wklejto.pl

Dodane przez: ~Anonim (2020-04-27 20:53) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
686.
687.
688.
689.
690.
691.
692.
693.
694.
695.
696.
697.
698.
699.
700.
701.
702.
703.
704.
705.
706.
707.
708.
709.
710.
711.
712.
713.
714.
715.
716.
717.
718.
719.
720.
721.
722.
723.
724.
725.
726.
727.
728.
729.
730.
731.
732.
733.
734.
735.
736.
737.
738.
739.
740.
741.
742.
743.
744.
745.
746.
747.
748.
749.
750.
751.
752.
753.
754.
755.
756.
757.
758.
759.
760.
761.
762.
763.
764.
765.
766.
767.
768.
769.
770.
771.
772.
773.
774.
775.
776.
777.
778.
779.
780.
781.
782.
783.
784.
785.
786.
787.
788.
789.
790.
791.
792.
793.
794.
795.
796.
797.
798.
799.
800.
801.
802.
803.
804.
805.
806.
807.
808.
809.
810.
811.
812.
813.
814.
815.
816.
817.
818.
819.
820.
821.
822.
823.
824.
825.
826.
827.
828.
829.
830.
831.
832.
833.
834.
835.
836.
837.
838.
839.
840.
841.
842.
843.
844.
845.
846.
847.
848.
849.
850.
851.
852.
853.
854.
855.
856.
857.
858.
859.
860.
861.
862.
863.
864.
865.
866.
867.
868.
869.
870.
871.
872.
873.
874.
875.
876.
877.
878.
879.
880.
881.
882.
883.
884.
885.
886.
887.
888.
889.
890.
891.
892.
893.
894.
895.
896.
897.
898.
899.
900.
901.
902.
903.
904.
905.
906.
907.
908.
909.
910.
911.
912.
913.
914.
915.
916.
917.
918.
919.
920.
921.
922.
923.
924.
925.
926.
927.
928.
929.
930.
931.
932.
933.
934.
935.
936.
937.
938.
939.
940.
941.
942.
943.
944.
945.
946.
947.
948.
949.
950.
951.
952.
953.
954.
955.
956.
957.
958.
959.
960.
961.
962.
963.
964.
965.
966.
967.
968.
969.
970.
971.
972.
973.
974.
975.
976.
977.
978.
979.
980.
981.
982.
983.
984.
985.
986.
987.
988.
989.
990.
991.
992.
993.
994.
995.
996.
997.
998.
999.
1000.
1001.
1002.
1003.
1004.
1005.
1006.
1007.
1008.
1009.
1010.
1011.
1012.
1013.
1014.
1015.
1016.
1017.
1018.
1019.
1020.
1021.
1022.
1023.
1024.
1025.
1026.
1027.
1028.
1029.
1030.
1031.
1032.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pawel at 2020-04-27 22:47:05
Microsoft Windows 10 Education 
System drive C: has 7 GB (6%) free of 121 GB
Total RAM: 8037 MB (41% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:47:10, on 27.04.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0771)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Pawel.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Intel Driver & Support Assistant] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Pawel\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [Discord] C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Pawel\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_464601b8ef69395c\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_464601b8ef69395c\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\elevation_service.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxCUIService.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Windows\SysWOW64\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\Windows\System32\RtkAudUService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VirtualBox system service (VBoxSDS) - Oracle Corporation - E:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: WMI_Hook_Service - Unknown owner - (no file)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
 
--
End of file - 13841 bytes
 
======Listing Processes======
 
 
 
 
 
 
 
 
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f75b290e-d3e1-4105-b515-c264b4b28e0e -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a5003b87-da32-41f1-b330-d47b10b143d2 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-006b3cad-579c-449b-b99f-db9fa3940196 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6496eaca-ec08-4242-83b5-c3346af459a3 -LifetimeId:c1d72838-bfc8-4780-89f8-24f55009b0a3 -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k LocalService -p
C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
C:\Windows\system32\svchost.exe -k appmodel -p -s camsvc
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
 
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\Windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\System32\svchost.exe -k utcsvc -p
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Windows\SysWOW64\MSIService.exe"
"C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_464601b8ef69395c\IntelCpHDCPSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\RtkAudUService64.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
 
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\System32\svchost.exe -k NetworkService -p -s TapiSrv
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\mqsvc.exe
dashost.exe {1a323077-3f7c-4bc1-bb7c006be22c51f5}
C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_464601b8ef69395c\IntelCpHeciSvc.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
 
"C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
 
C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
 
 
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\system32\svchost.exe -k LocalService -s W32Time
C:\Windows\system32\svchost.exe -k netsvcs -p -s AppMgmt
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\Windows\system32\svchost.exe -k LocalService -p -s PhoneSvc
 
C:\Windows\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\DisplaySessionContainer%d.log -d C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
"C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxEM.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20032.111.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe" 
"C:\Windows\System32\RtkAudUService64.exe" -background
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe" 
"C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=gpu-process --field-trial-handle=1812,15527877928958897155,5628652983777551379,131072 --disable-features=SpareRendererForSitePerProcess --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=15480676618625550570 --mojo-platform-channel-handle=1828 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=utility --field-trial-handle=1812,15527877928958897155,5628652983777551379,131072 --disable-features=SpareRendererForSitePerProcess --lang=pl --service-sandbox-type=network --service-request-channel-token=2930402235235970216 --mojo-platform-channel-handle=2284 /prefetch:8
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --disable-features=AsyncWheelEvents,SurfaceSynchronization --no-sandbox --log-file="C:\Users\Pawel\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="C:\Users\Pawel\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --service-request-channel-token=572E8AA2B96F72708B08C38D6C8047AD --mojo-platform-channel-handle=1768 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --disable-features=AsyncWheelEvents,SurfaceSynchronization --service-pipe-token=DF0821902EA4BB97F479127DF78221CA --lang=en-US --log-file="C:\Users\Pawel\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=DF0821902EA4BB97F479127DF78221CA --renderer-client-id=3 --mojo-platform-channel-handle=2000 /prefetch:1
C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe --no-rate-limit --no-upload-gzip --type=crash-handler "--crashes-directory=C:\Users\Pawel\AppData\Local\Temp\Discord Crashes" "--database=C:\Users\Pawel\AppData\Local\Temp\Discord Crashes" "--metrics-dir=C:\Users\Pawel\AppData\Local\Temp\Discord Crashes" --url=https://sentry.io/api/146342/minidump/?sentry_key=384ce4413de74fe0be270abe03b2b35a --initial-client-data=0xa88,0xa08,0x95c,0x9c8,0x960,0x551d090,0x551d0a0,0x551d0ac
"C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1812,15527877928958897155,5628652983777551379,131072 --disable-features=SpareRendererForSitePerProcess --lang=pl --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\resources\app.asar" --no-sandbox --no-zygote --native-window-open --preload="C:\Users\Pawel\AppData\Roaming\discord\0.0.306\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#202225 --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=3021868693092466199 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2724 /prefetch:1
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=utility --field-trial-handle=1812,15527877928958897155,5628652983777551379,131072 --disable-features=SpareRendererForSitePerProcess --lang=pl --service-sandbox-type=audio --service-request-channel-token=306277419892868027 --mojo-platform-channel-handle=2936 /prefetch:8
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
"C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe" -ServerName:App.AppX4qs51dybty2brt57cnxbh1cyc25fernm.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\AUDIODG.EXE 0x50c
taskhostw.exe
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj\RtkUWP.exe" -ServerName:App.AppX2vzv616czv2j97f46vn25b5ksjvhr8z1.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
"C:\Windows\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\WLANExt.exe 2111767258096
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe" -Embedding
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe\GameBarFT.exe" /InvokerPRAID: App
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Pawel\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Pawel\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=81.0.4044.122 --initial-client-data=0xe0,0xe4,0xe8,0x80,0xec,0x7ff939c0bd28,0x7ff939c0bd38,0x7ff939c0bd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=18648 --on-initialized-event-handle=712 --parent-handle=716 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1696 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1804 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --extension-process --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --extension-process --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3860 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --extension-process --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --extension-process --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --extension-process --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4544 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --extension-process --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8036 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8500 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8732 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9764 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9916 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10288 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=7484 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3664 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe271_ Global\UsGthrCtrlFltPipeMssGthrPipe271 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 780 784 792 8192 788 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1688,14740964656303453595,3051166503989247614,131072 --lang=pl --disable-client-side-phishing-detection --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2804 /prefetch:1
"C:\Users\Pawel\Desktop\logi\RSITx64.exe" 
 
======Scheduled tasks folder======
 
C:\Windows\tasks\MATLAB R2019a Startup Accelerator.job - E:\Program Files\MATLAB\R2019a\bin\win64\MATLABStartupAccelerator.exe  
 
=========Mozilla firefox=========
 
ProfilePath - C:\Users\Pawel\AppData\Roaming\Mozilla\Firefox\Profiles\robomoqd.default
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.211.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\JAVA\bin\dtplugin\npDeployJava1.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.211.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\JAVA\bin\plugin2\npjp2.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL
 
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-07-12 236232]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\JAVA\bin\ssv.dll [2019-06-19 582008]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~1\Office16\GROOVEEX.DLL [2016-07-13 2177328]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\JAVA\bin\jp2ssv.dll [2019-06-19 245112]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2016-07-13 1522480]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"RtkAudUService"=C:\Windows\System32\RtkAudUService64.exe [2019-01-24 833312]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Pawel\AppData\Roaming\uTorrent\uTorrent.exe [2020-04-11 2072816]
"Discord"=C:\Users\Pawel\AppData\Local\Discord\app-0.0.306\Discord.exe [2020-02-24 90950968]
"com.squirrel.Teams.Teams"=C:\Users\Pawel\AppData\Local\Microsoft\Teams\Update.exe [2020-03-26 2342544]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2012-09-25 1163264]
"ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2019-04-01 645456]
"Intel Driver & Support Assistant"=C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [2020-03-03 237416]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmntdrv]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\epmntdrv]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EuGdiDrv]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - 
.scr - install - 
.scr - config - 
 
======List of files/folders created in the last 1 month======
 
2020-04-27 22:47:06 ----D---- C:\Program Files\trend micro
2020-04-27 22:47:05 ----D---- C:\rsit
2020-04-27 22:35:06 ----D---- C:\FRST
2020-04-14 20:27:10 ----A---- C:\Windows\SYSWOW64\MSFlacDecoder.dll
2020-04-14 20:27:10 ----A---- C:\Windows\system32\rdpshell.exe
2020-04-14 20:27:10 ----A---- C:\Windows\system32\rdpinit.exe
2020-04-14 20:27:09 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2020-04-14 20:27:09 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2020-04-14 20:27:09 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2020-04-14 20:27:09 ----A---- C:\Windows\SYSWOW64\mfmkvsrcsnk.dll
2020-04-14 20:27:09 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2020-04-14 20:27:09 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2020-04-14 20:27:09 ----A---- C:\Windows\system32\MSFlacDecoder.dll
2020-04-14 20:27:09 ----A---- C:\Windows\system32\mfps.dll
2020-04-14 20:27:08 ----A---- C:\Windows\system32\tellib.dll
2020-04-14 20:27:08 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2020-04-14 20:27:08 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2020-04-14 20:27:08 ----A---- C:\Windows\system32\mfmkvsrcsnk.dll
2020-04-14 20:27:08 ----A---- C:\Windows\system32\mfcore.dll
2020-04-14 20:27:06 ----A---- C:\Windows\system32\drivers\csc.sys
2020-04-14 20:27:00 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2020-04-14 20:27:00 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2020-04-14 20:27:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2020-04-14 20:27:00 ----A---- C:\Windows\system32\workfolderssvc.dll
2020-04-14 20:26:59 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2020-04-14 20:26:59 ----A---- C:\Windows\SYSWOW64\EdgeManager.dll
2020-04-14 20:26:58 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2020-04-14 20:26:58 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\wsecedit.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\srumsvc.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\msi.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\mispace.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\IndexedDbLegacy.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2020-04-14 20:26:57 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2020-04-14 20:26:56 ----A---- C:\Windows\system32\WinSATAPI.dll
2020-04-14 20:26:56 ----A---- C:\Windows\system32\WinSAT.exe
2020-04-14 20:26:56 ----A---- C:\Windows\system32\rdpclip.exe
2020-04-14 20:26:56 ----A---- C:\Windows\system32\nltest.exe
2020-04-14 20:26:56 ----A---- C:\Windows\system32\mstscax.dll
2020-04-14 20:26:56 ----A---- C:\Windows\system32\msi.dll
2020-04-14 20:26:56 ----A---- C:\Windows\system32\EdgeManager.dll
2020-04-14 20:26:55 ----A---- C:\Windows\system32\webplatstorageserver.dll
2020-04-14 20:26:55 ----A---- C:\Windows\system32\edgehtml.dll
2020-04-14 20:26:54 ----A---- C:\Windows\system32\mshtml.dll
2020-04-14 20:26:54 ----A---- C:\Windows\system32\IndexedDbLegacy.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\wsecedit.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\StorSvc.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\jscript9diag.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\jscript9.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\jscript.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\iscsiwmiv2.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\iasacct.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\Chakradiag.dll
2020-04-14 20:26:53 ----A---- C:\Windows\system32\Chakra.dll
2020-04-14 20:26:52 ----A---- C:\Windows\system32\mispace.dll
2020-04-14 20:26:49 ----A---- C:\Windows\system32\wbadmin.exe
2020-04-14 20:26:48 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2020-04-14 20:26:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2020-04-14 20:26:48 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2020-04-14 20:26:48 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2020-04-14 20:26:48 ----A---- C:\Windows\system32\bcastdvruserservice.dll
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\uReFS.dll
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2020-04-14 20:26:47 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\Windows.Storage.ApplicationData.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\user32.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\sppcext.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\slc.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\InstallServiceTasks.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\InstallService.dll
2020-04-14 20:26:46 ----A---- C:\Windows\SYSWOW64\aadtb.dll
2020-04-14 20:26:45 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2020-04-14 20:26:45 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-14 20:26:45 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2020-04-14 20:26:45 ----A---- C:\Windows\SYSWOW64\tbauth.dll
2020-04-14 20:26:45 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2020-04-14 20:26:45 ----A---- C:\Windows\SYSWOW64\FlightSettings.dll
2020-04-14 20:26:45 ----A---- C:\Windows\SYSWOW64\explorer.exe
2020-04-14 20:26:45 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2020-04-14 20:26:45 ----A---- C:\Windows\system32\wininet.dll
2020-04-14 20:26:45 ----A---- C:\Windows\system32\t2embed.dll
2020-04-14 20:26:45 ----A---- C:\Windows\system32\GdiPlus.dll
2020-04-14 20:26:45 ----A---- C:\Windows\system32\gdi32full.dll
2020-04-14 20:26:44 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2020-04-14 20:26:44 ----A---- C:\Windows\system32\sxssrv.dll
2020-04-14 20:26:44 ----A---- C:\Windows\system32\smss.exe
2020-04-14 20:26:44 ----A---- C:\Windows\system32\ntdll.dll
2020-04-14 20:26:44 ----A---- C:\Windows\system32\mf3216.dll
2020-04-14 20:26:44 ----A---- C:\Windows\system32\KernelBase.dll
2020-04-14 20:26:44 ----A---- C:\Windows\system32\fontsub.dll
2020-04-14 20:26:44 ----A---- C:\Windows\system32\fontdrvhost.exe
2020-04-14 20:26:44 ----A---- C:\Windows\system32\drivers\tcpip.sys
2020-04-14 20:26:44 ----A---- C:\Windows\system32\drivers\rdbss.sys
2020-04-14 20:26:44 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2020-04-14 20:26:44 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2020-04-14 20:26:43 ----A---- C:\Windows\system32\winresume.exe
2020-04-14 20:26:43 ----A---- C:\Windows\system32\win32appinventorycsp.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\uReFS.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\uDWM.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\TSWorkspace.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\taskschd.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\TabSvc.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\sppcommdlg.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\slc.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\refsutil.exe
2020-04-14 20:26:43 ----A---- C:\Windows\system32\phoneactivate.exe
2020-04-14 20:26:43 ----A---- C:\Windows\system32\pcasvc.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\kernel32.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\invagent.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\dwmcore.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\devinv.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\CompatTelRunner.exe
2020-04-14 20:26:43 ----A---- C:\Windows\system32\appraiser.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\aitstatic.exe
2020-04-14 20:26:43 ----A---- C:\Windows\system32\aeinv.dll
2020-04-14 20:26:43 ----A---- C:\Windows\system32\acmigration.dll
2020-04-14 20:26:42 ----A---- C:\Windows\system32\winload.exe
2020-04-14 20:26:42 ----A---- C:\Windows\system32\SettingsHandlers_Language.dll
2020-04-14 20:26:42 ----A---- C:\Windows\system32\ntshrui.dll
2020-04-14 20:26:42 ----A---- C:\Windows\system32\generaltel.dll
2020-04-14 20:26:42 ----A---- C:\Windows\system32\drivers\refs.sys
2020-04-14 20:26:41 ----A---- C:\Windows\system32\vbscript.dll
2020-04-14 20:26:41 ----A---- C:\Windows\system32\sppsvc.exe
2020-04-14 20:26:41 ----A---- C:\Windows\system32\sppcext.dll
2020-04-14 20:26:41 ----A---- C:\Windows\system32\shell32.dll
2020-04-14 20:26:41 ----A---- C:\Windows\system32\rasmans.dll
2020-04-14 20:26:41 ----A---- C:\Windows\system32\ipnathlp.dll
2020-04-14 20:26:41 ----A---- C:\Windows\system32\comdlg32.dll
2020-04-14 20:26:40 ----A---- C:\Windows\system32\wpnapps.dll
2020-04-14 20:26:40 ----A---- C:\Windows\system32\WindowManagement.dll
2020-04-14 20:26:40 ----A---- C:\Windows\system32\win32kfull.sys
2020-04-14 20:26:40 ----A---- C:\Windows\system32\user32.dll
2020-04-14 20:26:40 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2020-04-14 20:26:40 ----A---- C:\Windows\system32\policymanagerprecheck.dll
2020-04-14 20:26:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2020-04-14 20:26:40 ----A---- C:\Windows\system32\LanguageComponentsInstaller.dll
2020-04-14 20:26:40 ----A---- C:\Windows\system32\hal.dll
2020-04-14 20:26:40 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2020-04-14 20:26:39 ----A---- C:\Windows\system32\wpncore.dll
2020-04-14 20:26:39 ----A---- C:\Windows\system32\win32kbase.sys
2020-04-14 20:26:39 ----A---- C:\Windows\system32\InstallServiceTasks.dll
2020-04-14 20:26:39 ----A---- C:\Windows\system32\InstallService.dll
2020-04-14 20:26:39 ----A---- C:\Windows\system32\EdgeContent.dll
2020-04-14 20:26:39 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2020-04-14 20:26:39 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2020-04-14 20:26:39 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2020-04-14 20:26:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\wow64win.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\TokenBroker.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\tbauth.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\cloudAP.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-04-14 20:26:37 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2020-04-14 20:26:37 ----A---- C:\Windows\system32\aadtb.dll
2020-04-14 20:26:36 ----A---- C:\Windows\SYSWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-14 20:26:36 ----A---- C:\Windows\SYSWOW64\Microsoft.Uev.AppAgent.dll
2020-04-14 20:26:36 ----A---- C:\Windows\system32\WpcDesktopMonSvc.dll
2020-04-14 20:26:36 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2020-04-14 20:26:36 ----A---- C:\Windows\system32\TaskFlowDataEngine.dll
2020-04-14 20:26:36 ----A---- C:\Windows\system32\FlightSettings.dll
2020-04-14 20:26:36 ----A---- C:\Windows\system32\drivers\http.sys
2020-04-14 20:26:36 ----A---- C:\Windows\system32\advapi32.dll
2020-04-14 20:26:36 ----A---- C:\Windows\explorer.exe
2020-04-14 20:26:35 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2020-04-14 20:26:35 ----A---- C:\Windows\SYSWOW64\windowsperformancerecordercontrol.dll
2020-04-14 20:26:35 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2020-04-14 20:26:35 ----A---- C:\Windows\SYSWOW64\dtdump.exe
2020-04-14 20:26:35 ----A---- C:\Windows\SYSWOW64\aepic.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\wuuhext.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\wuaueng.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\wevtsvc.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\webservices.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\WaaSMedicSvc.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\utcutil.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\usocore.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\updatepolicy.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\umpo.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\tcbloader.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\tcblaunch.exe
2020-04-14 20:26:35 ----A---- C:\Windows\system32\srumsvc.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\skci.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\securekernel.exe
2020-04-14 20:26:35 ----A---- C:\Windows\system32\runexehelper.exe
2020-04-14 20:26:35 ----A---- C:\Windows\system32\netlogon.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\LsaIso.exe
2020-04-14 20:26:35 ----A---- C:\Windows\system32\kerberos.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\KerbClientShared.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\dosvc.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\domgmt.dll
2020-04-14 20:26:35 ----A---- C:\Windows\system32\diagtrack.dll
2020-04-14 20:26:34 ----A---- C:\Windows\SYSWOW64\WinTypes.dll
2020-04-14 20:26:34 ----A---- C:\Windows\SYSWOW64\offlinesam.dll
2020-04-14 20:26:34 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2020-04-14 20:26:34 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2020-04-14 20:26:34 ----A---- C:\Windows\SYSWOW64\combase.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\WinTypes.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\winhttp.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\windows.storage.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\samsrv.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\rpcss.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\offlinesam.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\logoncli.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\dnsrslvr.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\dnsapi.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\DeviceCensus.exe
2020-04-14 20:26:34 ----A---- C:\Windows\system32\dcntel.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\combase.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\ci.dll
2020-04-14 20:26:34 ----A---- C:\Windows\system32\aepic.dll
2020-04-14 20:26:33 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2020-04-14 20:26:33 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2020-04-14 20:26:33 ----A---- C:\Windows\SYSWOW64\webservices.dll
2020-04-14 20:26:33 ----A---- C:\Windows\SYSWOW64\updatepolicy.dll
2020-04-14 20:26:33 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2020-04-14 20:26:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2020-04-14 20:26:33 ----A---- C:\Windows\SYSWOW64\KerbClientShared.dll
2020-04-14 20:26:33 ----A---- C:\Windows\SYSWOW64\iscsiwmiv2.dll
2020-04-14 20:26:33 ----A---- C:\Windows\system32\hvix64.exe
2020-04-14 20:26:33 ----A---- C:\Windows\system32\hvax64.exe
2020-04-14 20:26:33 ----A---- C:\Windows\system32\drivers\winnat.sys
2020-04-14 20:26:33 ----A---- C:\Windows\system32\drivers\volmgr.sys
2020-04-14 20:26:33 ----A---- C:\Windows\system32\drivers\stornvme.sys
2020-04-14 20:26:33 ----A---- C:\Windows\system32\drivers\sfloppy.sys
2020-04-14 20:26:33 ----A---- C:\Windows\system32\drivers\sdbus.sys
2020-04-14 20:26:33 ----A---- C:\Windows\system32\drivers\scmbus.sys
2020-04-14 20:26:33 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2020-04-04 16:28:53 ----D---- C:\Magiczne Bloczki
2020-03-29 22:22:05 ----D---- C:\Users\Pawel\AppData\Roaming\Dev-Cpp
 
======List of files/folders modified in the last 1 month======
 
2020-04-27 22:47:09 ----D---- C:\Windows\Temp
2020-04-27 22:47:06 ----RD---- C:\Program Files
2020-04-27 22:45:12 ----D---- C:\Users\Pawel\AppData\Roaming\Discord
2020-04-27 22:42:51 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-04-27 22:39:50 ----D---- C:\Windows\Prefetch
2020-04-27 22:36:24 ----SHD---- C:\System Volume Information
2020-04-27 22:06:49 ----D---- C:\ProgramData\Origin
2020-04-27 22:06:47 ----D---- C:\Users\Pawel\AppData\Roaming\Origin
2020-04-27 22:00:00 ----D---- C:\Windows\system32\sru
2020-04-27 21:46:28 ----D---- C:\Windows\system32\SleepStudy
2020-04-27 21:23:21 ----HD---- C:\Program Files\WindowsApps
2020-04-27 21:23:21 ----D---- C:\Windows\AppReadiness
2020-04-27 21:02:31 ----D---- C:\Windows\system32\LogFiles
2020-04-27 13:39:03 ----RD---- C:\Windows\Microsoft.NET
2020-04-27 12:59:09 ----D---- C:\ProgramData\NVIDIA
2020-04-26 23:31:15 ----D---- C:\Windows\Logs
2020-04-26 12:11:06 ----D---- C:\Program Files (x86)\Origin Games
2020-04-26 12:08:52 ----D---- C:\Program Files (x86)\Origin
2020-04-25 13:42:34 ----D---- C:\Users\Pawel\AppData\Roaming\uTorrent
2020-04-24 16:42:23 ----HD---- C:\ProgramData
2020-04-22 01:06:12 ----D---- C:\Windows\system32\config
2020-04-21 20:40:02 ----D---- C:\Windows\WinSxS
2020-04-21 20:40:02 ----D---- C:\Windows\system32\DriverStore
2020-04-21 20:38:19 ----D---- C:\Windows\system32\catroot2
2020-04-15 19:25:34 ----D---- C:\Windows\System32
2020-04-15 19:25:34 ----D---- C:\Windows\INF
2020-04-15 19:25:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-04-15 02:39:00 ----D---- C:\Windows\SYSWOW64\de-DE
2020-04-15 02:39:00 ----D---- C:\Windows\SysWOW64
2020-04-15 02:39:00 ----D---- C:\Windows\system32\wbem
2020-04-15 02:39:00 ----D---- C:\Windows\system32\pl-PL
2020-04-15 02:39:00 ----D---- C:\Windows\system32\migration
2020-04-15 02:39:00 ----D---- C:\Windows\system32\drivers
2020-04-15 02:39:00 ----D---- C:\Windows\system32\de-DE
2020-04-15 02:39:00 ----D---- C:\Windows\system32\Boot
2020-04-15 02:38:59 ----D---- C:\Windows\ShellExperiences
2020-04-15 02:38:59 ----D---- C:\Windows\Provisioning
2020-04-15 02:38:59 ----D---- C:\Windows\PolicyDefinitions
2020-04-15 02:38:59 ----D---- C:\Windows\bcastdvr
2020-04-15 02:38:59 ----D---- C:\Windows
2020-04-15 02:38:59 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-14 20:28:30 ----D---- C:\Windows\CbsTemp
2020-04-14 20:25:32 ----A---- C:\Windows\SYSWOW64\sppc.dll
2020-04-14 20:25:21 ----A---- C:\Windows\system32\sppc.dll
2020-04-02 18:44:28 ----N---- C:\Windows\system32\MpSigStub.exe
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 EPMVolFl;EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [2019-04-12 30136]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2018-12-11 55608]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2020-03-13 254264]
R0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2020-04-14 134968]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2018-09-15 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-09-15 63288]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2020-02-11 452608]
R2 inpoutx64;inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [2019-02-14 15008]
R2 IntelHaxm;Intel HAXM Service; C:\Windows\system32\DRIVERS\IntelHaxm.sys [2019-07-17 185552]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2018-12-11 51712]
R2 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2019-06-02 184320]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\drivers\BTHUSB.sys [2019-08-13 92672]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2018-09-15 63288]
R3 iaLPSS2_UART2;@oem6.inf,%iaLPSS2_UART2.SVCDESC%;Intel(R) Serial IO UART Driver v2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [2018-05-02 315520]
R3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
R3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
R3 ibtusb;@oem64.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_281613a8318b7cea\ibtusb.sys [2019-12-03 16890872]
R3 igfx;igfx; C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_464601b8ef69395c\igdkmd64.sys [2018-09-28 14073560]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2018-07-19 6322512]
R3 IntcDAud;@oem11.inf,%IntcAud.SvcDesc%;Audio dla wyświetlaczy Intel(R); C:\Windows\System32\DriverStore\FileRepository\intcdaud.inf_amd64_3b876fb0bfb3390a\IntcDAud.sys [2018-09-28 634080]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\System32\drivers\L1C63x64.sys [2018-09-15 121344]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 Netwtw08;___ Sterownik karty Intel(R) Wireless dla systemu Windows 10 64 Bit; C:\Windows\System32\drivers\Netwtw08.sys [2019-03-02 9143584]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\nvlddmkm.sys [2019-09-03 22118144]
R3 nvvad_WaveExtensible;@oem21.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-10-01 70024]
R3 nvvhci;@oem23.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2018-10-03 66792]
R3 ROCKEYNT;@oem51.inf,%Rockey.SVCDESC%;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2019-07-31 36904]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2020-02-11 137528]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2019-03-12 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2020-03-13 103952]
S3 BrSerIf;@oem37.inf,%BrSerIf.SvcDesc%;Brother MFC Serial Port Interface WDM Driver; C:\Windows\system32\DRIVERS\BrSerIf.sys [2006-12-12 97280]
S3 BrUsbSer;@oem37.inf,%BrUsbSer.SvcDesc%;Brother MFC USB Serial WDM Driver; C:\Windows\system32\DRIVERS\BrUsbSer.sys [2006-09-03 19584]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Usługa wyliczania Bluetooth; C:\Windows\System32\drivers\BthEnum.sys [2018-12-11 111104]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-07-10 91136]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2018-09-15 133120]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Sterownik portu Bluetooth; C:\Windows\System32\drivers\BTHport.sys [2019-08-13 1232384]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2018-09-15 125952]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 dg_ssudbus;@oem59.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2019-09-26 136040]
S3 epmntdrv;epmntdrv; C:\Windows\system32\epmntdrv.sys [2019-02-18 34744]
S3 EuGdiDrv;EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys []
S3 ew_usbccgpfilter;@oem53.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [2019-10-31 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2019-11-14 80400]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 ipadtst;ipadtst; \??\C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys [2013-11-11 20464]
S3 ipadtst2;ipadtst2; \??\C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [2016-07-29 16336]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2019-10-04 290304]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 Netwtw06;___ Sterownik karty Intel(R) Wireless dla systemu Windows 10 64 Bit; C:\Windows\System32\drivers\Netwtw06.sys [2018-05-13 8810336]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-01-16 30336]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2019-08-13 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2019-04-10 981816]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2018-09-15 202240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2018-09-15 33080]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2018-09-15 33280]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_f0642e7;Usługa użytkownika platformy podłączonych urządzeń_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_464601b8ef69395c\IntelCpHDCPSvc.exe [2018-09-28 504032]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2018-04-17 641632]
R2 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2019-07-31 3460072]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxCUIService.exe [2018-09-28 413408]
R2 Micro Star SCM;Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [2009-07-09 160768]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2019-06-02 26112]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-01-30 790920]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_32ef3d5cc44d4a1d\Display.NvContainer\NVDisplay.Container.exe [2019-09-03 790672]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-02-08 798976]
R2 OneSyncSvc_f0642e7;Synchronizuj hosta_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2020-04-14 3446576]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2018-04-17 156768]
R2 RtkAudioUniversalService;Realtek Audio Universal Service; C:\Windows\System32\RtkAudUService64.exe [2019-01-24 833312]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_f0642e7;Usługa użytkownika Schowek_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_464601b8ef69395c\IntelCpHeciSvc.exe [2018-09-28 509152]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 DSAUpdateService;Intel(R) Driver & Support Assistant Updater; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [2020-03-03 143720]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-09-09 43632]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 PimIndexMaintenanceSvc_f0642e7;Dane kontaktowe_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2020-03-13 903368]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S2 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [2018-12-19 937208]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-04-19 156456]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_f0642e7;Usługa użytkownika DVR z gry i transmisja_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-10-26 8395968]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_f0642e7;Usługa obsługi użytkownika protokołu Bluetooth_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_f0642e7;CaptureService_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_f0642e7;ConsentUX_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_f0642e7;DevicePicker_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_f0642e7;Przepływ urządzeń_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-15 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [2020-03-03 37224]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-01-09 802432]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\elevation_service.exe [2020-04-20 1095664]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-04-19 156456]
S3 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service []
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13 18168]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_f0642e7;Usługa wiadomości_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-07-17 238624]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2018-04-17 265824]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-01-30 790920]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2020-04-14 2495280]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_f0642e7;Przepływ pracy drukowania_f0642e7; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2020-04-14 5897960]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2018-09-15 1269248]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2020-02-11 831800]
 
-----------------EOF-----------------
 
Wygenerowano w 0.018s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!