [2016.03.22 05:52:30 | 001,804,360 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe


========== Modules (No Company Name) ==========

MOD - [2018.11.14 15:00:59 | 007,589,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\cc3865159952f5c1821a3af6916363b0\System.Xml.ni.dll
MOD - [2018.11.14 15:00:52 | 001,020,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\dabffeccb3ff451b4f21a9cfd08193d6\System.Configuration.ni.dll
MOD - [2018.11.14 15:00:35 | 008,246,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\80902f10241caeaa71d97ea6c88115a1\System.Core.ni.dll
MOD - [2018.11.14 15:00:31 | 010,542,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\ef92fd4410d6b1e5d4b768767ad05aaa\System.ni.dll
MOD - [2018.10.21 02:17:46 | 001,042,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2018.10.21 02:17:14 | 000,189,752 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2018.09.11 02:30:33 | 020,539,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\31202f32d626603baaac9a296830c313\mscorlib.ni.dll
MOD - [2018.04.12 00:34:47 | 000,364,200 | ---- | M] () -- C:\Windows\SysWOW64\InputHost.dll
MOD - [2017.11.30 18:55:04 | 000,076,088 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2017.09.26 02:52:42 | 034,879,568 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
MOD - [2017.09.20 03:04:58 | 000,822,880 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanMessage5.dll
MOD - [2017.09.20 03:04:58 | 000,714,336 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanControl.dll
MOD - [2017.09.20 03:04:58 | 000,099,424 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
MOD - [2017.09.20 02:42:50 | 067,115,616 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
MOD - [2017.09.06 18:11:48 | 000,214,528 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
MOD - [2017.09.06 18:11:38 | 000,086,528 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
MOD - [2017.09.06 18:11:36 | 000,118,272 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
MOD - [2017.09.06 18:11:32 | 000,125,952 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
MOD - [2017.09.06 18:11:06 | 000,117,248 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
MOD - [2017.08.23 12:52:04 | 040,524,408 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2018.11.08 22:37:38 | 000,322,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\rempl\sedsvc.exe -- (sedsvc)
SRV:64bit: - [2018.11.01 12:26:51 | 001,364,992 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:64bit: - [2018.11.01 08:25:30 | 000,885,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2018.11.01 08:03:00 | 003,397,120 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2018.11.01 07:59:14 | 000,241,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2018.11.01 07:58:42 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2018.11.01 07:57:53 | 000,835,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2018.11.01 07:57:47 | 000,356,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:64bit: - [2018.11.01 07:57:04 | 000,281,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2018.11.01 07:56:33 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2018.11.01 07:56:19 | 001,395,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:64bit: - [2018.11.01 07:55:15 | 000,684,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2018.11.01 07:53:53 | 002,248,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2018.11.01 07:53:51 | 001,373,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2018.10.21 08:18:54 | 000,395,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:64bit: - [2018.10.21 08:16:45 | 000,514,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:64bit: - [2018.10.21 08:16:03 | 000,847,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2018.10.21 08:14:53 | 000,632,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2018.10.21 08:14:45 | 000,311,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2018.10.21 08:14:29 | 000,453,632 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:64bit: - [2018.09.20 04:40:17 | 003,090,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2018.09.08 04:26:46 | 000,784,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2018.09.08 04:24:55 | 001,457,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2018.09.08 04:24:26 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2018.08.28 07:45:57 | 000,713,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:64bit: - [2018.08.09 05:25:14 | 000,392,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:64bit: - [2018.08.03 04:41:01 | 000,061,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:64bit: - [2018.08.03 04:15:02 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2018.07.14 05:23:08 | 000,760,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:64bit: - [2018.07.14 04:54:10 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:64bit: - [2018.07.14 04:53:02 | 000,681,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:64bit: - [2018.07.14 04:50:54 | 001,359,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:64bit: - [2018.07.14 04:50:19 | 000,949,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2018.07.06 07:58:32 | 000,091,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2018.06.15 05:41:49 | 000,235,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2018.06.15 05:41:36 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:64bit: - [2018.06.15 05:40:59 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2018.06.15 05:40:51 | 001,487,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:64bit: - [2018.06.08 17:06:33 | 000,976,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:64bit: - [2018.06.08 10:29:32 | 004,970,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2018.06.08 09:59:09 | 000,673,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:64bit: - [2018.06.08 09:56:37 | 000,858,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:64bit: - [2018.06.08 09:55:04 | 000,667,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2018.05.20 12:31:30 | 001,456,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:64bit: - [2018.04.12 00:35:21 | 000,681,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2018.04.12 00:35:21 | 000,427,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2018.04.12 00:35:21 | 000,400,896 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:64bit: - [2018.04.12 00:34:43 | 000,824,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:64bit: - [2018.04.12 00:34:43 | 000,590,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2018.04.12 00:34:43 | 000,121,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2018.04.12 00:34:41 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2018.04.12 00:34:40 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2018.04.12 00:34:39 | 000,219,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:64bit: - [2018.04.12 00:34:38 | 000,671,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2018.04.12 00:34:37 | 000,303,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2018.04.12 00:34:37 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2018.04.12 00:34:34 | 001,273,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2018.04.12 00:34:33 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:64bit: - [2018.04.12 00:34:33 | 000,153,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:64bit: - [2018.04.12 00:34:25 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2018.04.12 00:34:24 | 001,027,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2018.04.12 00:34:24 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2018.04.12 00:34:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2018.04.12 00:34:23 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2018.04.12 00:34:22 | 000,773,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2018.04.12 00:34:22 | 000,335,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2018.04.12 00:34:22 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_42a0d16)
SRV:64bit: - [2018.04.12 00:34:22 | 000,051,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_42a0d16)
SRV:64bit: - [2018.04.12 00:34:19 | 000,750,080 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:64bit: - [2018.04.12 00:34:19 | 000,195,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:64bit: - [2018.04.12 00:34:14 | 000,712,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2018.04.12 00:34:14 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2018.04.12 00:34:14 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2018.04.12 00:34:12 | 001,495,040 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2018.04.12 00:34:12 | 001,220,096 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2018.04.12 00:34:12 | 000,582,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2018.04.12 00:34:12 | 000,345,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2018.04.12 00:34:12 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2018.04.12 00:34:12 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2018.04.12 00:34:12 | 000,176,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:64bit: - [2018.04.12 00:34:12 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:64bit: - [2018.04.12 00:34:12 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:64bit: - [2018.04.12 00:34:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2018.04.12 00:34:10 | 001,248,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:64bit: - [2018.04.12 00:34:10 | 000,376,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2018.04.12 00:34:10 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2018.04.12 00:34:10 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2018.04.12 00:34:08 | 001,308,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2018.04.12 00:34:08 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2018.04.12 00:34:08 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:64bit: - [2018.04.12 00:34:08 | 000,059,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.exe -- (xbgm)
SRV:64bit: - [2018.04.12 00:34:08 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:64bit: - [2018.04.12 00:34:07 | 001,115,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2018.04.12 00:34:07 | 000,092,160 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2018.04.12 00:34:06 | 001,033,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2018.04.12 00:34:06 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2018.04.12 00:34:04 | 001,148,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2018.04.12 00:34:04 | 000,411,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:64bit: - [2018.04.12 00:34:04 | 000,199,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:64bit: - [2018.04.12 00:34:04 | 000,163,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:64bit: - [2018.04.12 00:34:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2018.04.12 00:34:02 | 000,464,384 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:64bit: - [2018.04.12 00:34:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:64bit: - [2018.04.12 00:33:54 | 002,197,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2018.04.12 00:33:54 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:64bit: - [2018.04.12 00:33:54 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:64bit: - [2018.04.12 00:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2018.04.12 00:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2018.04.12 00:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2018.04.12 00:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2018.04.12 00:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2018.04.12 00:33:54 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2018.04.12 00:33:47 | 003,441,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2018.04.10 22:05:00 | 000,324,608 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2018.03.10 19:20:00 | 000,495,616 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:64bit: - [2017.12.04 20:19:59 | 000,462,920 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem)
SRV:64bit: - [2016.11.30 20:56:28 | 000,373,728 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2018.11.21 22:20:08 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018.11.10 03:55:10 | 001,684,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2018.11.01 05:47:30 | 000,567,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2018.11.01 05:28:23 | 001,000,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2018.10.23 18:51:22 | 003,917,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe -- (WdNisSvc)
SRV - [2018.10.23 18:51:21 | 000,114,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe -- (WinDefend)
SRV - [2018.09.10 10:22:00 | 002,704,872 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService)
SRV - [2018.09.10 10:21:58 | 002,910,696 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe -- (AGMService)
SRV - [2018.08.13 23:27:08 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2018.06.15 05:46:52 | 000,593,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2018.06.15 05:43:37 | 001,110,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2018.06.08 10:09:43 | 004,469,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2018.06.08 09:54:26 | 000,729,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2018.04.12 00:35:22 | 000,312,832 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2018.04.12 00:34:57 | 000,138,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2018.04.12 00:34:45 | 000,965,632 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2018.04.12 00:34:45 | 000,072,192 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2018.04.12 00:34:45 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2018.04.12 00:33:47 | 003,441,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2017.09.27 17:31:50 | 000,493,280 | ---- | M] (Wondershare) [Auto | Running] -- C:\Program Files (x86)\Wondershare\WAF\2.4.3.230\WsAppService.exe -- (WsAppService)
SRV - [2017.09.20 02:42:50 | 000,817,760 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe -- (AdobeUpdateService)
SRV - [2016.11.30 20:58:06 | 000,301,536 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2018.11.01 08:28:11 | 000,076,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:64bit: - [2018.10.23 18:51:22 | 000,328,696 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2018.10.23 18:51:22 | 000,060,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2018.10.23 18:51:22 | 000,046,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2018.10.21 08:46:42 | 000,611,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2018.10.21 08:19:52 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2018.10.21 08:19:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2018.10.21 08:19:29 | 000,228,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:64bit: - [2018.10.21 08:18:53 | 000,199,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2018.10.21 08:17:38 | 000,787,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2018.08.09 05:55:01 | 000,230,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2018.08.03 04:47:12 | 000,128,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:64bit: - [2018.08.03 04:40:48 | 000,228,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2018.08.03 04:40:43 | 000,566,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2018.08.03 04:39:58 | 000,075,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2018.08.03 04:17:05 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:64bit: - [2018.07.14 04:55:22 | 000,414,720 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:64bit: - [2018.06.15 08:10:52 | 000,048,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2018.06.15 06:08:16 | 001,921,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2018.06.15 06:08:14 | 000,072,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2018.06.15 06:08:05 | 000,945,568 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2018.06.15 05:44:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2018.06.08 11:31:08 | 000,029,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2018.06.08 10:29:39 | 000,164,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2018.05.20 13:33:14 | 000,105,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2018.05.09 11:32:43 | 000,382,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2018.04.12 16:53:58 | 000,037,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2018.04.12 16:53:57 | 000,057,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:64bit: - [2018.04.12 16:53:55 | 000,030,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2018.04.12 00:34:43 | 000,119,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2018.04.12 00:34:40 | 000,091,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2018.04.12 00:34:40 | 000,060,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:64bit: - [2018.04.12 00:34:32 | 000,128,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2018.04.12 00:34:32 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2018.04.12 00:34:32 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:64bit: - [2018.04.12 00:34:32 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2018.04.12 00:34:28 | 000,254,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2018.04.12 00:34:25 | 000,088,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2018.04.12 00:34:22 | 000,175,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:64bit: - [2018.04.12 00:34:22 | 000,034,208 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2018.04.12 00:34:20 | 000,217,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2018.04.12 00:34:20 | 000,209,816 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2018.04.12 00:34:19 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:64bit: - [2018.04.12 00:34:15 | 000,021,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:64bit: - [2018.04.12 00:34:14 | 000,282,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2018.04.12 00:34:14 | 000,154,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2018.04.12 00:34:14 | 000,152,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:64bit: - [2018.04.12 00:34:14 | 000,151,960 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:64bit: - [2018.04.12 00:34:14 | 000,128,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2018.04.12 00:34:14 | 000,082,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:64bit: - [2018.04.12 00:34:14 | 000,075,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2018.04.12 00:34:14 | 000,067,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2018.04.12 00:34:14 | 000,039,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2018.04.12 00:34:14 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:64bit: - [2018.04.12 00:34:14 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:64bit: - [2018.04.12 00:34:14 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2018.04.12 00:34:12 | 000,169,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2018.04.12 00:34:12 | 000,092,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:64bit: - [2018.04.12 00:34:12 | 000,082,432 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2018.04.12 00:34:12 | 000,082,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2018.04.12 00:34:12 | 000,055,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2018.04.12 00:34:04 | 000,128,000 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2018.04.12 00:34:04 | 000,063,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:64bit: - [2018.04.12 00:34:04 | 000,058,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:64bit: - [2018.04.12 00:34:04 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2018.04.12 00:34:04 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2018.04.12 00:33:58 | 000,030,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2018.04.12 00:33:54 | 000,140,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2018.04.12 00:33:54 | 000,127,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2018.04.12 00:33:54 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2018.04.12 00:33:54 | 000,055,808 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2018.04.12 00:33:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2018.04.12 00:33:54 | 000,039,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:64bit: - [2018.04.12 00:33:54 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:64bit: - [2018.04.12 00:33:52 | 000,434,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2018.04.12 00:33:52 | 000,287,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2018.04.12 00:33:52 | 000,097,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2018.04.12 00:33:52 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2018.04.12 00:33:52 | 000,054,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2018.04.12 00:33:52 | 000,050,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2018.04.12 00:33:52 | 000,050,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2018.04.12 00:33:52 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthHfAud.sys -- (BthHFAud)
DRV:64bit: - [2018.04.12 00:33:52 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2018.04.12 00:33:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2018.04.12 00:33:52 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2018.04.12 00:33:52 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2018.04.12 00:33:52 | 000,018,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2018.04.12 00:33:51 | 000,144,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2018.04.12 00:33:51 | 000,098,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2018.04.12 00:33:51 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:64bit: - [2018.04.12 00:33:51 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:64bit: - [2018.04.12 00:33:51 | 000,029,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2018.04.12 00:33:51 | 000,028,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2018.04.12 00:33:51 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2018.04.12 00:33:49 | 001,836,952 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:64bit: - [2018.04.12 00:33:49 | 000,885,144 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:64bit: - [2018.04.12 00:33:49 | 000,842,648 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2018.04.12 00:33:49 | 000,526,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2018.04.12 00:33:49 | 000,505,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:64bit: - [2018.04.12 00:33:49 | 000,321,432 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2018.04.12 00:33:49 | 000,305,560 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2018.04.12 00:33:49 | 000,197,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:64bit: - [2018.04.12 00:33:49 | 000,156,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2018.04.12 00:33:49 | 000,108,952 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2018.04.12 00:33:49 | 000,105,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:64bit: - [2018.04.12 00:33:49 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:64bit: - [2018.04.12 00:33:49 | 000,079,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2018.04.12 00:33:49 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2018.04.12 00:33:49 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2018.04.12 00:33:49 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2018.04.12 00:33:49 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2018.04.12 00:33:49 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2018.04.12 00:33:49 | 000,058,776 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2018.04.12 00:33:49 | 000,056,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:64bit: - [2018.04.12 00:33:49 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2018.04.12 00:33:49 | 000,038,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:64bit: - [2018.04.12 00:33:49 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2018.04.12 00:33:49 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2018.04.12 00:33:49 | 000,033,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:64bit: - [2018.04.12 00:33:49 | 000,033,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:64bit: - [2018.04.12 00:33:49 | 000,032,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2018.04.12 00:33:49 | 000,031,128 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2018.04.12 00:33:49 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2018.04.12 00:33:49 | 000,018,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys -- (swenum)
DRV:64bit: - [2018.04.12 00:33:49 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2018.04.12 00:33:49 | 000,016,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:64bit: - [2018.04.12 00:33:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2018.04.12 00:33:49 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2018.04.12 00:33:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2018.04.12 00:33:48 | 003,419,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2018.04.12 00:33:48 | 001,135,520 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2018.04.12 00:33:48 | 000,533,912 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2018.04.12 00:33:48 | 000,259,480 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2018.04.12 00:33:48 | 000,177,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2018.04.12 00:33:48 | 000,145,816 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:64bit: - [2018.04.12 00:33:48 | 000,128,408 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2018.04.12 00:33:48 | 000,124,312 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2018.04.12 00:33:48 | 000,123,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2018.04.12 00:33:48 | 000,107,416 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2018.04.12 00:33:48 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:64bit: - [2018.04.12 00:33:48 | 000,083,360 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2018.04.12 00:33:48 | 000,082,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2018.04.12 00:33:48 | 000,082,328 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:64bit: - [2018.04.12 00:33:48 | 000,075,160 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2018.04.12 00:33:48 | 000,064,408 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2018.04.12 00:33:48 | 000,063,904 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2018.04.12 00:33:48 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2018.04.12 00:33:48 | 000,027,032 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2018.04.12 00:33:48 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2018.04.12 00:33:48 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:64bit: - [2018.04.12 00:33:48 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2018.04.12 00:33:45 | 006,320,640 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:64bit: - [2018.04.12 00:33:45 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:64bit: - [2018.04.12 00:33:45 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2018.04.12 00:33:45 | 000,118,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2018.04.12 00:33:45 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2018.04.12 00:33:45 | 000,091,648 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2018.04.12 00:33:45 | 000,088,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:64bit: - [2018.04.12 00:33:45 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:64bit: - [2018.04.12 00:33:45 | 000,060,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:64bit: - [2018.04.12 00:33:45 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2018.04.12 00:33:45 | 000,036,864 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:64bit: - [2017.12.12 20:32:46 | 017,003,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys -- (nvlddmkm)
DRV:64bit: - [2017.11.27 14:50:32 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2017.11.27 14:50:22 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2017.05.03 02:18:56 | 000,031,112 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsRadioControl.sys -- (HIDSwitch)
DRV:64bit: - [2017.03.09 09:19:12 | 000,124,928 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (AsusTP)
DRV:64bit: - [2016.11.30 20:56:00 | 007,969,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2016.05.12 04:32:26 | 000,481,768 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2015.08.04 10:19:16 | 001,553,032 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2015.07.10 14:35:26 | 000,193,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:64bit: - [2015.07.09 09:45:36 | 000,607,512 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtkBtfilter.sys -- (RtkBtFilter)
DRV:64bit: - [2015.05.14 10:44:38 | 000,751,632 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:64bit: - [2013.11.29 03:32:14 | 000,838,872 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.07.20 21:32:54 | 000,044,184 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\STTub30.sys -- (STTub30)
DRV - [2018.04.12 00:34:58 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2018.04.12 00:33:49 | 000,018,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys -- (swenum)
DRV - [2018.04.12 00:33:45 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys -- (CompositeBus)
DRV - [2017.12.12 20:32:46 | 017,003,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys -- (nvlddmkm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=190
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 89 2B 84 D7 02 BF D3 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 27 00 00 00 27 EE D7 12 26 44 22 9D E3 EA CD DA 4F 86 B8 E3 7A D1 79 2A 13 E7 E4 E8 42 BA 6C 64 52 9B 04 AA 23 8B 84 B9 E7 44 2A 02 00 00 00 0E 00 00 00 5A 54 4D 33 61 73 7A 53 65 43 34 25 33 64 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {c2b8e594-d284-ef0b-2c66-48a9c98914bc}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__180904&q={searchTerms}
IE - HKCU\..\SearchScopes\{c2b8e594-d284-ef0b-2c66-48a9c98914bc}: "URL" = https://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg01&p_w=y1w31&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.151.2: C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2: C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.161.2: C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2: C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 56.2.5\extensions\\Components: C:\PROGRAM FILES\WATERFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 56.2.5\extensions\\Plugins: C:\PROGRAM FILES\WATERFOX\PLUGINS

[2017.09.26 19:48:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kolez\AppData\Roaming\mozilla\Extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_1\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao\10.4.1_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.3_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg\2.0.4_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7018.903.0.0_0\

O1 HOSTS File: ([2017.03.18 22:01:13 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeGCInvoker-1.0] C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems, Incorporated)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ALLPlayer WiFi Remote] C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe File not found
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe (ALLPlayer.org)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Napisy24Update] C:\Program Files (x86)\Napisy24\Napisy24Update.exe (Napisy24.pl)
O4 - HKCU..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sharepoint.com ([lmpl-files] https in Trusted sites)
O15 - HKCU\..Trusted Domains: sharepoint.com ([lmpl-myfiles] https in Trusted sites)
O15 - HKCU\..Trusted Domains: webcompanion.com ([]http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{054157f5-6292-481f-9027-e69714f2913d}: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3062a044-72b7-4e17-8ae8-273a9403b30f}: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{e517a30a-3cc1-41d2-b305-da936ebafe0a}: DhcpNameServer = 172.20.10.1
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2018.11.22 21:52:15 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\AdobeGC
[2018.11.18 23:03:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2018.11.18 23:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2018.11.18 23:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2018.11.18 23:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2018.11.16 20:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\rempl
[2018.11.15 21:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
[2018.11.13 21:55:10 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2018.11.13 21:55:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2018.11.13 21:55:09 | 000,908,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2018.11.13 21:55:09 | 000,808,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2018.11.13 21:55:09 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVideoDSP.dll
[2018.11.13 21:55:09 | 000,412,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2018.11.13 21:55:09 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2018.11.13 21:55:09 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2018.11.13 21:55:09 | 000,261,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018.11.13 21:55:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\INETRES.dll
[2018.11.13 21:55:08 | 007,520,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018.11.13 21:55:08 | 001,708,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2018.11.13 21:55:08 | 001,379,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2018.11.13 21:55:08 | 001,361,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2018.11.13 21:55:08 | 000,129,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018.11.13 21:55:07 | 002,892,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018.11.13 21:55:07 | 002,368,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2018.11.13 21:55:07 | 001,551,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018.11.13 21:55:07 | 001,121,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2018.11.13 21:55:07 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2018.11.13 21:55:07 | 000,567,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018.11.13 21:55:07 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2018.11.13 21:55:07 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2018.11.13 21:55:06 | 001,639,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2018.11.13 21:55:06 | 000,793,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2018.11.13 21:55:05 | 005,775,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018.11.13 21:55:05 | 004,867,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018.11.13 21:55:05 | 000,868,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
[2018.11.13 21:55:05 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2018.11.13 21:55:04 | 006,661,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2018.11.13 21:55:04 | 006,570,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018.11.13 21:55:04 | 002,478,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2018.11.13 21:55:04 | 002,331,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2018.11.13 21:55:04 | 001,784,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2018.11.13 21:55:04 | 001,376,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018.11.13 21:55:04 | 001,029,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018.11.13 21:55:04 | 001,020,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2018.11.13 21:55:04 | 000,861,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2adec.dll
[2018.11.13 21:55:04 | 000,713,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2018.11.13 21:55:04 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018.11.13 21:55:04 | 000,607,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2018.11.13 21:55:04 | 000,594,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018.11.13 21:55:04 | 000,413,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018.11.13 21:55:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2018.11.13 21:55:03 | 013,873,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2018.11.13 21:55:03 | 005,883,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2018.11.13 21:55:03 | 002,487,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2018.11.13 21:55:03 | 000,943,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2018.11.13 21:55:03 | 000,885,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018.11.13 21:55:03 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2018.11.13 21:55:03 | 000,076,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2018.11.13 21:55:02 | 003,649,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018.11.13 21:55:02 | 002,405,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2018.11.13 21:55:02 | 002,224,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2018.11.13 21:55:02 | 002,172,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018.11.13 21:55:02 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2018.11.13 21:55:02 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2018.11.13 21:55:02 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2018.11.13 21:55:01 | 009,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018.11.13 21:55:01 | 007,573,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018.11.13 21:55:01 | 002,571,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2018.11.13 21:55:01 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2018.11.13 21:55:01 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018.11.13 21:55:00 | 001,934,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018.11.13 21:55:00 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018.11.13 21:54:59 | 012,501,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2018.11.13 21:54:59 | 002,394,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2018.11.13 21:54:59 | 002,371,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2018.11.13 21:54:59 | 001,288,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2018.11.13 21:54:59 | 001,130,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2018.11.13 21:54:59 | 001,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2adec.dll
[2018.11.13 21:54:59 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MixedRealityCapture.dll
[2018.11.13 21:54:59 | 000,491,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2018.11.13 21:54:58 | 004,790,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018.11.13 21:54:58 | 003,291,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2018.11.13 21:54:58 | 001,535,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2018.11.13 21:54:58 | 001,221,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018.11.13 21:54:58 | 001,209,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018.11.13 21:54:58 | 000,560,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2018.11.13 21:54:57 | 016,592,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2018.11.13 21:54:57 | 008,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2018.11.13 21:54:57 | 003,283,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2018.11.13 21:54:57 | 002,248,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2018.11.13 21:54:57 | 001,034,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2018.11.13 21:54:56 | 007,057,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2018.11.13 21:54:56 | 006,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2018.11.13 21:54:56 | 003,180,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2018.11.13 21:54:56 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2018.11.13 21:54:56 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2018.11.13 21:54:56 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2018.11.13 21:54:55 | 004,383,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2018.11.13 21:54:55 | 003,397,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018.11.13 21:54:55 | 001,190,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2018.11.13 21:54:55 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2018.11.13 21:54:55 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2018.11.13 21:54:55 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2018.11.13 21:54:54 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2018.11.13 21:54:53 | 013,572,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2018.11.13 21:54:53 | 000,894,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018.11.13 21:54:52 | 025,855,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018.11.13 21:54:52 | 004,404,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018.11.13 21:54:52 | 002,417,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2018.11.13 21:54:52 | 001,098,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2018.11.13 21:54:51 | 022,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018.11.13 21:54:51 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2018.11.13 21:54:51 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018.11.13 21:54:50 | 003,392,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2018.11.13 21:54:50 | 002,738,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2018.11.13 21:54:50 | 002,700,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2018.11.13 21:54:50 | 002,258,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2018.11.13 21:54:50 | 000,717,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2018.11.13 21:54:50 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2018.11.13 21:54:50 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2018.11.13 21:54:50 | 000,268,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2018.11.13 21:54:49 | 007,432,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018.11.13 21:54:49 | 005,669,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2018.11.13 21:54:49 | 004,393,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2018.11.13 21:54:49 | 001,363,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2018.11.13 21:54:49 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2018.11.13 21:54:49 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2018.11.13 21:54:49 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2018.11.13 21:54:49 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2018.11.13 21:54:48 | 006,602,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2018.11.13 21:54:48 | 001,617,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2018.11.13 21:54:48 | 001,516,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2018.11.13 21:54:48 | 001,180,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2018.11.13 21:54:48 | 001,035,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2018.11.13 21:54:48 | 000,880,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2018.11.13 21:54:48 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2018.11.13 21:54:48 | 000,368,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2018.11.13 21:54:47 | 006,039,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018.11.13 21:54:47 | 000,505,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2018.11.13 21:54:46 | 009,084,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2018.11.13 21:54:46 | 006,647,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2018.11.13 21:54:46 | 003,381,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2018.11.13 21:54:46 | 002,825,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2018.11.13 21:54:46 | 002,449,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2018.11.13 21:54:46 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2018.11.13 21:54:46 | 001,364,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2018.11.13 21:54:46 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2018.11.13 21:54:46 | 001,225,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2018.11.13 21:54:46 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2018.11.13 21:54:46 | 000,530,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2018.11.13 21:54:46 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2018.11.13 21:54:46 | 000,272,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2018.11.13 21:54:46 | 000,269,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2018.11.13 21:54:45 | 023,861,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2018.11.13 21:54:45 | 019,525,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2018.11.13 21:54:43 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2018.11.13 21:54:43 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2018.11.13 21:54:43 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2018.11.13 21:54:43 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2018.11.13 21:54:43 | 000,236,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeManagerObj.dll
[2018.11.13 21:54:43 | 000,221,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditionUpgradeManagerObj.dll
[2018.11.13 21:54:43 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeHelper.dll
[2018.11.13 21:54:42 | 001,373,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2018.11.13 21:54:37 | 004,710,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2018.11.13 21:54:37 | 004,491,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2018.11.13 21:54:37 | 003,397,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2018.11.13 21:54:37 | 002,966,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2018.11.13 21:54:37 | 002,364,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OpcServices.dll
[2018.11.13 21:54:37 | 001,348,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OpcServices.dll
[2018.11.13 21:54:37 | 001,124,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdprt.dll
[2018.11.13 21:54:37 | 001,000,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018.11.13 21:54:37 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2018.11.13 21:54:36 | 001,946,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2018.11.13 21:54:36 | 001,826,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2018.11.13 21:54:36 | 001,456,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018.11.13 21:54:36 | 001,257,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018.11.13 21:54:36 | 001,140,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018.11.13 21:54:36 | 001,062,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2018.11.13 21:54:36 | 000,982,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018.11.13 21:54:36 | 000,566,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2018.11.13 21:54:36 | 000,134,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018.11.13 21:54:35 | 005,602,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2018.11.13 21:54:35 | 001,668,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll
[2018.11.13 21:54:35 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2018.11.13 21:54:35 | 001,395,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018.11.13 21:54:35 | 001,189,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2018.11.13 21:54:35 | 001,127,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2018.11.13 21:54:35 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2018.11.13 21:54:35 | 000,790,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2018.11.13 21:54:35 | 000,662,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2018.11.13 21:54:35 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingWinRT.dll
[2018.11.13 21:54:35 | 000,611,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2018.11.13 21:54:34 | 003,212,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2018.11.13 21:54:34 | 002,929,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsservices.dll
[2018.11.13 21:54:34 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2018.11.13 21:54:34 | 000,766,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingWinRT.dll
[2018.11.13 21:54:34 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2018.11.13 21:54:34 | 000,761,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2018.11.13 21:54:34 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintRenderAPIHost.DLL
[2018.11.13 21:54:34 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2018.11.13 21:54:34 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2018.11.13 21:54:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2018.11.13 21:54:34 | 000,384,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\coml2.dll
[2018.11.13 21:54:34 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthAvrcp.dll
[2018.11.13 21:54:34 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2018.11.13 21:54:34 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2018.11.13 21:54:33 | 001,862,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2018.11.13 21:54:33 | 000,895,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2018.11.13 21:54:33 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2018.11.13 21:54:33 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2018.11.13 21:54:33 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpsvc.dll
[2018.11.13 21:54:33 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2018.11.13 21:54:33 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BTAGService.dll
[2018.11.13 21:54:33 | 000,497,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.dll
[2018.11.13 21:54:33 | 000,463,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\coml2.dll
[2018.11.13 21:54:33 | 000,461,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Activities.dll
[2018.11.13 21:54:33 | 000,453,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2018.11.13 21:54:33 | 000,424,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Enumeration.dll
[2018.11.13 21:54:33 | 000,396,304 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2018.11.13 21:54:33 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmsvc.dll
[2018.11.13 21:54:33 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2018.11.13 21:54:33 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2018.11.13 21:54:33 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2018.11.13 21:54:33 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthA2DP.sys
[2018.11.13 21:54:33 | 000,185,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2018.11.13 21:54:33 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LanguageComponentsInstaller.dll
[2018.11.13 21:54:33 | 000,175,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2018.11.13 21:54:33 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\officecsp.dll
[2018.11.13 21:54:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ofdeploy.exe
[2018.11.13 21:54:33 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2018.11.13 21:54:32 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2018.11.13 21:54:32 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2018.11.13 21:54:32 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2018.11.13 21:54:32 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2018.11.13 21:54:32 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthAvctpSvc.dll
[2018.11.13 21:54:32 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wisp.dll
[2018.11.13 21:54:32 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scecli.dll
[2018.11.13 21:54:32 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prnntfy.dll
[2018.11.13 21:54:32 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringservice.dll
[2018.11.13 21:54:32 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Diagnostics.dll
[2018.11.13 21:54:32 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prnntfy.dll
[2018.11.13 21:54:32 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wisp.dll
[2018.11.13 21:54:32 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scecli.dll
[2018.11.13 21:54:32 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2018.11.13 21:54:32 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Diagnostics.dll
[2018.11.13 21:54:32 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2018.11.13 21:54:32 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2018.11.13 21:54:32 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2018.11.13 21:54:32 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2018.11.13 21:54:32 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2018.11.13 21:54:32 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SMSRouter.dll
[2018.11.13 21:54:32 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vhf.sys
[2018.11.13 21:54:32 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msisip.dll
[2018.11.13 21:54:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll
[2018.11.13 21:54:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msisip.dll
[2018.11.13 21:54:31 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2018.11.13 21:54:31 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2018.11.13 21:54:31 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WPTaskScheduler.dll
[2018.11.13 21:54:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys
[2018.11.13 21:54:31 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthAvrcpAppSvc.dll
[2018.11.13 21:54:31 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmapi.dll
[2018.11.13 21:54:31 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmtask.exe
[2018.11.13 21:54:31 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CSystemEventsBrokerClient.dll
[2018.11.11 21:38:40 | 000,000,000 | ---D | C] -- C:\Users\kolez\AppData\Local\D3DSCache
[2018.11.02 19:36:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2018.11.22 21:47:56 | 3386,908,672 | -HS- | M] () -- C:\hiberfil.sys
[2018.11.22 21:44:14 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2018.11.21 17:32:04 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2018.11.18 23:03:55 | 000,001,776 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2018.11.17 00:00:55 | 000,834,960 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2018.11.17 00:00:55 | 000,179,600 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2018.11.16 20:40:31 | 001,763,504 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2018.11.16 20:40:31 | 000,783,576 | ---- | M] () -- C:\WINDOWS\SysNative\perfh015.dat
[2018.11.16 20:40:31 | 000,699,960 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2018.11.16 20:40:31 | 000,151,702 | ---- | M] () -- C:\WINDOWS\SysNative\perfc015.dat
[2018.11.16 20:40:31 | 000,132,900 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2018.11.16 20:35:19 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2018.11.14 15:01:51 | 000,002,266 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018.11.14 14:55:20 | 000,404,296 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2018.11.13 21:56:00 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2018.11.13 21:56:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2018.11.12 14:31:29 | 000,007,601 | ---- | M] () -- C:\Users\kolez\AppData\Local\Resmon.ResmonCfg
[2018.11.06 21:34:15 | 000,377,384 | ---- | M] () -- C:\Users\kolez\Desktop\opentx-x7-multimodule-lua-en.bin
[2018.11.06 21:23:57 | 000,370,364 | ---- | M] () -- C:\Users\kolez\Desktop\opentx-x7-lua-pl.bin
[2018.11.06 21:10:58 | 000,524,288 | ---- | M] () -- C:\Users\kolez\Desktop\backup#firmwa#taran.bin
[2018.11.06 21:10:38 | 000,032,768 | ---- | M] () -- C:\Users\kolez\Desktop\backup_radio_taranis.bin
[2018.11.01 12:49:26 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2018.11.01 12:46:17 | 002,394,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2018.11.01 12:45:20 | 001,376,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018.11.01 12:45:04 | 001,617,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2018.11.01 12:32:09 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2018.11.01 12:31:51 | 006,602,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2018.11.01 12:30:26 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2018.11.01 12:30:15 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msisip.dll
[2018.11.01 12:29:05 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SMSRouter.dll
[2018.11.01 12:28:55 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prnntfy.dll
[2018.11.01 12:28:25 | 004,491,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2018.11.01 12:28:09 | 003,649,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018.11.01 12:27:22 | 000,878,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018.11.01 12:27:01 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2018.11.01 12:26:51 | 001,364,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2018.11.01 12:26:21 | 000,503,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2018.11.01 12:25:57 | 000,577,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2018.11.01 10:59:13 | 005,669,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2018.11.01 10:56:37 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msisip.dll
[2018.11.01 10:56:03 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prnntfy.dll
[2018.11.01 10:54:26 | 003,397,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2018.11.01 10:53:44 | 000,908,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2018.11.01 10:52:45 | 002,892,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018.11.01 10:15:23 | 023,861,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2018.11.01 10:13:39 | 019,525,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2018.11.01 08:39:00 | 001,035,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2018.11.01 08:38:08 | 000,269,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2018.11.01 08:37:57 | 000,272,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2018.11.01 08:28:29 | 001,029,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018.11.01 08:28:20 | 001,221,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018.11.01 08:28:17 | 000,134,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018.11.01 08:28:13 | 000,566,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2018.11.01 08:28:11 | 000,076,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2018.11.01 08:28:09 | 001,062,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2018.11.01 08:27:52 | 000,491,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2018.11.01 08:27:36 | 001,017,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2adec.dll
[2018.11.01 08:26:42 | 003,180,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2018.11.01 08:26:28 | 003,291,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2018.11.01 08:26:22 | 001,363,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2018.11.01 08:26:01 | 007,432,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018.11.01 08:25:52 | 001,934,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018.11.01 08:25:50 | 007,520,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018.11.01 08:25:48 | 009,089,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018.11.01 08:25:48 | 002,571,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2018.11.01 08:25:47 | 001,209,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018.11.01 08:25:47 | 000,413,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018.11.01 08:25:44 | 000,594,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018.11.01 08:25:44 | 000,463,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\coml2.dll
[2018.11.01 08:25:37 | 004,404,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018.11.01 08:25:36 | 000,793,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2018.11.01 08:25:34 | 000,412,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2018.11.01 08:25:33 | 000,268,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2018.11.01 08:25:31 | 002,371,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2018.11.01 08:25:30 | 000,885,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018.11.01 08:25:28 | 001,784,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2018.11.01 08:25:28 | 001,288,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2018.11.01 08:25:28 | 001,140,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018.11.01 08:25:28 | 000,982,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018.11.01 08:25:26 | 001,190,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2018.11.01 08:25:25 | 001,456,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018.11.01 08:25:25 | 001,257,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018.11.01 08:25:25 | 000,713,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2018.11.01 08:25:23 | 000,261,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018.11.01 08:09:59 | 025,855,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018.11.01 08:03:03 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmtask.exe
[2018.11.01 08:03:00 | 003,397,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018.11.01 08:02:22 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmapi.dll
[2018.11.01 08:02:21 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CSystemEventsBrokerClient.dll
[2018.11.01 08:01:20 | 007,057,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2018.11.01 08:01:10 | 009,084,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2018.11.01 08:00:25 | 008,189,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2018.11.01 08:00:16 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2018.11.01 08:00:14 | 003,392,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2018.11.01 08:00:11 | 006,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2018.11.01 08:00:10 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2018.11.01 07:59:14 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringservice.dll
[2018.11.01 07:59:09 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2018.11.01 07:59:04 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WPTaskScheduler.dll
[2018.11.01 07:59:02 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2018.11.01 07:59:00 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2018.11.01 07:58:48 | 004,383,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2018.11.01 07:58:43 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2018.11.01 07:58:43 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2018.11.01 07:58:42 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2018.11.01 07:58:11 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2018.11.01 07:58:10 | 004,867,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018.11.01 07:58:03 | 007,573,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018.11.01 07:57:53 | 000,835,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2018.11.01 07:57:47 | 000,356,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmsvc.dll
[2018.11.01 07:57:44 | 000,898,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2018.11.01 07:57:42 | 002,364,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OpcServices.dll
[2018.11.01 07:57:41 | 003,381,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2018.11.01 07:57:41 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2018.11.01 07:57:38 | 002,825,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2018.11.01 07:57:27 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2018.11.01 07:57:19 | 000,894,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018.11.01 07:57:16 | 001,708,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2018.11.01 07:57:14 | 000,808,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2018.11.01 07:57:04 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2018.11.01 07:56:53 | 002,172,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018.11.01 07:56:33 | 000,506,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2018.11.01 07:56:25 | 002,929,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsservices.dll
[2018.11.01 07:56:19 | 001,395,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018.11.01 07:55:23 | 002,738,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2018.11.01 07:55:15 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018.11.01 07:54:44 | 001,225,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2018.11.01 07:54:41 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2018.11.01 07:54:39 | 001,551,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018.11.01 07:54:23 | 001,023,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2018.11.01 07:54:21 | 001,264,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2018.11.01 07:54:13 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2018.11.01 07:54:12 | 000,943,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2018.11.01 07:54:06 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2018.11.01 07:54:03 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2018.11.01 07:54:00 | 000,796,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2018.11.01 07:53:53 | 002,248,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2018.11.01 07:53:52 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018.11.01 07:53:51 | 001,373,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2018.11.01 07:53:26 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2018.11.01 06:39:27 | 000,001,310 | ---- | M] () -- C:\WINDOWS\SysNative\tcbres.wim
[2018.11.01 06:08:32 | 002,417,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2018.11.01 05:50:03 | 000,861,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2adec.dll
[2018.11.01 05:48:46 | 000,384,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\coml2.dll
[2018.11.01 05:48:34 | 000,880,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2018.11.01 05:48:33 | 002,478,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2018.11.01 05:48:12 | 002,331,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2018.11.01 05:48:05 | 006,039,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018.11.01 05:48:02 | 004,790,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018.11.01 05:47:47 | 006,570,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018.11.01 05:47:47 | 001,379,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2018.11.01 05:47:44 | 000,129,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018.11.01 05:47:36 | 001,020,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2018.11.01 05:47:34 | 000,581,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVideoDSP.dll
[2018.11.01 05:47:30 | 000,567,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018.11.01 05:40:38 | 022,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018.11.01 05:34:16 | 002,700,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2018.11.01 05:33:28 | 006,661,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2018.11.01 05:32:18 | 006,647,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2018.11.01 05:31:06 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2018.11.01 05:30:49 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2018.11.01 05:30:45 | 005,883,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2018.11.01 05:30:41 | 000,561,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2018.11.01 05:30:20 | 001,361,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2018.11.01 05:30:16 | 002,449,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2018.11.01 05:30:15 | 005,775,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018.11.01 05:30:07 | 000,392,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2018.11.01 05:29:51 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2018.11.01 05:29:39 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2018.11.01 05:29:36 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2018.11.01 05:29:35 | 001,862,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2018.11.01 05:29:19 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2018.11.01 05:29:10 | 002,258,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2018.11.01 05:29:07 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018.11.01 05:28:42 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2018.11.01 05:28:33 | 001,348,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OpcServices.dll
[2018.11.01 05:28:23 | 001,000,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018.11.01 05:27:27 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2018.11.01 05:27:07 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2018.11.01 05:26:59 | 000,735,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2018.11.01 05:26:58 | 000,795,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2018.11.01 03:19:30 | 000,278,879 | ---- | M] () -- C:\WINDOWS\SysNative\DesktopKeepOnToastImg.gif
[2018.11.01 03:19:30 | 000,190,760 | ---- | M] () -- C:\WINDOWS\SysNative\LaptopPlugInToastImg.gif
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2018.11.18 23:03:55 | 000,001,776 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2018.11.15 21:38:55 | 000,927,544 | ---- | C] () -- C:\WINDOWS\SysNative\vulkan-1.dll
[2018.11.15 21:38:55 | 000,798,008 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2018.11.15 21:38:55 | 000,591,160 | ---- | C] () -- C:\WINDOWS\SysNative\vulkaninfo.exe
[2018.11.15 21:38:55 | 000,490,296 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2018.11.15 21:38:34 | 000,001,951 | ---- | C] () -- C:\WINDOWS\NvContainerRecovery.bat
[2018.11.13 21:55:02 | 000,190,760 | ---- | C] () -- C:\WINDOWS\SysNative\LaptopPlugInToastImg.gif
[2018.11.13 21:54:35 | 000,278,879 | ---- | C] () -- C:\WINDOWS\SysNative\DesktopKeepOnToastImg.gif
[2018.11.13 21:54:31 | 000,141,312 | ---- | C] () -- C:\WINDOWS\SysNative\DataStoreCacheDumpTool.exe
[2018.11.13 21:54:31 | 000,001,310 | ---- | C] () -- C:\WINDOWS\SysNative\tcbres.wim
[2018.11.06 21:34:14 | 000,377,384 | ---- | C] () -- C:\Users\kolez\Desktop\opentx-x7-multimodule-lua-en.bin
[2018.11.06 21:23:56 | 000,370,364 | ---- | C] () -- C:\Users\kolez\Desktop\opentx-x7-lua-pl.bin
[2018.11.06 21:10:57 | 000,524,288 | ---- | C] () -- C:\Users\kolez\Desktop\backup#firmwa#taran.bin
[2018.11.06 21:10:37 | 000,032,768 | ---- | C] () -- C:\Users\kolez\Desktop\backup_radio_taranis.bin
[2018.07.31 18:09:11 | 000,004,940 | ---- | C] () -- C:\ProgramData\nyuhbnxq.dbn
[2018.07.31 18:09:11 | 000,000,016 | ---- | C] () -- C:\ProgramData\mntemp
[2018.06.12 21:59:35 | 002,841,312 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2018.06.12 21:58:56 | 000,018,716 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2018.05.09 11:45:24 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2018.05.03 21:44:11 | 000,006,656 | ---- | C] () -- C:\Users\kolez\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2018.04.12 00:38:34 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2018.04.12 00:38:34 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2018.04.12 00:34:55 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2018.04.12 00:34:50 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2018.04.12 00:34:49 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2018.04.12 00:34:47 | 000,364,200 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2018.04.12 00:34:46 | 003,575,808 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2018.04.12 00:34:46 | 000,025,600 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2018.04.12 00:34:45 | 000,329,216 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2018.04.12 00:34:45 | 000,223,232 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2018.04.12 00:34:45 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2018.04.12 00:34:45 | 000,111,616 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2018.04.12 00:34:45 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2018.04.12 00:34:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2018.04.12 00:34:30 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2018.03.24 18:04:57 | 002,857,268 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2017.12.13 22:31:37 | 000,000,033 | ---- | C] () -- C:\Users\kolez\AppData\Roaming\AdobeWLCMCache.dat
[2017.12.09 01:46:39 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SysWow64\dllhost.exe.config
[2017.10.05 20:01:31 | 000,000,023 | ---- | C] () -- C:\ProgramData\RICOH SP 110 DDSTSDCREG.ini
[2017.09.26 21:40:41 | 000,007,601 | ---- | C] () -- C:\Users\kolez\AppData\Local\Resmon.ResmonCfg
[2017.09.14 00:20:30 | 000,798,008 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-61-0.dll
[2017.09.14 00:20:14 | 000,490,296 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-61-0.exe

========== ZeroAccess Check ==========

[2018.09.04 19:58:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2018.11.01 08:26:01 | 007,432,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2018.11.01 05:48:05 | 006,039,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2018.04.12 00:34:40 | 000,973,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2018.04.12 00:34:55 | 000,785,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018.04.12 00:34:40 | 000,524,288 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2017.12.23 19:28:21 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\.mono
[2017.09.26 20:36:15 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\ACD Systems
[2018.07.31 17:19:03 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\Blackmagic Design
[2018.03.14 22:01:36 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\com.efile.epity
[2018.03.14 22:01:09 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\fillUp
[2018.05.03 22:30:22 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\MAGIX
[2018.05.03 22:29:56 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\Movie Studio Platinum
[2017.09.26 21:36:27 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\MPC-HC
[2018.09.04 16:09:53 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\NapiProjekt
[2017.10.12 20:44:42 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\ObviousIdea
[2017.09.26 19:42:46 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\Opera Software
[2018.10.04 22:32:05 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\PDAppFlex
[2018.05.03 22:11:47 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\Sony
[2018.11.01 20:47:01 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\uTorrent
[2018.05.03 22:30:19 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\VEGAS
[2018.04.22 11:00:18 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\Wargaming.net
[2017.09.26 19:48:46 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\Waterfox
[2018.11.21 23:18:10 | 000,000,000 | ---D | M] -- C:\Users\kolez\AppData\Roaming\Wondershare

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 22.11.2018 21:54:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kolez\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17134.0)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy

7,89 Gb Total Physical Memory | 3,94 Gb Available Physical Memory | 50,01% Memory free
9,39 Gb Paging File | 5,12 Gb Available in Paging File | 54,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222,24 Gb Total Space | 4,73 Gb Free Space | 2,13% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-7V20NCE | User Name: kolez | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64_nvo.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64_nvo.exe" "%1" (MPC-HC Team)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Napisy24] -- "C:\Program Files (x86)\Napisy24\Napisy24.exe" "%1" (Napisy24.pl)
Directory [OpenSubtitles] -- Reg Error: Key error.
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64_nvo.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64_nvo.exe" "%1" (MPC-HC Team)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Napisy24] -- "C:\Program Files (x86)\Napisy24\Napisy24.exe" "%1" (Napisy24.pl)
Directory [OpenSubtitles] -- Reg Error: Key error.
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 3C 7C 5B DD 8D E7 D3 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{135F689D-EEDE-407E-83C6-05C40E73FB39}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\opera\56.0.3051.104\opera.exe |
"{2806D510-4212-4A3A-84F9-7342A2AC5712}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\opera\56.0.3051.99\opera.exe |
"{46F15E92-954B-4EC0-B063-CAFAF505F731}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{64C43602-4AC4-4173-97D0-CE16015952FB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007D20A4-6E99-4B5D-9057-608EFAA8BD9E}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{03B51B77-19B6-48F5-9300-BFD8952AF591}" = dir=out | name=@{microsoft.accountscontrol_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{05527E7F-2655-411B-BEBC-B9D4F4355A9D}" = dir=out | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{05F5B22C-55A2-477D-8157-5BEDF8643C36}" = dir=out | app=c:\games\world_of_tanks\worldoftanks.exe |
"{063F5B12-675D-4AF0-9D49-0EDD061E6B34}" = protocol=6 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe |
"{07107C45-E8BC-4314-A4B8-C351642B8DC9}" = dir=out | name=@{microsoft.zunevideo_10.18082.13811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{075868B7-A56B-4658-82AC-46B859314727}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{0BBEA2ED-78D2-4130-B63B-42E76F353419}" = dir=in | name=roblox |
"{0BECFCF8-C856-4468-BBEF-F05F6327D483}" = dir=out | name=@{microsoft.xboxidentityprovider_12.45.6001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{0C253620-CA50-484B-9E9D-636BC1C96389}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{0C2E88EC-3E98-45C7-A0CD-381033F168A0}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1805.2331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{0C4F996A-4329-4D2B-943B-87F5B0A7BCF9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0D7F5090-0274-49C0-AF28-9D99B1AF4A6E}" = dir=in | name=microsoft sticky notes |
"{10C19989-3114-4264-87FF-00A3C1DBF2FA}" = dir=out | name=print 3d |
"{1114A1C4-2930-49EF-9FD6-9DF657200294}" = dir=out | name=@{microsoft.bingweather_4.26.12153.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{11D82D19-F8EB-451E-9CFA-8B0459DA524E}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\dpdecoder.exe |
"{1256B5FC-270F-4013-8A46-23C4AC9681DD}" = dir=out | name=microsoft sticky notes |
"{12663F66-0585-438B-8F3E-A2124F454B56}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{14CF1301-8B1E-4711-81E2-50DF17CD8209}" = dir=out | name=windows_ie_ac_001 |
"{164300C8-FA9A-4FC5-91D9-0082BDF398E8}" = dir=in | name=@{microsoft.messaging_4.1810.2922.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{169AED07-CDC6-49D7-9B31-213BCF47CDED}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{16DB2BE0-1F2D-4A77-8842-559E02E909CC}" = dir=out | name=@{microsoft.messaging_4.1810.2922.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{1702E5D2-5F33-43F3-B8AC-49DAFFFE482B}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{184AFEF9-2A47-49C7-9290-BC2ED319E8ED}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{1859F472-1301-4731-9A55-609C07E2C097}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{1880ACF2-BEAF-44A9-907F-5E1821767B00}" = dir=in | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1A14E74F-0384-4E94-8728-CB5AB074C093}" = protocol=6 | dir=in | app=c:\users\kolez\appdata\roaming\utorrent\utorrent.exe |
"{1DA979EF-0880-4328-B0A9-26326C3B6CF9}" = dir=out | name=autodesk sketchbook |
"{1F01E0E4-96CE-4CF5-8CC4-09C0FDF54279}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\resolve.exe |
"{252C08DC-57A9-4EAA-9720-6311702A4453}" = dir=out | name=@{microsoft.gethelp_10.1706.12921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{26D62F75-462B-466E-BD1B-CB4DA6561F84}" = dir=out | name=@{microsoft.windowsmaps_5.1809.2762.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{2847E290-34ED-45BE-AD6D-17165B13DE25}" = dir=out | name=xbox game bar |
"{2865575C-F0B1-4805-B67D-D1340C7AA545}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{2B910CFA-C283-453D-B146-9AB072BFBAEF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2BAEE13D-659B-456D-BF57-719210A4BCF5}" = dir=out | name=candy crush soda saga |
"{2DB6A7DE-3527-4740-8C7F-16AA07F5FA2A}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{2EF8BAC6-2D7F-4FAF-BFD6-5B3A194DEE5A}" = dir=out | name=onenote |
"{2F2943A1-5FF1-40CC-BD11-A317079205B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities_skylines\cities.exe |
"{2FA7A8C1-105A-42B1-A473-7A8959AE629A}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{30D1F4E0-88B8-4C6F-9378-BDF70690CD52}" = protocol=6 | dir=in | app=c:\program files\microsoft office\root\office16\lync.exe |
"{31D775D7-06EA-4E29-902B-52F7BBAB9878}" = protocol=17 | dir=in | app=c:\users\kolez\appdata\roaming\utorrent\utorrent.exe |
"{33CC0A2B-7612-4710-82D7-4C7B13548031}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{347435CD-F15B-48B5-91E0-D4AC43263914}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1805.2331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{35D0D625-729B-4DA0-8F38-F4994A2EFFCA}" = dir=out | name=skype |
"{36484C03-014D-44C0-A96D-5E34A6B4B3D8}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\cenzura!.exe |
"{36F40E2F-F882-45AA-A256-115F3786B9E1}" = dir=out | name=@{microsoft.storepurchaseapp_11810.1001.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{37516039-F5CB-4507-921E-44FC2B95611A}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{37AD96B7-984D-447D-8411-FB9251AE9A81}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{389D01CE-6193-4E6C-BA14-19B0BD616DA5}" = dir=out | name=print 3d |
"{3A5F31A9-71A7-48AA-A15E-15A7E1512F34}" = dir=out | name=xbox tcui |
"{3C029831-EEE5-4DE7-B80D-8949FA9D3DFD}" = dir=out | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{3CD424BB-6041-4DC3-BC92-0B9AEE84DE44}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{3E93F8D7-C764-4CF4-A750-F6135C00D07A}" = dir=in | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{3F550AF3-624D-4E2C-876D-8199F568F712}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{41637D49-14E2-41DC-8754-D8835066AF86}" = dir=out | name=win32webviewhost |
"{417D0CDA-D04F-4C49-B216-B74968D11D04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{41D4294D-79EB-4EC8-B5F6-77FFD3EC787D}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{42A34BCD-4E0A-416E-81AA-72E0D39E5E39}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{43385CB0-AF93-43A9-9A10-557E54A01148}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{43CA2ABE-4A3B-4403-9A78-6F39BA91E790}" = dir=out | name=xbox game bar |
"{4422B1F4-E899-408B-8554-0FEA8D91F8D1}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{443E2A76-9B82-4790-B9C3-18E8DE999542}" = dir=in | name=microsoft solitaire collection |
"{47608E4A-880D-4219-81B9-A8ABDB15BCA1}" = dir=out | name=@{microsoft.bingnews_4.27.2643.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithtagline} |
"{4861A4C4-3030-4218-9327-5C97D60E6E79}" = protocol=17 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe |
"{498AFD69-0A04-4D51-AF8A-E712F4674AA3}" = dir=out | name=@{microsoft.accountscontrol_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{4AE9BF64-BD25-41B0-A645-ACD1317AD54E}" = dir=out | name=3d builder |
"{4B8B5015-B612-4A35-94F0-255F7BA9B8AC}" = dir=out | name=roblox |
"{4DAD9DC0-030A-4FA9-9A7A-ECAB03E0933D}" = dir=in | name=onenote |
"{4F264664-5604-4FB3-B49F-B8428EAEFC45}" = dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"{4FC05088-CE97-4A9F-8F35-384EC2B25490}" = dir=out | name=@{microsoft.zunemusic_10.18091.10321.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{518AF86E-11FB-40A0-B00E-6372FEA578F8}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{53129921-E3E9-4D99-BA3C-BC00FC663A36}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\jlcooperpaneldaemon.exe |
"{5599EDCF-41F8-4A86-92E8-DDA8827398FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{567656F3-EFDB-4C51-865D-E60F471F21E3}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.20921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{5739E9B0-86E5-46D3-A742-6B009CDD6306}" = dir=out | name=@{microsoft.people_10.1808.2473.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{57964669-742A-414C-B152-B3F8FBFA8C1C}" = dir=out | name=microsoft pay |
"{5890DE80-E980-4DB9-8951-DA7D10BF1F08}" = dir=in | name=@{microsoft.windowsstore_11810.1001.12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{5C023164-351F-4987-8E14-B5B8E935D1E7}" = dir=out | name=minecraft for windows 10 |
"{5C1A7A9F-204E-463A-9487-4DD79E737461}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{5D81CCB9-A8A7-4464-ADF3-887AB5189D51}" = dir=out | name=roblox |
"{5DFD4C69-D430-4DDA-8B41-45FE33900836}" = dir=in | name=microsoft solitaire collection |
"{5E16F3DF-1963-406A-927F-D6EA5D2EEF83}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\bmdpaneld.exe |
"{60C45501-7EF6-42D0-8FEC-053A276AC68C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{610E4D97-DB0F-44B3-8A26-AA8A72C6878B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{61BE89B6-6B7F-4639-ACDA-0ADD5E39BEC4}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{634A1CB0-82E1-4EAC-AE95-6AE91FB6DF8C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\lync.exe |
"{63C9A964-46EB-4D99-834A-0570A2070682}" = dir=out | name=@{microsoft.windowscalculator_10.1809.2731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{63FEBFB9-766E-4463-A6D2-59F1AAEAD208}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1805.2331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{67020616-13AD-4D2B-90DA-F353B1A824A4}" = dir=in | name=print 3d |
"{68C00545-403D-4C02-90D0-88DC9605B081}" = dir=in | name=@{a278ab0d.disneymagickingdoms_3.4.2.1_x86__h6adky7gbf63m?ms-resource://a278ab0d.disneymagickingdoms/resources/applicationname} |
"{6A806785-0F6B-48FF-90FB-7809CCA90F55}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe |
"{6B48FC7C-A72C-42A3-A654-7EB65D8442BF}" = dir=in | name=xbox |
"{6ECBE953-C151-4408-A2A8-200401629084}" = dir=out | name=@{microsoft.zunemusic_10.18091.10321.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{6F646C2D-776D-4F7C-9CAD-BF0EBC18EDF3}" = dir=out | name=xbox |
"{706369AA-07E4-48C0-9203-650E1DE56E9C}" = dir=out | name=shell input application |
"{70B3565F-74AB-4BA2-9ED0-4E040073095D}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{72166897-2DD7-4E53-98BD-F65FC7007CF6}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\euphonixpaneldaemon.exe |
"{72493C8B-754E-42DA-9C11-98208AB4DB9C}" = dir=out | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{72AB32A6-30E7-4B0D-A076-D7BBFCD36E9D}" = dir=out | name=win32webviewhost |
"{77BD240D-5C28-4A48-B457-4512334962D2}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{798BA48A-2C99-4981-9BA1-C7CC13E43BAD}" = dir=out | name=@{king.com.bubblewitch3saga_4.12.7.0_x86__kgqvnymyfvs32?ms-resource://king.com.bubblewitch3saga/resources/appname} |
"{7AF389F8-45AA-47CB-B687-7B8C39994E89}" = dir=out | name=@{microsoft.storepurchaseapp_11810.1001.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{7CE5F7DF-5A3A-491D-BC91-3C2B95EF9260}" = dir=out | name=microsoft pay |
"{7D46EE6E-A51F-40B9-96C8-E7A03D1018E0}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{7D82622B-6F58-442D-A1BC-9788BB9A15F2}" = dir=out | name=plex |
"{7DCCA67B-0FE3-4CD7-AF7C-CF4B56424223}" = dir=out | name=skype |
"{7DE6E7D2-6CF9-44B2-A9DC-1DD38B0D9424}" = dir=in | name=print 3d |
"{7EE7636D-679A-4FD2-940E-6CB724F55055}" = dir=out | name=@{microsoft.people_10.1808.2473.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{7FC5A2B0-F2FB-4807-A4BB-68A674F64223}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{8075297A-C893-4D3F-A468-BEDDD37083EC}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{80F3C8C9-F16D-42A5-96C5-4B04F3A417D7}" = dir=out | name=@{microsoft.microsoft3dviewer_5.1810.23012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{81120A7B-58D4-4DF8-9401-C3DAC886BC2E}" = dir=out | name=@{microsoft.bingweather_4.26.12153.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{84186578-BA73-4A84-8387-A20443DD7EF3}" = dir=in | name=@{microsoft.zunevideo_10.18082.13811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8484A8D8-FDF0-4442-A8E4-50BA2E630537}" = dir=out | name=@{microsoft.messaging_4.1810.2922.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{849A1250-EE1A-4B39-892F-E12297524D4D}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{85B97EED-7C92-478C-AD86-0315E358A468}" = dir=in | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{87548F60-567D-4EF8-8707-5D5578A31313}" = dir=in | name=roblox |
"{87770FFE-C703-4CA5-9793-04D6987D6147}" = dir=out | name=@{microsoft.windowsstore_11810.1001.12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{8B8581C0-F3BC-42FC-AB2C-8623C5D30A8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{8C51B1D1-2BDE-42AF-A5FB-87D8CDB904A7}" = dir=out | name=@{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{8D297444-07F7-4049-A667-B2D1D80FC6DF}" = dir=out | name=@{microsoft.mspaint_5.1809.1017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{8D9B32B8-F82F-4D94-B9F2-1B9726E386D1}" = dir=in | name=skype |
"{8DA7DB5A-24BF-4B7F-8291-C6F43DA0D755}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{8DCEA07C-B83A-4670-B427-B820AFCF01EE}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{8F29AE5E-400C-4AB4-ABF8-FC8FA021E68F}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{9198A658-E17F-4DFB-B374-53519C701766}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{924CAAEF-1AAF-42AC-8811-D88CAF5E38F3}" = dir=out | name=@{microsoft.windows.photos_2018.18091.17210.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{95BBD520-5B87-4F0F-A8A1-2AE2BEE83513}" = dir=in | name=autodesk sketchbook |
"{96428DFB-7906-459D-8ADB-43560A0C01A7}" = dir=out | name=xbox gaming overlay |
"{965DA7D0-CB48-4E72-B1E3-3CDAFF3055EC}" = dir=out | app=c:\games\world_of_tanks\wotlauncher.exe |
"{966E91B6-3BC8-4092-9FAE-5BE9B59C22AD}" = dir=in | name=plex |
"{96BFDFE1-FE1E-47BB-BBF1-3BACC95E3E17}" = dir=in | name=@{microsoft.zunemusic_10.18091.10321.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{98D3F947-CA52-4750-B2DD-2BA4915FDE90}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\elementspaneldaemon.exe |
"{99243534-80D4-4D1A-9738-7029AA2880A5}" = dir=in | name=xbox |
"{99F1AD24-58B6-4082-B04B-AEB6A8169C7D}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{9B9C9551-951C-4023-8615-E2A823218E93}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{9C6463DF-DC43-455F-A7BA-204486CC6524}" = dir=out | name=@{microsoft.windowsstore_11810.1001.12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{9DD818E4-D712-49A7-B6AC-E895926528CB}" = dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"{A179BB61-BB72-4B67-8504-55C7C7D736E4}" = protocol=17 | dir=in | app=c:\program files\waterfox\waterfox.exe |
"{A3443910-31D0-4C16-B204-F2643D99E476}" = dir=out | name=onenote |
"{A38203B7-E38E-4D97-8B78-3BC5DDED9694}" = dir=out | name=candy crush soda saga |
"{A3F7F4B6-6365-4A95-9D6A-9B3349D29970}" = dir=out | name=@{microsoft.windows.photos_2018.18091.17210.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{A47F7932-853B-400A-A6FB-B05D87984307}" = dir=out | name=microsoft sticky notes |
"{A5B7282E-452C-489A-8EC2-CB917B686772}" = dir=out | name=@{microsoft.mspaint_5.1809.1017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{A6434B0D-AB59-493B-B9E1-A32440EB2216}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{A7138DC6-BAE5-4900-949C-CFAA7EB806BF}" = dir=out | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A730F207-7B4B-4F86-86CF-77AB2EF05D06}" = dir=in | name=@{microsoft.windowsstore_11810.1001.12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{A9ACC83C-DDD3-4DD4-AA01-83EB33A0CF0A}" = dir=in | name=minecraft for windows 10 |
"{AAB8B4B9-9A47-4A65-990A-C898B0348E6B}" = dir=in | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{ACEC4D79-0A84-475B-A21B-7382233C68A3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\root\office16\ucmapi.exe |
"{AD723F30-9A11-432F-BCE7-F3B4582D9678}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{AE98B2B3-6173-4834-B221-8E3CCE49FF98}" = dir=in | app=c:\programdata\blackmagic design\davinci resolve\support\qtdecoder\qtdecoder.exe |
"{B0002365-A88E-4B56-9B68-D5D2606F5828}" = dir=in | name=skype |
"{B260FA30-08BD-43AC-A1AC-C6921E396CF1}" = dir=out | name=autodesk sketchbook |
"{B27E9886-989E-4F86-8067-C3784E4E40C9}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.20921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{B3214E03-5822-4C10-A403-EF378E312A1F}" = dir=out | name=@{king.com.bubblewitch3saga_4.12.7.0_x86__kgqvnymyfvs32?ms-resource://king.com.bubblewitch3saga/resources/appname} |
"{B3242F0A-6E14-4923-B8C9-4D167D9E200C}" = dir=in | name=microsoft sticky notes |
"{B55FBCAB-66C4-48B2-9FEB-8D8E2D06EA4E}" = dir=in | name=@{microsoft.windows.photos_2018.18091.17210.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{B5BE3A97-49E9-4326-9AC0-EB5338750E77}" = dir=out | name=@{microsoft.windowscalculator_10.1809.2731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{B6BC4621-246F-47D3-9196-D1C48D927F9A}" = dir=out | name=@{microsoft.gethelp_10.1706.12921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{B6C89363-EFAE-4F84-96AA-434721387482}" = protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\ucmapi.exe |
"{B826A737-3795-4617-9E35-A61202666264}" = dir=out | name=@{microsoft.windowsmaps_5.1809.2762.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{BA93EFC4-6DAE-4499-8914-9D535E6B5324}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.20921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{BB8D2705-8A43-4D62-B45E-0C0D707792CB}" = dir=out | name=xbox |
"{BEBF5755-A138-4C62-8E85-668F28197A5B}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{C126E5E8-391A-4476-B95C-2453391F108E}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.20921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{C1FC770A-B029-4488-B353-27A7A2C1ECCD}" = dir=in | name=win32webviewhost |
"{C302D1BE-DB94-425A-AA5F-2A4097F82316}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{C55F10C2-4D6B-41EE-ABE1-CCAE51BD00F2}" = dir=out | name=@{microsoft.getstarted_6.15.12641.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{C56CA5DA-CDAF-4456-A469-4146974369F2}" = dir=in | name=autodesk sketchbook |
"{C66BAD3B-11D3-4358-B3A7-DA23BEEA3FAF}" = dir=out | name=@{microsoft.bingnews_4.27.2643.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithtagline} |
"{C7806A62-00EA-487E-8918-6B5A869CF327}" = dir=in | name=@{microsoft.oneconnect_5.1809.2571.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{CA502507-2DA6-448F-B8BA-5B905148B049}" = dir=in | name=onenote |
"{CDD83FC7-8A26-4499-B9F0-B9ACEF2ADEE1}" = protocol=6 | dir=in | app=c:\program files\waterfox\waterfox.exe |
"{D0AF28E7-A5FE-487A-A1CC-D61DFFB8F106}" = dir=in | name=win32webviewhost |
"{D0D01E4E-D664-4E58-95B5-DF20D872B6C3}" = dir=out | name=@{microsoft.windowscamera_2018.824.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/resources/appstorename} |
"{D1404EEF-353D-4533-BEFB-839657D7B892}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{D342AD21-51BF-4DBA-99BE-541C1680F581}" = dir=out | name=@{microsoft.microsoft3dviewer_5.1810.23012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{D3942D6B-BD09-4428-882C-1EF2986C4727}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{D62A36B9-6D4C-4293-AC53-6EAF5B351ECF}" = dir=out | name=microsoft solitaire collection |
"{D694C1C1-1A33-415F-A4BD-08F2C855CEE2}" = dir=out | name=xbox gaming overlay |
"{D6C55DED-62B3-4FC4-818E-455815CC5E11}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{D75DF91B-69BC-49BC-8659-0B23D6EA5695}" = dir=out | name=@{microsoft.oneconnect_5.1809.2571.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{D7C75B11-BC7C-40EE-8233-D55F4E25FCCD}" = dir=in | name=@{microsoft.messaging_4.1810.2922.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{D83D68DC-9F51-4DA0-B74E-90F9EE4E8051}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{D873089E-3F96-4749-854B-9C527E61403A}" = dir=out | name=@{microsoft.xboxidentityprovider_12.45.6001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{D9605246-B0E4-4CD1-B367-E32FACFDCE71}" = dir=out | name=microsoft solitaire collection |
"{DBAE370A-3D82-42D4-8D59-8D4C0A446F07}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{DD1410EA-160D-4C09-8246-1423F07AE13B}" = dir=out | name=@{a278ab0d.disneymagickingdoms_3.4.2.1_x86__h6adky7gbf63m?ms-resource://a278ab0d.disneymagickingdoms/resources/applicationname} |
"{DF3B9A60-60F3-4799-9D3C-024582258FD3}" = dir=out | name=3d builder |
"{E2642402-B3B0-4130-B942-03C77A7B897C}" = dir=out | name=@{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{E29690B2-6F4C-44AA-8FC5-8FE55F6A1A9D}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{E2AA2848-CFB8-4609-9721-22E3F22E20EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{E344C7F3-61D5-4184-841E-7CB2AC89D81C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E463722F-C36A-4BD5-BBC3-732124CD957C}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{E553FBC8-26D6-4A99-8638-4A8ADD639773}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\oxygenpaneldaemon.exe |
"{EC21A621-9E3F-43D0-9871-4A38CE5E8BD0}" = dir=out | name=@{microsoft.windowscamera_2018.824.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/resources/appstorename} |
"{ECF28480-F704-4609-B824-7E904410426C}" = dir=in | app=c:\program files\blackmagic design\davinci resolve\tangentpaneldaemon.exe |
"{ED2EFA74-5CD2-4223-B60E-64F35FFF1CAA}" = dir=out | name=@{microsoft.zunevideo_10.18082.13811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F0326CAF-DF2F-4F97-9572-AABD442962A6}" = dir=out | name=xbox tcui |
"{F04FFE45-4EFA-486D-A443-89280DE6A2B0}" = dir=in | name=@{microsoft.zunevideo_10.18082.13811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F1B79BDB-38AD-470D-B5A0-C87371C56D79}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1805.2331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{F26ADF4A-DD8E-4FC0-822F-781922FA0B77}" = dir=out | name=@{microsoft.getstarted_6.15.12641.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{F439D48D-C190-4EC1-B32C-C2AB7C0849E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities_skylines\cities.exe |
"{F5DDDBE4-7957-4FAC-A44C-3D8654E5A81A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F795FA15-EF3E-4896-B818-F05BE0DB063E}" = dir=in | name=@{microsoft.windows.photos_2018.18091.17210.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{F7A5F033-7786-4E18-8764-F9917104F5F6}" = dir=out | name=shell input application |
"{F8AFAF05-1834-4627-BA25-15B214DDE3E0}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{F9FB167C-D562-43E2-9124-9630CB1BEE6B}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{FB51AB0E-EEA8-49EB-8227-F1CE72FA535B}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{FF04336A-0A1C-4CA9-96B3-6A921FD040B3}" = dir=in | name=@{microsoft.zunemusic_10.18091.10321.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"TCP Query User{07550DB9-AF74-4815-BEED-7FCA7C171796}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" = protocol=6 | dir=in | app=c:\program files\blackmagic design\davinci resolve\dpdecoder.exe |
"TCP Query User{0ED331AD-48FB-452D-BF69-467D4CC62821}C:\program files\blackmagic design\davinci resolve\resolve.exe" = protocol=6 | dir=in | app=c:\program files\blackmagic design\davinci resolve\resolve.exe |
"TCP Query User{371D21B5-EF1E-49B3-90D1-248F101F1C87}C:\program files\blackmagic design\davinci resolve\fuscript.exe" = protocol=6 | dir=in | app=c:\program files\blackmagic design\davinci resolve\fuscript.exe |
"TCP Query User{3C948245-43B9-4DA9-A269-71272F84C4BA}C:\program files\blackmagic design\davinci resolve\fuscript.exe" = protocol=6 | dir=in | app=c:\program files\blackmagic design\davinci resolve\fuscript.exe |
"TCP Query User{4A031316-9EB3-4611-AA2B-1CA1313CE9F2}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe" = protocol=6 | dir=in | app=c:\program files (x86)\allplayer remote\allplayerremotecontrol.exe |
"TCP Query User{6F6864FF-EBB6-4871-922E-E0A7B02DAFDB}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe" = protocol=6 | dir=in | app=c:\program files (x86)\allplayer remote\allplayerremotecontrol.exe |
"UDP Query User{555E7F9A-0E25-4F97-BA8C-EEC6337A7E41}C:\program files\blackmagic design\davinci resolve\fuscript.exe" = protocol=17 | dir=in | app=c:\program files\blackmagic design\davinci resolve\fuscript.exe |
"UDP Query User{677CA607-DD1D-43F0-9EFE-5475496B6AA9}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" = protocol=17 | dir=in | app=c:\program files\blackmagic design\davinci resolve\dpdecoder.exe |
"UDP Query User{6E531807-7BE3-4A20-A976-8BA248811A82}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe" = protocol=17 | dir=in | app=c:\program files (x86)\allplayer remote\allplayerremotecontrol.exe |
"UDP Query User{78E24946-1D13-4A04-A44A-2B21822940E5}C:\program files\blackmagic design\davinci resolve\resolve.exe" = protocol=17 | dir=in | app=c:\program files\blackmagic design\davinci resolve\resolve.exe |
"UDP Query User{E0FA67B2-E3C6-44B4-97F9-F58FC6D65268}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe" = protocol=17 | dir=in | app=c:\program files (x86)\allplayer remote\allplayerremotecontrol.exe |
"UDP Query User{E66B69DA-C2B9-44B0-BD47-B6838B1982DC}C:\program files\blackmagic design\davinci resolve\fuscript.exe" = protocol=17 | dir=in | app=c:\program files\blackmagic design\davinci resolve\fuscript.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}" = Apple Application Support (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F64180151F0}" = Java 8 Update 151 (64-bit)
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3B8EFDB9-9F0A-408D-8293-76C36F3D5F18}" = iTunes
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEE6A85-BB93-49AB-8927-F1D780BB6727}" = iCloud
"{6100A75E-288E-11E8-8920-00155D6306C5}" = MSVCRT Redists
"{68972948-F221-4267-9EB6-2EB5D913C4CF}_is1" = ALLPlayer (wersja 8.2)
"{7B50D081-E670-3B43-A460-0E2CDB5CE984}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90160000-007E-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-008C-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0415-1000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}" = Image Composite Editor
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B0169E83-757B-EF66-E2F0-391944D785BC}" = Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
"{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}" = DaVinci Resolve Panels
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 388.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 388.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{DFFEB619-5455-3697-B145-243D936DB95B}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918
"CNXT_AUDIO_HDA" = Conexant HD Audio
"O365ProPlusRetail - pl-pl" = Microsoft Office 365 ProPlus - pl-pl
"Steam App 255710" = Cities: Skylines
"Steam App 304390" = For Honor
"VulkanRT1.0.61.0" = Vulkan Run Time Libraries 1.0.61.0
"Waterfox 56.2.5 (x64 en-US)" = Waterfox 56.2.5 (x64 en-US)
"WinRAR archiver" = WinRAR 5.40 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{26A24AE4-039D-4CA4-87B4-2F32180161F0}" = Java 8 Update 161
"{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}" = Apple Application Support (32-bit)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{670D6292-74C1-4BFD-A0E1-38E9D58AC644}" = Norma Pro - wersja edukacyjna
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1" = e-pity 9.2.12 za rok 2017
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A30EA700-5515-48F0-88B0-9E99DC356B88}" = Apple Software Update
"{AC76BA86-0804-1033-1959-001824298644}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1045-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Polish
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B5FC62F5-A367-37A5-9FD2-A6E137C0096F}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BD9CFD69-EB91-354E-9C98-D439E6091932}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1" = Napisy24
"{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"ACDSee Free" = ACDSee Free
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player NPAPI" = Adobe Flash Player 31 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 31 PPAPI
"Google Chrome" = Google Chrome
"ILST_22_0_1" = Adobe Illustrator CC 2018
"KLiteCodecPack_is1" = K-Lite Codec Pack 13.5.5 Full
"NapiProjekt_is1" = NapiProjekt (2.2.0.2399)
"OpenTX Companion 2.2" = OpenTX Companion 2.2
"Opera 56.0.3051.104" = Opera Stable 56.0.3051.104
"Shotcut" = Shotcut
"Steam" = Steam

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1" = World of Tanks
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.11.2018 15:40:22 | Computer Name = DESKTOP-7V20NCE | Source = Office 2016 Licensing Service | ID = 0
Description =

Error - 17.11.2018 16:45:03 | Computer Name = DESKTOP-7V20NCE | Source = Office 2016 Licensing Service | ID = 0
Description =

Error - 18.11.2018 10:57:58 | Computer Name = DESKTOP-7V20NCE | Source = Office 2016 Licensing Service | ID = 0
Description =

Error - 20.11.2018 10:07:21 | Computer Name = DESKTOP-7V20NCE | Source = Office 2016 Licensing Service | ID = 0
Description =

Error - 20.11.2018 10:57:58 | Computer Name = DESKTOP-7V20NCE | Source = Office 2016 Licensing Service | ID = 0
Description =

Error - 21.11.2018 12:34:32 | Computer Name = DESKTOP-7V20NCE | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe_MapsBroker, wersja:
10.0.17134.1, sygnatura czasowa: 0xa38b9ab2 Nazwa modułu powodującego błąd: unknown,
wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0x8400000e Przesunięcie
błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x40fc Godzina
uruchomienia aplikacji powodującej błąd: 0x01d481b7e7465cd7 Ścieżka aplikacji powodującej
błąd: C:\WINDOWS\System32\svchost.exe Ścieżka modułu powodującego błąd: unknown Identyfikator
raportu: 961a682a-9daf-4e9a-ba57-f682d0650a2e Pełna nazwa pakietu powodującego błąd:
? Identyfikator aplikacji względem pakietu powodującego błąd: ?

Error - 21.11.2018 12:35:53 | Computer Name = DESKTOP-7V20NCE | Source = Office 2016 Licensing Service | ID = 0
Description =

Error - 21.11.2018 15:39:45 | Computer Name = DESKTOP-7V20NCE | Source = COM | ID = 10031
Description =

Error - 21.11.2018 15:39:45 | Computer Name = DESKTOP-7V20NCE | Source = COM | ID = 10031
Description =

Error - 22.11.2018 11:47:15 | Computer Name = DESKTOP-7V20NCE | Source = Office 2016 Licensing Service | ID = 0
Description =

[ System Events ]
Error - 21.11.2018 23:34:06 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 07:57:58 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 08:00:20 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 08:00:35 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 08:00:37 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 08:01:50 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 08:19:37 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 16:51:10 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 16:52:12 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =

Error - 22.11.2018 16:52:13 | Computer Name = DESKTOP-7V20NCE | Source = DCOM | ID = 10016
Description =


< End of report >
kolezka1
~user
 
Posty: 3
Dołączenie: 22 Lis 2018, 23:00



Komputer strasznie długo sie uruchamia

Postprzez ordynat 22 Lis 2018, 23:10

Nie widzę tu żadnej infekcji.
Daj jeszcze, na wszelki wypadek, logi z FRST > http://forum.programosy.pl/frst-otl-zoek-vt139692.html
Przed skanem zaznacz "Addition.txt".

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Komputer strasznie długo sie uruchamia

Postprzez kolezka1 22 Lis 2018, 23:17

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21.11.2018
Uruchomiony przez kolez (administrator) DESKTOP-7V20NCE (22-11-2018 22:15:44)
Uruchomiony z C:\Users\kolez\Downloads
Załadowane profile: kolez (Dostępne profile: kolez & kolbartek squla)
Platform: Windows 10 Home Wersja 1803 17134.407 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.230\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(OldTimer Tools) C:\Users\kolez\Downloads\OTL_[www.programosy.pl].exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804360 2016-03-22] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-10] (Valve Corporation)
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-22] (Apple Inc.)
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer.org)
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3990528 2018-02-02] (Napisy24.pl)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61
Tcpip\..\Interfaces\{054157f5-6292-481f-9027-e69714f2913d}: [DhcpNameServer] 62.179.1.60 62.179.1.61
Tcpip\..\Interfaces\{3062a044-72b7-4e17-8ae8-273a9403b30f}: [DhcpNameServer] 62.179.1.60 62.179.1.61
Tcpip\..\Interfaces\{e517a30a-3cc1-41d2-b305-da936ebafe0a}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190
SearchScopes: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001 -> DefaultScope {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg01&p_w=y1w31&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__180904&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg01&p_w=y1w31&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-10-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-22] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-10-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-22] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-18] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-10-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-18] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-19] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: xnntxss3.default
FF ProfilePath: C:\Users\kolez\AppData\Roaming\Waterfox\Profiles\xnntxss3.default [2018-11-22]
FF Homepage: Waterfox\Profiles\xnntxss3.default -> hxxps://travelist.pl/search/channel:/dates:/dateElastic:0/price:0,1000/lat:0/lng:0/distance:25/sortType:/tour:false/tags:/page:1
FF Extension: (No Coin - Block miners on the web!) - C:\Users\kolez\AppData\Roaming\Waterfox\Profiles\xnntxss3.default\Extensions\{5657c026-efc3-4860-b43b-16e4eaa8a9aa}.xpi [2018-02-27]
FF Extension: (Adblock Plus – wersja rozwojowa) - C:\Users\kolez\AppData\Roaming\Waterfox\Profiles\xnntxss3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-11-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-21] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-22] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-19] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-21] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-23] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default [2018-11-07]
CHR Extension: (Prezentacje) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-23]
CHR Extension: (Dokumenty) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-23]
CHR Extension: (Dysk Google) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-23]
CHR Extension: (YouTube) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-23]
CHR Extension: (Arkusze) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29]
CHR Extension: (Betaflight - Configurator) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao [2018-08-30]
CHR Extension: (Adaware Secure) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2018-11-05]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-23]
CHR Extension: (e-pity - dodatek) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2018-08-23]
CHR Extension: (Gmail) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\kolez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-05]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (No Coin - Block miners on the web!) - C:\Users\kolez\AppData\Roaming\Opera Software\Opera Stable\Extensions\elbgaajlcmcdcjokedpklkpajmpchphb [2018-03-15]

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522520 2018-09-29] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-23] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-23] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.230\WsAppService.exe [493280 2017-09-27] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe" [X]

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [124928 2017-03-09] (ASUS Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31112 2017-05-03] (ASUS)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607512 2015-07-09] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2018-04-12] (Realtek Semiconductor Corporation )
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [44184 2012-07-20] (STMicroelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-23] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-10-23] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-23] (Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-11-22 22:15 - 2018-11-22 22:16 - 000022446 _____ C:\Users\kolez\Downloads\FRST.txt
2018-11-22 22:15 - 2018-11-22 22:15 - 002416640 _____ (Farbar) C:\Users\kolez\Downloads\FRST64.exe
2018-11-22 22:15 - 2018-11-22 22:15 - 000000000 ____D C:\FRST
2018-11-22 22:10 - 2018-11-22 22:11 - 236469804 _____ C:\Users\kolez\Downloads\Skladanki Hits vol.135 [SNP-TEAM].rar
2018-11-22 22:10 - 2018-11-22 22:11 - 156236431 _____ C:\Users\kolez\Downloads\Christmas EDM Party.rar
2018-11-22 21:58 - 2018-11-22 21:58 - 000108850 _____ C:\Users\kolez\Downloads\Extras.Txt
2018-11-22 21:57 - 2018-11-22 21:58 - 189827313 _____ C:\Users\kolez\Downloads\ODR77.rar
2018-11-22 21:57 - 2018-11-22 21:57 - 000275212 _____ C:\Users\kolez\Downloads\OTL.Txt
2018-11-22 21:55 - 2018-11-22 21:56 - 062296064 _____ C:\Users\kolez\Downloads\VA - Moja Skladanka vol.151-2018.rar.part
2018-11-22 21:55 - 2018-11-22 21:55 - 000000000 _____ C:\Users\kolez\Downloads\VA - Moja Skladanka vol.151-2018.rar
2018-11-22 21:53 - 2018-11-22 21:53 - 000602112 _____ (OldTimer Tools) C:\Users\kolez\Downloads\OTL_[www.programosy.pl].exe
2018-11-20 15:25 - 2018-11-20 15:28 - 663980998 _____ C:\Users\kolez\Downloads\narcosmek-s01e09-480p-x264-pl-p2p.mkv
2018-11-20 15:24 - 2018-11-20 15:27 - 749919505 _____ C:\Users\kolez\Downloads\narcosmek-s01e08-480p-x264-pl-p2p.mkv
2018-11-20 15:18 - 2018-11-20 15:23 - 766120715 _____ C:\Users\kolez\Downloads\narcosmek-s01e07-480p-x264-pl-p2p.mkv
2018-11-20 15:17 - 2018-11-20 15:22 - 824119239 _____ C:\Users\kolez\Downloads\narcosmek-s01e05-480p-x264-pl-p2p.mkv
2018-11-20 15:16 - 2018-11-20 15:18 - 674000055 _____ C:\Users\kolez\Downloads\narcosmek-s01e06-480p-x264-pl-p2p.mkv
2018-11-20 15:13 - 2018-11-20 15:15 - 671332009 _____ C:\Users\kolez\Downloads\narcosmek-s01e04-480p-x264-pl-p2p.mkv
2018-11-18 23:03 - 2018-11-18 23:03 - 000001776 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-11-18 23:03 - 2018-11-18 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-11-18 23:03 - 2018-11-18 23:03 - 000000000 ____D C:\Program Files\iTunes
2018-11-18 23:03 - 2018-11-18 23:03 - 000000000 ____D C:\Program Files\iPod
2018-11-18 23:01 - 2018-11-18 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-11-16 20:40 - 2018-11-16 20:40 - 000000000 ____D C:\Program Files\rempl
2018-11-15 21:38 - 2018-11-15 21:38 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-11-15 21:38 - 2017-12-04 20:19 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-11-15 21:38 - 2017-09-14 00:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-11-15 21:38 - 2017-09-14 00:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-11-15 21:38 - 2017-09-14 00:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-11-15 21:38 - 2017-09-14 00:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-11-13 21:55 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-13 21:55 - 2018-11-01 12:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-13 21:55 - 2018-11-01 12:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-13 21:55 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-13 21:55 - 2018-11-01 12:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-13 21:55 - 2018-11-01 12:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-13 21:55 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-13 21:55 - 2018-11-01 10:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-13 21:55 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-13 21:55 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-13 21:55 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-13 21:55 - 2018-11-01 08:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-13 21:55 - 2018-11-01 08:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-13 21:55 - 2018-11-01 08:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-13 21:55 - 2018-11-01 08:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-13 21:55 - 2018-11-01 08:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-13 21:55 - 2018-11-01 08:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-13 21:55 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-13 21:55 - 2018-11-01 08:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-13 21:55 - 2018-11-01 08:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-13 21:55 - 2018-11-01 08:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-13 21:55 - 2018-11-01 08:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-13 21:55 - 2018-11-01 08:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-13 21:55 - 2018-11-01 08:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-13 21:55 - 2018-11-01 08:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-13 21:55 - 2018-11-01 08:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-13 21:55 - 2018-11-01 08:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-13 21:55 - 2018-11-01 07:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-13 21:55 - 2018-11-01 07:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-13 21:55 - 2018-11-01 07:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-13 21:55 - 2018-11-01 07:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-13 21:55 - 2018-11-01 07:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-13 21:55 - 2018-11-01 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-13 21:55 - 2018-11-01 07:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-13 21:55 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-13 21:55 - 2018-11-01 07:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-13 21:55 - 2018-11-01 07:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-13 21:55 - 2018-11-01 07:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-13 21:55 - 2018-11-01 07:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-13 21:55 - 2018-11-01 07:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-13 21:55 - 2018-11-01 07:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-13 21:55 - 2018-11-01 07:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-13 21:55 - 2018-11-01 07:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-13 21:55 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-13 21:55 - 2018-11-01 05:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-13 21:55 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-13 21:55 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-13 21:55 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-13 21:55 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-13 21:55 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-13 21:55 - 2018-11-01 05:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-13 21:55 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-13 21:55 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-13 21:55 - 2018-11-01 05:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-13 21:55 - 2018-11-01 05:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-13 21:55 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-13 21:55 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-13 21:55 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-13 21:55 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-13 21:55 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-13 21:55 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-13 21:55 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-13 21:55 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-13 21:55 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-13 21:55 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-13 21:55 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-13 21:55 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-13 21:55 - 2018-10-21 14:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-13 21:55 - 2018-10-21 13:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-13 21:55 - 2018-10-21 13:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-13 21:55 - 2018-10-21 12:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-13 21:55 - 2018-10-21 12:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-13 21:55 - 2018-10-21 12:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-13 21:55 - 2018-10-21 09:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-13 21:55 - 2018-10-21 08:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-13 21:55 - 2018-10-21 08:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-13 21:55 - 2018-10-21 08:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-13 21:55 - 2018-10-21 08:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-13 21:55 - 2018-10-21 08:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-13 21:55 - 2018-10-21 08:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-13 21:55 - 2018-10-21 08:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-13 21:55 - 2018-10-21 08:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-13 21:55 - 2018-10-21 08:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-13 21:55 - 2018-10-21 08:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-13 21:55 - 2018-10-21 08:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-13 21:55 - 2018-10-21 07:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-13 21:55 - 2018-04-28 05:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-11-13 21:54 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-13 21:54 - 2018-11-01 12:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-13 21:54 - 2018-11-01 12:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-13 21:54 - 2018-11-01 12:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-13 21:54 - 2018-11-01 12:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-13 21:54 - 2018-11-01 12:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-13 21:54 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-13 21:54 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-13 21:54 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-13 21:54 - 2018-11-01 12:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-13 21:54 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-13 21:54 - 2018-11-01 12:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-13 21:54 - 2018-11-01 12:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-13 21:54 - 2018-11-01 12:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-13 21:54 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-13 21:54 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-13 21:54 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-13 21:54 - 2018-11-01 10:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-13 21:54 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-13 21:54 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-13 21:54 - 2018-11-01 08:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-13 21:54 - 2018-11-01 08:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-13 21:54 - 2018-11-01 08:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-13 21:54 - 2018-11-01 08:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-13 21:54 - 2018-11-01 08:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-13 21:54 - 2018-11-01 08:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-13 21:54 - 2018-11-01 08:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-13 21:54 - 2018-11-01 08:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-13 21:54 - 2018-11-01 08:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-13 21:54 - 2018-11-01 08:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-13 21:54 - 2018-11-01 08:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-13 21:54 - 2018-11-01 08:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-13 21:54 - 2018-11-01 08:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-13 21:54 - 2018-11-01 08:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-13 21:54 - 2018-11-01 08:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-13 21:54 - 2018-11-01 08:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-13 21:54 - 2018-11-01 08:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-13 21:54 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-13 21:54 - 2018-11-01 08:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-13 21:54 - 2018-11-01 08:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-13 21:54 - 2018-11-01 08:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-13 21:54 - 2018-11-01 08:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-13 21:54 - 2018-11-01 08:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-13 21:54 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-13 21:54 - 2018-11-01 08:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-13 21:54 - 2018-11-01 08:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-13 21:54 - 2018-11-01 08:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-13 21:54 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-13 21:54 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-13 21:54 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-13 21:54 - 2018-11-01 08:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-13 21:54 - 2018-11-01 08:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-13 21:54 - 2018-11-01 08:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-13 21:54 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-13 21:54 - 2018-11-01 08:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-13 21:54 - 2018-11-01 08:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-13 21:54 - 2018-11-01 08:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-13 21:54 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-13 21:54 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-13 21:54 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-13 21:54 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-13 21:54 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-13 21:54 - 2018-11-01 07:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-13 21:54 - 2018-11-01 07:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-13 21:54 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-13 21:54 - 2018-11-01 07:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-13 21:54 - 2018-11-01 07:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-13 21:54 - 2018-11-01 07:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-13 21:54 - 2018-11-01 07:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-13 21:54 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-13 21:54 - 2018-11-01 07:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-13 21:54 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-13 21:54 - 2018-11-01 07:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-13 21:54 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-13 21:54 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-13 21:54 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-13 21:54 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-13 21:54 - 2018-11-01 07:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-13 21:54 - 2018-11-01 07:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-13 21:54 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-13 21:54 - 2018-11-01 07:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-13 21:54 - 2018-11-01 07:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-13 21:54 - 2018-11-01 07:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-13 21:54 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-13 21:54 - 2018-11-01 07:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-13 21:54 - 2018-11-01 07:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-13 21:54 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-13 21:54 - 2018-11-01 07:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-13 21:54 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-13 21:54 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-13 21:54 - 2018-11-01 07:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-13 21:54 - 2018-11-01 06:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-13 21:54 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-13 21:54 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-13 21:54 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-13 21:54 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-13 21:54 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-13 21:54 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-13 21:54 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-13 21:54 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-13 21:54 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-13 21:54 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-13 21:54 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-13 21:54 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-13 21:54 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-13 21:54 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-13 21:54 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-13 21:54 - 2018-11-01 05:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-13 21:54 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-13 21:54 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-13 21:54 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-13 21:54 - 2018-11-01 05:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-13 21:54 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-13 21:54 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-13 21:54 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-13 21:54 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-13 21:54 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-13 21:54 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-13 21:54 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-13 21:54 - 2018-10-21 14:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-13 21:54 - 2018-10-21 14:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-13 21:54 - 2018-10-21 14:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-13 21:54 - 2018-10-21 14:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-13 21:54 - 2018-10-21 13:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-13 21:54 - 2018-10-21 13:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-13 21:54 - 2018-10-21 13:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-13 21:54 - 2018-10-21 13:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-13 21:54 - 2018-10-21 13:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-13 21:54 - 2018-10-21 13:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-13 21:54 - 2018-10-21 13:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-13 21:54 - 2018-10-21 13:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-13 21:54 - 2018-10-21 13:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-13 21:54 - 2018-10-21 13:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-13 21:54 - 2018-10-21 13:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-13 21:54 - 2018-10-21 13:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-13 21:54 - 2018-10-21 13:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-13 21:54 - 2018-10-21 12:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-13 21:54 - 2018-10-21 12:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-13 21:54 - 2018-10-21 12:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-13 21:54 - 2018-10-21 12:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-13 21:54 - 2018-10-21 12:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-13 21:54 - 2018-10-21 12:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-13 21:54 - 2018-10-21 12:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-13 21:54 - 2018-10-21 12:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-13 21:54 - 2018-10-21 12:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-13 21:54 - 2018-10-21 10:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-13 21:54 - 2018-10-21 08:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-13 21:54 - 2018-10-21 08:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-13 21:54 - 2018-10-21 08:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-13 21:54 - 2018-10-21 08:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-13 21:54 - 2018-10-21 08:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-13 21:54 - 2018-10-21 08:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-13 21:54 - 2018-10-21 08:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-13 21:54 - 2018-10-21 08:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-13 21:54 - 2018-10-21 08:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-13 21:54 - 2018-10-21 08:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-13 21:54 - 2018-10-21 08:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-13 21:54 - 2018-10-21 08:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-13 21:54 - 2018-10-21 08:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-13 21:54 - 2018-10-21 08:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-13 21:54 - 2018-10-21 08:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-13 21:54 - 2018-10-21 08:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-13 21:54 - 2018-10-21 08:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-13 21:54 - 2018-10-21 08:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-13 21:54 - 2018-10-21 08:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-13 21:54 - 2018-10-21 08:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-13 21:54 - 2018-10-21 08:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-13 21:54 - 2018-10-21 08:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-13 21:54 - 2018-10-21 08:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-13 21:54 - 2018-10-21 08:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-13 21:54 - 2018-10-21 08:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-13 21:54 - 2018-10-21 08:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-13 21:54 - 2018-10-21 08:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-13 21:54 - 2018-10-21 08:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-13 21:54 - 2018-10-21 08:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-13 21:54 - 2018-10-21 08:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-13 21:54 - 2018-10-21 08:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-13 21:54 - 2018-10-21 08:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-13 21:54 - 2018-10-21 08:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-13 21:54 - 2018-10-21 08:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-13 21:54 - 2018-10-21 08:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-13 21:54 - 2018-10-21 08:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-13 21:54 - 2018-10-21 08:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-13 21:54 - 2018-10-21 08:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-13 21:54 - 2018-10-21 08:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-13 21:54 - 2018-10-21 08:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-13 21:54 - 2018-10-21 08:18 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2018-11-13 21:54 - 2018-10-21 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-13 21:54 - 2018-10-21 08:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-13 21:54 - 2018-10-21 08:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-13 21:54 - 2018-10-21 08:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-13 21:54 - 2018-10-21 08:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-13 21:54 - 2018-10-21 08:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-13 21:54 - 2018-10-21 08:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-13 21:54 - 2018-10-21 08:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-13 21:54 - 2018-10-21 08:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-13 21:54 - 2018-10-21 08:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-13 21:54 - 2018-10-21 08:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-13 21:54 - 2018-10-21 08:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-13 21:54 - 2018-10-21 08:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-13 21:54 - 2018-10-21 08:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-13 21:54 - 2018-10-21 08:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-13 21:54 - 2018-10-21 08:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-13 21:54 - 2018-10-21 08:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-13 21:54 - 2018-10-21 08:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-13 21:54 - 2018-10-21 08:14 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-11-13 21:54 - 2018-10-21 08:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-13 21:54 - 2018-10-21 08:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-13 21:54 - 2018-10-21 08:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-13 21:54 - 2018-10-21 08:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-13 21:54 - 2018-10-21 08:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-13 21:54 - 2018-10-21 08:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-13 21:54 - 2018-10-21 08:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-13 21:54 - 2018-10-21 08:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-13 21:54 - 2018-10-21 08:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-13 21:54 - 2018-10-21 08:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-13 21:54 - 2018-10-21 07:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-13 21:54 - 2018-10-21 07:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-13 21:54 - 2018-10-21 07:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-13 21:54 - 2018-10-21 07:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-13 21:54 - 2018-10-21 06:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-13 21:54 - 2018-10-21 06:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-11 21:45 - 2018-11-11 21:45 - 000031907 _____ C:\Users\kolez\Downloads\power.s05.e08.a.friend.of.the.family.(2018).pol.1cd.(7484455).zip
2018-11-11 21:39 - 2018-11-11 21:39 - 000030625 _____ C:\Users\kolez\Downloads\power.s05.e08.a.friend.of.the.family.(2018).pol.1cd.(7463747).zip
2018-11-11 21:38 - 2018-11-16 20:36 - 000000000 ____D C:\Users\kolez\AppData\Local\D3DSCache
2018-11-10 08:56 - 2018-11-10 08:56 - 000011096 _____ C:\Users\kozio\Desktop\Kopia_harmonogram_dla_kandydatów_Lato_2018.xlsx
2018-11-09 21:20 - 2018-11-09 21:20 - 009805824 _____ C:\Users\kozio\Desktop\r64399L13.exe
2018-11-09 21:17 - 2018-11-09 21:17 - 000044183 _____ C:\Users\kozio\Desktop\Oświadczenie-rodzica-opiekuna-Targówek.pdf
2018-11-09 15:12 - 2018-11-09 15:12 - 001509147 _____ C:\Users\kozio\Documents\4255.pdf
2018-11-09 15:11 - 2018-11-09 15:11 - 001811169 _____ C:\Users\kozio\Documents\2771.pdf
2018-11-09 15:11 - 2018-11-09 15:11 - 001058524 _____ C:\Users\kozio\Documents\4244.pdf
2018-11-09 15:05 - 2018-11-09 15:05 - 000841993 _____ C:\Users\kozio\Documents\3802 (1).pdf
2018-11-09 15:04 - 2018-11-09 15:04 - 001051601 _____ C:\Users\kozio\Documents\3807.pdf
2018-11-09 14:43 - 2018-11-09 14:43 - 000841993 _____ C:\Users\kozio\Documents\3802.pdf
2018-11-09 14:10 - 2018-11-09 14:10 - 003206144 _____ C:\Users\kozio\Documents\1118.xls
2018-11-08 18:43 - 2018-11-08 18:43 - 000000000 ____D C:\Users\kozio\AppData\Local\D3DSCache
2018-11-06 21:34 - 2018-11-06 21:34 - 000377384 _____ C:\Users\kolez\Desktop\opentx-x7-multimodule-lua-en.bin
2018-11-06 21:25 - 2018-11-06 21:25 - 115889038 _____ C:\Users\kolez\Downloads\sdcard-taranis-x7-2.2V0018.zip
2018-11-06 21:24 - 2018-11-06 21:25 - 054624002 _____ C:\Users\kolez\Downloads\sdcard-taranis-x7-2.2V0018.zip.opdownload
2018-11-06 21:23 - 2018-11-06 21:23 - 000370364 _____ C:\Users\kolez\Desktop\opentx-x7-lua-pl.bin
2018-11-06 21:10 - 2018-11-06 21:10 - 000524288 _____ C:\Users\kolez\Desktop\backup#firmwa#taran.bin
2018-11-06 21:10 - 2018-11-06 21:10 - 000032768 _____ C:\Users\kolez\Desktop\backup_radio_taranis.bin
2018-11-05 15:49 - 2018-11-05 15:49 - 001206768 _____ (Adobe Systems Incorporated) C:\Users\kozio\Documents\flashplayer31ppau_hc_install.exe
2018-11-03 21:21 - 2018-11-10 21:36 - 000011020 _____ C:\Users\kolez\Desktop\Kopia URODZINY - PROGRESJA.xlsx
2018-11-02 19:36 - 2018-11-02 19:36 - 000000000 ____D C:\WINDOWS\Panther
2018-10-30 07:53 - 2018-11-21 22:20 - 000004700 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-30 07:53 - 2018-10-30 07:53 - 001206768 _____ (Adobe Systems Incorporated) C:\Users\kozio\Desktop\flashplayer31pp_fa_install.exe
2018-10-28 21:22 - 2018-10-28 21:22 - 000068565 _____ C:\Users\kolez\Downloads\etykieta_2018-10-28_21-22-34_7264.pdf

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2018-11-22 21:53 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-22 21:52 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-22 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-22 16:44 - 2018-05-09 12:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-22 12:59 - 2017-09-26 20:49 - 000000000 ____D C:\Users\kolez\AppData\LocalLow\Mozilla
2018-11-21 23:18 - 2018-05-09 12:55 - 000000000 ____D C:\Users\kolez
2018-11-21 23:18 - 2017-12-09 01:46 - 000000000 ____D C:\Users\kolez\AppData\Roaming\Wondershare
2018-11-21 23:18 - 2017-12-09 01:46 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-11-21 23:17 - 2017-12-01 19:25 - 000000000 ____D C:\Users\kolez\AppData\Local\Packages
2018-11-21 23:16 - 2018-07-31 11:41 - 000000000 ____D C:\Users\kolez\AppData\Local\{F4A2C2FE-D00A-AE46-BD92-8BAE99FA7736}
2018-11-21 23:16 - 2018-07-22 13:42 - 000000000 ____D C:\Program Files (x86)\pazera-software
2018-11-21 23:16 - 2017-12-23 13:14 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-21 23:15 - 2017-09-27 21:47 - 000000000 ____D C:\Program Files (x86)\ALLPlayer Remote
2018-11-21 22:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-21 22:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-21 17:36 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-21 17:35 - 2018-06-10 18:49 - 000000000 ___RD C:\Users\kolez\iCloudDrive
2018-11-21 17:35 - 2018-05-09 13:04 - 000004688 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-21 17:35 - 2017-09-27 11:15 - 000000000 ____D C:\Users\kolez\AppData\Local\Adobe
2018-11-21 17:35 - 2017-09-26 20:47 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-11-21 17:32 - 2017-09-26 19:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-21 17:32 - 2017-09-26 19:53 - 000000000 __SHD C:\Users\kolez\IntelGraphicsProfiles
2018-11-20 22:26 - 2017-09-26 19:46 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-20 15:08 - 2018-05-09 13:04 - 000004000 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1506451364
2018-11-20 15:08 - 2017-09-26 19:42 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
2018-11-20 15:08 - 2017-09-26 19:41 - 000000000 ____D C:\Program Files\Opera
2018-11-18 15:57 - 2018-09-04 13:43 - 000000000 ____D C:\Users\kolez\Desktop\seriale
2018-11-17 00:00 - 2018-04-12 00:41 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-17 00:00 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 20:40 - 2018-05-09 13:03 - 001763504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-16 20:40 - 2018-04-12 16:51 - 000783576 _____ C:\WINDOWS\system32\perfh015.dat
2018-11-16 20:40 - 2018-04-12 16:51 - 000151702 _____ C:\WINDOWS\system32\perfc015.dat
2018-11-16 20:40 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-16 20:35 - 2018-05-09 13:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-15 23:39 - 2018-04-11 22:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-11-15 21:38 - 2017-09-27 05:37 - 000000000 ____D C:\temp
2018-11-15 21:38 - 2017-09-26 19:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-15 21:38 - 2017-09-26 19:45 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-11-15 21:32 - 2017-12-03 13:17 - 000000000 ____D C:\Users\kozio\AppData\Local\Adobe
2018-11-15 21:30 - 2017-12-03 13:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-14 17:18 - 2017-12-01 19:24 - 000000000 ____D C:\Users\kozio\AppData\Local\Packages
2018-11-14 15:01 - 2018-08-23 21:55 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 15:01 - 2018-08-23 21:55 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-14 14:56 - 2018-07-12 20:26 - 000000000 ___RD C:\Users\kozio\iCloudDrive
2018-11-14 14:55 - 2018-05-09 12:53 - 000404296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-14 14:55 - 2017-12-01 19:36 - 000000000 ___RD C:\Users\kolez\3D Objects
2018-11-14 14:55 - 2017-10-13 15:27 - 000000000 ___RD C:\Users\kozio\3D Objects
2018-11-14 14:55 - 2017-09-26 19:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-14 01:06 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 01:06 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 01:06 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-14 01:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-14 01:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 01:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 01:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-13 21:59 - 2017-09-26 21:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-13 21:58 - 2017-09-26 21:35 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-13 21:56 - 2018-04-12 00:34 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-11-13 21:56 - 2018-04-12 00:34 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-11-13 16:43 - 2018-05-09 12:55 - 000000000 ____D C:\Users\kozio
2018-11-12 21:46 - 2017-09-28 17:36 - 000000000 ____D C:\Users\kolez\AppData\Local\ElevatedDiagnostics
2018-11-12 14:31 - 2017-09-26 21:40 - 000007601 _____ C:\Users\kolez\AppData\Local\Resmon.ResmonCfg
2018-11-12 11:34 - 2017-11-01 22:32 - 000000000 ____D C:\Users\kolez\AppData\Roaming\Apple Computer
2018-11-11 00:48 - 2018-06-13 19:00 - 000000000 ____D C:\WINDOWS\Minidump
2018-11-11 00:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-10 14:41 - 2017-12-02 10:26 - 000000000 ____D C:\Users\kozio\AppData\Local\PlaceholderTileLogoFolder
2018-11-09 21:22 - 2018-07-12 20:26 - 000000000 ____D C:\Users\kozio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2018-11-09 14:00 - 2018-05-09 13:04 - 000003398 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3392638333-2994190449-4011007606-1002
2018-11-09 14:00 - 2018-05-09 12:55 - 000002456 _____ C:\Users\kozio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-09 14:00 - 2017-09-26 22:26 - 000000000 ___RD C:\Users\kozio\OneDrive
2018-11-08 23:23 - 2018-10-08 20:23 - 000010330 _____ C:\Users\kolez\Desktop\Moje rozliczenie.xlsx
2018-11-06 20:58 - 2018-09-02 19:47 - 000000000 ____D C:\Users\kolez\Desktop\Dron
2018-11-02 20:24 - 2017-09-26 19:48 - 000000000 ____D C:\Program Files\Waterfox
2018-11-01 20:47 - 2018-09-04 19:57 - 000000000 ____D C:\Users\kolez\AppData\Roaming\uTorrent
2018-10-30 07:53 - 2018-05-09 13:04 - 000004522 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-10-23 18:51 - 2018-03-01 18:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-23 18:39 - 2018-03-11 21:37 - 000000000 ____D C:\Users\kolez\Desktop\SPARK
2018-10-23 17:18 - 2018-06-23 08:19 - 000000000 ____D C:\ProgramData\Packages
2018-10-23 15:24 - 2017-12-07 20:26 - 000000000 ____D C:\Users\kozio\AppData\LocalLow\Adobe
2018-10-23 15:07 - 2018-07-12 20:26 - 000000000 ____D C:\Users\kozio\AppData\Local\3E71014A-D0AD-42D3-AB6A-B669FC6F8983.aplzod

==================== Pliki w katalogu głównym wybranych folderów =======

2017-12-13 22:31 - 2018-04-27 21:53 - 000000033 _____ () C:\Users\kolez\AppData\Roaming\AdobeWLCMCache.dat
2018-05-03 21:44 - 2018-07-31 18:23 - 000006656 _____ () C:\Users\kolez\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 17:55 - 2018-09-28 17:55 - 000000000 _____ () C:\Users\kolez\AppData\Local\oobelibMkey.log
2017-09-26 21:40 - 2018-11-12 14:31 - 000007601 _____ () C:\Users\kolez\AppData\Local\Resmon.ResmonCfg

Niektóre pliki w TEMP:
====================
2018-11-21 17:35 - 2018-11-21 17:35 - 004346990 _____ (Napisy24.pl ) C:\Users\kolez\AppData\Local\Temp\Napisy24.exe

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2018-05-09 12:53

==================== Koniec FRST.txt ============================


Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21.11.2018
Uruchomiony przez kolez (22-11-2018 22:16:19)
Uruchomiony z C:\Users\kolez\Downloads
Windows 10 Home Wersja 1803 17134.407 (X64) (2018-05-09 12:04:45)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-3392638333-2994190449-4011007606-500 - Administrator - Disabled)
Gość (S-1-5-21-3392638333-2994190449-4011007606-501 - Limited - Disabled)
kolbartek squla (S-1-5-21-3392638333-2994190449-4011007606-1002 - Limited - Enabled) => C:\Users\kozio
kolez (S-1-5-21-3392638333-2994190449-4011007606-1001 - Administrator - Enabled) => C:\Users\kolez
Konto domyślne (S-1-5-21-3392638333-2994190449-4011007606-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3392638333-2994190449-4011007606-504 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

µTorrent (HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
ACDSee Free (HKLM-x32\...\ACDSee Free) (Version: 1.1.21 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
ALLPlayer (wersja 8.2) (HKLM\...\{68972948-F221-4267-9EB6-2EB5D913C4CF}_is1) (Version: 8.2 - ALLPlayer Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.52 - Conexant)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
e-pity 9.2.12 za rok 2017 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 9.2.12 - e-file sp. z o.o. sp.k.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
iCloud (HKLM\...\{5FEE6A85-BB93-49AB-8927-F1D780BB6727}) (Version: 7.8.0.7 - Apple Inc.)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
iTunes (HKLM\...\{3B8EFDB9-9F0A-408D-8293-76C36F3D5F18}) (Version: 12.9.1.4 - Apple Inc.)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
K-Lite Codec Pack 13.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.5.5 - KLCP)
Microsoft Office 365 ProPlus - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.9126.2295 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - )
Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.9.3 - Napisy24.pl)
Norma Pro - wersja edukacyjna (HKLM-x32\...\{670D6292-74C1-4BFD-A0E1-38E9D58AC644}) (Version: 4.62 - Athenasoft)
NVIDIA Sterownik graficzny 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.57 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
OpenTX Companion 2.2 (HKLM-x32\...\OpenTX Companion 2.2) (Version: - OpenTX)
Opera Stable 56.0.3051.104 (HKLM-x32\...\Opera 56.0.3051.104) (Version: 56.0.3051.104 - Opera Software)
Panel sterowania NVIDIA 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.57 - NVIDIA Corporation) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Waterfox 56.2.5 (x64 en-US) (HKLM\...\Waterfox 56.2.5 (x64 en-US)) (Version: 56.2.5 - Waterfox Ltd)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-BDCF87C141C7}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\kolez\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\kolez\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\kolez\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-22] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (Alexander Roshal)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0EDA8EB2-5632-47C3-AF12-2E6662BCE795} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {14A7EC20-C74B-44AC-91E7-3F46069269D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-17] (Microsoft Corporation)
Task: {18D46026-C3E4-4FD1-A75C-C5A1D1C387C0} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-7V20NCE-kolbartek squla => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {304B7056-319C-423E-B75B-2F5F6507C641} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-23] (Google Inc.)
Task: {49527091-1C10-46B0-833A-2EF260A81761} - System32\Tasks\Opera scheduled Autoupdate 1506451364 => C:\Program Files\Opera\launcher.exe [2018-11-14] (Opera Software)
Task: {4967EEAF-BA7F-4533-B93A-6AA3CD9DF051} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-17] (Microsoft Corporation)
Task: {55AAAC91-BFAC-4E34-8F3E-1219BBA890D7} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7V20NCE-kolbartek squla => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {5662408B-23EF-407B-B52F-7CB0AEA00DE1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {5DE40579-B275-4227-8814-B26D054A482E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3392638333-2994190449-4011007606-1002 => C:\Users\kolez\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {61FC8A7E-B924-4691-A74A-3D60FC46DE73} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {6421A237-6255-473E-AF91-AA30E7C2C916} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {71BFF841-3301-4C95-B145-EC07FD349EA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {7294D1F6-8F8D-416E-92C4-FADD846D6FA5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kolezka1@gazeta.pl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {7460DF44-AB5E-412F-81AC-78AE422E393C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {7542A505-654A-4109-82BB-1FB143CF1309} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2018-10-22] (Apple Inc.)
Task: {85ABD696-7916-4E3E-844E-C8DE14A239DD} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-kolezka1@gazeta.pl => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {87382215-E73F-4220-98FB-2D8DF9F40C21} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {B0E4ADD7-1FE6-46BB-8942-329D763AE018} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-17] (Microsoft Corporation)
Task: {B890CD19-5FF5-4562-8CA7-060DD98C967B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-17] (Microsoft Corporation)
Task: {BC7D2045-71E6-460A-BCBD-E65376DE3CE5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-17] (Microsoft Corporation)
Task: {C382FF50-3B82-4F88-A3FF-0ABB2D54E9A5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {C73B89F7-E72F-4981-AF3F-E0A3AA252B3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-23] (Google Inc.)
Task: {DC7455F5-48E5-4A8C-B390-2F73E6E3D116} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-09-22] ()
Task: {EA4FEB59-52F3-4740-A236-1B4AD52CD962} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {EB69426F-53F7-437E-918D-4A6BFE1A8C5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {F0BA6675-1C0D-4867-B40A-15B7D9B1FD17} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {F532C58F-6B6A-45F8-AA5F-A7AA0426B1E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty & WMI ========================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


ShortcutWithArgument: C:\Users\kolez\Desktop\Dron\Betaflight - Configurator (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\kolez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Betaflight - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao

==================== Załadowane moduły (filtrowane) ==============

2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-09-26 19:46 - 2017-12-04 19:32 - 000133704 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-30 20:57 - 2016-11-30 20:57 - 000401888 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-10-04 09:48 - 2018-10-04 09:49 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-11-13 09:49 - 2018-11-13 09:50 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-13 09:49 - 2018-11-13 09:50 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-11-13 09:49 - 2018-11-13 09:50 - 010873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-11-13 09:49 - 2018-11-13 09:50 - 002834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll
2018-11-13 09:49 - 2018-11-13 09:50 - 000685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-13 09:49 - 2018-11-13 09:50 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-13 21:54 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-22 13:59 - 2018-10-22 13:59 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-10-22 13:59 - 2018-10-22 13:59 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-23 17:17 - 2018-10-23 17:18 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-23 17:17 - 2018-10-23 17:18 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-23 17:17 - 2018-10-23 17:18 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 21:00 - 2017-09-26 21:01 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-23 17:17 - 2018-10-23 17:18 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-11-15 21:34 - 2018-11-15 21:34 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-15 21:34 - 2018-11-15 21:34 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-03 19:18 - 2017-10-03 19:19 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-09 21:40 - 2018-11-09 21:41 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-09 21:40 - 2018-11-09 21:41 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-09 21:40 - 2018-11-09 21:41 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-20 23:07 - 2018-08-20 23:07 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-04-05 21:56 - 2018-04-05 21:58 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-08-20 23:07 - 2018-08-20 23:07 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-11-15 21:34 - 2018-11-15 21:34 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-09 21:40 - 2018-11-09 21:41 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-15 21:34 - 2018-11-15 21:34 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 19:44 - 2018-08-30 19:45 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-31 11:25 - 2018-07-31 11:26 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 18:55 - 2017-11-30 18:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-09-20 02:42 - 2017-09-20 02:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 03:04 - 2017-09-20 03:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\sharepoint.com -> hxxps://lmpl-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3392638333-2994190449-4011007606-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 62.179.1.60 - 62.179.1.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

Załączenie wejścia w fixlist spowoduje jego usunięcie.


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{2FA7A8C1-105A-42B1-A473-7A8959AE629A}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{F8AFAF05-1834-4627-BA25-15B214DDE3E0}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{D83D68DC-9F51-4DA0-B74E-90F9EE4E8051}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{8DA7DB5A-24BF-4B7F-8291-C6F43DA0D755}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{D1404EEF-353D-4533-BEFB-839657D7B892}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{0C253620-CA50-484B-9E9D-636BC1C96389}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{2F2943A1-5FF1-40CC-BD11-A317079205B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{F439D48D-C190-4EC1-B32C-C2AB7C0849E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{42A34BCD-4E0A-416E-81AA-72E0D39E5E39}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8B8581C0-F3BC-42FC-AB2C-8623C5D30A8D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0C4F996A-4329-4D2B-943B-87F5B0A7BCF9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5599EDCF-41F8-4A86-92E8-DDA8827398FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{37AD96B7-984D-447D-8411-FB9251AE9A81}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E344C7F3-61D5-4184-841E-7CB2AC89D81C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F5DDDBE4-7957-4FAC-A44C-3D8654E5A81A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B910CFA-C283-453D-B146-9AB072BFBAEF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6A806785-0F6B-48FF-90FB-7809CCA90F55}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{9DD818E4-D712-49A7-B6AC-E895926528CB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{965DA7D0-CB48-4E72-B1E3-3CDAFF3055EC}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{4F264664-5604-4FB3-B49F-B8428EAEFC45}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{05F5B22C-55A2-477D-8157-5BEDF8643C36}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{CDD83FC7-8A26-4499-B9F0-B9ACEF2ADEE1}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{A179BB61-BB72-4B67-8504-55C7C7D736E4}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{634A1CB0-82E1-4EAC-AE95-6AE91FB6DF8C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{30D1F4E0-88B8-4C6F-9378-BDF70690CD52}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B6C89363-EFAE-4F84-96AA-434721387482}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{ACEC4D79-0A84-475B-A21B-7382233C68A3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{4A031316-9EB3-4611-AA2B-1CA1313CE9F2}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe
FirewallRules: [UDP Query User{E0FA67B2-E3C6-44B4-97F9-F58FC6D65268}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe
FirewallRules: [TCP Query User{6F6864FF-EBB6-4871-922E-E0A7B02DAFDB}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe
FirewallRules: [UDP Query User{6E531807-7BE3-4A20-A976-8BA248811A82}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe
FirewallRules: [{64C43602-4AC4-4173-97D0-CE16015952FB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1F01E0E4-96CE-4CF5-8CC4-09C0FDF54279}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{5E16F3DF-1963-406A-927F-D6EA5D2EEF83}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{36484C03-014D-44C0-A96D-5E34A6B4B3D8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\cenzura!.exe
FirewallRules: [{53129921-E3E9-4D99-BA3C-BC00FC663A36}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{72166897-2DD7-4E53-98BD-F65FC7007CF6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{ECF28480-F704-4609-B824-7E904410426C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{98D3F947-CA52-4750-B2DD-2BA4915FDE90}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{E553FBC8-26D6-4A99-8638-4A8ADD639773}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe
FirewallRules: [{11D82D19-F8EB-451E-9CFA-8B0459DA524E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{AE98B2B3-6173-4834-B221-8E3CCE49FF98}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [TCP Query User{371D21B5-EF1E-49B3-90D1-248F101F1C87}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe
FirewallRules: [UDP Query User{555E7F9A-0E25-4F97-BA8C-EEC6337A7E41}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe
FirewallRules: [TCP Query User{07550DB9-AF74-4815-BEED-7FCA7C171796}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [UDP Query User{677CA607-DD1D-43F0-9EFE-5475496B6AA9}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [TCP Query User{0ED331AD-48FB-452D-BF69-467D4CC62821}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
FirewallRules: [UDP Query User{78E24946-1D13-4A04-A44A-2B21822940E5}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
FirewallRules: [TCP Query User{3C948245-43B9-4DA9-A269-71272F84C4BA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe
FirewallRules: [UDP Query User{E66B69DA-C2B9-44B0-BD47-B6838B1982DC}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe
FirewallRules: [{E2AA2848-CFB8-4609-9721-22E3F22E20EB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{417D0CDA-D04F-4C49-B216-B74968D11D04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{063F5B12-675D-4AF0-9D49-0EDD061E6B34}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{4861A4C4-3030-4218-9327-5C97D60E6E79}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{1A14E74F-0384-4E94-8728-CB5AB074C093}] => (Allow) C:\Users\kolez\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{31D775D7-06EA-4E29-902B-52F7BBAB9878}] => (Allow) C:\Users\kolez\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2806D510-4212-4A3A-84F9-7342A2AC5712}] => (Allow) C:\Program Files\Opera\56.0.3051.99\opera.exe
FirewallRules: [{46F15E92-954B-4EC0-B063-CAFAF505F731}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{610E4D97-DB0F-44B3-8A26-AA8A72C6878B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{135F689D-EEDE-407E-83C6-05C40E73FB39}] => (Allow) C:\Program Files\Opera\56.0.3051.104\opera.exe

==================== Punkty Przywracania systemu =========================


==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (11/22/2018 04:47:15 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/21/2018 08:39:45 PM) (Source: COM) (EventID: 10031) (User: )
Description: Podczas anulowania kierowania obiektu skierowanego niestandardowo wykonano sprawdzanie zasad anulowania kierowania i klasa {41FD88F7-F295-4D39-91AC-A85F3149A05B} została odrzucona.

Error: (11/21/2018 08:39:45 PM) (Source: COM) (EventID: 10031) (User: )
Description: Podczas anulowania kierowania obiektu skierowanego niestandardowo wykonano sprawdzanie zasad anulowania kierowania i klasa {41FD88F7-F295-4D39-91AC-A85F3149A05B} została odrzucona.

Error: (11/21/2018 05:35:53 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/21/2018 05:34:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: svchost.exe_MapsBroker, wersja: 10.0.17134.1, sygnatura czasowa: 0xa38b9ab2
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0x8400000e
Przesunięcie błędu: 0x0000000000000000
Identyfikator procesu powodującego błąd: 0x40fc
Godzina uruchomienia aplikacji powodującej błąd: 0x01d481b7e7465cd7
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\System32\svchost.exe
Ścieżka modułu powodującego błąd: unknown
Identyfikator raportu: 961a682a-9daf-4e9a-ba57-f682d0650a2e
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (11/20/2018 03:57:58 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/20/2018 03:07:21 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/18/2018 03:57:58 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


Dziennik System:
=============
Error: (11/22/2018 09:52:13 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7V20NCE)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
i identyfikatorem aplikacji APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
użytkownikowi DESKTOP-7V20NCE\kolez o identyfikatorze zabezpieczeń SID (S-1-5-21-3392638333-2994190449-4011007606-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (11/22/2018 09:52:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7V20NCE)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
i identyfikatorem aplikacji APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
użytkownikowi DESKTOP-7V20NCE\kolez o identyfikatorze zabezpieczeń SID (S-1-5-21-3392638333-2994190449-4011007606-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (11/22/2018 09:51:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7V20NCE)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
i identyfikatorem aplikacji APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
użytkownikowi DESKTOP-7V20NCE\kolez o identyfikatorze zabezpieczeń SID (S-1-5-21-3392638333-2994190449-4011007606-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (11/22/2018 01:19:37 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
i identyfikatorem aplikacji APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (11/22/2018 01:01:50 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
i identyfikatorem aplikacji APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (11/22/2018 01:00:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7V20NCE)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
i identyfikatorem aplikacji APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
użytkownikowi DESKTOP-7V20NCE\kolez o identyfikatorze zabezpieczeń SID (S-1-5-21-3392638333-2994190449-4011007606-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (11/22/2018 01:00:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7V20NCE)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
i identyfikatorem aplikacji APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
użytkownikowi DESKTOP-7V20NCE\kolez o identyfikatorze zabezpieczeń SID (S-1-5-21-3392638333-2994190449-4011007606-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (11/22/2018 01:00:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7V20NCE)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
i identyfikatorem aplikacji APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
użytkownikowi DESKTOP-7V20NCE\kolez o identyfikatorze zabezpieczeń SID (S-1-5-21-3392638333-2994190449-4011007606-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.


Windows Defender:
===================================
Date: 2018-11-16 21:00:46.975
Description:
Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {76C7A8A0-2616-4C4D-8F51-6DD17957FE3D}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2018-11-16 20:53:10.678
Description:
Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {DB8E8B1A-4FF2-4C16-86AD-AD9B50F1817F}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2018-11-15 22:58:11.203
Description:
Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {482003CC-4BE2-414E-9687-471BE6C7D6C6}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2018-11-15 01:04:03.034
Description:
Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {59B87C77-5C1C-4E3D-B0D0-DA4E15E596C9}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2018-11-14 22:02:28.414
Description:
Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {A32D9183-DE45-46A8-B06F-6A66758A331D}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2018-09-19 20:38:42.947
Description:
Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu:
Poprzednia wersja podpisu: 1.275.1349.0
Źródło aktualizacji: Serwer usługi Microsoft Update
Typ podpisu: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Bieżąca wersja aparatu:
Poprzednia wersja aparatu: 1.1.15200.1
Kod błędu: 0x80240016
Opis błędu: Podczas sprawdzania aktualizacji wystąpił nieoczekiwany problem. Aby uzyskać informacje na temat instalowania aktualizacji i rozwiązywania problemów z nimi, zobacz Pomoc i obsługę techniczną.

Date: 2018-08-29 19:47:53.399
Description:
Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu:
Poprzednia wersja podpisu: 1.275.388.0
Źródło aktualizacji: Serwer usługi Microsoft Update
Typ podpisu: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Bieżąca wersja aparatu:
Poprzednia wersja aparatu: 1.1.15200.1
Kod błędu: 0x80240438
Opis błędu: Podczas sprawdzania aktualizacji wystąpił nieoczekiwany problem. Aby uzyskać informacje na temat instalowania aktualizacji i rozwiązywania problemów z nimi, zobacz Pomoc i obsługę techniczną.

CodeIntegrity:
===================================

Date: 2018-11-10 18:03:58.577
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-10 18:03:58.355
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-10 18:03:58.139
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-10 18:03:57.742
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-10 18:03:57.734
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-10 18:03:57.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-10 18:03:57.696
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-28 15:28:23.697
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz
Procent pamięci w użyciu: 50%
Całkowita pamięć fizyczna: 8075.02 MB
Dostępna pamięć fizyczna: 3977.39 MB
Całkowita pamięć wirtualna: 9611.02 MB
Dostępna pamięć wirtualna: 5187.63 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:222.24 GB) (Free:3.94 GB) NTFS

\\?\Volume{f403cd6d-3880-4575-98cc-b82c135c82f1}\ (Odzyskiwanie) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{0c2a3bac-6a7c-4729-af44-2dab012bcbf7}\ () (Fixed) (Total:0.78 GB) (Free:0.33 GB) NTFS
\\?\Volume{3134d946-2e0f-4a6d-8737-c37dea1092ee}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Koniec Addition.txt ============================
kolezka1
~user
 
Posty: 3
Dołączenie: 22 Lis 2018, 23:00



Komputer strasznie długo sie uruchamia

Postprzez ordynat 23 Lis 2018, 00:13

Te logi potwierdzają, że nie masz żadnej infekcji.
Tak więc przyczyna problemu jest "pozawirusowa".

Tylko drobna kosmetyka:
Uruchom FRST. Na klawiaturze naciśnij jednocześnie CTRL+Y.Otworzy się Notatnik - wklej do niego:
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe" [X]
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
EmptyTemp:

Na klawiaturze naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW).
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 6 gości