API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 7th, 2015
350
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 68.73 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 2015-01-07 20:38:46 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\OEM\Downloads
  3. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.9600.17239)
  5. Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
  6.  
  7. 7,98 Gb Total Physical Memory | 4,62 Gb Available Physical Memory | 57,90% Memory free
  8. 15,96 Gb Paging File | 12,00 Gb Available in Paging File | 75,17% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 117,09 Gb Total Space | 8,41 Gb Free Space | 7,18% Space Free | Partition Type: NTFS
  13. Drive D: | 408,07 Gb Total Space | 293,70 Gb Free Space | 71,97% Space Free | Partition Type: NTFS
  14. Drive E: | 406,25 Gb Total Space | 249,66 Gb Free Space | 61,45% Space Free | Partition Type: NTFS
  15.  
  16. Computer Name: KOMP-SEBSKA | User Name: OEM | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
  18. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2015-01-07 20:34:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\OEM\Downloads\OTL.exe
  23. PRC - [2014-12-12 14:59:02 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Avast\avastui.exe
  24. PRC - [2014-11-18 21:23:36 | 001,519,808 | ---- | M] (Valve Corporation) -- E:\Steam\bin\steamwebhelper.exe
  25. PRC - [2014-11-18 21:23:34 | 001,940,160 | ---- | M] (Valve Corporation) -- E:\Steam\Steam.exe
  26. PRC - [2014-11-17 13:11:03 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Avast\AvastSvc.exe
  27. PRC - [2014-11-13 14:09:53 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
  28. PRC - [2014-11-13 13:55:36 | 000,204,904 | ---- | M] (AVAST Software) -- C:\Avast\setup\instup.exe
  29. PRC - [2014-10-17 18:43:23 | 001,514,040 | ---- | M] (Spotify Ltd) -- C:\Users\OEM\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
  30. PRC - [2014-09-12 19:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  31. PRC - [2014-02-25 18:38:48 | 000,105,448 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
  32. PRC - [2013-02-25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
  33. PRC - [2013-01-18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  34. PRC - [2007-12-13 18:10:56 | 001,688,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
  35.  
  36.  
  37. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  38.  
  39. MOD - [2014-12-06 02:50:51 | 014,913,352 | ---- | M] () -- C:\Users\OEM\AppData\Local\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
  40. MOD - [2014-12-06 02:50:50 | 009,009,480 | ---- | M] () -- C:\Users\OEM\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
  41. MOD - [2014-12-06 02:50:46 | 001,077,064 | ---- | M] () -- C:\Users\OEM\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
  42. MOD - [2014-12-06 02:50:45 | 000,211,272 | ---- | M] () -- C:\Users\OEM\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
  43. MOD - [2014-12-06 02:50:44 | 001,677,128 | ---- | M] () -- C:\Users\OEM\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
  44. MOD - [2014-11-18 21:23:50 | 002,227,904 | ---- | M] () -- E:\Steam\video.dll
  45. MOD - [2014-11-18 21:23:34 | 000,690,880 | ---- | M] () -- E:\Steam\bin\chromehtml.dll
  46. MOD - [2014-11-17 13:11:06 | 038,562,088 | ---- | M] () -- C:\Avast\libcef.dll
  47. MOD - [2014-11-11 19:48:12 | 001,171,456 | ---- | M] () -- E:\Steam\libavcodec-56.dll
  48. MOD - [2014-11-11 19:48:12 | 000,485,888 | ---- | M] () -- E:\Steam\libswscale-3.dll
  49. MOD - [2014-11-11 19:48:12 | 000,442,368 | ---- | M] () -- E:\Steam\libavutil-54.dll
  50. MOD - [2014-11-11 19:48:12 | 000,403,968 | ---- | M] () -- E:\Steam\libavformat-56.dll
  51. MOD - [2014-11-11 19:48:12 | 000,332,800 | ---- | M] () -- E:\Steam\libavresample-2.dll
  52. MOD - [2014-11-11 19:48:04 | 034,589,888 | ---- | M] () -- E:\Steam\bin\libcef.dll
  53. MOD - [2014-11-11 19:47:56 | 000,774,656 | ---- | M] () -- E:\Steam\SDL2.dll
  54. MOD - [2014-01-03 19:03:40 | 001,425,920 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
  55. MOD - [2014-01-03 19:03:40 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
  56. MOD - [2014-01-03 19:03:40 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
  57. MOD - [2014-01-03 19:03:18 | 007,816,192 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
  58. MOD - [2014-01-03 19:03:18 | 000,336,896 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
  59.  
  60.  
  61. [color=#E56717]========== Services (SafeList) ==========[/color]
  62.  
  63. SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService)
  64. SRV:[b]64bit:[/b] - [2014-07-25 14:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
  65. SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  66. SRV:[b]64bit:[/b] - [2010-11-20 14:24:33 | 000,345,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\cmd.exe -- (PowerMon)
  67. SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  68. SRV:[b]64bit:[/b] - [2009-07-14 02:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\rundll32.exe -- (8ffb8f2d)
  69. SRV - [2014-12-13 17:01:28 | 002,530,640 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
  70. SRV - [2014-12-12 14:57:54 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  71. SRV - [2014-12-11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  72. SRV - [2014-12-02 20:13:02 | 000,417,552 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
  73. SRV - [2014-11-18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  74. SRV - [2014-11-17 13:11:03 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Avast\AvastSvc.exe -- (avast! Antivirus)
  75. SRV - [2014-09-12 19:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
  76. SRV - [2014-08-22 14:04:06 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- E:\Smite\HiPatchService.exe -- (HiPatchService)
  77. SRV - [2014-05-16 14:12:48 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
  78. SRV - [2014-04-11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  79. SRV - [2014-03-20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  80. SRV - [2014-02-25 18:38:48 | 000,105,448 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService)
  81. SRV - [2014-01-26 23:11:38 | 000,034,608 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\爱应用PC版\wp8svc.exe [WARNING: C:\Program Files (x86)\???PC?\wp8svc.exe] -- (XapcnPhoneService)
  82. SRV - [2013-02-25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
  83. SRV - [2013-01-18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
  84. SRV - [2010-11-20 13:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWow64\cmd.exe -- (PowerMon)
  85. SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
  86. SRV - [2002-12-17 16:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
  87. SRV - [2002-12-17 16:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
  88.  
  89.  
  90. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  91.  
  92. DRV:[b]64bit:[/b] - [2014-11-23 12:25:34 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
  93. DRV:[b]64bit:[/b] - [2014-11-17 13:11:09 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
  94. DRV:[b]64bit:[/b] - [2014-11-17 13:11:09 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
  95. DRV:[b]64bit:[/b] - [2014-11-17 13:11:09 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
  96. DRV:[b]64bit:[/b] - [2014-11-17 13:11:09 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswmonflt.sys -- (aswMonFlt)
  97. DRV:[b]64bit:[/b] - [2014-11-17 13:11:09 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
  98. DRV:[b]64bit:[/b] - [2014-11-17 13:11:09 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
  99. DRV:[b]64bit:[/b] - [2014-11-17 13:11:08 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
  100. DRV:[b]64bit:[/b] - [2014-06-09 17:49:38 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
  101. DRV:[b]64bit:[/b] - [2014-02-18 15:26:42 | 000,036,024 | ---- | M] (Colasoft Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSN5PDCapsax64.sys -- (CSN5PDCapsax64)
  102. DRV:[b]64bit:[/b] - [2013-05-07 09:07:11 | 000,125,392 | ---- | M] (Yune Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MsgPlusDriver.sys -- (MsgPlusDriver)
  103. DRV:[b]64bit:[/b] - [2012-10-24 13:49:46 | 000,034,840 | ---- | M] (Colasoft Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSN5PDTS82x64.sys -- (CSN5PDTS82x64)
  104. DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  105. DRV:[b]64bit:[/b] - [2012-01-28 12:18:00 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
  106. DRV:[b]64bit:[/b] - [2011-11-03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
  107. DRV:[b]64bit:[/b] - [2011-07-08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
  108. DRV:[b]64bit:[/b] - [2011-06-10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  109. DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  110. DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  111. DRV:[b]64bit:[/b] - [2011-03-02 17:17:20 | 000,013,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
  112. DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  113. DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  114. DRV:[b]64bit:[/b] - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  115. DRV:[b]64bit:[/b] - [2010-05-20 08:30:58 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
  116. DRV:[b]64bit:[/b] - [2010-01-21 01:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
  117. DRV:[b]64bit:[/b] - [2010-01-21 01:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
  118. DRV:[b]64bit:[/b] - [2010-01-21 01:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
  119. DRV:[b]64bit:[/b] - [2009-11-18 18:36:02 | 000,039,240 | ---- | M] (Eagletron Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\dvdriver.sys -- (DVDRIVER)
  120. DRV:[b]64bit:[/b] - [2009-09-29 07:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort)
  121. DRV:[b]64bit:[/b] - [2009-09-29 07:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM)
  122. DRV:[b]64bit:[/b] - [2009-09-29 07:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum)
  123. DRV:[b]64bit:[/b] - [2009-08-21 09:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
  124. DRV:[b]64bit:[/b] - [2009-07-17 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
  125. DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  126. DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  127. DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  128. DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  129. DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  130. DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  131. DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  132. DRV:[b]64bit:[/b] - [2009-04-29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
  133. DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
  134. DRV:[b]64bit:[/b] - [2008-12-26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
  135. DRV:[b]64bit:[/b] - [2008-08-08 15:31:26 | 000,062,960 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\h648103.sys -- (h648103)
  136. DRV:[b]64bit:[/b] - [2008-08-08 15:31:22 | 000,065,776 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\h648101.sys -- (h648101)
  137. DRV:[b]64bit:[/b] - [2008-08-08 15:31:20 | 000,063,856 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\h647906.sys -- (h647906)
  138. DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
  139. DRV - [2014-10-15 17:49:59 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
  140. DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  141. DRV - [2008-08-08 15:31:18 | 000,043,192 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\hid8101.sys -- (hid8101)
  142. DRV - [2008-08-08 15:31:18 | 000,040,856 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\hid8103.sys -- (hid8103)
  143. DRV - [2008-08-08 15:31:16 | 000,041,272 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\hid7906.sys -- (hid7906)
  144. DRV - [2007-10-25 17:31:28 | 000,617,088 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PFC027.sys -- (PAC207)
  145.  
  146.  
  147. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  148.  
  149.  
  150. [color=#E56717]========== Internet Explorer ==========[/color]
  151.  
  152. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
  153. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
  154. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
  155. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  156. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  157. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  158. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
  159. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
  160. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  161. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
  162. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  163. IE - HKLM\..\URLSearchHook: {79b8e308-95a2-4044-932d-80e833a863cc} - No CLSID value found
  164. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  165. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  166.  
  167.  
  168. IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  169. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  170.  
  171. IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  172. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  173.  
  174. IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  175. IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  176.  
  177. IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  178.  
  179. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
  180. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
  181. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
  182. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
  183. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  184. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
  185. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
  186. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  187. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  188. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  189. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
  190.  
  191. IE - HKU\S-1-5-21-1594613888-1835592070-1742538978-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  192.  
  193. [color=#E56717]========== FireFox ==========[/color]
  194.  
  195. FF - prefs.js..browser.search.defaultthis.engineName: ""
  196. FF - prefs.js..extensions.enabledAddons: faststartff%40gmail.com:4.3.0
  197. FF - prefs.js..extensions.enabledAddons: %7Bbadea1ae-72ed-4f6a-8c37-4db9a4ac7bc9%7D:1.0
  198. FF - prefs.js..extensions.enabledAddons: %7B2d7886a0-85bb-4bf2-b684-ba92b4b21d23%7D:3.0
  199. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
  200. FF - user.js - File not found
  201.  
  202. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll File not found
  203. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  204. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  205. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  206. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  207. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
  208. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll File not found
  209. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
  210. FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
  211. FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
  212. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
  213. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found
  214. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
  215. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll File not found
  216. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll File not found
  217. FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
  218. FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
  219. FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
  220. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  221. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  222. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  223. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  224. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  225. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  226. FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
  227. FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
  228. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  229. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  230. FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
  231. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  232. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  233. FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
  234. FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll File not found
  235. FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Users\OEM\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
  236. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\OEM\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  237. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\OEM\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  238. FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\OEM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  239. FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
  240.  
  241. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
  242. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Avast\WebRep\FF [2014-12-04 15:29:27 | 000,000,000 | ---D | M]
  243. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  244. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  245. FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
  246.  
  247. [2012-04-29 08:08:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Extensions
  248. [2015-01-03 00:32:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\extensions
  249. [2015-01-02 18:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
  250. [2012-09-06 13:57:54 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
  251. [2014-08-29 09:27:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\extensions\searchplugins
  252. [2015-01-02 18:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions
  253. [2013-08-30 19:28:23 | 000,000,000 | ---D | M] (Address Bar Search) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
  254. [2014-09-07 16:22:30 | 000,000,000 | ---D | M] ("TheTorntv V10") -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com
  255. [2014-09-07 16:30:49 | 000,000,000 | ---D | M] ("Total-1.8") -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\randlphtim@hotmail.com
  256. [2014-02-21 17:53:25 | 000,000,000 | ---D | M] (SearchNewTab) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\rrtayi@suhyai.edu
  257. [2014-09-07 16:22:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com\extensionData
  258. [2014-09-07 16:24:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com\extensionData\plugins
  259. [2014-09-07 16:22:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com\extensionData\userCode
  260. [2014-09-07 16:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\randlphtim@hotmail.com\extensionData
  261. [2014-09-07 17:19:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\randlphtim@hotmail.com\extensionData\plugins
  262. [2014-09-07 16:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\Firefox\Profiles\ksvriy42.default\extensions\randlphtim@hotmail.com\extensionData\userCode
  263. [2015-01-02 13:29:16 | 000,007,330 | ---- | M] () (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\firefox\profiles\extensions\extensions\{7b7db604-54eb-492b-a629-19e0f0c6ac57}.xpi
  264. [2015-01-02 13:29:16 | 000,007,330 | ---- | M] () (No name found) -- C:\Users\OEM\AppData\Roaming\mozilla\firefox\profiles\ksvriy42.default\extensions\{7b7db604-54eb-492b-a629-19e0f0c6ac57}.xpi
  265.  
  266. [color=#E56717]========== Chrome ==========[/color]
  267.  
  268. CHR - default_search_provider: (Enabled)
  269. CHR - default_search_provider: search_url =
  270. CHR - default_search_provider: suggest_url =
  271. CHR - plugin: Error reading preferences file
  272. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgakcphlmhcjokgoiofdmgdcnbjnllcb\1_0\
  273. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.8_0\
  274. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.9_0\
  275. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
  276. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
  277. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn\2.0_0\
  278. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\5.18.17_0\
  279. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.4.1_0\
  280. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
  281. CHR - Extension: No name found = C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc\5.0.7_0\
  282.  
  283. O1 HOSTS File: ([2014-04-09 15:26:58 | 000,000,760 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  284. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
  285. O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Avast\aswWebRepIE64.dll (AVAST Software)
  286. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  287. O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx File not found
  288. O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll File not found
  289. O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Gry\GTA SA\Patch'e do mojego filmu\BitComet\tools\BitCometBHO_1.5.4.11.dll File not found
  290. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll File not found
  291. O2 - BHO: (no name) - {79b8e308-95a2-4044-932d-80e833a863cc} - No CLSID value found.
  292. O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Avast\aswWebRepIE.dll (AVAST Software)
  293. O2 - BHO: (Pomocnik logowania za pomocą identyfikatora Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found
  294. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found
  295. O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
  296. O4:[b]64bit:[/b] - HKLM..\Run: [ctfmon] cftmon File not found
  297. O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe File not found
  298. O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
  299. O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
  300. O4 - HKLM..\Run: [] File not found
  301. O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
  302. O4 - HKLM..\Run: [AdobeCEPServiceManager] C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe (Adobe Systems Incorporated)
  303. O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
  304. O4 - HKLM..\Run: [AvastUI.exe] C:\Avast\AvastUI.exe (AVAST Software)
  305. O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
  306. O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
  307. O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
  308. O4 - HKLM..\Run: [USB Gamepad] C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot File not found
  309. O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  310. O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  311. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [AdobeBridge] File not found
  312. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [Akamai NetSession Interface] "C:\Users\OEM\AppData\Local\Akamai\netsession_win.exe" File not found
  313. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [BitTorrent] C:\Users\OEM\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
  314. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
  315. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
  316. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [Mkwowa] C:\Users\OEM\AppData\Roaming\Mkwowa.exe File not found
  317. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [screenSHU] C:\Program Files (x86)\screenSHU\screenSHU.exe ()
  318. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
  319. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000..\Run: [Spotify Web Helper] C:\Users\OEM\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
  320. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1007..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  321. O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  322. O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  323. O4 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  324. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  325. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  326. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  327. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  328. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  329. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  330. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
  331. O7 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  332. O8:[b]64bit:[/b] - Extra context menu item: &D&ownload &with BitComet - res://D:\Gry\GTA SA\Patch'e do mojego filmu\BitComet\BitComet.exe/AddLink.htm File not found
  333. O8:[b]64bit:[/b] - Extra context menu item: &D&ownload all with BitComet - res://D:\Gry\GTA SA\Patch'e do mojego filmu\BitComet\BitComet.exe/AddAllLink.htm File not found
  334. O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Gry\GTA SA\Patch'e do mojego filmu\BitComet\BitComet.exe/AddLink.htm File not found
  335. O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Gry\GTA SA\Patch'e do mojego filmu\BitComet\BitComet.exe/AddAllLink.htm File not found
  336. O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Gry\GTA SA\Patch'e do mojego filmu\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 File not found
  337. O13[b]64bit:[/b] - gopher Prefix: missing
  338. O13 - gopher Prefix: missing
  339. O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
  340. O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
  341. O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
  342. O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
  343. O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
  344. O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
  345. O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
  346. O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
  347. O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
  348. O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
  349. O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
  350. O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
  351. O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
  352. O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
  353. O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
  354. O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
  355. O15 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
  356. O15 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
  357. O15 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
  358. O15 - HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
  359. O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.72.2)
  360. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
  361. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.72.2)
  362. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.71.2)
  363. O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
  364. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.71.2)
  365. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E63BBCFF-C722-4ECB-AB73-D2A868077A0A}: DhcpNameServer = 192.168.0.1
  366. O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
  367. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  368. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  369. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  370. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  371. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - File not found
  372. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  373. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  374. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  375. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  376. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  377. O32 - HKLM CDRom: AutoRun - 1
  378. O32 - AutoRun File - [2013-08-05 20:38:51 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  379. O33 - MountPoints2\{3db98ed7-ad3b-11e1-9e2b-5404a68493e4}\Shell - "" = AutoRun
  380. O33 - MountPoints2\{3db98ed7-ad3b-11e1-9e2b-5404a68493e4}\Shell\AutoRun\command - "" = I:\LGAutoRun.exe
  381. O34 - HKLM BootExecute: (autocheck autochk *)
  382. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  383. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  384. O35 - HKLM\..comfile [open] -- "%1" %*
  385. O35 - HKLM\..exefile [open] -- "%1" %*
  386. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  387. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  388. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  389. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  390. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  391. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  392. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  393.  
  394. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  395.  
  396. [2014-12-30 18:33:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
  397. [2014-12-29 14:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp
  398. [2014-12-29 13:59:56 | 000,000,000 | ---D | C] -- C:\Program Files\dBpoweramp
  399. [2014-12-22 20:46:37 | 000,319,912 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
  400. [2014-12-22 20:46:24 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
  401. [2014-12-22 20:46:24 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
  402. [2014-12-22 20:46:24 | 000,111,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
  403. [2014-12-22 20:09:48 | 000,000,000 | ---D | C] -- C:\Users\OEM\Desktop\Servers
  404. [2014-12-22 20:09:48 | 000,000,000 | ---D | C] -- C:\Users\OEM\Desktop\FailedDownloads
  405. [2014-12-22 20:09:48 | 000,000,000 | ---D | C] -- C:\Users\OEM\Desktop\Downloads
  406. [2014-12-22 20:09:48 | 000,000,000 | ---D | C] -- C:\Users\OEM\Desktop\Configs
  407. [2014-12-18 21:28:33 | 000,000,000 | ---D | C] -- C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
  408. [2014-12-18 21:28:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Drakensang Online
  409. [2014-12-18 17:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu
  410. [2014-12-18 17:29:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Metin2 Ravia.eu
  411. [2014-12-17 17:24:32 | 000,000,000 | ---D | C] -- C:\Users\OEM\Documents\Temp
  412. [2014-12-17 17:24:32 | 000,000,000 | ---D | C] -- C:\Users\OEM\AppData\Roaming\AnvSoft
  413. [2014-12-17 17:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
  414. [2014-12-15 13:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
  415. [2014-12-15 13:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
  416. [2012-12-28 10:03:06 | 000,005,120 | ---- | C] (myN) -- C:\Users\OEM\AppData\Roaming\patcher02.patUpdater.exe
  417. [2006-11-20 08:01:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\AMCap.exe
  418. [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  419. [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
  420.  
  421. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  422.  
  423. [2015-01-07 20:16:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  424. [2015-01-07 20:09:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  425. [2015-01-07 20:06:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1594613888-1835592070-1742538978-1000UA.job
  426. [2015-01-07 19:06:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1594613888-1835592070-1742538978-1000Core.job
  427. [2015-01-07 17:30:00 | 000,001,324 | ---- | M] () -- C:\Windows\tasks\VIL.job
  428. [2015-01-07 17:29:00 | 000,001,326 | ---- | M] () -- C:\Windows\tasks\KXUR.job
  429. [2015-01-07 17:26:53 | 005,138,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  430. [2015-01-07 17:23:51 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
  431. [2015-01-07 17:23:31 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  432. [2015-01-07 17:23:00 | 000,001,330 | ---- | M] () -- C:\Windows\tasks\YNYESL.job
  433. [2015-01-07 17:22:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  434. [2015-01-07 17:21:19 | 2133,417,983 | -HS- | M] () -- C:\hiberfil.sys
  435. [2015-01-07 17:16:48 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  436. [2015-01-07 17:16:48 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  437. [2015-01-07 17:13:41 | 001,763,844 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  438. [2015-01-07 17:13:41 | 000,772,066 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
  439. [2015-01-07 17:13:41 | 000,684,668 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  440. [2015-01-07 17:13:41 | 000,171,280 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
  441. [2015-01-07 17:13:41 | 000,135,488 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  442. [2015-01-02 14:44:30 | 000,000,572 | ---- | M] () -- C:\Users\OEM\Desktop\osu!.lnk
  443. [2014-12-30 18:33:20 | 000,000,509 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
  444. [2014-12-29 14:07:04 | 000,000,863 | ---- | M] () -- C:\Users\OEM\Desktop\dBpoweramp Batch Converter.lnk
  445. [2014-12-29 14:07:04 | 000,000,858 | ---- | M] () -- C:\Users\OEM\Desktop\dBpoweramp Music Converter.lnk
  446. [2014-12-29 14:07:04 | 000,000,816 | ---- | M] () -- C:\Users\OEM\Desktop\dBpoweramp CD Ripper.lnk
  447. [2014-12-29 14:00:05 | 000,014,618 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
  448. [2014-12-29 14:00:01 | 005,530,560 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall.exe
  449. [2014-12-29 14:00:00 | 000,015,849 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp.dat
  450. [2014-12-24 12:16:58 | 000,000,068 | ---- | M] () -- C:\Users\OEM\.atl.properties
  451. [2014-12-22 20:46:14 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
  452. [2014-12-22 20:46:12 | 000,319,912 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
  453. [2014-12-22 20:46:12 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
  454. [2014-12-22 20:46:12 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
  455. [2014-12-22 20:07:46 | 001,578,300 | ---- | M] () -- C:\Users\OEM\Desktop\ATLauncher.exe
  456. [2014-12-18 21:28:33 | 000,001,972 | ---- | M] () -- C:\Users\OEM\Desktop\Drakensang Online.lnk
  457. [2014-12-18 17:29:30 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\Metin2 Ravia.eu - Uruchom.lnk
  458. [2014-12-17 17:24:04 | 000,000,608 | ---- | M] () -- C:\Users\OEM\Desktop\Any Audio Converter.lnk
  459. [2014-12-12 14:57:54 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  460. [2014-12-12 14:57:54 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  461. [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  462. [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
  463.  
  464. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  465.  
  466. [2015-01-02 14:44:30 | 000,000,572 | ---- | C] () -- C:\Users\OEM\Desktop\osu!.lnk
  467. [2015-01-02 14:44:30 | 000,000,572 | ---- | C] () -- C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
  468. [2014-12-30 18:33:20 | 000,000,509 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
  469. [2014-12-29 14:07:04 | 000,000,863 | ---- | C] () -- C:\Users\OEM\Desktop\dBpoweramp Batch Converter.lnk
  470. [2014-12-29 14:07:04 | 000,000,858 | ---- | C] () -- C:\Users\OEM\Desktop\dBpoweramp Music Converter.lnk
  471. [2014-12-29 14:07:04 | 000,000,816 | ---- | C] () -- C:\Users\OEM\Desktop\dBpoweramp CD Ripper.lnk
  472. [2014-12-29 14:00:05 | 000,014,618 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
  473. [2014-12-29 14:00:00 | 000,015,849 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp.dat
  474. [2014-12-22 20:10:54 | 000,000,068 | ---- | C] () -- C:\Users\OEM\.atl.properties
  475. [2014-12-22 20:07:40 | 001,578,300 | ---- | C] () -- C:\Users\OEM\Desktop\ATLauncher.exe
  476. [2014-12-18 21:28:33 | 000,001,972 | ---- | C] () -- C:\Users\OEM\Desktop\Drakensang Online.lnk
  477. [2014-12-18 17:29:30 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\Metin2 Ravia.eu - Uruchom.lnk
  478. [2014-12-17 17:24:04 | 000,000,608 | ---- | C] () -- C:\Users\OEM\Desktop\Any Audio Converter.lnk
  479. [2014-10-28 19:37:21 | 000,000,017 | ---- | C] () -- C:\Users\OEM\AppData\Local\resmon.resmoncfg
  480. [2014-10-11 15:57:16 | 000,000,132 | ---- | C] () -- C:\Users\OEM\AppData\Roaming\Adobe PNG Format CC Prefs
  481. [2014-09-06 20:20:14 | 000,074,240 | ---- | C] () -- C:\Windows\trackerpod_server.exe
  482. [2014-09-01 09:18:44 | 000,002,086 | ---- | C] () -- C:\Users\OEM\AppData\Roaming\YNYESL
  483. [2014-09-01 09:18:44 | 000,002,086 | ---- | C] () -- C:\Users\OEM\AppData\Roaming\VIL
  484. [2014-09-01 09:18:44 | 000,001,248 | ---- | C] () -- C:\Users\OEM\AppData\Roaming\KXUR
  485. [2014-06-21 16:23:00 | 000,000,000 | ---- | C] () -- C:\Users\OEM\AppData\Local\{785BAC47-D9AF-487A-828A-12577286D70B}
  486. [2014-04-26 19:35:02 | 000,000,054 | ---- | C] () -- C:\Windows\JQHApp.dat
  487. [2014-03-28 16:24:27 | 000,000,000 | ---- | C] () -- C:\Users\OEM\AppData\Local\{E30503DB-D055-4616-B8B7-BC9222D9B459}
  488. [2014-03-19 18:17:41 | 000,000,000 | ---- | C] () -- C:\Users\OEM\AppData\Local\{CDDB332C-3FE8-4DEB-885D-1EF1B809E51B}
  489. [2014-03-06 18:38:28 | 000,000,000 | ---- | C] () -- C:\Users\OEM\AppData\Local\{EC19D1BD-4B93-4469-8C4B-1B33206D074A}
  490. [2014-02-22 21:49:58 | 000,000,104 | -H-- | C] () -- C:\Users\OEM\AppData\Roaming\WPVXAP.setting
  491. [2014-02-19 17:18:45 | 000,000,072 | ---- | C] () -- C:\Users\OEM\AppData\Roaming\WB.CFG
  492. [2014-01-04 17:04:40 | 000,000,079 | ---- | C] () -- C:\Users\OEM\AppData\Roaming\KeiNett_Launch.properties
  493. [2013-09-17 12:58:34 | 145,672,688 | ---- | C] () -- C:\Users\OEM\AppData\Local\ACCCx2_1_2_232.zip.aamdownload
  494. [2013-09-17 12:58:34 | 000,001,817 | ---- | C] () -- C:\Users\OEM\AppData\Local\ACCCx2_1_2_232.zip.aamdownload.aamd
  495. [2013-05-22 10:10:41 | 005,530,560 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
  496. [2013-05-22 10:10:41 | 000,017,843 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
  497. [2013-04-13 17:51:36 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
  498. [2013-03-31 12:12:49 | 000,000,822 | ---- | C] () -- C:\Users\OEM\.recently-used.xbel
  499. [2013-01-25 17:43:24 | 000,639,488 | ---- | C] () -- C:\Windows\SysWow64\ficvdec_x86.dll
  500. [2012-10-15 18:40:29 | 000,000,132 | ---- | C] () -- C:\Users\OEM\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
  501. [2012-10-02 13:47:20 | 000,001,024 | ---- | C] () -- C:\Users\OEM\.rnd
  502. [2012-09-01 12:59:34 | 000,000,091 | ---- | C] () -- C:\Users\OEM\AppData\Local\fusioncache.dat
  503. [2012-03-30 14:10:32 | 000,008,192 | ---- | C] () -- C:\Users\OEM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  504. [2012-02-18 08:50:36 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
  505. [2009-03-30 11:22:43 | 000,061,440 | ---- | C] () -- C:\Program Files (x86)\RGSGrowBounds.aex
  506.  
  507. [color=#E56717]========== ZeroAccess Check ==========[/color]
  508.  
  509. [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  510.  
  511. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  512.  
  513. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  514.  
  515. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  516.  
  517. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  518.  
  519. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  520. "" = C:\Windows\SysNative\shell32.dll -- [2014-03-25 03:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
  521. "ThreadingModel" = Apartment
  522.  
  523. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  524. "" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
  525. "ThreadingModel" = Apartment
  526.  
  527. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  528. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  529. "ThreadingModel" = Free
  530.  
  531. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  532. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
  533. "ThreadingModel" = Free
  534.  
  535. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  536. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  537. "ThreadingModel" = Both
  538.  
  539. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  540.  
  541. [color=#E56717]========== LOP Check ==========[/color]
  542.  
  543. [2014-12-22 20:03:42 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\.minecraft
  544. [2014-09-29 15:02:34 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\.minecraftzyczu
  545. [2014-07-25 12:35:08 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\.mono
  546. [2014-07-27 16:16:58 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\.technic
  547. [2014-04-26 14:32:26 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\3909
  548. [2014-12-17 17:24:32 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\AnvSoft
  549. [2014-11-16 14:55:49 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Assassin's Creed Unity
  550. [2014-12-29 13:51:18 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Audacity
  551. [2014-09-29 19:40:26 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\AVAST Software
  552. [2014-06-28 20:14:58 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Avnex
  553. [2014-02-08 11:55:28 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Awesomium
  554. [2014-04-08 13:08:36 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Battle.net
  555. [2014-01-08 19:03:24 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\BitComet
  556. [2015-01-07 17:44:41 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\BitTorrent
  557. [2014-07-15 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Bloody Trapland
  558. [2014-09-07 15:02:52 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\BoL
  559. [2012-09-01 15:44:20 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Braid
  560. [2013-11-24 10:00:08 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Build and Shoot
  561. [2014-08-22 18:24:41 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\chc
  562. [2014-08-22 18:24:41 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
  563. [2013-01-28 16:01:38 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Cobalt
  564. [2014-05-27 14:38:01 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Colasoft Capsa 7 - Free Edition
  565. [2014-05-27 14:38:03 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Colasoft MAC Scanner
  566. [2014-05-27 14:38:04 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Colasoft Ping Tool
  567. [2013-03-17 17:44:31 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Cool Record Edit Pro
  568. [2013-09-22 14:58:33 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Craften Terminal
  569. [2014-04-24 17:48:05 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Curse
  570. [2014-04-24 17:49:33 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Curse Advertising
  571. [2014-05-07 06:43:15 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Curse Client
  572. [2012-01-28 12:19:54 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\DAEMON Tools Lite
  573. [2014-02-02 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Doublefine
  574. [2014-01-31 20:40:21 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Downloaded Installations
  575. [2014-10-30 15:18:25 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Dropbox
  576. [2014-10-30 15:18:24 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\DropboxMaster
  577. [2014-06-06 16:03:26 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Enterbrain
  578. [2014-05-04 19:04:30 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\FEZ
  579. [2013-04-20 08:19:33 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\FileZilla
  580. [2014-04-17 13:53:38 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\FlowStone
  581. [2013-03-31 07:54:03 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Free Sound Recorder
  582. [2013-01-29 16:27:48 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\ftblauncher
  583. [2014-10-05 20:04:00 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\GameRanger
  584. [2012-11-16 20:34:02 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\gd.sos.McPixel
  585. [2014-07-17 09:50:14 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\GG
  586. [2013-03-31 12:12:49 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\gtk-2.0
  587. [2013-08-04 19:06:08 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Image-Line
  588. [2012-12-15 11:09:49 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Kalydo
  589. [2012-12-31 16:57:40 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Little Inferno
  590. [2011-12-27 10:30:18 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\LolClient
  591. [2012-05-26 13:43:22 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\LolClient2
  592. [2014-01-14 17:38:52 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\LOVE
  593. [2013-09-05 17:56:41 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\LucasArts
  594. [2013-05-15 15:52:45 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\MAXON
  595. [2014-10-27 21:28:23 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Maxthon3
  596. [2012-12-02 12:41:19 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Minecraft Skin Viewer
  597. [2014-01-05 11:33:22 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\mineshafter_squared
  598. [2013-01-25 17:43:25 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Mirillis
  599. [2012-01-12 18:01:41 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Mount&Blade
  600. [2014-07-18 15:26:00 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Mount&Blade Warband
  601. [2012-12-13 18:53:44 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Mumble
  602. [2014-10-30 15:31:41 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\mxnitro
  603. [2012-03-30 19:39:34 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Need for Speed World
  604. [2013-11-05 14:14:47 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Notepad++
  605. [2015-01-02 15:29:16 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\OBS
  606. [2014-09-07 16:27:04 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Opera Software
  607. [2014-10-19 11:29:33 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Oracle
  608. [2014-09-15 12:25:48 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Origin
  609. [2013-04-13 17:51:36 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\PACE Anti-Piracy
  610. [2013-08-13 08:54:56 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Pamela
  611. [2014-09-12 16:42:11 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\PC Remote
  612. [2014-09-27 09:40:27 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\PDAppFlex
  613. [2014-01-31 20:41:04 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\PingPlotter
  614. [2012-08-28 11:29:22 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Publish Providers
  615. [2012-01-07 11:16:51 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\PunkBuster
  616. [2013-07-19 19:25:38 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\REAPER
  617. [2013-10-02 14:43:37 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Riot Games
  618. [2014-05-04 20:59:32 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Rockstar Games
  619. [2014-04-12 21:33:22 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\SFBot
  620. [2014-02-24 17:48:02 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Software Informer
  621. [2013-04-29 14:06:50 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Sony
  622. [2013-06-23 12:51:43 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Sony Creative Software Inc
  623. [2012-07-24 09:49:14 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\SplitMediaLabs
  624. [2014-11-09 12:19:16 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Spotify
  625. [2012-10-04 14:39:22 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
  626. [2014-03-15 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\TeamViewer
  627. [2012-12-02 13:56:05 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\TechSmith
  628. [2013-08-06 19:13:54 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\TERA
  629. [2014-10-09 19:38:45 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Tibia
  630. [2013-07-29 15:04:03 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Transformice
  631. [2015-01-07 19:49:54 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\TS3Client
  632. [2014-02-18 16:40:48 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\ttales
  633. [2012-04-08 16:38:24 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\TuneUp Software
  634. [2012-01-08 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Ubisoft
  635. [2012-11-01 15:08:51 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Unity
  636. [2012-09-01 08:07:18 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\uTorrent
  637. [2012-09-02 11:54:16 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\wargaming.net
  638. [2013-10-29 17:10:25 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\Warner Bros. Interactive Entertainment
  639. [2013-12-24 13:53:12 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\WizardWars
  640. [2013-04-12 08:05:42 | 000,000,000 | -HSD | M] -- C:\Users\OEM\AppData\Roaming\wyUpdate AU
  641. [2014-10-28 19:59:28 | 000,000,000 | ---D | M] -- C:\Users\OEM\AppData\Roaming\XapcnClient
  642.  
  643. [color=#E56717]========== Purity Check ==========[/color]
  644.  
  645.  
  646.  
  647. [color=#E56717]========== Files - Unicode (All) ==========[/color]
  648. [2014-11-13 14:29:48 | 000,000,000 | ---D | M](C:\Program Files (x86)\???PC?) -- C:\Program Files (x86)\爱应用PC版
  649. [2014-11-13 14:29:48 | 000,000,000 | ---D | M](C:\Program Files (x86)\???PC?) -- C:\Program Files (x86)\爱应用PC版
  650. [2014-10-28 19:59:09 | 000,001,108 | ---- | M] ()(C:\Users\OEM\Desktop\???PC?.lnk) -- C:\Users\OEM\Desktop\爱应用PC版.lnk
  651. [2014-10-28 19:59:09 | 000,001,108 | ---- | C] ()(C:\Users\OEM\Desktop\???PC?.lnk) -- C:\Users\OEM\Desktop\爱应用PC版.lnk
  652. [2014-10-28 18:45:05 | 000,001,108 | ---- | M] ()(C:\Users\OEM\Desktop\???PC? 4.6.lnk) -- C:\Users\OEM\Desktop\爱应用PC版 4.6.lnk
  653. [2014-10-28 18:45:05 | 000,001,108 | ---- | C] ()(C:\Users\OEM\Desktop\???PC? 4.6.lnk) -- C:\Users\OEM\Desktop\爱应用PC版 4.6.lnk
  654. (C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???PC?) -- C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\爱应用PC版
  655. (C:\Program Files (x86)\???PC?) -- C:\Program Files (x86)\爱应用PC版
  656.  
  657. [color=#E56717]========== Alternate Data Streams ==========[/color]
  658.  
  659. @Alternate Data Stream - 160 bytes -> C:\ProgramData\MTA San Andreas All:NT2
  660. @Alternate Data Stream - 160 bytes -> C:\ProgramData:NT2
  661. @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:373E1720
  662. @Alternate Data Stream - 1222 bytes -> C:\ProgramData\Microsoft:WYWF0xA97xiuGxbfNCren5
  663. @Alternate Data Stream - 1199 bytes -> C:\Users\OEM\AppData\Local\17jjo8C1TpE:gNMjCSoMysufbwL7X5pdix5
  664. @Alternate Data Stream - 1199 bytes -> C:\ProgramData\Microsoft:2gfwL6ynxhT1D5vmxhFC
  665. @Alternate Data Stream - 1194 bytes -> C:\ProgramData\Microsoft:WKc9lMLzlOFx9d1GfYmBXuk
  666. @Alternate Data Stream - 1173 bytes -> C:\ProgramData\Microsoft:sS9cJKTGAtcAfa3tiDouWT
  667. @Alternate Data Stream - 1154 bytes -> C:\ProgramData\Microsoft:zYm2xE7DxgfMZVURL
  668. @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
  669. @Alternate Data Stream - 1052 bytes -> C:\ProgramData\Microsoft:uakbmQYyfJr6Af9rhqs1
  670. @Alternate Data Stream - 1034 bytes -> C:\ProgramData\Microsoft:QvC12B9P1cxx4nTD
  671.  
  672. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!