E-Peek v 3.0.0.0 © Emphyrio/Onsia Patrick 2013-2018 [url=http://www.antimalwarehelp.be/EDev/Tools/E-Peek/EPeekDL.html]E Dev[/url] Run at sob. 26 maj 2018 14:38 . Microsoft Windows 10 Education C:\WINDOWS [NTFS - Fixed] Default Browser: Google Chrome Boot mode: Normal boot User logged in: Relaflox . Java x86: 1.8 Java x64: 1.8 . AV : Windows Defender [Updated - Running] AS : Windows Defender [Updated - Running] FW : Windows firewall . ==================== Files and Folders history ================================= Folders Created Last 30 days : 27.04.2018 ##### r-h-s-d+a- C:\ProgramData\Audyssey Labs 27.04.2018 ##### r-h-s-d+a- C:\Program Files (x86)\Audacity 27.04.2018 ##### r-h-s-d+a- C:\Program Files (x86)\Audacity 25.05.2018 ##### r-h-s-d+a- C:\Users\Relaflox\AppData\Local\Facebook 23.05.2018 ##### r-h-s-d+a- C:\Users\Relaflox\AppData\Roaming\Haven and Hearth 23.05.2018 ##### r-h-s-d+a- C:\FRST 18.05.2018 ##### r-h-s-d+a- C:\Windows.old 18.05.2018 ##### r-h-s-d+a- C:\Users\Relaflox\AppData\Local\Temp 18.05.2018 ##### r-h-s-d+a- C:\Users\Relaflox\AppData\Local\Microsoft 18.05.2018 ##### r-h-s-d+a- C:\Users\Relaflox\AppData\Local\D3DSCache 18.05.2018 ##### r-h-s-d+a- C:\ProgramData\USOShared 18.05.2018 ##### r-h-s-d+a- C:\ProgramData\Microsoft OneDrive 18.05.2018 ##### r-h-s-d+a- C:\Program Files (x86)\VulkanRT 18.05.2018 ##### r-h-s-d+a- C:\Program Files (x86)\VulkanRT 18.05.2018 ##### r-h-s-d+a- C:\Program Files (x86)\Reference Assemblies 18.05.2018 ##### r-h-s-d+a- C:\Program Files (x86)\Reference Assemblies 18.05.2018 ##### r-h-s-d+a- C:\Program Files (x86)\MSBuild 18.05.2018 ##### r-h-s-d+a- C:\Program Files (x86)\MSBuild 18.05.2018 ##### r-h-s+d+a- C:\Users\Relaflox\AppData\Roaming\Microsoft 18.05.2018 ##### r-h+s-d+a- C:\Users\Relaflox\AppData 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\Ustawienia lokalne 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\Szablony 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\SendTo 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\Recent 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\PrintHood 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\NetHood 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\Moje dokumenty 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\Menu Start 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\Dane aplikacji 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\Cookies 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\AppData\Local\Temporary Internet Files 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\AppData\Local\Historia 18.05.2018 ##### r-h+s+d+a- C:\Users\Relaflox\AppData\Local\Dane aplikacji 12.05.2018 ##### r-h-s-d+a- C:\Users\Relaflox\.prefs 02.05.2018 ##### r-h-s-d+a- C:\Users\Relaflox\AppData\Roaming\RotMG.Production Files Modified Last 30 days : 23.05.2018 00098760 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 23.05.2018 00098760 r-h-s-d-a+ C:\WINDOWS\system32\WindowsAccessBridge-32.dll 18.05.2018 22002688 r-h-s-d-a+ C:\WINDOWS\SysWOW64\edgehtml.dll 18.05.2018 22002688 r-h-s-d-a+ C:\WINDOWS\system32\edgehtml.dll 18.05.2018 20383720 r-h-s-d-a+ C:\WINDOWS\SysWOW64\shell32.dll 18.05.2018 20383720 r-h-s-d-a+ C:\WINDOWS\system32\shell32.dll 18.05.2018 19399168 r-h-s-d-a+ C:\WINDOWS\SysWOW64\mshtml.dll 18.05.2018 19399168 r-h-s-d-a+ C:\WINDOWS\system32\mshtml.dll 18.05.2018 12500992 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wmp.dll 18.05.2018 12500992 r-h-s-d-a+ C:\WINDOWS\system32\wmp.dll 18.05.2018 11903488 r-h-s-d-a+ C:\WINDOWS\SysWOW64\ieframe.dll 18.05.2018 11903488 r-h-s-d-a+ C:\WINDOWS\system32\ieframe.dll 18.05.2018 07987712 r-h-s-d-a+ C:\WINDOWS\SysWOW64\mstscax.dll 18.05.2018 07987712 r-h-s-d-a+ C:\WINDOWS\system32\mstscax.dll 18.05.2018 06661632 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 18.05.2018 06661632 r-h-s-d-a+ C:\WINDOWS\system32\Windows.Data.Pdf.dll 18.05.2018 06569952 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 18.05.2018 06569952 r-h-s-d-a+ C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 18.05.2018 06044104 r-h-s-d-a+ C:\WINDOWS\SysWOW64\windows.storage.dll 18.05.2018 06044104 r-h-s-d-a+ C:\WINDOWS\system32\windows.storage.dll 18.05.2018 05782528 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Chakra.dll 18.05.2018 05782528 r-h-s-d-a+ C:\WINDOWS\system32\Chakra.dll 18.05.2018 04929024 r-h-s-d-a+ C:\WINDOWS\SysWOW64\dbgeng.dll 18.05.2018 04929024 r-h-s-d-a+ C:\WINDOWS\system32\dbgeng.dll 18.05.2018 03712000 r-h-s-d-a+ C:\WINDOWS\SysWOW64\jscript9.dll 18.05.2018 03712000 r-h-s-d-a+ C:\WINDOWS\system32\jscript9.dll 18.05.2018 03398144 r-h-s-d-a+ C:\WINDOWS\SysWOW64\xpsrchvw.exe 18.05.2018 03398144 r-h-s-d-a+ C:\WINDOWS\system32\xpsrchvw.exe 18.05.2018 03015168 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wininet.dll 18.05.2018 03015168 r-h-s-d-a+ C:\WINDOWS\system32\wininet.dll 18.05.2018 02961408 r-h-s-d-a+ C:\WINDOWS\SysWOW64\cdp.dll 18.05.2018 02961408 r-h-s-d-a+ C:\WINDOWS\system32\cdp.dll 18.05.2018 02900992 r-h-s-d-a+ C:\WINDOWS\SysWOW64\dwmcore.dll 18.05.2018 02900992 r-h-s-d-a+ C:\WINDOWS\system32\dwmcore.dll 18.05.2018 02897408 r-h-s-d-a+ C:\WINDOWS\SysWOW64\win32kfull.sys 18.05.2018 02897408 r-h-s-d-a+ C:\WINDOWS\system32\win32kfull.sys 18.05.2018 02841312 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Windows.Mirage.dll 18.05.2018 02841312 r-h-s-d-a+ C:\WINDOWS\system32\Windows.Mirage.dll 18.05.2018 02700800 r-h-s-d-a+ C:\WINDOWS\SysWOW64\tquery.dll 18.05.2018 02700800 r-h-s-d-a+ C:\WINDOWS\system32\tquery.dll 18.05.2018 02486976 r-h-s-d-a+ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 18.05.2018 02486976 r-h-s-d-a+ C:\WINDOWS\system32\CoreUIComponents.dll 18.05.2018 02242208 r-h-s-d-a+ C:\WINDOWS\SysWOW64\iertutil.dll 18.05.2018 02242208 r-h-s-d-a+ C:\WINDOWS\system32\iertutil.dll 18.05.2018 01763504 r-h-s-d-a+ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 18.05.2018 01763504 r-h-s-d-a+ C:\WINDOWS\system32\PerfStringBackup.INI 18.05.2018 01636352 r-h-s-d-a+ C:\WINDOWS\SysWOW64\urlmon.dll 18.05.2018 01636352 r-h-s-d-a+ C:\WINDOWS\system32\urlmon.dll 18.05.2018 01585664 r-h-s-d-a+ C:\WINDOWS\SysWOW64\msxml3.dll 18.05.2018 01585664 r-h-s-d-a+ C:\WINDOWS\system32\msxml3.dll 18.05.2018 01466368 r-h-s-d-a+ C:\WINDOWS\SysWOW64\ieapfltr.dll 18.05.2018 01466368 r-h-s-d-a+ C:\WINDOWS\system32\ieapfltr.dll 18.05.2018 01454016 r-h-s-d-a+ C:\WINDOWS\SysWOW64\gdi32full.dll 18.05.2018 01454016 r-h-s-d-a+ C:\WINDOWS\system32\gdi32full.dll 18.05.2018 01426328 r-h-s-d-a+ C:\WINDOWS\SysWOW64\AppxPackaging.dll 18.05.2018 01426328 r-h-s-d-a+ C:\WINDOWS\system32\AppxPackaging.dll 18.05.2018 01380864 r-h-s-d-a+ C:\WINDOWS\SysWOW64\comsvcs.dll 18.05.2018 01380864 r-h-s-d-a+ C:\WINDOWS\system32\comsvcs.dll 18.05.2018 01235968 r-h-s-d-a+ C:\WINDOWS\SysWOW64\rdpbase.dll 18.05.2018 01235968 r-h-s-d-a+ C:\WINDOWS\system32\rdpbase.dll 18.05.2018 00860160 r-h-s-d-a+ C:\WINDOWS\SysWOW64\rasapi32.dll 18.05.2018 00860160 r-h-s-d-a+ C:\WINDOWS\system32\rasapi32.dll 18.05.2018 00836608 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wuapi.dll 18.05.2018 00836608 r-h-s-d-a+ C:\WINDOWS\system32\wuapi.dll 18.05.2018 00786168 r-h-s-d-a+ C:\WINDOWS\SysWOW64\rpcrt4.dll 18.05.2018 00786168 r-h-s-d-a+ C:\WINDOWS\system32\rpcrt4.dll 18.05.2018 00778936 r-h-s-d-a+ C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 18.05.2018 00778936 r-h-s-d-a+ C:\WINDOWS\system32\PresentationNative_v0300.dll 18.05.2018 00669184 r-h-s-d-a+ C:\WINDOWS\SysWOW64\jscript.dll 18.05.2018 00669184 r-h-s-d-a+ C:\WINDOWS\system32\jscript.dll 18.05.2018 00668672 r-h-s-d-a+ C:\WINDOWS\SysWOW64\msfeeds.dll 18.05.2018 00668672 r-h-s-d-a+ C:\WINDOWS\system32\msfeeds.dll 18.05.2018 00665320 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wer.dll 18.05.2018 00665320 r-h-s-d-a+ C:\WINDOWS\system32\wer.dll 18.05.2018 00658432 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 18.05.2018 00658432 r-h-s-d-a+ C:\WINDOWS\system32\Windows.Mirage.Internal.dll 18.05.2018 00619520 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WpcWebFilter.dll 18.05.2018 00619520 r-h-s-d-a+ C:\WINDOWS\system32\WpcWebFilter.dll 18.05.2018 00615424 r-h-s-d-a+ C:\WINDOWS\SysWOW64\EdgeManager.dll 18.05.2018 00615424 r-h-s-d-a+ C:\WINDOWS\system32\EdgeManager.dll 18.05.2018 00606448 r-h-s-d-a+ C:\WINDOWS\SysWOW64\oleaut32.dll 18.05.2018 00606448 r-h-s-d-a+ C:\WINDOWS\system32\oleaut32.dll 18.05.2018 00581120 r-h-s-d-a+ C:\WINDOWS\SysWOW64\hhctrl.ocx 18.05.2018 00581120 r-h-s-d-a+ C:\WINDOWS\system32\hhctrl.ocx 18.05.2018 00578560 r-h-s-d-a+ C:\WINDOWS\SysWOW64\webplatstorageserver.dll 18.05.2018 00578560 r-h-s-d-a+ C:\WINDOWS\system32\webplatstorageserver.dll 18.05.2018 00575488 r-h-s-d-a+ C:\WINDOWS\SysWOW64\XpsFilt.dll 18.05.2018 00575488 r-h-s-d-a+ C:\WINDOWS\system32\XpsFilt.dll 18.05.2018 00567136 r-h-s-d-a+ C:\WINDOWS\SysWOW64\CoreMessaging.dll 18.05.2018 00567136 r-h-s-d-a+ C:\WINDOWS\system32\CoreMessaging.dll 18.05.2018 00561664 r-h-s-d-a+ C:\WINDOWS\SysWOW64\jscript9diag.dll 18.05.2018 00561664 r-h-s-d-a+ C:\WINDOWS\system32\jscript9diag.dll 18.05.2018 00559968 r-h-s-d-a+ C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 18.05.2018 00559968 r-h-s-d-a+ C:\WINDOWS\system32\AppXDeploymentClient.dll 18.05.2018 00524800 r-h-s-d-a+ C:\WINDOWS\SysWOW64\vbscript.dll 18.05.2018 00524800 r-h-s-d-a+ C:\WINDOWS\system32\vbscript.dll 18.05.2018 00434584 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WerFault.exe 18.05.2018 00434584 r-h-s-d-a+ C:\WINDOWS\system32\WerFault.exe 18.05.2018 00344064 r-h-s-d-a+ C:\WINDOWS\SysWOW64\iedkcs32.dll 18.05.2018 00344064 r-h-s-d-a+ C:\WINDOWS\system32\iedkcs32.dll 18.05.2018 00150016 r-h-s-d-a+ C:\WINDOWS\SysWOW64\itss.dll 18.05.2018 00150016 r-h-s-d-a+ C:\WINDOWS\system32\itss.dll 18.05.2018 00117760 r-h-s-d-a+ C:\WINDOWS\SysWOW64\TSpkg.dll 18.05.2018 00117760 r-h-s-d-a+ C:\WINDOWS\system32\TSpkg.dll 18.05.2018 00103120 r-h-s-d-a+ C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 18.05.2018 00103120 r-h-s-d-a+ C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 18.05.2018 00082432 r-h-s-d-a+ C:\WINDOWS\SysWOW64\XPSSHHDR.dll 18.05.2018 00082432 r-h-s-d-a+ C:\WINDOWS\system32\XPSSHHDR.dll 18.05.2018 00076060 r-h-s-d-a+ C:\WINDOWS\SysWOW64\xpsrchvw.xml 18.05.2018 00076060 r-h-s-d-a+ C:\WINDOWS\system32\xpsrchvw.xml 18.05.2018 00035456 r-h-s-d-a+ C:\WINDOWS\SysWOW64\TsWpfWrp.exe 18.05.2018 00035456 r-h-s-d-a+ C:\WINDOWS\system32\TsWpfWrp.exe 18.05.2018 00019968 r-h-s-d-a+ C:\WINDOWS\SysWOW64\credssp.dll 18.05.2018 00019968 r-h-s-d-a+ C:\WINDOWS\system32\credssp.dll 18.05.2018 00002560 r-h-s-d-a+ C:\WINDOWS\SysWOW64\tzres.dll 18.05.2018 00002560 r-h-s-d-a+ C:\WINDOWS\system32\tzres.dll 01.05.2018 00835064 r-h-s-d-a+ C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 01.05.2018 00835064 r-h-s-d-a+ C:\WINDOWS\system32\FlashPlayerApp.exe 01.05.2018 00179704 r-h-s-d-a+ C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 01.05.2018 00179704 r-h-s-d-a+ C:\WINDOWS\system32\FlashPlayerCPLApp.cpl Files Created Last 30 days : 27.04.2018 03092336 r-h-s-d-a+ C:\WINDOWS\SysWOW64\RltkAPO.dll 27.04.2018 03092336 r-h-s-d-a+ C:\WINDOWS\system32\RltkAPO.dll 27.04.2018 00877424 r-h-s-d-a+ C:\WINDOWS\SysWOW64\SEHDHF32.dll 27.04.2018 00877424 r-h-s-d-a+ C:\WINDOWS\system32\SEHDHF32.dll 27.04.2018 00737960 r-h-s-d-a+ C:\WINDOWS\SysWOW64\SECOMN32.dll 27.04.2018 00737960 r-h-s-d-a+ C:\WINDOWS\system32\SECOMN32.dll 27.04.2018 00341144 r-h-s-d-a+ C:\WINDOWS\SysWOW64\SRCOM.dll 27.04.2018 00341144 r-h-s-d-a+ C:\WINDOWS\system32\SRCOM.dll 27.04.2018 00083624 r-h-s-d-a+ C:\WINDOWS\SysWOW64\SFCOM.dll 27.04.2018 00083624 r-h-s-d-a+ C:\WINDOWS\system32\SFCOM.dll 23.05.2018 00075958 r-h+s-d-a+ C:\Users\Relaflox\AppData\Local\IconCache.db 18.05.2018 22002688 r-h-s-d-a+ C:\WINDOWS\SysWOW64\edgehtml.dll 18.05.2018 22002688 r-h-s-d-a+ C:\WINDOWS\system32\edgehtml.dll 18.05.2018 20383720 r-h-s-d-a+ C:\WINDOWS\SysWOW64\shell32.dll 18.05.2018 20383720 r-h-s-d-a+ C:\WINDOWS\system32\shell32.dll 18.05.2018 19399168 r-h-s-d-a+ C:\WINDOWS\SysWOW64\mshtml.dll 18.05.2018 19399168 r-h-s-d-a+ C:\WINDOWS\system32\mshtml.dll 18.05.2018 12500992 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wmp.dll 18.05.2018 12500992 r-h-s-d-a+ C:\WINDOWS\system32\wmp.dll 18.05.2018 11903488 r-h-s-d-a+ C:\WINDOWS\SysWOW64\ieframe.dll 18.05.2018 11903488 r-h-s-d-a+ C:\WINDOWS\system32\ieframe.dll 18.05.2018 07987712 r-h-s-d-a+ C:\WINDOWS\SysWOW64\mstscax.dll 18.05.2018 07987712 r-h-s-d-a+ C:\WINDOWS\system32\mstscax.dll 18.05.2018 06661632 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 18.05.2018 06661632 r-h-s-d-a+ C:\WINDOWS\system32\Windows.Data.Pdf.dll 18.05.2018 06569952 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 18.05.2018 06569952 r-h-s-d-a+ C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 18.05.2018 06044104 r-h-s-d-a+ C:\WINDOWS\SysWOW64\windows.storage.dll 18.05.2018 06044104 r-h-s-d-a+ C:\WINDOWS\system32\windows.storage.dll 18.05.2018 05782528 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Chakra.dll 18.05.2018 05782528 r-h-s-d-a+ C:\WINDOWS\system32\Chakra.dll 18.05.2018 04929024 r-h-s-d-a+ C:\WINDOWS\SysWOW64\dbgeng.dll 18.05.2018 04929024 r-h-s-d-a+ C:\WINDOWS\system32\dbgeng.dll 18.05.2018 04194304 r-h+s-d-a+ C:\Users\Relaflox\NTUSER.DAT 18.05.2018 03712000 r-h-s-d-a+ C:\WINDOWS\SysWOW64\jscript9.dll 18.05.2018 03712000 r-h-s-d-a+ C:\WINDOWS\system32\jscript9.dll 18.05.2018 03398144 r-h-s-d-a+ C:\WINDOWS\SysWOW64\xpsrchvw.exe 18.05.2018 03398144 r-h-s-d-a+ C:\WINDOWS\system32\xpsrchvw.exe 18.05.2018 03015168 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wininet.dll 18.05.2018 03015168 r-h-s-d-a+ C:\WINDOWS\system32\wininet.dll 18.05.2018 02961408 r-h-s-d-a+ C:\WINDOWS\SysWOW64\cdp.dll 18.05.2018 02961408 r-h-s-d-a+ C:\WINDOWS\system32\cdp.dll 18.05.2018 02900992 r-h-s-d-a+ C:\WINDOWS\SysWOW64\dwmcore.dll 18.05.2018 02900992 r-h-s-d-a+ C:\WINDOWS\system32\dwmcore.dll 18.05.2018 02897408 r-h-s-d-a+ C:\WINDOWS\SysWOW64\win32kfull.sys 18.05.2018 02897408 r-h-s-d-a+ C:\WINDOWS\system32\win32kfull.sys 18.05.2018 02841312 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Windows.Mirage.dll 18.05.2018 02841312 r-h-s-d-a+ C:\WINDOWS\system32\Windows.Mirage.dll 18.05.2018 02752000 r-h-s-d-a+ C:\WINDOWS\SysWOW64\PrintConfig.dll 18.05.2018 02752000 r-h-s-d-a+ C:\WINDOWS\system32\PrintConfig.dll 18.05.2018 02700800 r-h-s-d-a+ C:\WINDOWS\SysWOW64\tquery.dll 18.05.2018 02700800 r-h-s-d-a+ C:\WINDOWS\system32\tquery.dll 18.05.2018 02486976 r-h-s-d-a+ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 18.05.2018 02486976 r-h-s-d-a+ C:\WINDOWS\system32\CoreUIComponents.dll 18.05.2018 02242208 r-h-s-d-a+ C:\WINDOWS\SysWOW64\iertutil.dll 18.05.2018 02242208 r-h-s-d-a+ C:\WINDOWS\system32\iertutil.dll 18.05.2018 01636352 r-h-s-d-a+ C:\WINDOWS\SysWOW64\urlmon.dll 18.05.2018 01636352 r-h-s-d-a+ C:\WINDOWS\system32\urlmon.dll 18.05.2018 01585664 r-h-s-d-a+ C:\WINDOWS\SysWOW64\msxml3.dll 18.05.2018 01585664 r-h-s-d-a+ C:\WINDOWS\system32\msxml3.dll 18.05.2018 01466368 r-h-s-d-a+ C:\WINDOWS\SysWOW64\ieapfltr.dll 18.05.2018 01466368 r-h-s-d-a+ C:\WINDOWS\system32\ieapfltr.dll 18.05.2018 01454016 r-h-s-d-a+ C:\WINDOWS\SysWOW64\gdi32full.dll 18.05.2018 01454016 r-h-s-d-a+ C:\WINDOWS\system32\gdi32full.dll 18.05.2018 01426328 r-h-s-d-a+ C:\WINDOWS\SysWOW64\AppxPackaging.dll 18.05.2018 01426328 r-h-s-d-a+ C:\WINDOWS\system32\AppxPackaging.dll 18.05.2018 01380864 r-h-s-d-a+ C:\WINDOWS\SysWOW64\comsvcs.dll 18.05.2018 01380864 r-h-s-d-a+ C:\WINDOWS\system32\comsvcs.dll 18.05.2018 01235968 r-h-s-d-a+ C:\WINDOWS\SysWOW64\rdpbase.dll 18.05.2018 01235968 r-h-s-d-a+ C:\WINDOWS\system32\rdpbase.dll 18.05.2018 01101824 r-h+s+d-a+ C:\Users\Relaflox\ntuser.dat.LOG2 18.05.2018 00860160 r-h-s-d-a+ C:\WINDOWS\SysWOW64\rasapi32.dll 18.05.2018 00860160 r-h-s-d-a+ C:\WINDOWS\system32\rasapi32.dll 18.05.2018 00836608 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wuapi.dll 18.05.2018 00836608 r-h-s-d-a+ C:\WINDOWS\system32\wuapi.dll 18.05.2018 00798008 r-h-s-d-a+ C:\WINDOWS\SysWOW64\vulkan-1.dll 18.05.2018 00798008 r-h-s-d-a+ C:\WINDOWS\system32\vulkan-1.dll 18.05.2018 00786168 r-h-s-d-a+ C:\WINDOWS\SysWOW64\rpcrt4.dll 18.05.2018 00786168 r-h-s-d-a+ C:\WINDOWS\system32\rpcrt4.dll 18.05.2018 00778936 r-h-s-d-a+ C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 18.05.2018 00778936 r-h-s-d-a+ C:\WINDOWS\system32\PresentationNative_v0300.dll 18.05.2018 00669184 r-h-s-d-a+ C:\WINDOWS\SysWOW64\jscript.dll 18.05.2018 00669184 r-h-s-d-a+ C:\WINDOWS\system32\jscript.dll 18.05.2018 00668672 r-h-s-d-a+ C:\WINDOWS\SysWOW64\msfeeds.dll 18.05.2018 00668672 r-h-s-d-a+ C:\WINDOWS\system32\msfeeds.dll 18.05.2018 00665320 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wer.dll 18.05.2018 00665320 r-h-s-d-a+ C:\WINDOWS\system32\wer.dll 18.05.2018 00658432 r-h-s-d-a+ C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 18.05.2018 00658432 r-h-s-d-a+ C:\WINDOWS\system32\Windows.Mirage.Internal.dll 18.05.2018 00619520 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WpcWebFilter.dll 18.05.2018 00619520 r-h-s-d-a+ C:\WINDOWS\system32\WpcWebFilter.dll 18.05.2018 00615424 r-h-s-d-a+ C:\WINDOWS\SysWOW64\EdgeManager.dll 18.05.2018 00615424 r-h-s-d-a+ C:\WINDOWS\system32\EdgeManager.dll 18.05.2018 00606448 r-h-s-d-a+ C:\WINDOWS\SysWOW64\oleaut32.dll 18.05.2018 00606448 r-h-s-d-a+ C:\WINDOWS\system32\oleaut32.dll 18.05.2018 00581120 r-h-s-d-a+ C:\WINDOWS\SysWOW64\hhctrl.ocx 18.05.2018 00581120 r-h-s-d-a+ C:\WINDOWS\system32\hhctrl.ocx 18.05.2018 00578560 r-h-s-d-a+ C:\WINDOWS\SysWOW64\webplatstorageserver.dll 18.05.2018 00578560 r-h-s-d-a+ C:\WINDOWS\system32\webplatstorageserver.dll 18.05.2018 00575488 r-h-s-d-a+ C:\WINDOWS\SysWOW64\XpsFilt.dll 18.05.2018 00575488 r-h-s-d-a+ C:\WINDOWS\system32\XpsFilt.dll 18.05.2018 00567136 r-h-s-d-a+ C:\WINDOWS\SysWOW64\CoreMessaging.dll 18.05.2018 00567136 r-h-s-d-a+ C:\WINDOWS\system32\CoreMessaging.dll 18.05.2018 00561664 r-h-s-d-a+ C:\WINDOWS\SysWOW64\jscript9diag.dll 18.05.2018 00561664 r-h-s-d-a+ C:\WINDOWS\system32\jscript9diag.dll 18.05.2018 00559968 r-h-s-d-a+ C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 18.05.2018 00559968 r-h-s-d-a+ C:\WINDOWS\system32\AppXDeploymentClient.dll 18.05.2018 00524800 r-h-s-d-a+ C:\WINDOWS\SysWOW64\vbscript.dll 18.05.2018 00524800 r-h-s-d-a+ C:\WINDOWS\system32\vbscript.dll 18.05.2018 00524288 r-h+s+d-a+ C:\Users\Relaflox\NTUSER.DAT{f9e76714-5a7b-11e8-9822-40167eaabd9a}.TMContainer00000000000000000002.regtrans-ms 18.05.2018 00524288 r-h+s+d-a+ C:\Users\Relaflox\NTUSER.DAT{f9e76714-5a7b-11e8-9822-40167eaabd9a}.TMContainer00000000000000000001.regtrans-ms 18.05.2018 00524288 r-h+s+d-a+ C:\Users\Relaflox\ntuser.dat.LOG1 18.05.2018 00490296 r-h-s-d-a+ C:\WINDOWS\SysWOW64\vulkaninfo.exe 18.05.2018 00490296 r-h-s-d-a+ C:\WINDOWS\system32\vulkaninfo.exe 18.05.2018 00434584 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WerFault.exe 18.05.2018 00434584 r-h-s-d-a+ C:\WINDOWS\system32\WerFault.exe 18.05.2018 00344064 r-h-s-d-a+ C:\WINDOWS\SysWOW64\iedkcs32.dll 18.05.2018 00344064 r-h-s-d-a+ C:\WINDOWS\system32\iedkcs32.dll 18.05.2018 00150016 r-h-s-d-a+ C:\WINDOWS\SysWOW64\itss.dll 18.05.2018 00150016 r-h-s-d-a+ C:\WINDOWS\system32\itss.dll 18.05.2018 00136312 r-h-s-d-a+ C:\WINDOWS\SysWOW64\nvStreaming.exe 18.05.2018 00136312 r-h-s-d-a+ C:\WINDOWS\system32\nvStreaming.exe 18.05.2018 00117760 r-h-s-d-a+ C:\WINDOWS\SysWOW64\TSpkg.dll 18.05.2018 00117760 r-h-s-d-a+ C:\WINDOWS\system32\TSpkg.dll 18.05.2018 00103120 r-h-s-d-a+ C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 18.05.2018 00103120 r-h-s-d-a+ C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 18.05.2018 00082432 r-h-s-d-a+ C:\WINDOWS\SysWOW64\XPSSHHDR.dll 18.05.2018 00082432 r-h-s-d-a+ C:\WINDOWS\system32\XPSSHHDR.dll 18.05.2018 00076060 r-h-s-d-a+ C:\WINDOWS\SysWOW64\xpsrchvw.xml 18.05.2018 00076060 r-h-s-d-a+ C:\WINDOWS\system32\xpsrchvw.xml 18.05.2018 00065536 r-h+s+d-a+ C:\Users\Relaflox\NTUSER.DAT{f9e76714-5a7b-11e8-9822-40167eaabd9a}.TM.blf 18.05.2018 00035456 r-h-s-d-a+ C:\WINDOWS\SysWOW64\TsWpfWrp.exe 18.05.2018 00035456 r-h-s-d-a+ C:\WINDOWS\system32\TsWpfWrp.exe 18.05.2018 00019968 r-h-s-d-a+ C:\WINDOWS\SysWOW64\credssp.dll 18.05.2018 00019968 r-h-s-d-a+ C:\WINDOWS\system32\credssp.dll 18.05.2018 00002560 r-h-s-d-a+ C:\WINDOWS\SysWOW64\tzres.dll 18.05.2018 00002560 r-h-s-d-a+ C:\WINDOWS\system32\tzres.dll 18.05.2018 00000020 r-h+s+d-a- C:\Users\Relaflox\ntuser.ini ==================== RUNNING PROCESSES ========================================= [ApplicationFrameHost] -Relaflox- C:\Windows\System32\ApplicationFrameHost.exe - (ApplicationFrameHost.exe) [atkexComSvc] -SYSTEM- C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe - () [AudioBox] -Relaflox- C:\Program Files\PreSonus\AudioBox\AudioBox.exe - () [audiodg] -USŁUGA LOKALNA- C:\Windows\System32\audiodg.exe - (audiodg.exe) [browser_broker] -Relaflox- C:\Windows\System32\browser_broker.exe - (browser_broker.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [chrome] -Relaflox- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (chrome.exe) [conhost] -Relaflox- C:\Windows\System32\conhost.exe - (conhost.exe) [conhost] -Relaflox- C:\Windows\System32\conhost.exe - (conhost.exe) [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe) [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe) [ctfmon] -Relaflox- C:\Windows\System32\ctfmon.exe - (ctfmon.exe) [dasHost] -USŁUGA LOKALNA- C:\Windows\System32\dasHost.exe - (dasHost.exe) [desktopcal] -Relaflox- C:\Users\Relaflox\AppData\Roaming\DesktopCal\desktopcal.exe - (Beijing Cloud Story Inc.) [dkdockhost] -Relaflox- C:\Users\Relaflox\AppData\Roaming\DesktopCal\dkdockhost.exe - (dkdockhost.exe) [dllhost] -Relaflox- C:\Windows\System32\dllhost.exe - (dllhost.exe) [Dual Smart Solution] -Relaflox- C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe - (Dual Smart Solution.exe) [dwm] -DWM-1- C:\Windows\System32\dwm.exe - (dwm.exe) [E-Peek 3.0] -Relaflox- C:\Users\Relaflox\Downloads\E-Peek 3.0\E-Peek 3.0.exe - (E Dev Software) [explorer] -Relaflox- C:\Windows\explorer.exe - (explorer.exe) [Facebook Gameroom Browser] -Relaflox- C:\Users\Relaflox\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe - (The CefSharp Authors) [FacebookGameroom] -Relaflox- C:\Users\Relaflox\AppData\Local\Facebook\Games\FacebookGameroom.exe - (Facebook) [fontdrvhost] -UMFD-0- C:\Windows\System32\fontdrvhost.exe - (fontdrvhost.exe) [fontdrvhost] -UMFD-1- C:\Windows\System32\fontdrvhost.exe - (fontdrvhost.exe) [FSS] -Relaflox- C:\Users\Relaflox\Downloads\FSS.exe - (Farbar) [GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe - (Google Inc.) [GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe - (GoogleCrashHandler64.exe) [HPSIsvc] -SYSTEM- C:\Windows\System32\HPSIsvc.exe - (HPSIsvc.exe) [HxTsr] -Relaflox- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21755.0_x64__8wekyb3d8bbwe\HxTsr.exe - (HxTsr.exe) [IAStorDataMgrSvc] -SYSTEM- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe - (Intel Corporation) [IAStorIcon] -Relaflox- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe - (Intel Corporation) [igfxCUIService] -SYSTEM- C:\Windows\System32\igfxCUIService.exe - (igfxCUIService.exe) [IpOverUsbSvc] -SYSTEM- C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe - (Microsoft Corporation) [IPROSetMonitor] -SYSTEM- C:\Windows\System32\IPROSetMonitor.exe - (IPROSetMonitor.exe) [jusched] -Relaflox- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - (Oracle Corporation) [lsass] -SYSTEM- C:\Windows\System32\lsass.exe - (lsass.exe) [McAfee.TrueKey.Service] -SYSTEM- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe - (McAfee.TrueKey.Service.exe) [McTkSchedulerService] -SYSTEM- C:\Program Files\TrueKey\McTkSchedulerService.exe - (McTkSchedulerService.exe) [Memory Compression] -SYSTEM- - (Memory Compression) [Microsoft.Photos] -Relaflox- C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe - (Microsoft.Photos.exe) [MicrosoftEdge] -Relaflox- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe - (MicrosoftEdge.exe) [MicrosoftEdgeCP] -Relaflox- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe - (MicrosoftEdgeCP.exe) [MicrosoftEdgeCP] -Relaflox- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe - (MicrosoftEdgeCP.exe) [MSASCuiL] -Relaflox- C:\Program Files\Windows Defender\MSASCuiL.exe - (MSASCuiL.exe) [MsMpEng] -SYSTEM- C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe - (MsMpEng.exe) [Music.UI] -Relaflox- C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18041.14611.0_x64__8wekyb3d8bbwe\Music.UI.exe - (Music.UI.exe) [NisSrv] -USŁUGA SIECIOWA- C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe - (NisSrv.exe) [nvcontainer] -Relaflox- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe - () [nvcontainer] -Relaflox- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe - () [nvcontainer] -SYSTEM- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe - (nvcontainer.exe) [NVDisplay.Container] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe - (NVDisplay.Container.exe) [NVDisplay.Container] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe - (NVDisplay.Container.exe) [NVIDIA Share] -Relaflox- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe - (NVIDIA Corporation) [NVIDIA Share] -Relaflox- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe - (NVIDIA Corporation) [NVIDIA Web Helper] -Relaflox- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe - (Node.js) [nvsphelper64] -Relaflox- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe - (nvsphelper64.exe) [NvTelemetryContainer] -USŁUGA SIECIOWA- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe - () [PresentationFontCache] -USŁUGA LOKALNA- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - (PresentationFontCache.exe) [Registry] -SYSTEM- - (Registry) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [RuntimeBroker] -Relaflox- C:\Windows\System32\RuntimeBroker.exe - (RuntimeBroker.exe) [SearchFilterHost] -SYSTEM- C:\Windows\System32\SearchFilterHost.exe - (SearchFilterHost.exe) [SearchIndexer] -SYSTEM- C:\Windows\System32\SearchIndexer.exe - (SearchIndexer.exe) [SearchProtocolHost] -Relaflox- C:\Windows\System32\SearchProtocolHost.exe - (SearchProtocolHost.exe) [SearchProtocolHost] -SYSTEM- C:\Windows\System32\SearchProtocolHost.exe - (SearchProtocolHost.exe) [SearchUI] -Relaflox- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe - (SearchUI.exe) [SecurityHealthService] -SYSTEM- C:\Windows\System32\SecurityHealthService.exe - (SecurityHealthService.exe) [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe) [SgrmBroker] -SYSTEM- C:\Windows\System32\SgrmBroker.exe - (SgrmBroker.exe) [ShellExperienceHost] -Relaflox- C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe - (ShellExperienceHost.exe) [sihost] -Relaflox- C:\Windows\System32\sihost.exe - (sihost.exe) [SkypeHost] -Relaflox- C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe - (SkypeHost.exe) [SmartHookTestApp] -Relaflox- C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\SmartHookTestApp.exe - (TODO: ) [smartscreen] -Relaflox- C:\Windows\System32\smartscreen.exe - (smartscreen.exe) [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe) [SoundMixer] -Relaflox- C:\Users\Relaflox\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe - (SoundMixer.exe) [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (spoolsv.exe) [sppsvc] -USŁUGA SIECIOWA- C:\Windows\System32\sppsvc.exe - (sppsvc.exe) [System] -N/A- - (System) [SystemSettings] -Relaflox- C:\Windows\ImmersiveControlPanel\SystemSettings.exe - (SystemSettings.exe) [SystemSettingsBroker] -Relaflox- C:\Windows\System32\SystemSettingsBroker.exe - (SystemSettingsBroker.exe) [taskhostw] -Relaflox- C:\Windows\System32\taskhostw.exe - (taskhostw.exe) [Taskmgr] -Relaflox- C:\Windows\System32\Taskmgr.exe - (Taskmgr.exe) [TestDDCCI] -Relaflox- C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\TestDDCCI.exe - () [TestDDCCI] -Relaflox- C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\TestDDCCI.exe - () [USB Gamepad] -Relaflox- C:\Windows\USB Vibration\7906\USB Gamepad.exe - (USB Gamepad.exe) [Video.UI] -Relaflox- C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe - (Video.UI.exe) [wininit] -SYSTEM- C:\Windows\System32\wininit.exe - (wininit.exe) [winlogon] -SYSTEM- C:\Windows\System32\winlogon.exe - (winlogon.exe) [WinStore.App] -Relaflox- C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe - (WinStore.App.exe) [WmiPrvSE] -USŁUGA SIECIOWA- C:\Windows\System32\wbem\WmiPrvSE.exe - (WmiPrvSE.exe) [wmpnetwk] -USŁUGA SIECIOWA- C:\Program Files\Windows Media Player\wmpnetwk.exe - (wmpnetwk.exe) [WUDFHost] -USŁUGA LOKALNA- C:\Windows\System32\WUDFHost.exe - (WUDFHost.exe) ==================== IE PAGES ================================================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Local Page = C:\Windows\SysWOW64\blank.htm Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = @ieframe.dll,-12512 URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== IE PAGES x64 ============================================== HKLM\Software\Microsoft\Internet Explorer\Main Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Local Page = C:\Windows\System32\blank.htm Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\SearchScopes DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} DisplayName = @ieframe.dll,-12512 URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== Auto Load ================================================= HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon Shell = explorer.exe ==================== Auto Load x64 ============================================= HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = C:\Windows\system32\userinit.exe, Shell = explorer.exe ==================== Browsers present ========================================== Google Chrome IEXPLORE.EXE ==================== Google Chrome ============================================= GC - Local State Path: C:\Users\Relaflox\AppData\Local\Google\Chrome\User Data\Local State GC - Profile: [Default] Name: Pierwszy użytkownik - Shortcut name: - Username: blondyn196@gmail.com ==================== Google Chrome Profile: Default ============================ GC - Prefpath: C:\Users\Relaflox\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences GC - Homepage: ["hxxp://www.google.pl/","hxxp://www.google.com","hxxp://www.istartsurf.com/?type=hp&ts=1441052106&z=8b3dbdacefd6b7c760916a8g4z3zcgde5w4gat9b3e&from=obw&uid=ST1000DM003-1ER162_Z4Y0F131XXXXZ4Y0F131"] GC - Ext: [ Chrome Web Store ] version: 0.2 Description: Odkryj znakomite aplikacje, gry, rozszerzenia i motywy do przeglądarki Google Chrome. Path: C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\resources\web_store GC - Ext: [ Unknown Space ] version: 1.6 Description: Tylko najlepsze i najpopularniejsze motywy z Atavi.com Path: bpjdbdbhiomamecfnjahemfimgjamhjd\1.6_0 GC - Ext: [ Adblock Plus ] version: 3.1 Description: Ponad 500 milionów pobrań czyni Adblock Plusa jednym z najpopularniejszych na świecie programów do blokowania reklam. Path: cfhdojbkjhnklbpkdaibdccddilifddb\3.1_0 GC - Ext: [ Bookmark Manager ] version: 0.1 Description: Bookmark Manager Path: C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\resources\bookmark_manager GC - Ext: [ Block Site - Website Blocker for Chrome™ ] version: 3.2.2 Description: Stay focused and improve productivity. Easily block any distracting or harmful website. Stop procrastination once and for all! Path: eiimnmioipafcokbfikbljfdeojpcgbh\3.2.2_0 GC - Ext: [ EditThisCookie ] version: 1.4.7 Description: EditThisCookie to menadżer ciasteczek. Możesz dodawać, usuwać, edytować, wyszukiwać, chronić oraz blokować ciasteczka! Path: fngmhnnpilhplaeedifhccceomclgfbg\1.4.7_0 GC - Ext: [ Feedback ] version: 1.0 Description: User feedback extension Path: C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\resources\feedback GC - Ext: [ Avast Online Security ] version: 12.0.505 Description: Avast Browser Security and Web Reputation Plugin. Path: gomekmidlodglbbmalcneegieacbdmki\12.0.505_0 GC - Ext: [ CryptoTokenExtension ] version: 0.9.73 Description: CryptoToken Component Extension Path: C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\resources\cryptotoken GC - Ext: [ Cloud Print ] version: 0.1 Description: Cloud Print Path: C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\resources\cloud_print GC - Ext: [ GaiaAuthExtension ] version: 0.0.1 Description: GAIA Component Extension Path: C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\resources\gaia_auth GC - Ext: [ Chrome PDF Viewer ] version: 1 Description: Path: C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\resources\pdf GC - Ext: [ Google Network Speech ] version: 1.0 Description: Component extension providing speech via the Google network text-to-speech service. Path: C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\resources\network_speech_synthesis GC - Ext: [ Google Hangouts ] version: 1.3.7 Description: Path: C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\resources\hangout_services ==================== Windows Host File ========================================= Number of lines exceeds 10 ==================== BHO ======================================================= HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects {72853161-30C5-4D22-B7F9-0BBC1D38A37E} HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Default = Groove GFS Browser Helper => HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 Default = C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll ==================== BHO x64 =================================================== HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects {72853161-30C5-4D22-B7F9-0BBC1D38A37E} HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Default = Groove GFS Browser Helper => HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 Default = C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll ==================== Auto Start Programs ======================================= HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run BCSSync = "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices HPUsageTrackingLEDM = "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" USB Gamepad = C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run AudioBox VSL = C:\Program Files\PreSonus\AudioBox\AudioBox.exe -startup ChomikBox = C:\Program Files (x86)\ChomikBox\ChomikBox.exe DesktopCal = C:\Users\Relaflox\AppData\Roaming\DesktopCal\desktopcal.exe OneDriveSetup = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup Steam = "D:\Steam\steam.exe" -silent TIDAL = C:\Users\Relaflox\AppData\Local\TIDAL\update.exe --processStart TIDAL.exe --process-start-args "-autostart" uTorrent = "C:\Users\Relaflox\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== Auto Start Programs x64 =================================== HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx IAStorIcon = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 RTHDVCPL = "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s SecurityHealth = C:\Program Files (x86)\Windows Defender\MSASCuiL.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled] AvastUI.exe = 2 IAStorIcon = 2 RTHDVCPL = 6 SecurityHealth = 6 ShadowPlay = 2 WindowsDefender = 4 BCSSync = 2 HPUsageTrackingLEDM = 6 LeagueDisplays = 3 StereoLinksInstall = 4 SunJavaUpdateSched = 2 USB Gamepad = 6 Dual Smart Solution.lnk = 2 McAfee Security Scan Plus.lnk = 3 HKCU\Software\Microsoft\Windows\CurrentVersion\Run AudioBox VSL = C:\Program Files\PreSonus\AudioBox\AudioBox.exe -startup ChomikBox = C:\Program Files (x86)\ChomikBox\ChomikBox.exe DesktopCal = C:\Users\Relaflox\AppData\Roaming\DesktopCal\desktopcal.exe OneDriveSetup = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup Steam = "D:\Steam\steam.exe" -silent TIDAL = C:\Users\Relaflox\AppData\Local\TIDAL\update.exe --processStart TIDAL.exe --process-start-args "-autostart" uTorrent = "C:\Users\Relaflox\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED Startup - C:\Users\Relaflox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dual Smart Solution.lnk CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==================== Extra Items IE ============================================ HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Extra Items IE x64 ======================================== HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Internet Default Prefix =================================== HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix Default = http:// HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes WWW = http:// ==================== Internet Default Prefix x64 =============================== HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix Default = http:// HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes WWW = http:// ==================== Protocol Hijackers ======================================== HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\tbauth CLSID = {14654CA6-5711-491D-B89A-58E571679951} => SOFTWARE\Classes\\CLSID\{14654CA6-5711-491D-B89A-58E571679951}\InProcServer32 @ Default = Unknown # C:\Windows\SysWOW64\tbauth.dll # MD5 [29e5cdd824bfeafe77eddb025ab97380] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\windows.tbauth CLSID = {14654CA6-5711-491D-B89A-58E571679951} => SOFTWARE\Classes\\CLSID\{14654CA6-5711-491D-B89A-58E571679951}\InProcServer32 @ Default = Unknown # C:\Windows\SysWOW64\tbauth.dll # MD5 [29e5cdd824bfeafe77eddb025ab97380] HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml CLSID = {807573E5-5146-11D5-A672-00B0D022E945} => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown ==================== Protocol Hijackers x64 ==================================== HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbauth CLSID = {14654CA6-5711-491D-B89A-58E571679951} => SOFTWARE\Classes\\CLSID\{14654CA6-5711-491D-B89A-58E571679951}\InProcServer32 @ Default = Unknown # C:\Windows\System32\tbauth.dll # MD5 [29e5cdd824bfeafe77eddb025ab97380] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\windows.tbauth CLSID = {14654CA6-5711-491D-B89A-58E571679951} => SOFTWARE\Classes\\CLSID\{14654CA6-5711-491D-B89A-58E571679951}\InProcServer32 @ Default = Unknown # C:\Windows\System32\tbauth.dll # MD5 [29e5cdd824bfeafe77eddb025ab97380] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml CLSID = {807573E5-5146-11D5-A672-00B0D022E945} => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown ==================== ShellServiceObjectDelayLoad =============================== HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present] ==================== ShellServiceObjectDelayLoad x64 ========================= HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present] ==================== Extra (Torpig/ConduitSearch) ============================== HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D} => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\WINDOWS\system32\shell32.dll HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6} => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\WINDOWS\system32\ntshrui.dll HKCR\Directory\shellex\CopyHookHandlers\WinSCPCopyHook @ Default = {E15E1D68-0D1C-49F7-BEB8-812B1E00FA60} => HKCR\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InProcServer32 @ Default = C:\Program Files (x86)\WinSCP\DragExt64.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [asComSvc] - ASUS Com Service - c:\program files (x86)\asus\axsp\1.02.00\atkexcomsvc.exe SERV - R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe SERV - R2 - [igfxCUIService2.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe [x] SERV - R2 - [Intel(R) PROSet Monitoring Service] - Intel(R) PROSet Monitoring Service - c:\windows\system32\iprosetmonitor.exe [x] SERV - R2 - [IpOverUsbSvc] - Windows Phone IP over USB Transport (IpOverUsbSvc) - c:\program files (x86)\common files\microsoft shared\phone tools\corecon\11.0\bin\ipoverusbsvc.exe SERV - R2 - [NvContainerLocalSystem] - NVIDIA LocalSystem Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe SERV - R2 - [NVDisplay.ContainerLocalSystem] - NVIDIA Display Container LS - c:\program files\nvidia corporation\display.nvcontainer\nvdisplay.container.exe SERV - R2 - [NvTelemetryContainer] - NVIDIA Telemetry Container - c:\program files (x86)\nvidia corporation\nvtelemetry\nvtelemetrycontainer.exe SERV - R2 - [SecurityHealthService] - Usługa Windows Defender Security Center - c:\windows\system32\securityhealthservice.exe [x] SERV - R2 - [SgrmBroker] - Broker monitorów czasu wykonywania funkcji System Guard - c:\windows\system32\sgrmbroker.exe [x] SERV - R2 - [sppsvc] - Ochrona oprogramowania - c:\windows\system32\sppsvc.exe [x] SERV - R2 - [TrueKey] - Intel Security True Key - c:\program files\truekey\mcafee.truekey.service.exe SERV - R2 - [TrueKeyScheduler] - McAfee True Key Scheduler - c:\program files\truekey\mctkschedulerservice.exe SERV - R2 - [WinDefend] - Usługa Program antywirusowy Windows Defender - c:\programdata\microsoft\windows defender\platform\4.14.17639.18041-0\msmpeng.exe SERV - R2 - [WMPNetworkSvc] - Usługa udostępniania w sieci programu Windows Media Player - c:\program files (x86)\windows media player\wmpnetwk.exe [x] SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R3 - [FontCache3.0.0.0] - Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - R3 - [WdNisSvc] - Usługa inspekcji sieci Programu antywirusowego Windows Defender - c:\programdata\microsoft\windows defender\platform\4.14.17639.18041-0\nissrv.exe SERV - S2 - [gupdate] - Usługa Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe SERV - S2 - [HP LaserJet Service] - HP LaserJet Service - c:\program files (x86)\hp\hplaserjetservice\hplaserjetservice.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Usługa bramy warstwy aplikacji - c:\windows\system32\alg.exe [x] SERV - S3 - [BEService] - BattlEye Service - c:\program files (x86)\common files\battleye\beservice.exe SERV - S3 - [COMSysApp] - Aplikacja systemowa modelu COM+ - c:\windows\system32\dllhost.exe SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe SERV - S3 - [diagnosticshub.standardcollector.service] - Standardowa usługa kolektora centrum diagnostycznego firmy Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe [x] SERV - S3 - [Fax] - Faks - c:\windows\system32\fxssvc.exe [x] SERV - S3 - [gupdatem] - Usługa Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe SERV - S3 - [McComponentHostService] - McAfee Security Scan Component Host Service - c:\program files\mcafee security scan\3.11.681\mcchsvc.exe SERV - S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe SERV - S3 - [MSDTC] - Koordynator transakcji rozproszonych - c:\windows\system32\msdtc.exe [x] SERV - S3 - [msiserver] - Instalator Windows - c:\windows\system32\msiexec.exe SERV - S3 - [NvContainerNetworkService] - NVIDIA NetworkService Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe SERV - S3 - [PerfHost] - Host biblioteki DLL liczników wydajności - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Lokalizator usługi zdalnego wywołania procedury (RPC) - c:\windows\system32\locator.exe [x] SERV - S3 - [Sense] - Usługa Zaawansowana ochrona przed zagrożeniami w usłudze Windows Defender - c:\program files (x86)\windows defender advanced threat protection\mssense.exe [x] SERV - S3 - [SensorDataService] - Usługa danych czujników - c:\windows\system32\sensordataservice.exe [x] SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe [x] SERV - S3 - [spectrum] - Usługa percepcji systemu Windows - c:\windows\system32\spectrum.exe [x] SERV - S3 - [ssh-agent] - OpenSSH Authentication Agent - c:\windows\system32\openssh\ssh-agent.exe [x] SERV - S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe SERV - S3 - [TieringEngineService] - Zarządzanie warstwami magazynowania - c:\windows\system32\tieringengineservice.exe [x] SERV - S3 - [TrueKeyServiceHelper] - McAfee True Key Helper Service - c:\program files\truekey\mcafee.truekey.servicehelper.exe SERV - S3 - [TrustedInstaller] - Instalator modułów systemu Windows - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Dysk wirtualny - c:\windows\system32\vds.exe [x] SERV - S3 - [VSS] - Kopiowanie woluminów w tle - c:\windows\system32\vssvc.exe [x] SERV - S3 - [wbengine] - Usługa Aparat kopii zapasowej na poziomie bloku - c:\windows\system32\wbengine.exe [x] SERV - S3 - [wmiApSrv] - Karta wydajności WMI - c:\windows\system32\wbem\wmiapsrv.exe [x] SERV - S3 - [xbgm] - Xbox Game Monitoring - c:\windows\system32\xbgmsvc.exe [x] SERV - S4 - [AppVClient] - Microsoft App-V Client - c:\windows\system32\appvclient.exe [x] SERV - S4 - [UevAgentService] - User Experience Virtualization Service - c:\windows\system32\agentservice.exe [x] *** Win32ShareProcess *** SERV - R2 - [SamSs] - Menedżer kont zabezpieczeń - c:\windows\system32\lsass.exe [x] SERV - R3 - [KeyIso] - Izolacja klucza CNG - c:\windows\system32\lsass.exe [x] SERV - R3 - [VaultSvc] - Menedżer poświadczeń - c:\windows\system32\lsass.exe [x] SERV - S3 - [EFS] - System szyfrowania plików (EFS) - c:\windows\system32\lsass.exe [x] SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe [x] SERV - S3 - [Te.Service] - Te.Service - c:\program files (x86)\windows kits\10\testing\runtimes\taef\wex.services.exe SERV - S4 - [NetTcpPortSharing] - Usługa udostępniania portów Net.Tcp - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [HPSIService] - HP SI Service - c:\windows\system32\hpsisvc.exe [x] SERV - R2 - [Spooler] - Bufor wydruku - c:\windows\system32\spoolsv.exe [x] *** File System Driver *** DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys [x] DRV - R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys [x] DRV - R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys [x] DRV - R0 - [WdFilter] - Sterownik minifiltru Programu antywirusowego Windows Defender - C:\WINDOWS\system32\Drivers\WdFilter.sys [x] DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\sysWOW64\Drivers\Wof.sys [x] DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys [x] DRV - R2 - [srv] - Sterownik serwera SMB 1.xxx - C:\WINDOWS\system32\Drivers\srv.sys [x] DRV - R3 - [srv2] - Sterownik serwera SMB 2.xxx - C:\WINDOWS\system32\Drivers\srv2.sys [x] *** Kernel Driver *** DRV - R0 - [ACPI] - Sterownik Microsoft ACPI - C:\WINDOWS\system32\Drivers\ACPI.sys [x] DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys [x] DRV - R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys [x] DRV - R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys [x] DRV - R0 - [Disk] - Sterownik dysku - C:\WINDOWS\system32\Drivers\Disk.sys [x] DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys [x] DRV - R0 - [fvevol] - Sterownik filtru szyfrowania dysków funkcją BitLocker - C:\WINDOWS\system32\Drivers\fvevol.sys [x] DRV - R0 - [iaStorA] - iaStorA - C:\WINDOWS\system32\Drivers\iaStorA.sys [x] DRV - R0 - [intelpep] - Sterownik wtyczki aparatu zasilania firmy Intel(R) - C:\WINDOWS\system32\Drivers\intelpep.sys [x] DRV - R0 - [iorate] - Sterownik filtru szybkości operacji we/wy dysku - C:\WINDOWS\system32\Drivers\iorate.sys [x] DRV - R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys [x] DRV - R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys [x] DRV - R0 - [mountmgr] - Menedżer punktów instalacji - C:\WINDOWS\system32\Drivers\mountmgr.sys [x] DRV - R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys [x] DRV - R0 - [MsSecFlt] - Minifiltr składnika Zdarzenia zabezpieczeń firmy Microsoft - C:\WINDOWS\system32\Drivers\MsSecFlt.sys [x] DRV - R0 - [NDIS] - Sterownik systemowy NDIS - C:\WINDOWS\system32\Drivers\NDIS.sys [x] DRV - R0 - [partmgr] - Sterownik partycji - C:\WINDOWS\system32\Drivers\partmgr.sys [x] DRV - R0 - [pci] - Sterownik magistrali PCI - C:\WINDOWS\system32\Drivers\pci.sys [x] DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys [x] DRV - R0 - [pdc] - Kontroler PDC - C:\WINDOWS\system32\Drivers\pdc.sys [x] DRV - R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys [x] DRV - R0 - [SgrmAgent] - System Guard Runtime Monitor Agent - C:\WINDOWS\system32\Drivers\SgrmAgent.sys [x] DRV - R0 - [spaceport] - Sterownik funkcji Miejsca do magazynowania - C:\WINDOWS\system32\Drivers\spaceport.sys [x] DRV - R0 - [Tcpip] - Sterownik protokołu TCP/IP - C:\WINDOWS\system32\Drivers\Tcpip.sys [x] DRV - R0 - [vdrvroot] - Moduł wyliczający dysku wirtualnego firmy Microsoft - C:\WINDOWS\system32\Drivers\vdrvroot.sys [x] DRV - R0 - [volmgr] - Sterownik Menedżera woluminów - C:\WINDOWS\system32\Drivers\volmgr.sys [x] DRV - R0 - [volmgrx] - Menedżer woluminów dynamicznych - C:\WINDOWS\system32\Drivers\volmgrx.sys [x] DRV - R0 - [volsnap] - Sterownik kopiowania woluminów w tle - C:\WINDOWS\system32\Drivers\volsnap.sys [x] DRV - R0 - [volume] - Sterownik woluminu - C:\WINDOWS\system32\Drivers\volume.sys [x] DRV - R0 - [Wdf01000] - Usługa struktur sterowników trybu jądra - C:\WINDOWS\system32\Drivers\Wdf01000.sys [x] DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\WINDOWS\system32\Drivers\WFPLWFS.sys [x] DRV - R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys [x] DRV - R0 - [WindowsTrustedRTProxy] - Bezpieczna usługa zaufanego środowiska uruchomieniowego systemu Microsoft Windows - C:\WINDOWS\system32\Drivers\WindowsTrustedRTProxy.sys [x] DRV - R1 - [AFD] - Sterownik funkcji pomocniczej usługi Winsock - C:\WINDOWS\system32\Drivers\AFD.sys [x] DRV - R1 - [Beep] - Beep - C:\WINDOWS\system32\sysWOW64\Drivers\Beep.sys [x] DRV - R1 - [tdx] - Sterownik obsługi starszych urządzeń TDI NetIO - C:\WINDOWS\system32\Drivers\tdx.sys [x] DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys [x] DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys [x] DRV - S0 - [WdBoot] - Sterownik rozruchowy Programu antywirusowego Windows Defender - C:\WINDOWS\system32\Drivers\WdBoot.sys [x] DRV - S3 - [atapi] - Kanał IDE - C:\WINDOWS\system32\Drivers\atapi.sys [x] DRV - S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\WINDOWS\system32\Drivers\Tcpip6.sys [x] ==================== SvcHost - White Listed ==================================== HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@appmodel camsvc = ServiceDll = C:\WINDOWS\system32\CapabilityAccessManager.dll [File not exists] StateRepository = ServiceDll = C:\WINDOWS\system32\windows.staterepository.dll [8f39877a71e1f66ca506f8795e014c90] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@LocalServiceNetworkRestricted WinHttpAutoProxySvc = ServiceDll = C:\WINDOWS\system32\winhttp.dll [cfed9b163d3d7391351565babc285bd9] DHCP = ServiceDll = C:\WINDOWS\system32\dhcpcore.dll [97939b8e13fd808b3b88b796a555878f] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@LocalServicePeerNet PNRPSvc = ServiceDll = C:\WINDOWS\system32\pnrpsvc.dll [File not exists] p2pimsvc = ServiceDll = C:\WINDOWS\system32\pnrpsvc.dll [File not exists] p2psvc = ServiceDll = C:\WINDOWS\system32\p2psvc.dll [File not exists] PnrpAutoReg = ServiceDll = C:\WINDOWS\system32\pnrpauto.dll [File not exists] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@LocalSystemNetworkRestricted NcbService = ServiceDll = C:\WINDOWS\System32\ncbservice.dll [File not exists] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@netsvcs TokenBroker = ServiceDll = C:\WINDOWS\System32\TokenBroker.dll [75ba453491a3b137801bc30cf9d7830b] UserManager = ServiceDll = C:\WINDOWS\System32\usermgr.dll [File not exists] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@PrintWorkflow PrintWorkflowUserSvc = ServiceDll = C:\WINDOWS\System32\PrintWorkflowService.dll [d70483533f15a746edcf41a3d67fb0cf] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@smbsvcs lanmanserver = ServiceDll = C:\WINDOWS\system32\srvsvc.dll [File not exists] ==================== SvcHost x64 - White Listed ================================ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@appmodel EntAppSvc = ServiceDll = C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [File not exists] WalletService = ServiceDll = C:\WINDOWS\system32\WalletService.dll [File not exists] camsvc = ServiceDll = C:\WINDOWS\system32\CapabilityAccessManager.dll [File not exists] StateRepository = ServiceDll = C:\WINDOWS\system32\windows.staterepository.dll [8f39877a71e1f66ca506f8795e014c90] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@AssignedAccessManagerSvc AssignedAccessManagerSvc = ServiceDll = C:\WINDOWS\System32\assignedaccessmanagersvc.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@BcastDVRUserService BcastDVRUserService = ServiceDll = C:\WINDOWS\System32\BcastDVRUserService.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@BthAppGroup BluetoothUserService = ServiceDll = C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@Camera FrameServer = ServiceDll = C:\WINDOWS\system32\FrameServer.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@DevicesFlow DevicesFlowUserSvc = ServiceDll = C:\WINDOWS\System32\DevicesFlowBroker.dll [File not exists] DevicePickerUserSvc = ServiceDll = C:\WINDOWS\System32\Windows.Devices.Picker.dll [07b6a249301683cb9a78bc914b3169d1] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@diagnostics DiagSvc = ServiceDll = C:\WINDOWS\system32\DiagSvc.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@GraphicsPerfSvcGroup GraphicsPerfSvc = ServiceDll = C:\WINDOWS\System32\GraphicsPerfSvc.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalService bthavctpsvc = ServiceDll = C:\WINDOWS\System32\BthAvctpSvc.dll [File not exists] CDPSvc = ServiceDll = C:\WINDOWS\System32\CDPSvc.dll [File not exists] SharedRealitySvc = ServiceDll = C:\WINDOWS\System32\SharedRealitySvc.dll [File not exists] WpcMonSvc = ServiceDll = C:\WINDOWS\System32\WpcDesktopMonSvc.dll [File not exists] LicenseManager = ServiceDll = C:\WINDOWS\system32\LicenseManagerSvc.dll [File not exists] tzautoupdate = ServiceDll = C:\WINDOWS\system32\tzautoupdate.dll [a907e8f5b7cd5737461cf7e6a06e27f7] SEMgrSvc = ServiceDll = C:\WINDOWS\system32\SEMgrSvc.dll [File not exists] PhoneSvc = ServiceDll = C:\WINDOWS\System32\PhoneService.dll [File not exists] CaptureService = ServiceDll = C:\WINDOWS\System32\CaptureService.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalServiceNetworkRestricted TimeBrokerSvc = ServiceDll = C:\WINDOWS\System32\TimeBrokerServer.dll [File not exists] WarpJITSvc = ServiceDll = C:\WINDOWS\System32\Windows.WARP.JITService.dll [File not exists] WinHttpAutoProxySvc = ServiceDll = C:\WINDOWS\system32\winhttp.dll [cfed9b163d3d7391351565babc285bd9] DusmSvc = ServiceDll = C:\WINDOWS\System32\dusmsvc.dll [File not exists] icssvc = ServiceDll = C:\WINDOWS\System32\tetheringservice.dll [File not exists] RmSvc = ServiceDll = C:\WINDOWS\System32\RMapi.dll [File not exists] VacSvc = ServiceDll = C:\WINDOWS\System32\vac.dll [File not exists] wlpasvc = ServiceDll = C:\WINDOWS\System32\lpasvc.dll [File not exists] WFDSConMgrSvc = ServiceDll = C:\WINDOWS\System32\wfdsconmgrsvc.dll [File not exists] NgcCtnrSvc = ServiceDll = C:\WINDOWS\System32\NgcCtnrSvc.dll [File not exists] AJRouter = ServiceDll = C:\WINDOWS\System32\AJRouter.dll [File not exists] btagservice = ServiceDll = C:\WINDOWS\System32\BTAGService.dll [File not exists] SmsRouter = ServiceDll = C:\WINDOWS\system32\SmsRouterSvc.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalServiceNoNetwork CoreMessagingRegistrar = ServiceDll = C:\WINDOWS\system32\coremessaging.dll [bbcb2681eb7f5f981112e6abec9751af] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalSystemNetworkRestricted HvHost = ServiceDll = C:\WINDOWS\System32\hvhostsvc.dll [File not exists] DsSvc = ServiceDll = C:\WINDOWS\System32\DsSvc.dll [File not exists] EmbeddedMode = ServiceDll = C:\WINDOWS\System32\embeddedmodesvc.dll [File not exists] SensorService = ServiceDll = C:\WINDOWS\system32\SensorService.dll [File not exists] NgcSvc = ServiceDll = C:\WINDOWS\system32\ngcsvc.dll [File not exists] DevQueryBroker = ServiceDll = C:\WINDOWS\system32\DevQueryBroker.dll [File not exists] vmicvmsession = ServiceDll = C:\WINDOWS\System32\icsvc.dll [File not exists] IPxlatCfgSvc = ServiceDll = C:\WINDOWS\System32\IpxlatCfg.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@netsvcs InstallService = ServiceDll = C:\WINDOWS\system32\InstallService.dll [4c352c4ee9d214b726d8e3777c0ffb09] LxpSvc = ServiceDll = C:\WINDOWS\System32\LanguageOverlayServer.dll [File not exists] shpamsvc = ServiceDll = C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [File not exists] PushToInstall = ServiceDll = C:\WINDOWS\system32\PushToInstall.dll [File not exists] XblGameSave = ServiceDll = C:\WINDOWS\System32\XblGameSave.dll [File not exists] DmEnrollmentSvc = ServiceDll = C:\WINDOWS\system32\Windows.Internal.Management.dll [ea4256f6ea9692c28fac8a033209eee9] XblAuthManager = ServiceDll = C:\WINDOWS\System32\XblAuthManager.dll [File not exists] NaturalAuthentication = ServiceDll = C:\WINDOWS\System32\NaturalAuth.dll [File not exists] NetSetupSvc = ServiceDll = C:\WINDOWS\System32\NetSetupSvc.dll [File not exists] UserManager = ServiceDll = C:\WINDOWS\System32\usermgr.dll [File not exists] XboxGipSvc = ServiceDll = C:\WINDOWS\System32\XboxGipSvc.dll [File not exists] TokenBroker = ServiceDll = C:\WINDOWS\System32\TokenBroker.dll [75ba453491a3b137801bc30cf9d7830b] dmwappushservice = ServiceDll = C:\WINDOWS\system32\dmwappushsvc.dll [File not exists] wisvc = ServiceDll = C:\WINDOWS\system32\flightsettings.dll [c4c087805d61baf77cc21e12cfa9542f] WpnService = ServiceDll = C:\WINDOWS\system32\WpnService.dll [File not exists] XboxNetApiSvc = ServiceDll = C:\WINDOWS\system32\XboxNetApiSvc.dll [File not exists] UsoSvc = ServiceDll = C:\WINDOWS\system32\usocore.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@NetworkService dosvc = ServiceDll = C:\WINDOWS\system32\dosvc.dll [File not exists] MapsBroker = ServiceDll = C:\WINDOWS\System32\moshost.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@PrintWorkflow PrintWorkflowUserSvc = ServiceDll = C:\WINDOWS\System32\PrintWorkflowService.dll [d70483533f15a746edcf41a3d67fb0cf] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@rdxgroup RetailDemo = ServiceDll = C:\WINDOWS\system32\RDXService.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@sdrsvc sdrsvc = ServiceDll = C:\WINDOWS\System32\SDRSVC.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@smbsvcs lanmanserver = ServiceDll = C:\WINDOWS\system32\srvsvc.dll [File not exists] browser = ServiceDll = C:\WINDOWS\System32\browser.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@UnistackSvcGroup WpnUserService = ServiceDll = C:\WINDOWS\System32\WpnUserService.dll [File not exists] MessagingService = ServiceDll = C:\WINDOWS\System32\MessagingService.dll [File not exists] UnistoreSvc = ServiceDll = C:\WINDOWS\System32\unistore.dll [1c88d59d8a19580ea0aa9e80acdc8ee3] PimIndexMaintenanceSvc = ServiceDll = C:\WINDOWS\System32\PimIndexMaintenance.dll [File not exists] CDPUserSvc = ServiceDll = C:\WINDOWS\System32\CDPUserSvc.dll [File not exists] UserDataSvc = ServiceDll = C:\WINDOWS\System32\userdataservice.dll [File not exists] OneSyncSvc = ServiceDll = C:\WINDOWS\System32\APHostService.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@utcsvc DiagTrack = ServiceDll = C:\WINDOWS\system32\diagtrack.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@wsappx clipsvc = ServiceDll = C:\WINDOWS\System32\ClipSVC.dll [File not exists] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@wusvcs WaaSMedicSvc = ServiceDll = C:\WINDOWS\System32\WaaSMedicSvc.dll [File not exists] ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Software Installed ======================================== Adobe Flash Player 29 NPAPI | Vers: 29.0.0.171 | Pub: Adobe Systems Incorporated Adobe Flash Player 29 PPAPI | Vers: 29.0.0.171 | Pub: Adobe Systems Incorporated Adobe Shockwave Player 12.2 | Vers: 12.2.5.195 | Pub: Adobe Systems, Inc Audacity 2.2.2 | Vers: 2.2.2 | Pub: Audacity Team BDE Data Samples 1.2 | Vers: 1.2 | Pub: Borland Borland Database Desktop | Pub: Borland Borland Database Engine 5.2.0.2 | Vers: 5.2.0.2 | Pub: Borland ChomikBox | Vers: 2.0.8.2 | Pub: Chomikuj.pl Definition Update for Microsoft Office 2010 (KB3115475) 32-Bit Edition | Pub: Microsoft Delphi 7 Second Edition | Pub: Lite Applications Dual Smart Solution | Vers: 2.7 | Pub: LG Soft India Pvt Ltd Facebook Gameroom 1.21.6697.19829 | Vers: 1.21.6697.19829 | Pub: Facebook GMX4 Gaming Mouse v1.0.8 | Pub: Inc. Google Chrome | Vers: 66.0.3359.181 | Pub: Google Inc. Google Update Helper | Vers: 1.3.33.17 | Pub: Google Inc. Heroes of Might and Magic III - Złota Edycja hppLaserJetService | Vers: 001.001.0.0 | Pub: Hewlett-Packard hppP1100P1560P1600SeriesLaserJetService | Vers: 001.001.0.0 | Pub: Hewlett-Packard hppusgP1100P1560P1600Series | Vers: 1.0.0.1 | Pub: Hewlett-Packard HPSSupply | Vers: 2.1.1.0000 | Pub: Hewlett Packard Development Company L.P. Intel(R) Processor Graphics | Vers: 20.19.15.4835 | Pub: Intel Corporation Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 | Vers: 10.1.15063.468 | Pub: Microsoft Java 8 Update 171 | Vers: 8.0.1710.11 | Pub: Oracle Corporation Java Auto Updater | Vers: 2.8.171.11 | Pub: Oracle Corporation kED 2.1.4.0 Kingdom Come Deliverance Kits Configuration Installer | Vers: 10.1.15063.468 | Pub: Microsoft Launcher Prerequisites (x64) | Vers: 1.0.0.0 | Pub: Epic Games, Inc. League of Legends | Vers: 4.2.1 | Pub: Riot Games LG Mobile Driver | Vers: 4.2.0 | Pub: LG Electronics MarketResearch | Vers: 130.0.374.000 | Pub: Hewlett-Packard Microsoft .NET Framework 4.7 SDK | Vers: 4.7.02046 | Pub: Microsoft Microsoft .NET Framework 4.7 Targeting Pack | Vers: 4.7.02046 | Pub: Microsoft Microsoft Office Access MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Access Setup Metadata MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Excel MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Groove MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office InfoPath MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office OneNote MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Outlook MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office PowerPoint MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Professional Plus 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Proof (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Proof (French) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Proof (Spanish) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Proofing (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Publisher MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Shared MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Shared Setup Metadata MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Office Word MUI (English) 2010 | Vers: 14.0.4734.1000 | Pub: Microsoft Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 | Vers: 9.0.30729.6161 | Pub: Microsoft Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 | Vers: 10.0.40219 | Pub: Microsoft Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 | Vers: 11.0.61030.0 | Pub: Microsoft Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 | Vers: 11.0.61030.0 | Pub: Microsoft Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 | Vers: 11.0.61030.0 | Pub: Корпорация Майкрософт Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 | Vers: 11.0.61030 | Pub: Microsoft Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 | Vers: 11.0.61030 | Pub: Microsoft Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 | Vers: 12.0.30501.0 | Pub: Microsoft Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 | Vers: 12.0.40660.0 | Pub: Microsoft Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 | Vers: 12.0.30501.0 | Pub: Microsoft Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 | Vers: 12.0.40660.0 | Pub: Microsoft Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 | Vers: 12.0.40660 | Pub: Microsoft Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 | Vers: 12.0.40660 | Pub: Microsoft Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24406 | Vers: 14.0.24406.0 | Pub: Microsoft Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406 | Vers: 14.0.24406.0 | Pub: Microsoft Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24406 | Vers: 14.0.24406 | Pub: Microsoft Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24406 | Vers: 14.0.24406 | Pub: Microsoft Microsoft XNA Framework Redistributable 4.0 | Vers: 4.0.20823.0 | Pub: Microsoft MSI Afterburner 2.3.1 | Vers: 2.3.1 | Pub: MSI Co., LTD MSI Development Tools | Vers: 10.1.15063.468 | Pub: Microsoft MsiVal2 | Vers: 10.1.15063.468 | Pub: Microsoft NVIDIA Stereoscopic 3D Driver | Vers: 7.17.13.7500 | Pub: NVIDIA Corporation OpenAL OpenOffice 4.1.3 | Vers: 4.13.9783 | Pub: Apache Software Foundation Orca | Vers: 10.1.15063.468 | Pub: Microsoft Realtek High Definition Audio Driver | Vers: 6.0.1.8186 | Pub: Realtek Semiconductor Corp. SDK ARM Additions | Vers: 10.1.15063.468 | Pub: Microsoft SDK ARM Redistributables | Vers: 10.1.15063.468 | Pub: Microsoft SDK Debuggers | Vers: 10.1.15063.468 | Pub: Microsoft Steam | Vers: 2.10.91.91 | Pub: Valve Corporation Universal CRT Extension SDK | Vers: 10.1.15063.468 | Pub: Microsoft Universal CRT Headers Libraries and Sources | Vers: 10.1.15063.468 | Pub: Microsoft Universal CRT Redistributable | Vers: 10.1.15063.468 | Pub: Microsoft Universal CRT Tools x86 | Vers: 10.1.15063.468 | Pub: Microsoft Universal General MIDI DLS Extension SDK | Vers: 10.1.15063.468 | Pub: Microsoft Update for Microsoft Office 2010 (KB2494150) | Pub: Microsoft Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition | Pub: Microsoft Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition | Pub: Microsoft Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition | Pub: Microsoft USB Network Joystick | Vers: V3.70a WinAppDeploy | Vers: 10.1.15063.468 | Pub: Microsoft Windows App Certification Kit Native Components | Vers: 10.1.15063.468 | Pub: Microsoft Windows App Certification Kit SupportedApiList x86 | Vers: 10.1.15063.468 | Pub: Microsoft Windows App Certification Kit x64 | Vers: 10.1.15063.468 | Pub: Microsoft Windows App Certification Kit x86 | Vers: 10.1.15063.468 | Pub: Microsoft Windows Desktop Extension SDK | Vers: 10.1.15063.468 | Pub: Microsoft Windows Desktop Extension SDK Contracts | Vers: 10.1.15063.468 | Pub: Microsoft Windows IoT Extension SDK | Vers: 10.1.15063.468 | Pub: Microsoft Windows IoT Extension SDK Contracts | Vers: 10.1.15063.468 | Pub: Microsoft Windows IP Over USB | Vers: 10.1.15063.468 | Pub: Microsoft Windows Mobile Connectivity Tools 10.0.15063.0 - Desktop x86 | Vers: 10.1.15063.468 | Pub: Microsoft Windows Mobile Extension SDK 10.0.15063.0 - ARM | Vers: 10.1.15063.468 | Pub: Microsoft Windows Mobile Extension SDK 10.0.15063.0 - x86 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK AddOn | Vers: 10.1.0.0 | Pub: Microsoft Windows SDK ARM Desktop Tools | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Headers arm | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Headers arm64 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Headers x64 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Headers x86 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Libs arm | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Libs arm64 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Libs x64 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Libs x86 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Tools arm64 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Tools x64 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Desktop Tools x86 | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK DirectX x86 Remote | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK EULA | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Facade Windows WinMD Versioned | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Apps | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Apps Contracts | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Apps DirectX x86 Remote | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Apps Headers | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Apps Legacy Tools | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Apps Libs | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Apps Metadata | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Apps Tools | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK for Windows Store Managed Apps Libs | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Modern Non-Versioned Developer Tools | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Modern Versioned Developer Tools | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Redistributables | Vers: 10.1.15063.468 | Pub: Microsoft Windows SDK Signing Tools | Vers: 10.1.15063.468 | Pub: Microsoft Windows Software Development Kit - Windows 10.0.15063.468 | Vers: 10.1.15063.468 | Pub: Microsoft Windows Team Extension SDK | Vers: 10.1.15063.468 | Pub: Microsoft Windows Team Extension SDK Contracts | Vers: 10.1.15063.468 | Pub: Microsoft WinRT Intellisense Desktop - en-us | Vers: 10.1.15063.468 | Pub: Microsoft WinRT Intellisense Desktop - Other Languages | Vers: 10.1.15063.468 | Pub: Microsoft WinRT Intellisense IoT - en-us | Vers: 10.1.15063.468 | Pub: Microsoft WinRT Intellisense IoT - Other Languages | Vers: 10.1.15063.468 | Pub: Microsoft WinRT Intellisense PPI - en-us | Vers: 10.1.15063.468 | Pub: Microsoft WinRT Intellisense PPI - Other Languages | Vers: 10.1.15063.468 | Pub: Microsoft WinRT Intellisense UAP - en-us | Vers: 10.1.15063.468 | Pub: Microsoft WinRT Intellisense UAP - Other Languages | Vers: 10.1.15063.468 | Pub: Microsoft WinSCP 5.11.3 | Vers: 5.11.3 | Pub: Martin Prikryl WinThruster | Vers: 1.16.8 | Pub: Solvusoft Corporation WPT Redistributables | Vers: 10.1.15063.468 | Pub: Microsoft WPTx64 | Vers: 10.1.15063.468 | Pub: Microsoft WPTx86 | Vers: 10.1.15063.468 | Pub: Microsoft X86 Debuggers And Tools | Vers: 10.1.15063.468 | Pub: Microsoft ==================== Job tasks at C:\WINDOWS\Tasks ============================= C:\WINDOWS\Tasks\SA.DAT 6 bytes [ 18.05.2018 10:36:02 ] ==================== Job tasks at C:\WINDOWS\system32\Tasks ==================== There are no .job files found. ==================== Job tasks at C:\WINDOWS\SysWOW64\Tasks ==================== There are no .job files found. ==================== End scanning at sob. 26 maj 2018 14:38 (0 Min 21 Sec ) ====