Tech Support banner

Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
14 Posts
Discussion Starter #1
So I decided to try out an mobile phone app that lists open ports of devices on a network and saw that my sister's laptop (which I got her a week ago [windows 10]) has port 31337 open (listed as Elite) and this struck me as strange since all system protocols run on ports below 1000.

Googling it I found it is associated with back orifice hack tool.
Running tcpview on her laptop shown that port to be used (listening) by "system" for TCP and for TCPv6, which meant that I couldn't see which executable runs it and I couldn't end the connection.

After avast didn't discover the virus I switched to windows defender who found one hack tool, but this wasn't the thing that was using the port.

Any help with solving this is welcome.
 

·
Registered
Joined
·
14 Posts
Discussion Starter #2
Thanks SABL for pointing out I should use bbs.exe

Also this is the virus that Widows Defender detected (it opened the link):
hxxps://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=HackTool:Win32/AutoKMS

bbs.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16603
Run by Alex at 12:47:42 on 2016-02-19
Microsoft Windows 10 Enterprise 10.0.10240.0.0.800.1033.18.3979.1287 [GMT 1:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\igfxCUIService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\dashost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxTray.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
C:\Users\Korisnik\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
C:\Windows\system32\fontdrvhost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
C:\Windows\system32\SettingSyncHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
C:\Windows\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
C:\Windows\system32\taskhostw.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Windows\System32\NetworkUXBroker.exe
C:\Windows\System32\DataExchangeHost.exe
svchost.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [f.lux] "C:\Users\Korisnik\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRunOnce: [Uninstall C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-Windows\System: EnableSmartScreen = dword:0
TCP: NameServer = 212.200.191.166 212.200.190.166
TCP: Interfaces\{5645462f-78f2-4453-98cd-359c91ada131} : DHCPNameServer = 212.200.191.166 212.200.190.166
TCP: Interfaces\{fc599139-002c-4055-a7b2-61e24945155d} : DHCPNameServer = 212.200.191.166 212.200.190.166
TCP: Interfaces\{fc599139-002c-4055-a7b2-61e24945155d}\14C6661635F6664777162756 : DHCPNameServer = 192.168.1.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\0foy63cn.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Korisnik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2016-2-8 74544]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswvmm.sys [2016-2-8 287016]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2015-7-10 43872]
R0 MBI;Intel(R) Sideband Fabric Device Service;C:\Windows\System32\drivers\MBI.sys [2016-2-8 41464]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2016-2-10 200528]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2016-2-8 1065720]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2016-2-8 463744]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-7-2 19768]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2016-2-10 8192]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2016-2-8 37656]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2016-2-8 107792]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2016-2-8 165344]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-2-8 237096]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2016-2-8 330136]
R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 tiledatamodelsvc;Tile Data model server;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R2 Virtual Router;VirtualRouterService;C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [2013-2-10 12288]
R2 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 ATP;ASUS Input Device;C:\Windows\System32\drivers\AsusTP.sys [2015-8-23 100776]
R3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\Windows\System32\drivers\dtlitescsibus.sys [2016-2-10 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;C:\Windows\System32\drivers\dtliteusbbus.sys [2016-2-10 47672]
R3 GPIO;Intel SoC GPIO Controller Driver;C:\Windows\System32\drivers\iaiogpioe.sys [2016-2-8 51128]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\drivers\AsHIDSwitch64.sys [2016-2-8 27872]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-8-21 463112]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2015-7-29 38976]
R3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
R3 NgcSvc;Microsoft Passport;C:\Windows\System32\lsass.exe [2015-7-10 56344]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2016-2-8 321792]
R3 rt640x64;Realtek RT640 NT Driver;C:\Windows\System32\drivers\rt640x64.sys [2015-7-10 587264]
R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 TXEIx64;Intel(R) Trusted Execution Engine Interface ;C:\Windows\System32\drivers\TXEIx64.sys [2016-2-8 146232]
R3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2015-7-10 28512]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-2-13 143144]
S2 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\drivers\BthLEEnum.sys [2015-7-10 237568]
S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2016-2-10 36352]
S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-2-13 143144]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-1-15 1369464]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 fcvsc;fcvsc;C:\Windows\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-7-10 115200]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2015-7-29 50240]
S3 IoQos;IoQos;C:\Windows\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2016-2-10 934752]
S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2016-2-10 1031680]
S3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2016-2-10 80720]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2016-2-10 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 UsoSvc;Update Orchestrator Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2016-2-10 685568]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\Windows\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2015-7-10 25600]
SUnknown zbdnymge;zbdnymge; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-02-19 11:43:59 16148 ----a-w- C:\Windows\System32\DESKTOP-FEMO8H9_Alex_HistoryPrediction.bin
2016-02-18 18:23:54 1187344 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2016-02-18 18:23:53 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{416949AB-6F93-4DC9-B1EA-ED7DD9CA0073}\gapaengine.dll
2016-02-18 18:23:31 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{86F847C7-AD16-4104-8679-CA2915D043CA}\mpengine.dll
2016-02-18 18:23:18 301728 ------w- C:\Windows\System32\MpSigStub.exe
2016-02-18 16:46:43 -------- d-----w- C:\Users\Korisnik\.zenmap
2016-02-18 16:45:37 -------- d-----w- C:\ProgramData\Package Cache
2016-02-18 16:44:37 -------- d-----w- C:\Program Files (x86)\Nmap
2016-02-15 22:20:46 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Blender Foundation
2016-02-15 03:05:01 -------- d-----w- C:\Users\Korisnik\.thumbnails
2016-02-14 18:12:18 -------- d-----w- C:\ProgramData\Orbit
2016-02-14 17:32:15 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Might & Magic X - Legacy
2016-02-14 17:09:32 -------- d-----w- C:\Program Files (x86)\R.G. Mechanics
2016-02-13 15:21:11 -------- d-----w- C:\Users\Korisnik\.swt
2016-02-13 13:14:30 -------- d-----w- C:\Users\Korisnik\AppData\Local\Ankama
2016-02-13 13:14:11 -------- d-----w- C:\Program Files (x86)\Ankama
2016-02-13 12:49:31 103344 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2016-02-13 12:49:31 103344 ------w- C:\Program Files\Internet Explorer\Plugins\nppdf32.dll
2016-02-13 12:49:31 -------- d-----w- C:\Windows\Profiles
2016-02-13 12:49:30 270336 ----a-w- C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
2016-02-13 12:49:28 -------- d-----w- C:\Windows\SysWow64\Adobe
2016-02-13 12:42:21 -------- d-----w- C:\Program Files (x86)\Common Files\3DO Shared
2016-02-13 12:42:21 -------- d-----w- C:\Program Files (x86)\3DO
2016-02-13 03:56:14 -------- d-----r- C:\Users\Korisnik\Dropbox
2016-02-13 03:50:13 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Dropbox
2016-02-13 03:48:43 -------- d-----w- C:\Program Files (x86)\Dropbox
2016-02-13 03:48:38 -------- d-----w- C:\Users\Korisnik\AppData\Local\Dropbox
2016-02-13 03:48:38 -------- d-----w- C:\ProgramData\Dropbox
2016-02-13 02:20:42 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Teeworlds
2016-02-13 02:00:40 -------- d-----w- C:\Program Files (x86)\teeworlds-0.6.3-win32
2016-02-13 01:35:20 2829 ----a-w- C:\Windows\War3Unin.pif
2016-02-13 01:35:20 139264 ----a-w- C:\Windows\War3Unin.exe
2016-02-12 21:32:42 -------- d-----w- C:\Users\Korisnik\AppData\Local\HHD Software
2016-02-12 21:32:42 -------- d-----w- C:\Program Files (x86)\HHD Software
2016-02-12 21:25:50 -------- d-----w- C:\Program Files\Disney Interactive
2016-02-12 21:24:23 306688 ----a-w- C:\Windows\IsUninst.exe
2016-02-12 21:21:08 -------- d-----w- C:\Users\Korisnik\AppData\Local\FLT
2016-02-12 21:18:14 -------- d-----w- C:\Program Files (x86)\Dont Starve Together
2016-02-12 20:34:06 28400 ----a-w- C:\Windows\SysWow64\drivers\SECDRV.SYS
2016-02-12 19:00:10 -------- d-----w- C:\Program Files (x86)\AikaOnline
2016-02-12 18:54:13 -------- d-----w- C:\Program Files (x86)\Zumma deluxe
2016-02-12 18:48:33 -------- d-----w- C:\Program Files (x86)\pacman
2016-02-12 18:43:29 -------- d-----w- C:\Program Files (x86)\Oktagon
2016-02-12 18:40:10 -------- d-----w- C:\Program Files (x86)\laser
2016-02-12 18:36:00 -------- d-----w- C:\Program Files (x86)\Jazzjack2
2016-02-12 18:32:31 -------- d-----w- C:\Program Files (x86)\DXBALL
2016-02-12 18:28:55 -------- d-----w- C:\Program Files (x86)\Blobby
2016-02-12 18:22:11 -------- d-----w- C:\Program Files (x86)\b2002
2016-02-12 17:10:11 -------- d-----w- C:\Program Files (x86)\Activision
2016-02-12 16:56:02 47104 ----a-w- C:\Windows\SysWow64\KMVIDC32.DLL
2016-02-12 16:49:46 -------- d-----w- C:\Program Files (x86)\Sven Oster-Edition
2016-02-12 16:48:55 -------- d-----w- C:\Program Files (x86)\Potapanje brodova
2016-02-12 16:47:40 -------- d-----w- C:\Program Files (x86)\Milioner
2016-02-12 12:27:22 -------- d-----w- C:\Program Files (x86)\Yu-Gi-Oh!
2016-02-12 11:45:43 756736 ------w- C:\Windows\SysWow64\ir41_32.dll
2016-02-12 11:45:42 271360 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires\UNINSTAL.EXE
2016-02-12 11:45:42 2662400 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires\SETUPENU.DLL
2016-02-12 11:44:39 29184 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires\data\closedpw.exe
2016-02-12 11:44:35 171520 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires\language.dll
2016-02-12 11:44:32 32768 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires\AoEHlp.dll
2016-02-12 11:44:32 27136 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires\aelaunch.dll
2016-02-12 11:44:32 1605632 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires\Empires.exe
2016-02-12 11:44:25 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2016-02-12 11:01:05 6918144 ----a-w- C:\Windows\SysWow64\NlsLexicons0c1a.dll
2016-02-12 11:01:05 6918144 ----a-w- C:\Windows\System32\NlsLexicons0c1a.dll
2016-02-12 11:01:05 173568 ----a-w- C:\Windows\System32\NlsData0c1a.dll
2016-02-12 11:01:05 130048 ----a-w- C:\Windows\SysWow64\NlsData0c1a.dll
2016-02-11 22:44:10 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2016-02-11 22:43:59 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll
2016-02-11 09:51:37 63248 ----a-w- C:\Windows\System32\drivers\VcommMgr.sys
2016-02-11 09:51:37 49680 ----a-w- C:\Windows\System32\drivers\BTHidMgr.sys
2016-02-11 09:51:37 47120 ----a-w- C:\Windows\System32\drivers\VComm.sys
2016-02-11 09:51:37 44688 ----a-w- C:\Windows\System32\drivers\btcusb.sys
2016-02-11 09:51:37 38160 ----a-w- C:\Windows\System32\drivers\blueletaudio.sys
2016-02-11 09:51:37 37648 ----a-w- C:\Windows\System32\drivers\BlueletSCOAudio.sys
2016-02-11 09:51:37 32832 ----a-w- C:\Windows\System32\drivers\BTNetFilter.sys
2016-02-11 09:51:37 25360 ----a-w- C:\Windows\System32\drivers\BtNetDrv.sys
2016-02-11 09:51:37 24976 ----a-w- C:\Windows\System32\drivers\VBTEnum.sys
2016-02-11 09:51:37 23184 ----a-w- C:\Windows\System32\drivers\VHIDMini.sys
2016-02-11 09:51:37 16144 ----a-w- C:\Windows\System32\btinstall.dll
2016-02-11 09:51:28 -------- d-----w- C:\Program Files (x86)\IVT Corporation
2016-02-10 11:19:56 -------- d-----w- C:\Windows\System32\SleepStudy
2016-02-10 03:44:55 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Eusing
2016-02-10 01:18:46 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\ParetoLogic
2016-02-10 01:18:16 -------- d-----w- C:\ProgramData\ParetoLogic
2016-02-10 00:41:33 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\OpenOffice
2016-02-10 00:04:20 -------- d-----w- C:\Windows\System32\MRT
2016-02-09 23:56:59 621056 ----a-w- C:\Windows\System32\enterprisecsps.dll
2016-02-09 23:55:56 869376 ----a-w- C:\Windows\System32\MapControlCore.dll
2016-02-09 23:54:59 931328 ----a-w- C:\Windows\System32\MSMPEG2ENC.DLL
2016-02-09 23:21:30 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2016-02-09 23:21:27 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2016-02-09 23:20:52 -------- d-----w- C:\ProgramData\Logs
2016-02-09 23:17:20 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Ubisoft
2016-02-09 23:04:32 -------- d---a-w- C:\Program Files (x86)\Anno 2070 Complete Edition
2016-02-09 23:03:00 47672 ----a-w- C:\Windows\System32\drivers\dtliteusbbus.sys
2016-02-09 23:02:33 30264 ----a-w- C:\Windows\System32\drivers\dtlitescsibus.sys
2016-02-09 23:02:32 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\DAEMON Tools Lite
2016-02-09 23:02:28 -------- d-----w- C:\Program Files\DAEMON Tools Lite
2016-02-09 23:01:35 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2016-02-09 23:00:02 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\PowerISO
2016-02-09 22:58:02 127760 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2016-02-09 22:58:02 -------- d---a-w- C:\Program Files\PowerISO
2016-02-09 20:36:28 -------- d-----w- C:\Program Files (x86)\DungeonNightmares_Win_v1-4
2016-02-09 20:35:51 -------- d-----w- C:\Program Files (x86)\Alien Shooter
2016-02-09 20:22:49 -------- d-----w- C:\Program Files (x86)\DirectX
2016-02-09 20:12:49 -------- d-----w- C:\Users\Korisnik\AppData\Local\speech
2016-02-09 20:05:42 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Steam
2016-02-09 19:25:52 -------- d-----w- C:\Program Files (x86)\ragdollmasters
2016-02-09 19:18:28 -------- d-----w- C:\Program Files (x86)\Depths of Peril
2016-02-09 18:27:00 -------- d-----w- C:\Users\Korisnik\Tracing
2016-02-09 18:02:56 -------- d-----w- C:\Users\Korisnik\AppData\Local\Nicke_Manarin
2016-02-09 17:14:06 -------- d-----w- C:\ProgramData\AsusMissionManagerIni
2016-02-09 16:12:34 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\FastStone
2016-02-09 16:11:28 -------- d-----w- C:\Program Files (x86)\FastStone Image Viewer
2016-02-09 16:06:39 -------- d---a-w- C:\Program Files (x86)\OpenOffice 4
2016-02-09 15:29:41 -------- d-----w- C:\Program Files (x86)\Skillbrains
2016-02-09 15:29:30 -------- d-----w- C:\Users\Korisnik\AppData\Local\Chris_Pietschmann_(http__
2016-02-09 15:15:00 -------- d-----w- C:\Users\Korisnik\AppData\Local\Macromedia
2016-02-09 15:11:29 -------- d-----w- C:\Users\Korisnik\AppData\Local\Adobe
2016-02-09 15:05:07 -------- d---a-w- C:\Program Files (x86)\Virtual Router
2016-02-09 15:04:38 -------- d-----r- C:\Program Files (x86)\Skype
2016-02-09 15:01:15 -------- d-----w- C:\Users\Korisnik\AppData\Local\FluxSoftware
2016-02-09 14:58:54 -------- d-----w- C:\Program Files (x86)\Eusing Cleaner
2016-02-09 14:54:23 -------- d---a-w- C:\Program Files\paint.net
2016-02-09 14:54:22 -------- d-----w- C:\Users\Korisnik\AppData\Local\paint.net
2016-02-09 14:49:35 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\uTorrent
2016-02-09 14:48:49 -------- d-----w- C:\Program Files (x86)\VideoLAN
2016-02-09 14:48:21 -------- d-----w- C:\Program Files\Blender Foundation
2016-02-09 14:44:09 -------- d---a-w- C:\Program Files\Defraggler
2016-02-09 14:15:06 -------- d-----w- C:\Tools
2016-02-09 14:05:12 -------- d-----w- C:\Program Files (x86)\CodeStuff
2016-02-09 10:51:58 -------- d-----w- C:\Users\Korisnik\.rainlendar2
2016-02-09 10:49:10 -------- d-----w- C:\Program Files\Rainlendar2
2016-02-09 10:48:53 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2016-02-09 10:48:53 -------- d-----w- C:\ItemTemplates
2016-02-09 10:48:53 -------- d-----w- C:\Extensions
2016-02-09 10:43:56 -------- d-----w- C:\Users\Korisnik\AppData\Local\Unity
2016-02-09 10:43:30 -------- d-----w- C:\Program Files (x86)\GtkSharp
2016-02-09 10:39:14 778936 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll
2016-02-09 10:39:14 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2016-02-09 10:39:14 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-02-09 10:38:57 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2016-02-09 10:38:57 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2016-02-09 10:38:57 1166520 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll
2016-02-09 10:37:22 -------- d-----w- C:\Users\Korisnik\Zapisi
2016-02-09 10:34:43 -------- d-----w- C:\Program Files\Unity
2016-02-09 10:25:18 16148 ----a-w- C:\Windows\System32\DESKTOP-FEMO8H9_Korisnik_HistoryPrediction.bin
2016-02-09 10:22:01 -------- d-----w- C:\Program Files\Dukto
2016-02-09 09:43:30 -------- d---a-w- C:\Program Files\Speccy
2016-02-09 09:23:19 -------- d-----w- C:\Users\Korisnik\AppData\Local\Comms
2016-02-09 09:17:33 1870848 ----a-w- C:\Windows\SysWow64\MLS2.dll
2016-02-09 09:17:32 7043584 ----a-w- C:\Windows\SysWow64\NlsLexicons081a.dll
2016-02-09 09:17:32 7043584 ----a-w- C:\Windows\System32\NlsLexicons081a.dll
2016-02-09 09:17:32 1909248 ----a-w- C:\Windows\System32\MLS2.dll
2016-02-09 09:17:32 173568 ----a-w- C:\Windows\System32\NlsData081a.dll
2016-02-09 09:17:32 130048 ----a-w- C:\Windows\SysWow64\NlsData081a.dll
2016-02-09 09:05:26 -------- d-----w- C:\Users\Korisnik\AppData\Local\Mozilla
2016-02-09 09:02:43 -------- d-----w- C:\ProgramData\ASUS Smart Gesture
2016-02-09 09:02:26 -------- d-----w- C:\Users\Korisnik\AppData\Local\Google
2016-02-09 09:02:16 144 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-08 20:50:14 -------- d-----w- C:\Windows\Panther
2016-02-08 12:45:11 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\AVAST Software
2016-02-08 12:44:44 74544 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2016-02-08 12:44:44 37656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2016-02-08 12:44:44 287016 ----a-w- C:\Windows\System32\drivers\aswvmm.sys
2016-02-08 12:44:44 165344 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2016-02-08 12:44:44 107792 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2016-02-08 12:44:44 1065720 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2016-02-08 12:44:44 103064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2016-02-08 12:44:25 52184 ----a-w- C:\Windows\avastSS.scr
2016-02-08 12:43:29 -------- d-----w- C:\Program Files\AVAST Software
2016-02-08 12:43:13 -------- d-----w- C:\ProgramData\AVAST Software
2016-02-08 12:39:13 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Foxit Software
2016-02-08 12:39:02 -------- d-----w- C:\Users\Korisnik\AppData\Roaming\Foxit AgentInformation
2016-02-08 12:38:38 -------- d-----w- C:\Program Files (x86)\Foxit Software
2016-02-08 12:35:18 -------- d-----w- C:\Program Files (x86)\ASUS
2016-02-08 12:35:14 -------- d---a-w- C:\ProgramData\SetupTPDriver
2016-02-08 12:35:10 56952 ----a-w- C:\Windows\System32\ASGCoInstaller_x64.dll
2016-02-08 12:34:14 -------- d---a-w- C:\Program Files (x86)\K-Lite Codec Pack
2016-02-08 12:33:46 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2016-02-08 12:33:39 -------- d-----w- C:\Users\Korisnik\AppData\Local\PeerDistRepub
2016-02-08 12:30:43 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-08 12:28:03 -------- d-----w- C:\Users\Korisnik\AppData\Local\MicrosoftEdge
2016-02-08 12:27:27 -------- d-sh--w- C:\Users\Korisnik\IntelGraphicsProfiles
2016-02-08 12:27:14 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-02-08 12:25:57 41464 ----a-w- C:\Windows\System32\drivers\MBI.sys
2016-02-08 12:25:49 51128 ----a-w- C:\Windows\System32\drivers\iaiogpioe.sys
2016-02-08 12:24:53 -------- d-----w- C:\Windows\SysWow64\sda
2016-02-08 12:24:51 9898752 ----a-w- C:\Windows\SysWow64\RsCRIcon.dll
2016-02-08 12:24:51 91904 ----a-w- C:\Windows\System32\RtCRX64.dll
2016-02-08 12:24:51 321792 ----a-w- C:\Windows\System32\drivers\RtsBaStor.sys
2016-02-08 12:23:43 4334232 ----a-w- C:\Windows\System32\drivers\athw10x.sys
2016-02-08 12:23:05 -------- d-----w- C:\Program Files\Realtek
2016-02-08 12:23:04 146232 ----a-w- C:\Windows\System32\drivers\TXEIx64.sys
2016-02-08 12:23:04 -------- d-----w- C:\Windows\SysWow64\RTCOM
2016-02-08 12:21:59 72704 ----a-w- C:\Windows\System32\OpenCL.DLL
2016-02-08 12:21:48 -------- d-----w- C:\Intel
2016-02-08 12:21:44 -------- d-----w- C:\Users\Korisnik\AppData\Local\NetworkTiles
2016-02-08 12:21:32 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2016-02-08 12:19:59 11905432 ----a-w- C:\Windows\SysWow64\igd10iumd32.dll
2016-02-08 12:19:58 8528896 ----a-w- C:\Windows\System32\ig7icd64.dll
2016-02-08 12:19:55 6513648 ----a-w- C:\Windows\SysWow64\ig7icd32.dll
2016-02-08 12:19:49 102912 ----a-w- C:\Windows\System32\IccLibDll_x64.dll
2016-02-08 12:19:48 4371888 ----a-w- C:\Windows\System32\Gfxv4_0.exe
2016-02-08 12:19:48 4369816 ----a-w- C:\Windows\System32\Gfxv2_0.exe
2016-02-08 12:19:47 970656 ----a-w- C:\Windows\System32\GfxUIEx.exe
2016-02-08 12:19:47 556960 ----a-w- C:\Windows\System32\DPTopologyApp.exe
2016-02-08 12:19:47 554928 ----a-w- C:\Windows\System32\DPTopologyAppv2_0.exe
2016-02-08 12:19:47 165808 ----a-w- C:\Windows\System32\difx64.exe
2016-02-08 12:19:46 410528 ----a-w- C:\Windows\System32\CustomModeAppv2_0.exe
2016-02-08 12:19:46 409520 ----a-w- C:\Windows\System32\CustomModeApp.exe
2016-02-08 12:18:06 27872 ----a-w- C:\Windows\System32\drivers\AsHIDSwitch64.sys
2016-02-08 12:08:56 4608 ----a-w- C:\Windows\SECOH-QAD.exe
2016-02-08 12:08:56 3584 ----a-w- C:\Windows\SECOH-QAD.dll
2016-02-08 12:08:24 -------- d-----w- C:\Users\Korisnik\AppData\Local\Programs
2016-02-08 12:05:06 -------- d-----r- C:\Users\Korisnik\OneDrive
2016-02-08 12:04:24 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2016-02-08 12:03:05 -------- d-----w- C:\Users\Korisnik\AppData\Local\Publishers
2016-02-08 12:02:55 -------- d-----w- C:\Windows\System32\wbem\Performance
2016-02-08 12:02:06 -------- d-----r- C:\Users\Korisnik\Searches
2016-02-08 12:02:06 -------- d-----r- C:\Users\Korisnik\Contacts
2016-02-08 12:02:04 -------- d-----w- C:\Users\Korisnik\AppData\Local\VirtualStore
2016-02-08 12:02:01 -------- d-----w- C:\Users\Korisnik\AppData\Local\Packages
2016-02-08 11:58:36 -------- d-sh--w- C:\Recovery
2016-02-08 11:53:56 2718208 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
.
==================== Find3M ====================
.
2016-02-15 22:23:42 21184 ----a-w- C:\Windows\SysWow64\drivers\X6va062_2016.02.15.22.27.52
2016-02-08 12:22:48 1383760 ----a-w- C:\Windows\System32\tosade.dll
2016-02-08 12:20:18 618992 ----a-w- C:\Windows\System32\MetroIntelGenericUIFramework.dll
2016-02-08 12:01:54 16148 ----a-w- C:\Windows\System32\DESKTOP-FEMO8H9_defaultuser0_HistoryPrediction.bin
2016-02-02 22:47:29 828920 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-02-02 22:47:29 176632 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-01-31 06:25:57 1248896 ----a-w- C:\Windows\System32\WinTypes.dll
2016-01-31 06:25:52 1951872 ----a-w- C:\Windows\System32\KernelBase.dll
2016-01-31 06:24:08 1824880 ----a-w- C:\Windows\System32\ntdll.dll
2016-01-31 06:23:57 2601160 ----a-w- C:\Windows\System32\combase.dll
2016-01-31 06:23:50 1420392 ----a-w- C:\Windows\System32\msctf.dll
2016-01-31 06:06:45 809336 ----a-w- C:\Windows\SysWow64\WinTypes.dll
2016-01-31 06:06:37 1535032 ----a-w- C:\Windows\SysWow64\ntdll.dll
2016-01-31 06:06:37 1531368 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-01-31 06:04:30 1180696 ----a-w- C:\Windows\SysWow64\msctf.dll
2016-01-31 06:04:27 1811360 ----a-w- C:\Windows\SysWow64\combase.dll
2016-01-31 05:38:07 21873152 ----a-w- C:\Windows\System32\edgehtml.dll
2016-01-31 05:34:34 88064 ----a-w- C:\Windows\System32\ngckeyenum.dll
2016-01-31 05:33:38 57856 ----a-w- C:\Windows\System32\IoTAssignedAccessLockFramework.dll
2016-01-31 05:29:56 141312 ----a-w- C:\Windows\System32\rasman.dll
2016-01-31 05:29:36 11557888 ----a-w- C:\Windows\System32\twinui.dll
2016-01-31 05:26:49 3793408 ----a-w- C:\Windows\System32\rdpcorets.dll
2016-01-31 05:26:38 6787072 ----a-w- C:\Windows\System32\Windows.Data.Pdf.dll
2016-01-31 05:25:35 143872 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2016-01-31 05:25:13 366592 ----a-w- C:\Windows\System32\wuuhext.dll
2016-01-31 05:23:37 79360 ----a-w- C:\Windows\System32\rdpudd.dll
2016-01-31 05:20:04 2849792 ----a-w- C:\Windows\System32\wininet.dll
2016-01-31 05:19:51 237056 ----a-w- C:\Windows\System32\NetworkDesktopSettings.dll
2016-01-31 05:19:47 46592 ----a-w- C:\Windows\SysWow64\IoTAssignedAccessLockFramework.dll
2016-01-31 05:19:04 67072 ----a-w- C:\Windows\System32\drivers\usbser.sys
2016-01-31 05:18:41 771072 ----a-w- C:\Windows\System32\Chakradiag.dll
2016-01-31 05:18:35 147456 ----a-w- C:\Windows\System32\mtxoci.dll
2016-01-31 05:17:47 109056 ----a-w- C:\Windows\System32\hlink.dll
2016-01-31 05:16:37 950272 ----a-w- C:\Windows\System32\kerberos.dll
2016-01-31 05:16:36 9889280 ----a-w- C:\Windows\SysWow64\twinui.dll
2016-01-31 05:14:37 7525376 ----a-w- C:\Windows\System32\Chakra.dll
2016-01-31 05:14:19 3588096 ----a-w- C:\Windows\System32\win32kfull.sys
2016-01-31 05:13:54 4791808 ----a-w- C:\Windows\System32\jscript9.dll
2016-01-31 05:13:17 34816 ----a-w- C:\Windows\System32\ztrace_maps.dll
2016-01-31 05:13:02 123392 ----a-w- C:\Windows\SysWow64\rasman.dll
2016-01-31 05:11:48 5156352 ----a-w- C:\Windows\SysWow64\Windows.Data.Pdf.dll
2016-01-31 05:11:25 162304 ----a-w- C:\Windows\SysWow64\msorcl32.dll
2016-01-31 05:11:14 291840 ----a-w- C:\Windows\System32\microsoft-windows-system-events.dll
2016-01-31 05:07:17 18802176 ----a-w- C:\Windows\SysWow64\edgehtml.dll
2016-01-31 05:06:11 2316800 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-01-31 05:05:11 118272 ----a-w- C:\Windows\SysWow64\mtxoci.dll
2016-01-31 05:05:07 574464 ----a-w- C:\Windows\SysWow64\Chakradiag.dll
2016-01-31 05:04:50 100352 ----a-w- C:\Windows\SysWow64\hlink.dll
2016-01-31 05:02:29 768000 ----a-w- C:\Windows\SysWow64\kerberos.dll
2016-01-31 05:02:09 3580416 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-01-31 04:59:40 5457408 ----a-w- C:\Windows\SysWow64\Chakra.dll
2016-01-31 04:58:44 29696 ----a-w- C:\Windows\SysWow64\ztrace_maps.dll
2016-01-19 18:49:44 452040 ------w- C:\Windows\System32\drivers\Trufos.sys
2016-01-05 03:07:02 377592 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2016-01-05 03:07:00 2463704 ----a-w- C:\Windows\System32\mfcore.dll
2016-01-05 03:06:57 8022368 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-01-05 03:06:56 1270104 ----a-w- C:\Windows\System32\mfnetsrc.dll
2016-01-05 03:06:56 119800 ----a-w- C:\Windows\System32\MP3DMOD.DLL
2016-01-05 03:06:55 1063504 ----a-w- C:\Windows\System32\msmpeg2adec.dll
2016-01-05 03:06:43 1991120 ----a-w- C:\Windows\System32\WMVENCOD.DLL
2016-01-05 02:59:40 781976 ----a-w- C:\Windows\System32\mfds.dll
2016-01-05 02:52:47 441696 ----a-w- C:\Windows\System32\devinv.dll
2016-01-05 02:50:47 723648 ----a-w- C:\Windows\System32\generaltel.dll
2016-01-05 02:50:31 205072 ----a-w- C:\Windows\System32\COLORCNV.DLL
2016-01-05 02:50:31 1083072 ----a-w- C:\Windows\System32\appraiser.dll
2016-01-05 02:50:29 345080 ----a-w- C:\Windows\System32\WMVSDECD.DLL
2016-01-05 02:50:27 251544 ----a-w- C:\Windows\System32\MP43DECD.DLL
2016-01-05 02:50:27 1817064 ----a-w- C:\Windows\System32\WMALFXGFXDSP.dll
2016-01-05 02:31:19 1365576 ----a-w- C:\Windows\SysWow64\gdi32.dll
2016-01-05 02:30:46 882208 ----a-w- C:\Windows\SysWow64\msmpeg2adec.dll
2016-01-05 02:30:28 2152744 ----a-w- C:\Windows\SysWow64\mfcore.dll
2016-01-05 02:30:27 368776 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2016-01-05 02:30:23 1106872 ----a-w- C:\Windows\SysWow64\mfnetsrc.dll
2016-01-05 02:30:21 100712 ----a-w- C:\Windows\SysWow64\MP3DMOD.DLL
2016-01-05 02:30:19 2162064 ----a-w- C:\Windows\SysWow64\WMVENCOD.DLL
2016-01-05 02:30:14 2459096 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2016-01-05 02:30:06 232896 ----a-w- C:\Windows\SysWow64\RESAMPLEDMO.DLL
2016-01-05 02:29:53 208688 ----a-w- C:\Windows\SysWow64\mftranscode.dll
2016-01-05 02:28:56 635312 ----a-w- C:\Windows\SysWow64\evr.dll
2016-01-05 02:28:45 72808 ----a-w- C:\Windows\SysWow64\mfvdsp.dll
2016-01-05 02:28:31 645144 ----a-w- C:\Windows\SysWow64\mfsvr.dll
2016-01-05 02:28:19 277400 ----a-w- C:\Windows\SysWow64\MPG4DECD.DLL
2016-01-05 02:28:19 2445128 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2016-01-05 02:28:17 107952 ----a-w- C:\Windows\SysWow64\VIDRESZR.DLL
2016-01-05 02:28:13 696192 ----a-w- C:\Windows\SysWow64\WMADMOE.DLL
2016-01-05 02:28:13 695752 ----a-w- C:\Windows\SysWow64\WMADMOD.DLL
2016-01-05 02:28:07 82096 ----a-w- C:\Windows\SysWow64\devenum.dll
2016-01-05 02:28:07 714808 ----a-w- C:\Windows\SysWow64\mfnetcore.dll
2016-01-05 02:28:02 497896 ----a-w- C:\Windows\SysWow64\advapi32.dll
2016-01-05 02:28:01 116728 ----a-w- C:\Windows\SysWow64\mfps.dll
2016-01-05 02:21:40 658528 ----a-w- C:\Windows\SysWow64\mfds.dll
2016-01-05 02:15:34 235008 ----a-w- C:\Windows\System32\UserMgrProxy.dll
2016-01-05 02:15:04 42496 ----a-w- C:\Windows\System32\usermgrcli.dll
2016-01-05 02:10:49 539136 ----a-w- C:\Windows\System32\mfh264enc.dll
2016-01-05 02:10:26 305776 ----a-w- C:\Windows\SysWow64\WMVSDECD.DLL
2016-01-05 02:10:25 278424 ----a-w- C:\Windows\SysWow64\MP43DECD.DLL
2016-01-05 02:10:25 188032 ----a-w- C:\Windows\SysWow64\COLORCNV.DLL
2016-01-05 02:09:22 205312 ----a-w- C:\Windows\System32\aepic.dll
2016-01-05 02:09:22 1234944 ----a-w- C:\Windows\System32\aitstatic.exe
2016-01-05 02:02:46 1672192 ----a-w- C:\Windows\System32\quartz.dll
.
============= FINISH: 12:49:06,41 ===============
 

Attachments

1 - 2 of 2 Posts
Status
Not open for further replies.
Top