Prosim o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

jkim
Level 1
Level 1
Příspěvky: 53
Registrován: prosinec 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jkim » 13 črc 2018 19:39

SystemLook 30.07.11 by jpshortstuff
Log created at 19:37 on 13/07/2018 by JitKae
Administrator - Elevation successful

========== filefind ==========

Searching for "Photo.scr.*"
No files found.

Searching for "NOTIFIER.exe.*"
No files found.

========== regfind ==========

Searching for "NOTIFIER"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Windows.SystemToast.RasToastNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Windows.SystemToast.Notifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Windows.SystemToast.Notifier]
"DisplayName"="@%SystemRoot%\system32\Notifier.exe,-001"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Windows.SystemToast.Notifier]
"IconUri"="%SystemRoot%\system32\@NotifierToastIcon.png"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppUserModelId\Windows.SystemToast.RasToastNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F7650EE-9AFA-47B4-9BE7-F74D9D3C41D7}]
@="Immersive Shell Notifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12E6A993-AE52-4F99-8B89-41F985E6C952}\InprocServer32]
@="C:\Program Files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12E6A993-AE52-4F99-8B89-41F985E6C952}\ProgID]
@="OutlookChangeNotifier.Connect.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12E6A993-AE52-4F99-8B89-41F985E6C952}\VersionIndependentProgID]
@="OutlookChangeNotifier.Connect"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B7752CB-6AAF-4734-A0CE-47EB0D6C093F}]
@="UiaEndpointNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77CBBBB7-6CD0-48ED-A02B-52FBB0E43ECD}]
@="UiaWindowNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC708E53-18A1-4F70-89BE-B2C00A9CA467}]
@="UiaManagerEndpointStateNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd4b7782-eb37-4bfe-b9ce-685f634a08dc}]
@="CSdWhcNotifier Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd4b7782-eb37-4bfe-b9ce-685f634a08dc}\ProgID]
@="SDENGINE.CSdWhcNotifier.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd4b7782-eb37-4bfe-b9ce-685f634a08dc}\VersionIndependentProgID]
@="SDENGINE.CSdWhcNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07cfe943-62fd-4bfa-9e4b-0512e01cdabd}]
@="__x_Windows_CInternal_CStateRepository_CISecondaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0949e528-a186-4293-bdaa-a7aae678305d}]
@="__x_Windows_CInternal_CStateRepository_CISecondaryTileUserNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{12127662-A088-41C6-AFC7-4CBF014A4C7E}]
@="IUiaManagerEndpointStateNotifierSink"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{14285E06-63A7-4713-B6D9-62F64B56FB8B}]
@="__x_Windows_CSystem_CThreading_CCore_CISignalNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1C4E4566-8400-46D3-A115-7D0C0DFC9F62}]
@="__x_Windows_CSystem_CThreading_CCore_CISignalNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2dddc10e-38e6-5655-adf3-820e8fb14dcc}]
@="IAsyncOperation_1_Windows__CUI__CNotifications__CToastNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{46305C32-09C6-45B2-B032-C12E467D7C7E}]
@="ISignalableNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4CAFECDD-C315-464F-AB85-7D6DB67B61B8}]
@="IActiveMonitorNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4f9c5cec-0197-49fe-b800-0d5a72a6c505}]
@="IUiaWindowNotifierCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{60AAA1E2-9CF9-4FDD-B24F-1B8988AB3603}]
@="IInputModeChangeNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7797f7e7-b2de-4faa-9c71-643e245864c0}]
@="__x_Windows_CInternal_CStateRepository_CIPrimaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{788C26A0-757C-4E31-9134-864E5DDA19DD}]
@="__x_Windows_CInternal_CComposableShell_CSessionManagement_CISessionStateNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{88323784-87d3-4a39-82d5-751529f76581}]
@="IUiaManagerLifetimeNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A0619DC9-C18E-43DC-AB1C-EA9A0DF90597}]
@="IUiaEndpointNotifierCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{a5322dff-9ebc-5df1-953d-0237cea8614b}]
@="__FITypedEventHandler_2_Windows__CInternal__CStateRepository__CPrimaryTileUserNotifier_Windows__CInternal__CStateRepository__CPrimaryTileUserChangedEventArgs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{b3bcbe8d-434c-49d7-9a10-d93e55959b9b}]
@="__x_Windows_CInternal_CStateRepository_CIPrimaryTileUserNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ccb96d97-791c-5741-8f33-fb7266d6ea33}]
@="__FITypedEventHandler_2_Windows__CInternal__CStateRepository__CSecondaryTileUserNotifier_Windows__CInternal__CStateRepository__CSecondaryTileUserChangedEventArgs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EE046ED5-6EAF-4FBA-BDF6-0965545FEDB8}]
@="IUiaManagerEndpointStateNotifierSinkRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCBC010E-A314-43E9-B40A-49690A0C8B78}]
@="IUiaManagerEndpointStateNotifierSinkRegistrationToken"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{fde26ed7-bc37-5a7c-b3da-3e41ac97bba4}]
@="IAsyncOperationCompletedHandler_1_Windows__CUI__CNotifications__CToastNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OutlookChangeNotifier.Connect]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OutlookChangeNotifier.Connect\CurVer]
@="OutlookChangeNotifier.Connect.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OutlookChangeNotifier.Connect.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SDENGINE.CSdWhcNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SDENGINE.CSdWhcNotifier]
@="CSdWhcNotifier Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SDENGINE.CSdWhcNotifier\CurVer]
@="SDENGINE.CSdWhcNotifier.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SDENGINE.CSdWhcNotifier.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SDENGINE.CSdWhcNotifier.1]
@="CSdWhcNotifier Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Search.DirMonitorNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Search.DirMonitorNotifier]
@="DirMonitorNotifier Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Search.DirMonitorNotifier\CurVer]
@="Search.DirMonitorNotifier.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Search.DirMonitorNotifier.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Search.DirMonitorNotifier.1]
@="DirMonitorNotifier Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0]
@="OutlookChangeNotifierAddin1 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0\0\win64]
@="C:\Program Files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F7650EE-9AFA-47B4-9BE7-F74D9D3C41D7}]
@="Immersive Shell Notifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6B7752CB-6AAF-4734-A0CE-47EB0D6C093F}]
@="UiaEndpointNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77CBBBB7-6CD0-48ED-A02B-52FBB0E43ECD}]
@="UiaWindowNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BC708E53-18A1-4F70-89BE-B2C00A9CA467}]
@="UiaManagerEndpointStateNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{07cfe943-62fd-4bfa-9e4b-0512e01cdabd}]
@="__x_Windows_CInternal_CStateRepository_CISecondaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0949e528-a186-4293-bdaa-a7aae678305d}]
@="__x_Windows_CInternal_CStateRepository_CISecondaryTileUserNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{12127662-A088-41C6-AFC7-4CBF014A4C7E}]
@="IUiaManagerEndpointStateNotifierSink"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{14285E06-63A7-4713-B6D9-62F64B56FB8B}]
@="__x_Windows_CSystem_CThreading_CCore_CISignalNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1C4E4566-8400-46D3-A115-7D0C0DFC9F62}]
@="__x_Windows_CSystem_CThreading_CCore_CISignalNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2dddc10e-38e6-5655-adf3-820e8fb14dcc}]
@="IAsyncOperation_1_Windows__CUI__CNotifications__CToastNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{46305C32-09C6-45B2-B032-C12E467D7C7E}]
@="ISignalableNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4CAFECDD-C315-464F-AB85-7D6DB67B61B8}]
@="IActiveMonitorNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4f9c5cec-0197-49fe-b800-0d5a72a6c505}]
@="IUiaWindowNotifierCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60AAA1E2-9CF9-4FDD-B24F-1B8988AB3603}]
@="IInputModeChangeNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7797f7e7-b2de-4faa-9c71-643e245864c0}]
@="__x_Windows_CInternal_CStateRepository_CIPrimaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{788C26A0-757C-4E31-9134-864E5DDA19DD}]
@="__x_Windows_CInternal_CComposableShell_CSessionManagement_CISessionStateNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{88323784-87d3-4a39-82d5-751529f76581}]
@="IUiaManagerLifetimeNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A0619DC9-C18E-43DC-AB1C-EA9A0DF90597}]
@="IUiaEndpointNotifierCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{a5322dff-9ebc-5df1-953d-0237cea8614b}]
@="__FITypedEventHandler_2_Windows__CInternal__CStateRepository__CPrimaryTileUserNotifier_Windows__CInternal__CStateRepository__CPrimaryTileUserChangedEventArgs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{b3bcbe8d-434c-49d7-9a10-d93e55959b9b}]
@="__x_Windows_CInternal_CStateRepository_CIPrimaryTileUserNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{ccb96d97-791c-5741-8f33-fb7266d6ea33}]
@="__FITypedEventHandler_2_Windows__CInternal__CStateRepository__CSecondaryTileUserNotifier_Windows__CInternal__CStateRepository__CSecondaryTileUserChangedEventArgs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EE046ED5-6EAF-4FBA-BDF6-0965545FEDB8}]
@="IUiaManagerEndpointStateNotifierSinkRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCBC010E-A314-43E9-B40A-49690A0C8B78}]
@="IUiaManagerEndpointStateNotifierSinkRegistrationToken"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{fde26ed7-bc37-5a7c-b3da-3e41ac97bba4}]
@="IAsyncOperationCompletedHandler_1_Windows__CUI__CNotifications__CToastNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0]
@="OutlookChangeNotifierAddin1 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0\0\win64]
@="C:\Program Files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\OutlookChangeNotifier.Connect]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\OutlookChangeNotifier.Connect]
"FriendlyName"="Outlook Change Notifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\834DEEC19715FD114A2A8175FD7D0258]
"A4C59646F86C5B647A4305BE1F426AE8"="C:\Program Files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\834DEEC19715FD114A2A8175FD7D0258\A4C59646F86C5B647A4305BE1F426AE8]
"File"="OutlookChangeNotifierAddIn_x64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\Applications\Windows.SystemToast.RasToastNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2651258C-A03F-4999-8F3C-1D15333266E2}]
"Path"="\Adobe Flash Player PPAPI Notifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2651258C-A03F-4999-8F3C-1D15333266E2}]
"URI"="\Adobe Flash Player PPAPI Notifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Path"="\Microsoft\Windows\Setup\Notifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Source"="$(@%SystemRoot%\System32\Notifier.exe,-202)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Author"="$(@%SystemRoot%\System32\Notifier.exe,-201)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Description"="$(@%SystemRoot%\System32\Notifier.exe,-203)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"URI"="\Microsoft\Windows\Setup\Notifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\Notifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\UsnNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\PeopleCommonControls.PeopleBar.ShoulderTapUpdateNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.PrimaryTileUserNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileUserNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Media.Protection.PlayReady.NDDownloadEngineNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Media.Protection.PlayReady.NDStreamParserNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Threading.Core.SignalNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{0739a994-eb08-30a5-8218-ffa60750fb1d}]
"ActivatableClassId"="Windows.System.Threading.Core.SignalNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{72efbc34-fc43-35f2-a8a4-2cd204a2c1e8}]
"ActivatableClassId"="PeopleCommonControls.PeopleBar.ShoulderTapUpdateNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{a786674d-bab1-3725-b1d7-401fe678bf5f}]
"ActivatableClassId"="Windows.Media.Protection.PlayReady.NDDownloadEngineNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{aae1cf55-066c-3be7-9db4-dc73135f9529}]
"ActivatableClassId"="Windows.Internal.StateRepository.SecondaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{cf5bdced-1344-3b5f-9c14-d8441ff44bc2}]
"ActivatableClassId"="Windows.Media.Protection.PlayReady.NDStreamParserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{da52bb06-ab13-35ee-ab05-885377c911bc}]
"ActivatableClassId"="Windows.Internal.StateRepository.PrimaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\PushNotifications\Applications\Windows.SystemToast.RasToastNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.PrimaryTileUserNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.SecondaryTileUserNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Media.Protection.PlayReady.NDDownloadEngineNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Media.Protection.PlayReady.NDStreamParserNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Threading.Core.SignalNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\CLSID\{3dfe51a8-ea4a-325d-9ff1-0a499fb54eac}]
"ActivatableClassId"="Windows.Internal.StateRepository.PrimaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\CLSID\{46e16bfc-0b10-34ec-bc2c-0028eb27bc88}]
"ActivatableClassId"="Windows.System.Threading.Core.SignalNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\CLSID\{47d8bdc1-6b3d-31f7-b8dc-d4d01045e5a9}]
"ActivatableClassId"="Windows.Media.Protection.PlayReady.NDDownloadEngineNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\CLSID\{5555886c-37c8-313f-83e7-d615231b87c9}]
"ActivatableClassId"="Windows.Internal.StateRepository.SecondaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\CLSID\{8fb75f41-5bdd-3750-afd4-f5b38d05269d}]
"ActivatableClassId"="Windows.Media.Protection.PlayReady.NDStreamParserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows Search\UsnNotifier]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{0F7650EE-9AFA-47B4-9BE7-F74D9D3C41D7}]
@="Immersive Shell Notifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{6B7752CB-6AAF-4734-A0CE-47EB0D6C093F}]
@="UiaEndpointNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{77CBBBB7-6CD0-48ED-A02B-52FBB0E43ECD}]
@="UiaWindowNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{BC708E53-18A1-4F70-89BE-B2C00A9CA467}]
@="UiaManagerEndpointStateNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{07cfe943-62fd-4bfa-9e4b-0512e01cdabd}]
@="__x_Windows_CInternal_CStateRepository_CISecondaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{0949e528-a186-4293-bdaa-a7aae678305d}]
@="__x_Windows_CInternal_CStateRepository_CISecondaryTileUserNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{12127662-A088-41C6-AFC7-4CBF014A4C7E}]
@="IUiaManagerEndpointStateNotifierSink"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{14285E06-63A7-4713-B6D9-62F64B56FB8B}]
@="__x_Windows_CSystem_CThreading_CCore_CISignalNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{1C4E4566-8400-46D3-A115-7D0C0DFC9F62}]
@="__x_Windows_CSystem_CThreading_CCore_CISignalNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{2dddc10e-38e6-5655-adf3-820e8fb14dcc}]
@="IAsyncOperation_1_Windows__CUI__CNotifications__CToastNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{46305C32-09C6-45B2-B032-C12E467D7C7E}]
@="ISignalableNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{4CAFECDD-C315-464F-AB85-7D6DB67B61B8}]
@="IActiveMonitorNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{4f9c5cec-0197-49fe-b800-0d5a72a6c505}]
@="IUiaWindowNotifierCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{60AAA1E2-9CF9-4FDD-B24F-1B8988AB3603}]
@="IInputModeChangeNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{7797f7e7-b2de-4faa-9c71-643e245864c0}]
@="__x_Windows_CInternal_CStateRepository_CIPrimaryTileUserNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{788C26A0-757C-4E31-9134-864E5DDA19DD}]
@="__x_Windows_CInternal_CComposableShell_CSessionManagement_CISessionStateNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{88323784-87d3-4a39-82d5-751529f76581}]
@="IUiaManagerLifetimeNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{A0619DC9-C18E-43DC-AB1C-EA9A0DF90597}]
@="IUiaEndpointNotifierCallback"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{a5322dff-9ebc-5df1-953d-0237cea8614b}]
@="__FITypedEventHandler_2_Windows__CInternal__CStateRepository__CPrimaryTileUserNotifier_Windows__CInternal__CStateRepository__CPrimaryTileUserChangedEventArgs"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{b3bcbe8d-434c-49d7-9a10-d93e55959b9b}]
@="__x_Windows_CInternal_CStateRepository_CIPrimaryTileUserNotifierStatics"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{ccb96d97-791c-5741-8f33-fb7266d6ea33}]
@="__FITypedEventHandler_2_Windows__CInternal__CStateRepository__CSecondaryTileUserNotifier_Windows__CInternal__CStateRepository__CSecondaryTileUserChangedEventArgs"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{EE046ED5-6EAF-4FBA-BDF6-0965545FEDB8}]
@="IUiaManagerEndpointStateNotifierSinkRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{FCBC010E-A314-43E9-B40A-49690A0C8B78}]
@="IUiaManagerEndpointStateNotifierSinkRegistrationToken"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{fde26ed7-bc37-5a7c-b3da-3e41ac97bba4}]
@="IAsyncOperationCompletedHandler_1_Windows__CUI__CNotifications__CToastNotifier"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0]
@="OutlookChangeNotifierAddin1 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0\0\win64]
@="C:\Program Files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Windows.SystemToast.RasToastNotifier]
[HKEY_USERS\S-1-5-21-1169072027-563865220-1595250771-1001\Software\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Windows.SystemToast.RasToastNotifier]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Windows.SystemToast.RasToastNotifier]

-= EOF =-


Zbytek musím udělat až zítra, až budu na jiném pc...

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43051
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jaro3 » 13 črc 2018 22:31

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Source"="$(@%SystemRoot%\System32\Notifier.exe,-202)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Author"="$(@%SystemRoot%\System32\Notifier.exe,-201)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Description"="$(@%SystemRoot%\System32\Notifier.exe,-203)"

to by vypadalo jen na tohle...

ještě mi pak udělej tohle:
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

jkim
Level 1
Level 1
Příspěvky: 53
Registrován: prosinec 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jkim » 13 črc 2018 22:55

OTL Extras logfile created on: 13.07.2018 22:38:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JitKae\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17134.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

7,95 Gb Total Physical Memory | 6,10 Gb Available Physical Memory | 76,68% Memory free
8,45 Gb Paging File | 6,33 Gb Available in Paging File | 74,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,24 Gb Total Space | 15,14 Gb Free Space | 13,61% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 90,48 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 187,90 Gb Free Space | 20,17% Space Free | Partition Type: NTFS
Drive F: | 931,48 Gb Total Space | 403,97 Gb Free Space | 43,37% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: JitKae | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP\be3239a9-97ff-4b7a-a576-a24c85d7d389]
"GUID" = be3239a9-97ff-4b7a-a576-a24c85d7d389
"CALLINGBINARY" = C:\Users\JitKae\AppData\Local\Microsoft\OneDrive\OneDrive.exe -- (Microsoft Corporation)
"NAMESPACE" = C:\Users\JitKae\OneDrive -- [2018.07.13 22:31:33 | 000,000,000 | R--D | M]
"DISPLAYNAME" = OneDrive
"EXEPATH" = C:\Users\JitKae\AppData\Local\Microsoft\OneDrive\OneDrive.exe -- (Microsoft Corporation)
"ACCOUNTNAME" = info@adventureminigolf.cz
"USERSID" = S-1-5-21-1169072027-563865220-1595250771-1001
"TYPE" = 0
"SIGNED" = 1
"FLAGS" = 0
"STATE" = 0
"RESTOREURL" = https://onedrive.live.com?v=restore&sug ... T20:31:33Z

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 5E AF 60 AD 2C F1 D3 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{43F9E04B-0C5F-4FF7-B9E0-30C0F450D3BC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\opera\53.0.2907.110\opera.exe |
"{89BF3A85-1352-4EA1-A74B-891AFDF5B386}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\opera\54.0.2952.51\opera.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1167B98B-05F8-4775-9C9E-4B38F8D8498E}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{13C39CC4-C3A9-44AA-A659-BB39A8BE9757}" = dir=out | name=@{microsoft.windowscamera_2018.426.70.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/resources/appstorename} |
"{15CF9A5C-4977-415A-A290-9277CBF10445}" = dir=in | name=@{microsoft.messaging_3.37.23004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{1A63BBDD-D669-4143-AAA1-045334BABFA9}" = dir=out | name=microsoft sticky notes |
"{1BCEE4AE-8C28-44D6-936B-3D27EFCE3914}" = dir=out | name=@{microsoft.windowscalculator_10.1805.1201.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{1C254AE6-F217-43CD-B5DD-F02DECA2D23C}" = dir=out | name=xbox game bar |
"{1FABDF89-2B80-48AF-B0FE-03DB84516864}" = dir=out | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{1FBAA6EA-34A1-4C8D-8852-59AFDDDC2595}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1712.1141.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{20ABE534-539E-4CCB-B2C2-79362FE17EFA}" = dir=in | name=xbox |
"{20CF981C-E18D-4E75-B406-CC1EE4B3717D}" = dir=in | name=@{microsoft.oneconnect_4.1805.1291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{21575723-B720-4270-B3B4-A01AE24FAA21}" = dir=out | name=3d builder |
"{24231ADE-ABC7-488B-8A45-6441CFE8DFF1}" = dir=out | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{28BB69B8-B3C0-4E9B-992A-A52E32DA1D47}" = dir=out | name=@{microsoft.bingweather_4.25.11802.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{2D2221CC-2594-4BEE-B685-6F13162382D4}" = dir=out | name=@{microsoft.windows.photos_2018.18041.15530.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{2FB57EC7-69C3-4A86-8537-BC1873B9C5ED}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{30E7ECF8-8A0C-42F7-815C-B2B3EEBF14EB}" = dir=out | name=microsoft pay |
"{34CFEE3E-4128-42AE-8C15-F8618B9074B7}" = dir=out | name=win32webviewhost |
"{3AB7D35D-07E9-4D56-8DC7-0E9446B7827B}" = dir=out | name=@{microsoft.messaging_3.37.23004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{3BFAAB6B-D040-4E5E-A5FD-4823E56D823C}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} |
"{3F08CF11-AC7E-42CC-BF5C-FFF822F81703}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{40A97D4D-3D23-454A-A09C-AC2F6ABA7BEC}" = dir=out | name=one calendar |
"{421B26E5-F49D-4D22-90C2-50E922604DFD}" = dir=in | name=microsoft sticky notes |
"{4652839D-6E9F-4A94-86B5-47978B19C1BF}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{466F54B1-F652-4039-A6E4-6E2F77E99E18}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe |
"{4A2A7DCA-E62F-4DFC-9D3A-3D7A966CAEEB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4B3BEDA4-3B21-46A5-81E3-A116B3F0739D}" = dir=out | app=c:\program files (x86)\apowersoft\video converter studio\video converter studio.exe |
"{4E34DFF0-D534-4400-8466-7415A9AF7F64}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4E3E52BF-6F85-48F4-85CD-A61F92A4CC90}" = dir=out | name=@{microsoft.gethelp_10.1706.10952.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{4F426398-D879-4660-9E2A-2E54FBFA17F7}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{4F9DC18E-8AA9-4D8B-B342-D6A61CA03529}" = dir=in | name=@{microsoft.zunevideo_10.18052.10711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{55651193-217A-4B44-9842-DB98F5ED5CC2}" = dir=out | name=print 3d |
"{5C826D78-CC60-414C-BE71-057F07DE6866}" = dir=out | name=@{microsoft.windowsstore_11805.1001.42.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{5F78C84B-037C-43AF-87F3-7455264B5AEF}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{601EF622-A7F0-4CC0-A29E-ABEB3629B92A}" = dir=out | name=windows_ie_ac_001 |
"{645EF7EA-6317-4C95-85E8-A2C7DC461C0F}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1712.1141.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{6496FEFB-719D-46D1-9C19-5C62A9EFB35D}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{66A46E3F-547C-454D-84BA-10B86D6E11AD}" = dir=in | name=@{microsoft.windowsstore_11805.1001.42.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{67624AAA-1A79-4848-91D2-AFE60B6A6B47}" = dir=out | name=@{microsoft.getstarted_6.13.11581.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{68916A2D-AE7B-469B-9DD0-51C0DE846575}" = dir=out | name=@{microsoft.messaging_3.38.22001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{6B1921A2-5062-400D-A3BC-08614B269600}" = dir=in | name=@{microsoft.messaging_3.38.22001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{71241094-D7BC-4BA7-9407-0B89EBFB793F}" = dir=out | name=@{microsoft.people_10.1805.1361.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{72BEE75E-2B4B-495D-A140-1957F883C79A}" = dir=out | name=@{microsoft.xboxidentityprovider_12.41.24002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{74A14015-8709-46B8-82E2-A9D0771D1D97}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{74B0AF79-6BA5-454F-959C-8E7004FCC0AB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{752F37B1-80A7-4CF0-8CE0-8B5FFE9E257C}" = dir=in | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{7539B34A-E7FE-47E5-A1A2-846228240C76}" = dir=in | app=c:\program files (x86)\apowersoft\video converter studio\video converter studio.exe |
"{7A5E1663-E72F-49DB-BFD6-D5DE1752DAD0}" = dir=out | name=@{microsoft.storepurchaseapp_11805.1001.5.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{82EFD28E-00FE-47AF-AD92-4F6E12338D9C}" = dir=out | name=xbox |
"{872B98BE-98F1-4D30-BD72-6BC7975B3446}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.20921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{8942F9C0-4367-4267-9D62-AE1876748820}" = dir=out | name=@{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{8A788CB1-448E-462E-B0CF-3F6F5804DBF1}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{8C5ECBE0-F58A-4F57-93A1-602B3F92F388}" = dir=out | name=@{microsoft.oneconnect_4.1805.1291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{935DC468-7C62-4AAF-98E2-73EF1217769F}" = dir=out | name=@{microsoft.windowsmaps_5.1805.1431.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{98492036-CEB3-4BCD-8823-072EB33A51F2}" = dir=in | name=@{microsoft.zunemusic_10.18052.11111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9D905B1C-804D-4C2E-9C86-077CBE7B88AE}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{9DC8649F-24EF-442E-80EF-D28B89E68913}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe |
"{9EFD0FA1-1436-4B2C-AA42-0E0939978175}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{A7646E2C-3D04-4FB7-9B90-B7D50D18DF72}" = dir=out | name=@{microsoft.microsoft3dviewer_4.1804.19012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{AB081112-E608-4658-BE75-93E7983C7B34}" = dir=in | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{AF23C1BB-72D3-460F-84F7-BC34D204F6A9}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{B04923F0-BB9C-4DB3-B16A-09BD49001A60}" = dir=out | name=@{microsoft.zunevideo_10.18052.10711.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B0BEDFC7-6E00-4047-8D6F-3A96E23BDDE8}" = dir=in | name=win32webviewhost |
"{B0F099F2-2D94-4676-BE5F-2FE4048CFCC0}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.20921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{B1994738-1931-4436-9911-BCB261A0D386}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{B2DA47DD-777A-412A-B045-26C4392D52CD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B3E65160-D07F-4497-9ABC-79E763797599}" = protocol=58 | dir=in | app=system |
"{B40E32C1-C15E-4AF9-85A5-5C81832B580B}" = dir=in | name=@{microsoft.windows.photos_2018.18041.15530.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{B6C32589-AB6D-4CA9-A3A2-46D18A442D00}" = dir=out | name=@{microsoft.oneconnect_3.1710.3044.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{BE68398A-7B7D-47EC-8FDD-C276F6927436}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{C0021C76-C9B9-42AD-A0FB-B4B4DEF34036}" = dir=in | name=@{microsoft.oneconnect_3.1710.3044.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{C3374D7E-DAE3-48E0-B245-1CE04B9F1842}" = dir=in | name=print 3d |
"{C3F4E660-81D0-4068-AA27-01ED3D315EC0}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{C7768476-1A15-4FF6-99D1-58C644F13EB5}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{C8DC79CB-DDBD-48B0-951F-B57ACEED8D7E}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{C947B008-4204-4D73-B7E7-CDCDACCF083D}" = dir=out | name=xbox gaming overlay |
"{CA696856-9315-46E0-A498-2B475221047D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{D92FDF5C-F07E-4DC0-B39E-80D3CB60ACCF}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{D978EF61-E451-4645-AE77-562E0718D2FE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{DA8BEA38-E65F-4704-96CB-2C00E38E0EF7}" = dir=out | name=@{microsoft.accountscontrol_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{DAFC404E-607F-4281-A7DD-1A1CDE97126A}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{DC9E1B5B-088D-414E-B059-C2B82EB78DB7}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{DF6A737D-6D28-4A76-A679-A7AD8E1C7FAD}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{DFBF9873-5E97-41F7-BB7B-9322BA5247A4}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{EFCCDB3C-9E85-4075-B573-8836026CEBF6}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{EFD12E7B-DF84-41B3-82C7-E7E1C5A0DF22}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{F3448D4A-1E2C-440C-A99F-51DD828F2064}" = dir=out | name=shell input application |
"{F3E43DA8-6C80-4677-83ED-4323DC27620D}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{F4AFB59C-FFD0-4775-9137-50C539B754AB}" = dir=out | name=@{microsoft.zunemusic_10.18052.11111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{F4CADB04-EC08-4456-BFCC-C8EE8547BD28}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{F861D3F5-ED56-4877-AF70-86A45ABEFD68}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{F87DA082-1DBB-4C45-ACD6-A4A92E7160B5}" = dir=out | name=@{microsoft.mspaint_5.1806.20057.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{FBB07CD5-EB4B-4A8D-9DA1-335A5484D409}" = dir=out | name=xbox tcui |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E59D781-14F1-4FFA-85A9-C003CC9956ED}" = iTunes
"{221D6DB4-46E2-333C-B09B-5F49351D0980}" = Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.13.26020
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64695C4A-C68F-46B5-A734-50EBF124A68E}" = Apple Mobile Device Support
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B0169E83-757B-EF66-E2F0-391944D785BC}" = Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 398.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 398.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 31.2.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer" = DisplayDriverAnalyzer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NVIDIA Telemetry Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{C5ECDB9A-D9B0-3107-BA85-1269998A5B3E}" = Microsoft Visual C++ 2017 x64 Additional Runtime - 14.13.26020
"{C8087B7C-8496-45BE-92FB-91D31EB73969}" = Podpora aplikací Apple (64bitová)
"{C8127F91-0244-4FF0-8014-0C432E15E09D}" = iCloud
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"092555911492C6959D2596D612F52DCA71881CA2" = Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000)
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{0554E252-D345-4924-A87E-F1C6242371AB}_is1" = MSI Interceptor DS100 Gaming Mouse
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}" = OpenOffice 4.1.5
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{5680D629-B263-49CC-821E-3CEBD4507B51}" = Adobe Illustrator CC 2015
"{5c045b7f-e561-4794-91f8-c6cda0893107}" = Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020
"{7474cd6e-76cc-4257-837e-5b9261e526af}" = Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020
"{793C2BF7-A4FE-4608-91C9-9282C5801C21}" = Adobe Photoshop CC 2015
"{895D5198-C5DB-375E-86AB-133F4DAA9FE2}" = Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020
"{8F271F6C-6E7B-3D0A-951B-6E7B694D78BD}" = Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{DAC281DD-7006-49D4-905B-E8BDA474A230}_is1" = Assassin's Creed Origins
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe Flash Player PPAPI" = Adobe Flash Player 30 PPAPI
"AIDA64 Extreme_is1" = AIDA64 Extreme v5.97
"Avast Antivirus" = Avast Free Antivirus
"Opera 54.0.2952.51" = Opera Stable 54.0.2952.51
"TeamViewer" = TeamViewer 13

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13.07.2018 14:47:39 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800706BE
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error - 13.07.2018 14:48:12 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error - 13.07.2018 14:48:14 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error - 13.07.2018 14:49:59 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error - 13.07.2018 14:50:01 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error - 13.07.2018 14:53:50 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error - 13.07.2018 14:53:53 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error - 13.07.2018 15:33:04 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error - 13.07.2018 15:33:05 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error - 13.07.2018 15:33:06 | Computer Name = Home-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument
příkazového řádku: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable


Error encountered while reading event logs.

< End of report >

jkim
Level 1
Level 1
Příspěvky: 53
Registrován: prosinec 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jkim » 13 črc 2018 23:00

OTL logfile created on: 13.07.2018 22:38:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JitKae\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17134.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

7,95 Gb Total Physical Memory | 6,10 Gb Available Physical Memory | 76,68% Memory free
8,45 Gb Paging File | 6,33 Gb Available in Paging File | 74,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,24 Gb Total Space | 15,14 Gb Free Space | 13,61% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 90,48 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 187,90 Gb Free Space | 20,17% Space Free | Partition Type: NTFS
Drive F: | 931,48 Gb Total Space | 403,97 Gb Free Space | 43,37% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: JitKae | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\JitKae\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\JitKae\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
PRC - C:\Program Files\Avast Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Aida64 Extreme\aida64.exe (FinalWire Ltd.)
PRC - C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\MMon2.exe ()
PRC - C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Avast Software\Avast\libcef.dll ()
MOD - C:\Program Files\Avast Software\Avast\streamback.dll ()
MOD - C:\Program Files\Avast Software\Avast\gaming_mode_ui.dll ()
MOD - C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\MMon2.exe ()
MOD - C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\uihook.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (BcastDVRUserService) -- C:\Windows\SysNative\bcastdvruserservice.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Avast Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (aswbIDSAgent) -- C:\Program Files\Avast Software\Avast\x64\aswidsagenta.exe (AVAST Software)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (AppVClient) -- C:\Windows\SysNative\AppVClient.exe (Microsoft Corporation)
SRV:64bit: - (WpcMonSvc) -- C:\Windows\SysNative\WpcDesktopMonSvc.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (CaptureService) -- C:\Windows\SysNative\CaptureService.dll (Microsoft Corporation)
SRV:64bit: - (Sense) -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe (Microsoft Corporation)
SRV:64bit: - (UevAgentService) -- C:\Windows\SysNative\AgentService.exe (Microsoft Corporation)
SRV:64bit: - (AssignedAccessManagerSvc) -- C:\Windows\SysNative\assignedaccessmanagersvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc) -- C:\Windows\SysNative\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CaptureService_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService_491b9) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (BTAGService) -- C:\Windows\SysNative\BTAGService.dll (Microsoft Corporation)
SRV:64bit: - (BthAvctpSvc) -- C:\Windows\SysNative\BthAvctpSvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (WaaSMedicSvc) -- C:\Windows\SysNative\WaaSMedicSvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation)
SRV:64bit: - (xbgm) -- C:\Windows\SysNative\xbgmsvc.exe (Microsoft Corporation)
SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (VacSvc) -- C:\Windows\SysNative\vac.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (LxpSvc) -- C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation)
SRV:64bit: - (SgrmBroker) -- C:\Windows\SysNative\SgrmBroker.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService) -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (ssh-agent) -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe ()
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (WdNisSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe (Microsoft Corporation)
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (wisvc) -- C:\Windows\SysWOW64\FlightSettings.dll (Microsoft Corporation)
SRV - (DevicePickerUserSvc) -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (tzautoupdate) -- C:\Windows\SysWOW64\tzautoupdate.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ETGMGlcsSrv) -- C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswArPot) -- C:\Windows\SysNative\drivers\aswArPot.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswElam) -- C:\Windows\SysNative\drivers\aswElam.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswHdsKe) -- C:\Windows\SysNative\drivers\aswHdsKe.sys (AVAST Software)
DRV:64bit: - (aswblog) -- C:\Windows\SysNative\drivers\aswbloga.sys (AVAST Software)
DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys (AVAST Software)
DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsha.sys (AVAST Software)
DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniva.sys (AVAST Software)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (ESProtectionDriver) -- C:\Windows\SysNative\drivers\mbae64.sys (Malwarebytes)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (MsSecFlt) -- C:\Windows\SysNative\drivers\mssecflt.sys (Microsoft Corporation)
DRV:64bit: - (UevAgentDriver) -- C:\Windows\SysNative\drivers\UevAgentDriver.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (AppvVemgr) -- C:\Windows\SysNative\drivers\AppvVemgr.sys (Microsoft Corporation)
DRV:64bit: - (AppvVfs) -- C:\Windows\SysNative\drivers\AppvVfs.sys (Microsoft Corporation)
DRV:64bit: - (AppvStrm) -- C:\Windows\SysNative\drivers\AppVStrm.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (afunix) -- C:\Windows\SysNative\drivers\afunix.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (WdmCompanionFilter) -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (bindflt) -- C:\Windows\SysNative\drivers\bindflt.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (SgrmAgent) -- C:\Windows\SysNative\drivers\SgrmAgent.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (iaStorAVC) -- C:\Windows\SysNative\drivers\iaStorAVC.sys (Intel Corporation)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (nvdimm) -- C:\Windows\SysNative\drivers\nvdimm.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (hvcrash) -- C:\Windows\SysNative\drivers\hvcrash.sys (Microsoft Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (KillerEth) -- C:\Windows\SysNative\drivers\e2xw10x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (ItSas35i) -- C:\Windows\SysNative\drivers\ItSas35i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Avago Technologies)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (npf) -- C:\Windows\SysNative\drivers\npf.sys (Riverbed Technology, Inc.)
DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.SYS (Samsung Electronics)
DRV:64bit: - (usbglcs1100302) -- C:\Windows\SysNative\drivers\usbglcs1100302.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\androidusb.sys (Google Inc)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys (NVIDIA Corporation)
DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation)
DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys (Microsoft Corporation)
DRV - (AIDA64Driver) -- C:\Program Files (x86)\Aida64 Extreme\kerneld.x64 ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 54 80 F5 08 55 D7 D3 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)



O1 HOSTS File: ([2018.07.03 18:54:48 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\Avast Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MsiDS100gmmouseRun] C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\mmon2.exe ()
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [OneDrive] C:\Users\JitKae\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2ebe0afb-3616-4201-9fb5-84e441b483f3}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

jkim
Level 1
Level 1
Příspěvky: 53
Registrován: prosinec 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jkim » 13 črc 2018 23:01

[2018.07.13 22:36:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JitKae\Desktop\OTL.exe
[2018.07.13 22:31:33 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2018.07.13 20:36:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2018.07.13 19:35:49 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\NVIDIA Corporation
[2018.07.13 13:24:06 | 005,947,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2018.07.13 13:24:06 | 002,612,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2018.07.13 13:24:06 | 001,767,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2018.07.13 13:24:06 | 000,633,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2018.07.13 13:24:06 | 000,451,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2018.07.13 13:24:06 | 000,124,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2018.07.13 13:24:06 | 000,083,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2018.07.13 13:24:01 | 000,551,840 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2018.07.13 13:24:01 | 000,457,144 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2018.07.13 13:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NVIDIA Corporation
[2018.07.13 13:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NVIDIA Corporation\Drs
[2018.07.13 13:22:44 | 040,346,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2018.07.13 13:22:44 | 035,250,256 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2018.07.13 13:22:44 | 031,244,248 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2018.07.13 13:22:44 | 025,961,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2018.07.13 13:22:44 | 017,750,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2018.07.13 13:22:44 | 015,165,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2018.07.13 13:22:44 | 013,728,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2018.07.13 13:22:44 | 011,273,632 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2018.07.13 13:22:44 | 004,856,232 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2018.07.13 13:22:44 | 004,350,040 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2018.07.13 13:22:44 | 004,126,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2018.07.13 13:22:44 | 003,760,672 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2018.07.13 13:22:44 | 002,013,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6439836.dll
[2018.07.13 13:22:44 | 001,563,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2018.07.13 13:22:44 | 001,468,448 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6439836.dll
[2018.07.13 13:22:44 | 001,419,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2018.07.13 13:22:44 | 001,356,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFThevc.dll
[2018.07.13 13:22:44 | 001,347,664 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2018.07.13 13:22:44 | 001,216,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2018.07.13 13:22:44 | 001,157,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2018.07.13 13:22:44 | 001,092,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2018.07.13 13:22:44 | 001,069,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFThevc.dll
[2018.07.13 13:22:44 | 001,063,216 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2018.07.13 13:22:44 | 000,904,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2018.07.13 13:22:44 | 000,814,616 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2018.07.13 13:22:44 | 000,749,472 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvDecMFTMjpeg.dll
[2018.07.13 13:22:44 | 000,652,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2018.07.13 13:22:44 | 000,634,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmcumd.dll
[2018.07.13 13:22:44 | 000,626,616 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2018.07.13 13:22:44 | 000,608,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
[2018.07.13 13:22:44 | 000,518,208 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2018.07.13 13:22:44 | 000,474,040 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\NVIDIA Corporation\Drs\dbInstaller.exe
[2018.07.13 13:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2018.07.13 13:13:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2018.07.12 23:05:45 | 000,000,000 | ---D | C] -- C:\Users\JitKae\.android
[2018.07.11 21:45:45 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\ESET
[2018.07.11 09:50:37 | 004,708,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2018.07.11 09:50:37 | 002,895,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018.07.11 09:50:37 | 002,401,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2018.07.11 09:50:37 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018.07.11 09:50:37 | 000,999,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018.07.11 09:50:37 | 000,813,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2018.07.11 09:50:37 | 000,134,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018.07.11 09:50:36 | 009,147,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018.07.11 09:50:36 | 004,867,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018.07.11 09:50:36 | 003,652,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018.07.11 09:50:36 | 001,012,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018.07.11 09:50:36 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2018.07.11 09:50:35 | 007,579,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018.07.11 09:50:35 | 001,535,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2018.07.11 09:50:35 | 001,174,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018.07.11 09:50:35 | 000,885,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018.07.11 09:50:35 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018.07.11 09:50:35 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2018.07.11 09:50:34 | 004,371,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2018.07.11 09:50:34 | 000,894,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018.07.11 09:50:34 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2018.07.11 09:50:33 | 025,845,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018.07.11 09:50:32 | 023,863,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2018.07.11 09:50:32 | 019,525,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2018.07.11 09:50:32 | 001,364,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2018.07.11 09:50:27 | 002,571,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2018.07.11 09:50:27 | 002,266,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystems64.dll
[2018.07.11 09:50:27 | 001,945,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2018.07.11 09:50:26 | 022,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018.07.11 09:50:26 | 001,708,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2018.07.11 09:50:26 | 001,539,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
[2018.07.11 09:50:26 | 001,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2018.07.11 09:50:26 | 001,148,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2018.07.11 09:50:26 | 001,063,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2018.07.11 09:50:25 | 007,057,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2018.07.11 09:50:25 | 005,779,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018.07.11 09:50:25 | 001,004,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2018.07.11 09:50:25 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2018.07.11 09:50:25 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2018.07.11 09:50:25 | 000,567,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2018.07.11 09:50:24 | 009,084,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2018.07.11 09:50:24 | 005,883,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2018.07.11 09:50:24 | 003,932,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2018.07.11 09:50:24 | 003,611,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2018.07.11 09:50:24 | 002,868,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2018.07.11 09:50:24 | 001,817,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2018.07.11 09:50:24 | 001,610,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2018.07.11 09:50:24 | 000,689,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2018.07.11 09:50:24 | 000,483,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_enclave.dll
[2018.07.11 09:50:24 | 000,480,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2018.07.11 09:50:24 | 000,462,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2018.07.11 09:50:24 | 000,309,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2018.07.11 09:50:24 | 000,267,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2018.07.11 09:50:23 | 006,647,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2018.07.11 09:50:23 | 003,381,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2018.07.11 09:50:23 | 002,825,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2018.07.11 09:50:23 | 002,051,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2018.07.11 09:50:23 | 001,931,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeangle.dll
[2018.07.11 09:50:23 | 001,787,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2018.07.11 09:50:23 | 001,567,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2018.07.11 09:50:23 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2018.07.11 09:50:23 | 001,214,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2018.07.11 09:50:23 | 001,175,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2018.07.11 09:50:23 | 001,153,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2018.07.11 09:50:23 | 001,018,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2018.07.11 09:50:23 | 000,943,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2018.07.11 09:50:23 | 000,792,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2018.07.11 09:50:23 | 000,612,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2018.07.11 09:50:23 | 000,451,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2018.07.11 09:50:23 | 000,380,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2018.07.11 09:50:23 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2018.07.11 09:50:22 | 002,449,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2018.07.11 09:50:22 | 002,236,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2018.07.11 09:50:22 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2018.07.11 09:50:22 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2018.07.11 09:50:22 | 001,308,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2018.07.11 09:50:22 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2018.07.11 09:50:22 | 001,225,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2018.07.11 09:50:22 | 000,988,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2018.07.11 09:50:22 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2018.07.11 09:50:22 | 000,930,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2018.07.11 09:50:22 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2018.07.11 09:50:22 | 000,884,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2018.07.11 09:50:22 | 000,829,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2018.07.11 09:50:22 | 000,814,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2018.07.11 09:50:22 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2018.07.11 09:50:22 | 000,766,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2018.07.11 09:50:22 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2018.07.11 09:50:22 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2018.07.11 09:50:22 | 000,676,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Devices.dll
[2018.07.11 09:50:22 | 000,672,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2018.07.11 09:50:22 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2018.07.11 09:50:22 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2018.07.11 09:50:22 | 000,530,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2018.07.11 09:50:22 | 000,453,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2018.07.11 09:50:22 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2018.07.11 09:50:22 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2018.07.11 09:50:22 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2018.07.11 09:50:22 | 000,272,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2018.07.11 09:50:22 | 000,269,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2018.07.11 09:50:22 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2018.07.11 09:50:22 | 000,144,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2018.07.11 09:50:22 | 000,070,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2018.07.11 09:50:21 | 001,361,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2018.07.11 09:50:21 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MixedRealityCapture.dll
[2018.07.11 09:50:21 | 000,868,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
[2018.07.11 09:50:21 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2018.07.11 09:50:21 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2018.07.11 09:50:21 | 000,705,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2018.07.11 09:50:21 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2018.07.11 09:50:21 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2018.07.11 09:50:21 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018.07.11 09:50:21 | 000,567,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018.07.11 09:50:21 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2018.07.11 09:50:21 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QuietHours.dll
[2018.07.11 09:50:21 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll
[2018.07.11 09:50:21 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2018.07.11 09:50:21 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2018.07.11 09:50:21 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2018.07.11 09:50:21 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2018.07.11 09:50:21 | 000,335,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2018.07.11 09:50:21 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NmaDirect.dll
[2018.07.11 09:50:21 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2018.07.11 09:50:21 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2018.07.11 09:50:21 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NmaDirect.dll
[2018.07.11 09:50:21 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2018.07.11 09:50:21 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Core.dll
[2018.07.11 09:50:21 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Cortana.dll
[2018.07.11 09:50:21 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Geolocation.dll
[2018.07.11 09:50:21 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Core.dll
[2018.07.11 09:50:21 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2018.07.11 09:50:21 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2018.07.11 09:50:21 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProv2faHelper.dll
[2018.07.11 09:50:21 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll
[2018.07.11 09:50:21 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2018.07.11 09:50:21 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll
[2018.07.11 09:50:21 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2018.07.11 09:50:21 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2018.07.11 09:50:21 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProv2faHelper.dll
[2018.07.11 09:50:21 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2018.07.11 09:50:21 | 000,057,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.ShellCommon.Broker.dll
[2018.07.11 09:50:21 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapstoasttask.dll
[2018.07.11 09:50:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tokenbinding.dll
[2018.07.11 09:50:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2018.07.11 09:50:21 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tokenbinding.dll
[2018.07.11 09:50:21 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2018.07.11 09:50:21 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsTelemetry.dll
[2018.07.11 09:50:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nativemap.dll
[2018.07.11 09:50:21 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvcProxy.dll
[2018.07.11 09:45:17 | 000,000,000 | ---D | C] -- C:\Users\JitKae\XeroxPhaser 3020Bi
[2018.07.11 08:41:07 | 001,786,880 | ---- | C] (Xerox/Leader Technologies) -- C:\WINDOWS\Xreg.exe
[2018.07.11 08:41:07 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Roaming\Leadertech
[2018.07.11 08:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Xerox
[2018.07.11 08:40:46 | 000,151,552 | ---- | C] (SS) -- C:\WINDOWS\SysNative\sxj2mci.exe
[2018.07.11 08:40:46 | 000,089,600 | ---- | C] (SS) -- C:\WINDOWS\SysNative\sxj2mci.dll
[2018.07.11 08:22:47 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\WINDOWS\SysNative\drivers\SSPORT.SYS
[2018.07.09 20:02:24 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\DBG
[2018.07.09 10:55:37 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\PlaceholderTileLogoFolder
[2018.07.08 23:29:59 | 000,385,024 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNMXLMAT.DLL
[2018.07.08 23:29:03 | 000,323,584 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNC_ATL.dll
[2018.07.08 23:29:03 | 000,114,688 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNC_ATU.dll
[2018.07.08 23:29:03 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNHMCA.dll
[2018.07.08 23:25:54 | 000,366,592 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNMNPPM.DLL
[2018.07.08 23:25:54 | 000,359,936 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNMN6PPM.DLL
[2018.07.08 23:25:54 | 000,039,424 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNMN6UI.DLL
[2018.07.08 23:25:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\STRING
[2018.07.08 23:25:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2018.07.08 23:25:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\SysNative\CanonIJ Uninstaller Information
[2018.07.08 23:25:42 | 000,385,024 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNMLMAT.DLL
[2018.07.08 23:25:41 | 000,256,000 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNMIUAT.DLL
[2018.07.08 23:25:35 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2018.07.08 23:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2018.07.08 22:18:00 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\Apple
[2018.07.08 19:09:34 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\Adobe
[2018.07.04 08:31:37 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\D3DSCache
[2018.07.04 08:29:49 | 000,458,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\13378127.sys
[2018.07.04 08:16:31 | 000,458,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\57443321.sys
[2018.07.04 08:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2018.07.04 08:11:52 | 000,458,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\00617658.sys
[2018.07.03 23:00:20 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\PeerDistRepub
[2018.07.03 20:18:22 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\GHISLER
[2018.07.03 19:21:39 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2018.07.03 19:21:16 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\Zemana
[2018.07.03 19:18:44 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\AVAST Software
[2018.07.03 19:18:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2018.07.03 19:17:52 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\VirtualStore
[2018.07.03 19:17:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2018.07.03 19:17:03 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\Temp
[2018.07.02 23:03:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt
[2018.07.01 10:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2018.07.01 08:14:50 | 002,962,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2018.07.01 08:14:50 | 001,397,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVP9DEC.dll
[2018.07.01 08:14:50 | 000,945,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refsv1.sys
[2018.07.01 08:14:50 | 000,413,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2018.07.01 08:14:50 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2018.07.01 08:14:49 | 007,987,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2018.07.01 08:14:49 | 004,706,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2018.07.01 08:14:49 | 002,367,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2018.07.01 08:14:49 | 002,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2018.07.01 08:14:49 | 001,605,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2018.07.01 08:14:49 | 001,550,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018.07.01 08:14:49 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2018.07.01 08:14:49 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2018.07.01 08:14:48 | 008,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2018.07.01 08:14:48 | 001,921,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2018.07.01 08:14:48 | 000,792,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2018.07.01 08:14:48 | 000,604,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2018.07.01 08:14:48 | 000,094,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2018.07.01 08:14:47 | 004,333,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2018.07.01 08:14:47 | 002,084,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2018.07.01 08:14:47 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2018.07.01 08:14:47 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018.07.01 08:14:47 | 000,594,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018.07.01 08:14:46 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2018.07.01 08:14:46 | 002,331,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2018.07.01 08:14:46 | 002,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018.07.01 08:14:46 | 001,559,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2018.07.01 08:14:46 | 001,150,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVP9DEC.dll
[2018.07.01 08:14:46 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018.07.01 08:14:46 | 000,770,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2018.07.01 08:14:46 | 000,550,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2018.07.01 08:14:44 | 006,528,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2018.07.01 08:14:44 | 004,788,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018.07.01 08:14:44 | 002,371,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2018.07.01 08:14:44 | 001,946,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2018.07.01 08:14:44 | 001,209,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018.07.01 08:14:44 | 001,129,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2018.07.01 08:14:44 | 000,491,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2018.07.01 08:14:43 | 003,392,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018.07.01 08:14:43 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2018.07.01 08:14:43 | 001,036,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2018.07.01 08:14:43 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2018.07.01 08:14:43 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2018.07.01 08:14:38 | 006,817,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2018.07.01 08:14:38 | 004,561,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2018.07.01 08:14:38 | 001,112,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2018.07.01 08:14:38 | 001,097,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2018.07.01 08:14:38 | 001,070,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2018.07.01 08:14:37 | 007,519,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018.07.01 08:14:37 | 006,572,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018.07.01 08:14:37 | 004,403,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018.07.01 08:14:37 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpshell.exe
[2018.07.01 08:14:37 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpinit.exe
[2018.07.01 08:14:35 | 007,436,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018.07.01 08:14:35 | 001,798,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2018.07.01 08:14:35 | 001,213,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2018.07.01 08:14:35 | 001,034,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2018.07.01 08:14:35 | 000,916,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2018.07.01 08:14:35 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2018.07.01 08:14:34 | 006,043,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018.07.01 08:14:34 | 001,462,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2018.07.01 08:14:30 | 002,563,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2018.07.01 08:14:30 | 002,546,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2018.07.01 08:14:30 | 002,395,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2018.07.01 08:14:30 | 001,934,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018.07.01 08:14:30 | 001,258,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018.07.01 08:14:30 | 001,140,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018.07.01 08:14:30 | 000,983,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018.07.01 08:14:30 | 000,413,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018.07.01 08:14:29 | 002,535,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2018.07.01 08:14:29 | 001,784,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2018.07.01 08:14:29 | 001,710,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2018.07.01 08:14:29 | 001,611,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2018.07.01 08:14:29 | 001,487,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2018.07.01 08:14:29 | 001,457,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018.07.01 08:14:29 | 001,380,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2018.07.01 08:14:29 | 001,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2018.07.01 08:14:29 | 001,288,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2018.07.01 08:14:29 | 001,110,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2018.07.01 08:14:29 | 000,788,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2018.07.01 08:14:29 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManager.dll
[2018.07.01 08:14:29 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2018.07.01 08:14:28 | 002,548,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2018.07.01 08:14:28 | 001,303,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2018.07.01 08:14:28 | 001,145,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2018.07.01 08:14:28 | 001,144,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2018.07.01 08:14:28 | 001,020,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2018.07.01 08:14:28 | 000,992,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Vpn.dll
[2018.07.01 08:14:28 | 000,873,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2018.07.01 08:14:28 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2018.07.01 08:14:28 | 000,356,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2018.07.01 08:14:27 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppAgent.dll
[2018.07.01 08:14:27 | 001,724,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2018.07.01 08:14:27 | 001,659,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2018.07.01 08:14:27 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2018.07.01 08:14:27 | 001,376,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018.07.01 08:14:27 | 001,305,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2018.07.01 08:14:27 | 001,254,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2018.07.01 08:14:27 | 001,186,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CommonBridge.dll
[2018.07.01 08:14:27 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2018.07.01 08:14:27 | 000,260,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018.07.01 08:14:26 | 002,163,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2018.07.01 08:14:26 | 002,062,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2018.07.01 08:14:26 | 001,742,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2018.07.01 08:14:26 | 001,581,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.PointOfService.dll
[2018.07.01 08:14:26 | 001,342,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2018.07.01 08:14:26 | 001,251,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2018.07.01 08:14:26 | 000,910,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2018.07.01 08:14:26 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2018.07.01 08:14:26 | 000,761,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2018.07.01 08:14:26 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2018.07.01 08:14:26 | 000,717,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2018.07.01 08:14:26 | 000,510,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2018.07.01 08:14:26 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2018.07.01 08:14:26 | 000,338,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2018.07.01 08:14:26 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DiagnosticLogCSP.dll
[2018.07.01 08:14:26 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2018.07.01 08:14:25 | 001,356,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2018.07.01 08:14:25 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.PointOfService.dll
[2018.07.01 08:14:25 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2018.07.01 08:14:25 | 000,811,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Input.dll
[2018.07.01 08:14:25 | 000,755,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.PrinterCustomActions.dll
[2018.07.01 08:14:25 | 000,753,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2018.07.01 08:14:25 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2018.07.01 08:14:25 | 000,675,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2018.07.01 08:14:25 | 000,661,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2018.07.01 08:14:25 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2018.07.01 08:14:25 | 000,562,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2018.07.01 08:14:25 | 000,500,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2018.07.01 08:14:25 | 000,472,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2018.07.01 08:14:25 | 000,444,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2018.07.01 08:14:25 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2018.07.01 08:14:25 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Diagnostics.dll
[2018.07.01 08:14:25 | 000,326,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExecModelClient.dll
[2018.07.01 08:14:25 | 000,324,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2018.07.01 08:14:25 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2018.07.01 08:14:25 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2018.07.01 08:14:25 | 000,228,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2018.07.01 08:14:25 | 000,129,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018.07.01 08:14:25 | 000,105,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2018.07.01 08:14:25 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2018.07.01 08:14:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2018.07.01 08:14:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppCore.dll
[2018.07.01 08:14:24 | 001,127,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplySettingsTemplateCatalog.exe
[2018.07.01 08:14:24 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2018.07.01 08:14:24 | 000,642,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp_win.dll
[2018.07.01 08:14:24 | 000,611,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2018.07.01 08:14:24 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.Input.dll
[2018.07.01 08:14:24 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2018.07.01 08:14:24 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2018.07.01 08:14:24 | 000,348,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2018.07.01 08:14:24 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2018.07.01 08:14:24 | 000,281,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExecModelClient.dll
[2018.07.01 08:14:24 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2018.07.01 08:14:24 | 000,247,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2018.07.01 08:14:24 | 000,232,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2018.07.01 08:14:24 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VideoHandlers.dll
[2018.07.01 08:14:24 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2018.07.01 08:14:24 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2018.07.01 08:14:24 | 000,118,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2018.07.01 08:14:24 | 000,116,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandler.exe
[2018.07.01 08:14:24 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSoftwareInstallationClient.dll
[2018.07.01 08:14:24 | 000,093,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2018.07.01 08:14:24 | 000,072,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WindowsTrustedRT.sys
[2018.07.01 08:14:23 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCRecvSrc.dll
[2018.07.01 08:14:23 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2018.07.01 08:14:23 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2018.07.01 08:14:23 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2018.07.01 08:14:23 | 000,871,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2018.07.01 08:14:23 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2018.07.01 08:14:23 | 000,831,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2018.07.01 08:14:23 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCRecvSrc.dll
[2018.07.01 08:14:23 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2018.07.01 08:14:23 | 000,558,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2018.07.01 08:14:23 | 000,515,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2018.07.01 08:14:23 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CscUnpinTool.exe
[2018.07.01 08:14:23 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2018.07.01 08:14:23 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Diagnostics.dll
[2018.07.01 08:14:23 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2018.07.01 08:14:23 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovhost.dll
[2018.07.01 08:14:23 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2018.07.01 08:14:23 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RdpRelayTransport.dll
[2018.07.01 08:14:23 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovhost.dll
[2018.07.01 08:14:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2018.07.01 08:14:23 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2018.07.01 08:14:23 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2018.07.01 08:14:23 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2018.07.01 08:14:23 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2018.07.01 08:14:23 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2018.07.01 08:14:23 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2018.07.01 08:14:23 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManagerAPI.dll
[2018.07.01 08:14:23 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smartscreenps.dll
[2018.07.01 08:14:23 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2018.07.01 08:14:23 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll
[2018.07.01 08:14:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UevAppMonitor.exe
[2018.07.01 08:14:23 | 000,048,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storufs.sys
[2018.07.01 08:14:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cellulardatacapabilityhandler.dll
[2018.07.01 08:14:23 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2018.07.01 08:14:23 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DsmUserTask.exe
[2018.07.01 08:14:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll
[2018.07.01 08:14:23 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll
[2018.07.01 08:14:23 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandlerPS.dll
[2018.07.01 08:06:09 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Roaming\AVAST Software
[2018.07.01 08:05:28 | 001,027,728 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2018.07.01 08:05:28 | 000,463,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2018.07.01 08:05:28 | 000,381,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2018.07.01 08:05:28 | 000,346,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys
[2018.07.01 08:05:28 | 000,239,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHdsKe.sys
[2018.07.01 08:05:28 | 000,229,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys
[2018.07.01 08:05:28 | 000,211,160 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2018.07.01 08:05:28 | 000,201,328 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys
[2018.07.01 08:05:28 | 000,197,160 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArPot.sys
[2018.07.01 08:05:28 | 000,159,640 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2018.07.01 08:05:28 | 000,111,872 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2018.07.01 08:05:28 | 000,085,968 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2018.07.01 08:05:28 | 000,059,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys
[2018.07.01 08:05:28 | 000,046,976 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2018.07.01 08:05:28 | 000,015,360 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswElam.sys
[2018.07.01 08:05:26 | 000,378,072 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2018.07.01 08:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVAST Software
[2018.07.01 08:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Avast Software
[2018.07.01 08:04:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2018.06.28 20:18:44 | 000,000,000 | ---D | C] -- C:\Users\JitKae\Documents\Apowersoft
[2018.06.28 20:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ApowerSoft
[2018.06.28 20:18:32 | 000,036,600 | ---- | C] (Riverbed Technology, Inc.) -- C:\WINDOWS\SysNative\drivers\npf.sys
[2018.06.28 20:18:31 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Roaming\Apowersoft
[2018.06.28 19:47:59 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Roaming\Audacity
[2018.06.19 12:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
[2018.06.17 22:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2018.06.17 22:38:56 | 000,000,000 | ---D | C] -- C:\Adb
[2018.06.17 22:38:47 | 001,002,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinUSBCoInstaller2.dll
[2018.06.17 22:18:14 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\Deployment
[2018.06.17 22:18:14 | 000,000,000 | ---D | C] -- C:\Users\JitKae\AppData\Local\Apps
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

jkim
Level 1
Level 1
Příspěvky: 53
Registrován: prosinec 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jkim » 13 črc 2018 23:01

========== Files - Modified Within 30 Days ==========

[2018.07.13 22:39:19 | 000,033,469 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2018.07.13 22:37:25 | 001,627,554 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2018.07.13 22:37:25 | 000,693,992 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2018.07.13 22:37:25 | 000,668,550 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2018.07.13 22:37:25 | 000,140,562 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2018.07.13 22:37:25 | 000,128,814 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2018.07.13 22:35:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JitKae\Desktop\OTL.exe
[2018.07.13 22:33:08 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2018.07.13 22:31:09 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2018.07.13 22:31:05 | 3415,752,704 | -HS- | M] () -- C:\hiberfil.sys
[2018.07.13 20:33:21 | 000,000,412 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2018.07.12 23:09:28 | 000,165,376 | ---- | M] () -- C:\Users\JitKae\Desktop\SystemLook_x64.exe
[2018.07.11 21:43:56 | 013,884,456 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2018.07.10 07:57:27 | 000,000,034 | ---- | M] () -- C:\Users\JitKae\AppData\Roaming\AdobeWLCMCache.dat
[2018.07.06 16:20:55 | 000,792,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2018.07.06 16:20:50 | 001,610,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2018.07.06 16:20:49 | 002,868,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2018.07.06 16:20:45 | 000,689,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2018.07.06 16:20:45 | 000,451,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2018.07.06 16:20:44 | 000,612,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2018.07.06 16:20:44 | 000,309,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2018.07.06 16:20:43 | 000,144,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2018.07.06 16:20:43 | 000,070,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2018.07.06 16:17:10 | 003,932,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2018.07.06 16:15:25 | 002,266,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystems64.dll
[2018.07.06 15:56:43 | 004,708,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2018.07.06 15:53:56 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2018.07.06 15:53:52 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2018.07.06 15:53:16 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2018.07.06 15:53:00 | 000,672,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2018.07.06 15:52:59 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2018.07.06 15:52:15 | 001,787,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2018.07.06 15:51:57 | 002,051,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2018.07.06 15:51:35 | 003,652,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018.07.06 15:51:20 | 001,364,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2018.07.06 15:51:10 | 001,004,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2018.07.06 15:50:59 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2018.07.06 15:49:37 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcbuilder.exe
[2018.07.06 14:12:31 | 001,539,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
[2018.07.06 14:06:44 | 003,611,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2018.07.06 13:54:36 | 000,485,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2018.07.06 13:53:54 | 000,565,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2018.07.06 13:53:40 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2018.07.06 13:52:47 | 001,308,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2018.07.06 13:52:34 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2018.07.06 13:52:25 | 002,895,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018.07.06 13:51:26 | 002,401,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2018.07.06 13:51:10 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mcbuilder.exe
[2018.07.06 13:26:02 | 019,525,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2018.07.06 13:25:19 | 023,863,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2018.07.06 13:01:54 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MixedRealityCapture.dll
[2018.07.06 09:32:09 | 000,480,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2018.07.06 09:31:58 | 000,462,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2018.07.06 09:31:57 | 000,035,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2018.07.06 09:29:56 | 000,272,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2018.07.06 09:29:55 | 000,269,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2018.07.06 09:27:29 | 001,174,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018.07.06 09:27:27 | 001,063,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2018.07.06 09:27:27 | 001,012,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018.07.06 09:27:27 | 000,567,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2018.07.06 09:27:19 | 000,057,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.ShellCommon.Broker.dll
[2018.07.06 09:27:15 | 000,134,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018.07.06 09:26:19 | 000,930,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2018.07.06 09:26:01 | 001,148,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2018.07.06 09:26:00 | 000,766,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2018.07.06 09:25:54 | 002,571,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2018.07.06 09:25:51 | 001,945,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2018.07.06 09:25:50 | 000,267,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2018.07.06 09:25:48 | 000,335,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2018.07.06 09:25:47 | 000,885,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018.07.06 09:25:45 | 009,147,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018.07.06 09:25:38 | 001,018,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2018.07.06 09:25:38 | 000,483,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_enclave.dll
[2018.07.06 09:24:39 | 000,380,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2018.07.06 09:16:47 | 000,567,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018.07.06 09:14:19 | 000,829,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2018.07.06 09:14:09 | 001,175,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2018.07.06 09:14:09 | 000,988,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2018.07.06 09:10:15 | 025,845,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018.07.06 09:07:07 | 022,006,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018.07.06 09:03:04 | 004,371,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2018.07.06 09:02:46 | 009,084,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2018.07.06 09:01:56 | 007,057,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2018.07.06 09:01:23 | 005,883,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2018.07.06 09:01:13 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvcProxy.dll
[2018.07.06 09:01:01 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll
[2018.07.06 09:00:53 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2018.07.06 09:00:41 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsTelemetry.dll
[2018.07.06 09:00:32 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll
[2018.07.06 09:00:22 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nativemap.dll
[2018.07.06 09:00:04 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2018.07.06 09:00:03 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapstoasttask.dll
[2018.07.06 08:59:58 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2018.07.06 08:59:57 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2018.07.06 08:59:46 | 003,381,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2018.07.06 08:59:39 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2018.07.06 08:59:35 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tokenbinding.dll
[2018.07.06 08:59:23 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Geolocation.dll
[2018.07.06 08:59:22 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NmaDirect.dll
[2018.07.06 08:59:15 | 006,647,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2018.07.06 08:59:00 | 001,153,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2018.07.06 08:58:59 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Cortana.dll
[2018.07.06 08:58:59 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tokenbinding.dll
[2018.07.06 08:58:58 | 000,894,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018.07.06 08:58:54 | 001,307,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2018.07.06 08:58:52 | 002,825,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2018.07.06 08:58:49 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Core.dll
[2018.07.06 08:58:40 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProv2faHelper.dll
[2018.07.06 08:58:32 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2018.07.06 08:58:31 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2018.07.06 08:58:28 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2018.07.06 08:58:17 | 000,670,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2018.07.06 08:58:11 | 004,867,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018.07.06 08:58:02 | 001,931,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeangle.dll
[2018.07.06 08:57:48 | 000,676,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Devices.dll
[2018.07.06 08:57:44 | 007,579,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018.07.06 08:57:42 | 005,779,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018.07.06 08:57:37 | 000,898,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2018.07.06 08:57:37 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NmaDirect.dll
[2018.07.06 08:57:33 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2018.07.06 08:57:32 | 000,839,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2018.07.06 08:57:19 | 000,813,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2018.07.06 08:57:06 | 000,392,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2018.07.06 08:56:56 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2018.07.06 08:56:54 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Core.dll
[2018.07.06 08:56:49 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProv2faHelper.dll
[2018.07.06 08:56:48 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2018.07.06 08:56:47 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QuietHours.dll
[2018.07.06 08:56:46 | 000,814,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2018.07.06 08:56:45 | 001,708,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2018.07.06 08:56:36 | 001,535,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2018.07.06 08:56:33 | 001,567,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2018.07.06 08:56:30 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018.07.06 08:56:27 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll
[2018.07.06 08:56:27 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2018.07.06 08:56:26 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2018.07.06 08:56:16 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2018.07.06 08:56:13 | 001,225,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2018.07.06 08:56:12 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2018.07.06 08:56:06 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2018.07.06 08:56:01 | 001,817,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2018.07.06 08:55:59 | 001,361,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2018.07.06 08:55:32 | 001,264,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2018.07.06 08:55:30 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018.07.06 08:55:25 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2018.07.06 08:55:16 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2018.07.06 08:54:56 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2018.07.06 08:54:54 | 001,214,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2018.07.06 08:54:50 | 002,236,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2018.07.06 08:54:41 | 000,999,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018.07.06 08:54:41 | 000,884,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2018.07.06 08:54:39 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2018.07.06 08:54:28 | 000,943,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingOnlineServices.dll
[2018.07.06 08:54:28 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2018.07.06 08:54:23 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018.07.06 08:54:19 | 002,449,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2018.07.06 08:54:18 | 000,505,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2018.07.06 08:54:01 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2018.07.06 08:53:44 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2018.07.06 08:53:23 | 000,705,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2018.07.06 08:53:07 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingOnlineServices.dll
[2018.07.06 07:41:40 | 000,001,310 | ---- | M] () -- C:\WINDOWS\SysNative\tcbres.wim
[2018.07.03 22:35:49 | 000,067,173 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2018.07.03 19:21:39 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2018.07.03 18:54:48 | 000,000,841 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2018.07.02 22:24:00 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2018.07.01 08:06:08 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\Avast.lnk
[2018.07.01 08:05:21 | 000,463,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2018.07.01 08:05:21 | 000,381,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2018.07.01 08:05:21 | 000,378,072 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2018.07.01 08:05:21 | 000,211,160 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2018.07.01 08:05:21 | 000,197,160 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArPot.sys
[2018.07.01 08:05:21 | 000,159,640 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2018.07.01 08:05:21 | 000,111,872 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2018.07.01 08:05:21 | 000,085,968 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2018.07.01 08:05:21 | 000,046,976 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2018.07.01 08:05:21 | 000,015,360 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswElam.sys
[2018.07.01 08:05:13 | 001,027,728 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2018.07.01 08:05:10 | 000,239,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHdsKe.sys
[2018.07.01 08:05:09 | 000,346,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys
[2018.07.01 08:05:09 | 000,229,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys
[2018.07.01 08:05:09 | 000,201,328 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys
[2018.07.01 08:05:09 | 000,059,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys
[2018.06.29 06:16:23 | 000,868,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
[2018.06.29 03:13:37 | 000,835,064 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2018.06.29 03:13:37 | 000,179,704 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2018.06.27 16:25:48 | 000,340,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2018.06.27 16:25:48 | 000,059,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2018.06.27 16:25:48 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2018.06.25 19:26:50 | 000,551,840 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2018.06.25 19:26:48 | 000,457,144 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2018.06.25 19:25:44 | 001,419,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2018.06.25 19:25:44 | 000,626,616 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2018.06.25 19:25:44 | 000,518,208 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2018.06.25 19:25:42 | 001,092,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2018.06.25 19:25:36 | 001,563,392 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2018.06.25 19:25:34 | 001,468,448 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6439836.dll
[2018.06.25 19:25:34 | 001,216,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2018.06.25 19:25:30 | 002,013,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6439836.dll
[2018.06.25 19:25:28 | 000,749,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvDecMFTMjpeg.dll
[2018.06.25 19:25:28 | 000,608,512 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
[2018.06.25 19:25:26 | 004,350,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2018.06.25 19:25:24 | 003,760,672 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2018.06.25 19:25:16 | 013,728,120 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2018.06.25 19:25:14 | 040,346,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2018.06.25 19:25:14 | 011,273,632 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2018.06.25 19:25:08 | 035,250,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2018.06.25 19:25:08 | 031,244,248 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2018.06.25 19:24:58 | 025,961,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2018.06.25 19:24:56 | 000,634,760 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmcumd.dll
[2018.06.25 19:24:52 | 001,157,392 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2018.06.25 19:24:50 | 000,904,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2018.06.25 19:24:50 | 000,814,616 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2018.06.25 19:24:48 | 001,356,816 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFThevc.dll
[2018.06.25 19:24:48 | 000,652,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2018.06.25 19:24:46 | 001,347,664 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2018.06.25 19:24:46 | 001,069,416 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFThevc.dll
[2018.06.25 19:24:46 | 000,474,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\NVIDIA Corporation\Drs\dbInstaller.exe
[2018.06.25 19:24:44 | 001,063,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2018.06.25 19:24:14 | 017,750,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2018.06.25 19:24:12 | 015,165,008 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2018.06.25 19:24:10 | 004,856,232 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2018.06.25 19:24:08 | 004,126,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2018.06.24 19:27:45 | 001,515,580 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NVIDIA Corporation\Drs\nvdrsdb.bin
[2018.06.24 19:27:45 | 000,044,271 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2018.06.24 19:27:45 | 000,001,951 | ---- | M] () -- C:\WINDOWS\NvTelemetryContainerRecovery.bat
[2018.06.24 17:39:33 | 000,001,951 | ---- | M] () -- C:\WINDOWS\NvContainerRecovery.bat
[2018.06.24 17:31:49 | 005,947,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2018.06.24 17:31:49 | 002,612,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2018.06.24 17:31:47 | 001,767,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2018.06.24 17:31:47 | 000,633,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2018.06.24 17:31:47 | 000,451,144 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2018.06.24 17:31:47 | 000,124,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2018.06.24 17:31:47 | 000,083,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2018.06.20 12:52:46 | 008,207,422 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2018.06.15 19:55:08 | 000,542,888 | ---- | M] () -- C:\WINDOWS\SysNative\FaceProcessorCore.dll
[2018.06.15 19:53:37 | 000,348,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2018.06.15 19:53:24 | 000,094,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2018.06.15 19:50:07 | 001,376,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018.06.15 19:48:52 | 002,395,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2018.06.15 19:48:36 | 000,338,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2018.06.15 19:35:59 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2018.06.15 19:34:36 | 008,623,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2018.06.15 19:34:33 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll
[2018.06.15 19:34:02 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DsmUserTask.exe
[2018.06.15 19:33:18 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll
[2018.06.15 19:33:07 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManagerAPI.dll
[2018.06.15 19:32:54 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2018.06.15 19:32:53 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CscUnpinTool.exe
[2018.06.15 19:32:48 | 000,755,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.PrinterCustomActions.dll
[2018.06.15 19:32:21 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2018.06.15 19:31:35 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2018.06.15 19:31:34 | 000,907,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2018.06.15 19:31:12 | 002,193,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppAgent.dll
[2018.06.15 19:31:06 | 001,605,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2018.06.15 19:30:55 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2018.06.15 19:30:41 | 001,308,672 | ---- | M] () -- C:\WINDOWS\SysNative\FaceProcessor.dll
[2018.06.15 19:30:41 | 001,127,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplySettingsTemplateCatalog.exe
[2018.06.15 19:30:24 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpinit.exe
[2018.06.15 19:30:06 | 000,878,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018.06.15 19:30:04 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpshell.exe
[2018.06.15 19:30:03 | 001,254,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2018.06.15 19:30:03 | 001,186,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CommonBridge.dll
[2018.06.15 19:29:54 | 000,932,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2018.06.15 19:29:54 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSoftwareInstallationClient.dll
[2018.06.15 19:29:51 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2018.06.15 19:29:43 | 002,084,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2018.06.15 19:29:13 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2018.06.15 19:29:08 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2018.06.15 19:28:31 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2018.06.15 19:03:30 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UevAppMonitor.exe
[2018.06.15 19:00:12 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppCore.dll
[2018.06.15 17:06:09 | 007,987,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2018.06.15 17:06:09 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll
[2018.06.15 17:04:22 | 000,851,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2018.06.15 17:04:14 | 000,373,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2018.06.15 17:03:15 | 000,831,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2018.06.15 17:02:13 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2018.06.15 17:01:48 | 002,015,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2018.06.15 15:23:26 | 000,788,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2018.06.15 09:11:00 | 000,611,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2018.06.15 09:10:52 | 000,048,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storufs.sys
[2018.06.15 07:21:57 | 000,761,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2018.06.15 07:21:36 | 001,213,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2018.06.15 07:19:56 | 000,116,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandler.exe
[2018.06.15 07:19:39 | 000,093,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2018.06.15 07:19:21 | 001,034,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2018.06.15 07:18:35 | 000,228,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2018.06.15 07:16:39 | 000,562,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2018.06.15 07:15:57 | 002,563,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2018.06.15 07:15:50 | 000,753,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2018.06.15 07:13:47 | 000,510,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2018.06.15 07:13:36 | 000,324,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2018.06.15 07:12:59 | 000,661,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2018.06.15 07:12:58 | 000,118,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2018.06.15 07:12:43 | 007,519,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018.06.15 07:12:37 | 000,260,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018.06.15 07:12:07 | 000,491,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2018.06.15 07:11:56 | 006,817,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2018.06.15 07:10:57 | 000,326,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExecModelClient.dll
[2018.06.15 07:10:56 | 001,097,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2018.06.15 07:10:56 | 000,717,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2018.06.15 07:10:00 | 001,934,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018.06.15 07:09:59 | 002,546,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2018.06.15 07:09:58 | 001,659,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2018.06.15 07:09:41 | 001,742,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2018.06.15 07:09:39 | 007,436,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018.06.15 07:09:39 | 001,798,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2018.06.15 07:09:38 | 001,209,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018.06.15 07:09:38 | 000,594,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018.06.15 07:09:07 | 000,247,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2018.06.15 07:09:06 | 001,112,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2018.06.15 07:08:56 | 000,500,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2018.06.15 07:08:39 | 002,062,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2018.06.15 07:08:38 | 001,288,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2018.06.15 07:08:37 | 000,413,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018.06.15 07:08:22 | 004,403,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018.06.15 07:08:19 | 001,140,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018.06.15 07:08:17 | 002,371,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2018.06.15 07:08:17 | 001,946,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2018.06.15 07:08:17 | 000,983,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018.06.15 07:08:16 | 001,921,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2018.06.15 07:08:14 | 001,258,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018.06.15 07:08:14 | 000,642,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp_win.dll
[2018.06.15 07:08:14 | 000,072,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WindowsTrustedRT.sys
[2018.06.15 07:08:09 | 001,784,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2018.06.15 07:08:07 | 001,150,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVP9DEC.dll
[2018.06.15 07:08:07 | 000,604,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2018.06.15 07:08:05 | 000,945,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refsv1.sys
[2018.06.15 07:08:01 | 001,457,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018.06.15 07:07:59 | 001,145,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2018.06.15 07:07:56 | 001,611,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2018.06.15 07:05:55 | 000,444,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2018.06.15 07:05:35 | 000,550,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2018.06.15 07:04:57 | 001,462,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2018.06.15 07:04:49 | 000,281,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExecModelClient.dll
[2018.06.15 07:04:20 | 001,397,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVP9DEC.dll
[2018.06.15 07:04:14 | 000,105,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2018.06.15 07:04:04 | 001,251,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2018.06.15 07:04:00 | 002,331,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2018.06.15 07:03:50 | 004,788,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018.06.15 07:03:49 | 000,232,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2018.06.15 07:03:48 | 006,043,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018.06.15 07:03:48 | 001,559,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2018.06.15 07:03:47 | 006,528,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2018.06.15 07:03:46 | 002,163,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2018.06.15 07:03:44 | 002,535,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2018.06.15 07:03:41 | 001,710,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2018.06.15 07:03:41 | 000,472,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2018.06.15 07:03:39 | 001,020,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2018.06.15 07:03:39 | 000,356,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2018.06.15 07:03:33 | 006,572,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018.06.15 07:03:33 | 001,144,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2018.06.15 07:03:32 | 001,380,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2018.06.15 07:03:32 | 001,129,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2018.06.15 07:03:32 | 000,770,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2018.06.15 07:03:26 | 000,129,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018.06.15 06:49:38 | 002,962,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2018.06.15 06:48:10 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Diagnostics.dll
[2018.06.15 06:48:05 | 002,900,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2018.06.15 06:47:51 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2018.06.15 06:47:15 | 000,515,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2018.06.15 06:47:01 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2018.06.15 06:46:52 | 000,593,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2018.06.15 06:46:46 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovhost.dll
[2018.06.15 06:46:23 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2018.06.15 06:46:21 | 004,333,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2018.06.15 06:46:16 | 001,356,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2018.06.15 06:46:12 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.Input.dll
[2018.06.15 06:46:01 | 004,706,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2018.06.15 06:45:56 | 002,548,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2018.06.15 06:45:44 | 000,992,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Vpn.dll
[2018.06.15 06:45:33 | 000,740,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCRecvSrc.dll
[2018.06.15 06:45:18 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2018.06.15 06:45:12 | 000,871,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2018.06.15 06:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandlerPS.dll
[2018.06.15 06:45:06 | 000,835,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2018.06.15 06:44:43 | 001,632,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2018.06.15 06:44:36 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2018.06.15 06:44:34 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smartscreenps.dll
[2018.06.15 06:44:20 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2018.06.15 06:44:17 | 000,873,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2018.06.15 06:44:10 | 001,342,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2018.06.15 06:44:07 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2018.06.15 06:44:07 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2018.06.15 06:44:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cellulardatacapabilityhandler.dll
[2018.06.15 06:43:51 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VideoHandlers.dll
[2018.06.15 06:43:49 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2018.06.15 06:43:47 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.PointOfService.dll
[2018.06.15 06:43:42 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2018.06.15 06:43:37 | 001,110,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2018.06.15 06:43:28 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DiagnosticLogCSP.dll
[2018.06.15 06:43:13 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2018.06.15 06:43:10 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2018.06.15 06:43:10 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2018.06.15 06:43:08 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2018.06.15 06:43:07 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RdpRelayTransport.dll
[2018.06.15 06:42:55 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Diagnostics.dll
[2018.06.15 06:42:53 | 000,978,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCRecvSrc.dll
[2018.06.15 06:42:46 | 000,558,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2018.06.15 06:42:45 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2018.06.15 06:42:42 | 002,367,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2018.06.15 06:42:38 | 000,431,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2018.06.15 06:42:36 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2018.06.15 06:42:29 | 003,392,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018.06.15 06:42:29 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2018.06.15 06:42:04 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2018.06.15 06:42:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2018.06.15 06:41:55 | 000,898,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2018.06.15 06:41:49 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2018.06.15 06:41:48 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovhost.dll
[2018.06.15 06:41:44 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2018.06.15 06:41:36 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CapabilityAccessManager.dll
[2018.06.15 06:41:35 | 001,724,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2018.06.15 06:41:30 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2018.06.15 06:41:29 | 000,625,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2018.06.15 06:41:28 | 004,561,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2018.06.15 06:41:12 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Input.dll
[2018.06.15 06:41:01 | 003,320,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2018.06.15 06:40:59 | 000,827,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2018.06.15 06:40:51 | 001,487,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2018.06.15 06:40:43 | 000,735,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2018.06.15 06:40:39 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2018.06.15 06:40:03 | 001,550,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018.06.15 06:39:52 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018.06.15 06:39:49 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2018.06.15 06:39:44 | 002,172,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018.06.15 06:39:28 | 001,303,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2018.06.15 06:39:25 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2018.06.15 06:38:48 | 001,070,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2018.06.15 06:38:43 | 000,910,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2018.06.15 06:38:26 | 001,305,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2018.06.15 06:38:23 | 001,581,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.PointOfService.dll
[2018.06.15 06:38:23 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2018.06.15 06:38:03 | 000,949,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2018.06.15 06:38:02 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2018.06.15 06:37:45 | 001,374,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2018.07.13 20:16:56 | 000,000,412 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2018.07.13 13:24:06 | 008,207,422 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2018.07.13 13:24:02 | 000,001,951 | ---- | C] () -- C:\WINDOWS\NvContainerRecovery.bat
[2018.07.13 13:22:44 | 001,515,580 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NVIDIA Corporation\Drs\nvdrsdb.bin
[2018.07.13 13:09:57 | 000,001,951 | ---- | C] () -- C:\WINDOWS\NvTelemetryContainerRecovery.bat
[2018.07.12 23:09:28 | 000,165,376 | ---- | C] () -- C:\Users\JitKae\Desktop\SystemLook_x64.exe
[2018.07.11 09:50:21 | 000,001,310 | ---- | C] () -- C:\WINDOWS\SysNative\tcbres.wim
[2018.07.11 08:40:46 | 000,034,304 | ---- | C] () -- C:\WINDOWS\SysNative\sxj2mlm.dll
[2018.07.11 08:40:46 | 000,000,359 | ---- | C] () -- C:\WINDOWS\SysNative\sxj2mlm.smt
[2018.07.08 23:29:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\SysWow64\CNC1754D.TBL
[2018.07.03 19:21:44 | 000,067,173 | ---- | C] () -- C:\WINDOWS\ZAM.krnl.trace
[2018.07.03 19:21:44 | 000,033,221 | ---- | C] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2018.07.03 19:17:04 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2018.07.02 22:24:00 | 000,028,272 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2018.07.01 10:31:16 | 000,002,390 | ---- | C] () -- C:\Users\JitKae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2018.07.01 08:14:27 | 001,308,672 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessor.dll
[2018.07.01 08:14:24 | 000,542,888 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessorCore.dll
[2018.07.01 08:14:22 | 000,058,524 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2018.07.01 08:06:08 | 000,001,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
[2018.07.01 08:06:08 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\Avast.lnk
[2018.06.13 13:56:44 | 002,841,312 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2018.06.13 13:56:32 | 000,018,716 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2018.05.21 20:47:35 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2018.04.20 17:30:40 | 000,828,728 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll
[2018.04.20 17:30:40 | 000,828,728 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2018.04.20 17:30:24 | 000,591,160 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe
[2018.04.20 17:30:24 | 000,591,160 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2018.04.16 18:49:50 | 000,000,034 | ---- | C] () -- C:\Users\JitKae\AppData\Roaming\AdobeWLCMCache.dat
[2018.04.16 12:52:08 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2018.04.12 01:38:34 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2018.04.12 01:38:34 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2018.04.12 01:35:13 | 000,034,304 | ---- | C] () -- C:\WINDOWS\SysWow64\vmstaging.dll
[2018.04.12 01:34:55 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2018.04.12 01:34:50 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2018.04.12 01:34:49 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2018.04.12 01:34:47 | 000,364,200 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2018.04.12 01:34:46 | 003,575,808 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2018.04.12 01:34:46 | 000,025,600 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2018.04.12 01:34:45 | 000,329,216 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2018.04.12 01:34:45 | 000,223,232 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2018.04.12 01:34:45 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2018.04.12 01:34:45 | 000,111,616 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2018.04.12 01:34:45 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2018.04.12 01:34:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2018.04.12 01:34:30 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2018.06.15 07:09:39 | 007,436,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2018.06.15 07:03:48 | 006,043,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2018.04.12 01:34:40 | 000,973,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2018.04.12 01:34:55 | 000,785,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018.04.12 01:34:40 | 000,524,288 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2018.06.28 20:19:05 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\Apowersoft
[2018.06.28 20:22:05 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\Audacity
[2018.07.01 08:06:09 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\AVAST Software
[2018.04.16 13:20:45 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\GHISLER
[2018.07.11 08:41:07 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\Leadertech
[2018.04.16 16:03:44 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\Obsidium
[2018.04.16 14:49:40 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\OpenOffice
[2018.04.27 10:01:56 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\Opera Software
[2018.04.18 19:23:21 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\SystemAcCrux
[2018.04.24 17:33:06 | 000,000,000 | ---D | M] -- C:\Users\JitKae\AppData\Roaming\TeamViewer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 216 bytes -> C:\Users\JitKae\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity

< End of report >

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43051
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jaro3 » 14 črc 2018 19:09

Drive C: | 111,24 Gb Total Space | 15,14 Gb Free Space | 13,61% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 90,48 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
pořád málo volného místa..


Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2018.06.15 07:09:39 | 007,436,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2018.06.15 07:03:48 | 006,043,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2018.04.12 01:34:40 | 000,973,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2018.04.12 01:34:55 | 000,785,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018.04.12 01:34:40 | 000,524,288 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\ProgramData\ntuser.pol

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Source"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Author"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E}]
"Description"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

jak dopadl Kaspersky rescue disk?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

jkim
Level 1
Level 1
Příspěvky: 53
Registrován: prosinec 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jkim » 15 črc 2018 12:17

Kaspersky nic nenašel.



All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\LastGood.Tmp\SysWOW64 folder moved successfully.
C:\WINDOWS\LastGood.Tmp\system32 folder moved successfully.
C:\WINDOWS\LastGood.Tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Windows\SysNative\drivers\SET27A7.tmp moved successfully.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
C:\ProgramData\ntuser.pol moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E} not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: JitKae
->Temp folder emptied: 56252472 bytes
->Temporary Internet Files folder emptied: 37681825 bytes
->Flash cache emptied: 2148 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 236770 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 90,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07152018_082718

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43051
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jaro3 » 15 črc 2018 19:35

Byl připojen ten disk přímo , nebo jen přes LAN?

Poreferuj co problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

jkim
Level 1
Level 1
Příspěvky: 53
Registrován: prosinec 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jkim » 15 črc 2018 19:47

Disk je připojen přímo, ještě se neodvažuji ho vrátit zpět do routeru...
Problémy vůbec žádné nejsou, ale to nebyly ani když se objevovali ty soubory. AV je při prvním vstupu na disk ihned detekoval, smazal a vše běželo naprosto bez problémů.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43051
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jaro3 » 15 črc 2018 22:19

notebook je čistý , tam to nebude , pořád je bve hře varianta , že se někdo jiný na něj připojuje..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

jkim
Level 1
Level 1
Příspěvky: 53
Registrován: prosinec 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jkim » 16 črc 2018 13:42

Dobře, za počítač zatím velice děkuji...
Notebook, kterým jsem se na disk také vzdáleně připojovala jsem teď nově přeinstalovala, vč. odstranění a formátu oddílu, ten by měl být tedy čistý také. Ještě jsem znovu dala router do továrního nastavení a změnila přístupové údaje. Disk jsem připojila zpět do routeru. Co ftp přes internet, mohu povolit? Zatím jsem nepovolila, ale nějak se vzdáleně potřebuji na disk dostávat. V odkazu od Esetu výše se o tom něco píše, že by se tam ty soubory takto mohly šířit...


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 1 host