API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 5th, 2015
265
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 86.65 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 2015-05-05 16:18:34 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = D:\down
  3. 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.9600.17728)
  5. Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
  6.  
  7. 5.96 Gb Total Physical Memory | 4.18 Gb Available Physical Memory | 70.01% Memory free
  8. 6.96 Gb Paging File | 5.05 Gb Available in Paging File | 72.47% Paging File free
  9. Paging file location(s): d:\pagefile.sys 0 0 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 77.95 Gb Total Space | 25.12 Gb Free Space | 32.23% Space Free | Partition Type: NTFS
  13. Drive D: | 160.01 Gb Total Space | 21.80 Gb Free Space | 13.63% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: ZAKOMP | User Name: zakiu_000 | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
  17. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2015-05-05 16:15:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\down\OTL.exe
  22. PRC - [2015-04-30 19:52:51 | 010,809,344 | ---- | M] () -- d:\wtw-profiles\zakius\PluginData\skype-proxy.exe
  23. PRC - [2015-04-29 13:28:20 | 001,736,872 | ---- | M] (Micro-Star INT'L CO., LTD.) -- C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
  24. PRC - [2015-04-22 06:43:13 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  25. PRC - [2015-04-21 18:21:28 | 005,064,120 | R--- | M] (Mailbird) -- C:\Program Files (x86)\Mailbird\Mailbird.exe
  26. PRC - [2015-04-21 18:21:14 | 000,020,408 | ---- | M] (The CefSharp Authors) -- C:\Program Files (x86)\Mailbird\CefSharp.BrowserSubprocess.exe
  27. PRC - [2015-03-11 07:30:18 | 000,403,408 | ---- | M] (RaMMicHaeL) -- C:\Program Files (x86)\Unchecky\bin\Unchecky_bg.exe
  28. PRC - [2015-03-11 07:30:18 | 000,161,744 | ---- | M] (RaMMicHaeL) -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
  29. PRC - [2014-12-03 08:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  30. PRC - [2014-09-12 20:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  31.  
  32.  
  33. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  34.  
  35. MOD - [2015-04-30 19:52:51 | 010,809,344 | ---- | M] () -- d:\wtw-profiles\zakius\PluginData\skype-proxy.exe
  36. MOD - [2015-04-28 10:15:38 | 003,184,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.28b9ef5a#\bea21e5994613d16de248a1b4e686fdd\System.Web.Extensions.ni.dll
  37. MOD - [2015-04-28 10:15:34 | 013,584,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\dbc0da2bf5f5641131206648270e4a03\System.Web.ni.dll
  38. MOD - [2015-04-26 13:15:27 | 019,547,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\339437a4810556d434a1d2f31c694ae4\System.ServiceModel.ni.dll
  39. MOD - [2015-04-23 12:04:26 | 000,797,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\e333f3e460781a3f7837521291c99c49\System.Runtime.Remoting.ni.dll
  40. MOD - [2015-04-21 17:54:02 | 000,657,408 | ---- | M] () -- C:\Program Files (x86)\Mailbird\CefSharp.Core.dll
  41. MOD - [2015-04-21 17:54:02 | 000,421,376 | ---- | M] () -- C:\Program Files (x86)\Mailbird\CefSharp.BrowserSubprocess.Core.dll
  42. MOD - [2015-04-21 17:53:34 | 040,556,032 | ---- | M] () -- C:\Program Files (x86)\Mailbird\libcef.dll
  43. MOD - [2015-04-21 17:53:34 | 001,359,360 | ---- | M] () -- C:\Program Files (x86)\Mailbird\libglesv2.dll
  44. MOD - [2015-04-21 17:53:34 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\Mailbird\libegl.dll
  45. MOD - [2015-02-18 21:54:46 | 000,458,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7c8c4c6ec0865f877904f806d7f6c161\PresentationFramework.Aero.ni.dll
  46. MOD - [2015-02-18 21:53:57 | 000,250,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\c011d55aa867db49a0b3019e5ea17d05\WindowsFormsIntegration.ni.dll
  47. MOD - [2015-02-18 21:53:56 | 000,231,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio53a7a42c#\f5998b40c85286e25d3d119ee356b025\PresentationFramework.Aerolite.ni.dll
  48. MOD - [2015-02-18 21:53:56 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c8849d6fd3bee972ec451baea15949ca\UIAutomationTypes.ni.dll
  49. MOD - [2015-02-13 18:56:46 | 001,614,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\577c7f96d8e020442491f944896a19f9\Microsoft.CSharp.ni.dll
  50. MOD - [2015-02-13 18:56:46 | 000,389,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\40bd304ce2b14a1363de94bcb0477c37\System.Dynamic.ni.dll
  51. MOD - [2015-02-12 21:30:55 | 001,033,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\263a47db76b72bed4494f911e6ada571\System.ComponentModel.Composition.ni.dll
  52. MOD - [2015-02-12 21:28:17 | 001,853,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\84fa9fa9c4be29612f8d268246a0353c\System.Deployment.ni.dll
  53. MOD - [2015-02-12 21:28:04 | 000,773,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\c9ab71df4c1c005a0c93a84bc49a75c8\System.EnterpriseServices.ni.dll
  54. MOD - [2015-02-12 21:28:04 | 000,244,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\c9ab71df4c1c005a0c93a84bc49a75c8\System.EnterpriseServices.Wrapper.dll
  55. MOD - [2015-02-12 21:27:59 | 000,728,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\d72f65a6622be86134ba8c534acc10e5\System.Security.ni.dll
  56. MOD - [2015-02-12 21:27:59 | 000,146,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\780d94e5d6c1620ed4556ed4d6586007\System.Numerics.ni.dll
  57. MOD - [2015-02-12 21:26:58 | 000,119,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windc7c43db6#\33f47a7d7db056096c63dc1eaa736641\System.Windows.Interactivity.ni.dll
  58. MOD - [2015-02-12 21:26:57 | 000,390,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.E9ff182ca#\3533ada635ec45db88d63ec00e6542b9\Microsoft.Expression.Interactions.ni.dll
  59. MOD - [2015-02-12 21:26:57 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.E11bcbe27#\6d061df5cc97713ae12f54350f9e8c8b\Microsoft.Expression.Effects.ni.dll
  60. MOD - [2015-02-12 21:18:56 | 018,753,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\4136b9a7a05c8f0e2c7e15600bc20b1b\PresentationFramework.ni.dll
  61. MOD - [2015-02-12 21:18:31 | 011,014,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\24f6c80242420a1cea5cc254bf420027\PresentationCore.ni.dll
  62. MOD - [2015-02-12 21:17:46 | 002,803,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\7d61ab80c44108150bad37e8d916e220\System.Runtime.Serialization.ni.dll
  63. MOD - [2015-02-12 21:17:42 | 000,392,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c3091aed234c325a534d831b71c4b88e\System.Xml.Linq.ni.dll
  64. MOD - [2015-02-12 21:17:41 | 001,169,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\fadd99ca6318632b3f3d4f31eb91db7a\System.Management.ni.dll
  65. MOD - [2015-02-12 21:17:39 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a4d2243df4af8ab65ff74d436d449789\System.Windows.Forms.ni.dll
  66. MOD - [2015-02-12 21:17:26 | 007,386,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\ec0506570d793fcae40cc19bd8a43e5b\System.Data.ni.dll
  67. MOD - [2015-02-12 21:17:19 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\d91798a9a9fcb450351fe8e49026a69f\System.Drawing.ni.dll
  68. MOD - [2015-02-12 21:17:18 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\b5b80f1284dfa1b883da48ed58ecbc47\System.Configuration.ni.dll
  69. MOD - [2015-02-12 21:17:17 | 007,787,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9a349fb029581f4752d2c6cfcfeab816\System.Xml.ni.dll
  70. MOD - [2015-02-12 21:17:08 | 003,904,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\bb26d987467eca70ebc4beec29158d67\WindowsBase.ni.dll
  71. MOD - [2015-02-12 21:16:53 | 001,873,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d626184834dde3f4906aff139d4e5bbf\System.Xaml.ni.dll
  72. MOD - [2015-02-12 21:16:45 | 000,656,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\e0385d2ccd8766063e53bf96510a9350\System.Transactions.ni.dll
  73. MOD - [2015-02-12 21:16:40 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\794a3d83e77a53d6fc029c389f9cc408\System.Core.ni.dll
  74. MOD - [2015-02-12 21:16:28 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1a6b5095c4416a37f9ca4cf4436d1311\System.ni.dll
  75. MOD - [2014-04-16 01:34:56 | 017,223,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d03a3ddcd6a395878751c5e90fa16915\mscorlib.ni.dll
  76.  
  77.  
  78. [color=#E56717]========== Services (SafeList) ==========[/color]
  79.  
  80. SRV:[b]64bit:[/b] - [2015-03-31 22:13:18 | 000,246,272 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
  81. SRV:[b]64bit:[/b] - [2015-03-14 02:18:51 | 013,784,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\vmms.exe -- (vmms)
  82. SRV:[b]64bit:[/b] - [2015-02-21 01:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
  83. SRV:[b]64bit:[/b] - [2015-02-04 01:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
  84. SRV:[b]64bit:[/b] - [2015-02-04 01:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
  85. SRV:[b]64bit:[/b] - [2014-12-06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
  86. SRV:[b]64bit:[/b] - [2014-10-31 06:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
  87. SRV:[b]64bit:[/b] - [2014-10-29 06:09:06 | 000,092,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
  88. SRV:[b]64bit:[/b] - [2014-10-29 05:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
  89. SRV:[b]64bit:[/b] - [2014-10-29 05:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  90. SRV:[b]64bit:[/b] - [2014-10-29 04:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
  91. SRV:[b]64bit:[/b] - [2014-10-29 04:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
  92. SRV:[b]64bit:[/b] - [2014-10-29 04:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
  93. SRV:[b]64bit:[/b] - [2014-10-29 04:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
  94. SRV:[b]64bit:[/b] - [2014-10-29 04:30:35 | 000,187,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  95. SRV:[b]64bit:[/b] - [2014-10-29 04:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
  96. SRV:[b]64bit:[/b] - [2014-10-29 03:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
  97. SRV:[b]64bit:[/b] - [2014-10-29 03:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
  98. SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
  99. SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
  100. SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
  101. SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
  102. SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
  103. SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
  104. SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
  105. SRV:[b]64bit:[/b] - [2014-10-29 03:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
  106. SRV:[b]64bit:[/b] - [2014-10-29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
  107. SRV:[b]64bit:[/b] - [2014-10-29 03:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
  108. SRV:[b]64bit:[/b] - [2014-10-29 03:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
  109. SRV:[b]64bit:[/b] - [2014-10-29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
  110. SRV:[b]64bit:[/b] - [2014-10-29 03:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
  111. SRV:[b]64bit:[/b] - [2014-10-29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
  112. SRV:[b]64bit:[/b] - [2014-10-29 03:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
  113. SRV:[b]64bit:[/b] - [2014-10-29 03:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
  114. SRV:[b]64bit:[/b] - [2014-10-29 03:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
  115. SRV:[b]64bit:[/b] - [2014-10-29 03:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
  116. SRV:[b]64bit:[/b] - [2014-10-29 03:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
  117. SRV:[b]64bit:[/b] - [2014-10-29 03:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
  118. SRV:[b]64bit:[/b] - [2014-10-29 03:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
  119. SRV:[b]64bit:[/b] - [2014-10-29 03:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
  120. SRV:[b]64bit:[/b] - [2014-10-29 02:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
  121. SRV:[b]64bit:[/b] - [2014-10-29 02:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
  122. SRV:[b]64bit:[/b] - [2014-10-29 02:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
  123. SRV:[b]64bit:[/b] - [2014-10-29 02:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
  124. SRV:[b]64bit:[/b] - [2013-08-27 14:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
  125. SRV - [2015-04-29 13:28:20 | 001,736,872 | ---- | M] (Micro-Star INT'L CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe -- (MSI_LiveUpdate_Service)
  126. SRV - [2015-04-21 18:21:56 | 000,329,144 | ---- | M] (Mailbird) [On_Demand | Stopped] -- C:\Program Files (x86)\Mailbird\MailbirdUpdater.exe -- (MailbirdUpdater.exe)
  127. SRV - [2015-04-14 20:30:43 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  128. SRV - [2015-03-11 07:30:18 | 000,161,744 | ---- | M] (RaMMicHaeL) [Auto | Running] -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe -- (Unchecky)
  129. SRV - [2015-03-02 14:27:23 | 000,169,640 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  130. SRV - [2014-12-11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  131. SRV - [2014-12-03 08:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  132. SRV - [2014-10-29 05:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  133. SRV - [2014-10-29 03:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
  134. SRV - [2014-10-29 03:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
  135. SRV - [2014-10-29 02:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
  136. SRV - [2014-09-12 20:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
  137. SRV - [2014-07-22 22:17:28 | 000,089,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Pliki programów (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
  138. SRV - [2014-02-20 01:18:06 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
  139. SRV - [2013-08-22 05:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
  140.  
  141.  
  142. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  143.  
  144. DRV:[b]64bit:[/b] - [2015-03-31 22:41:18 | 019,338,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
  145. DRV:[b]64bit:[/b] - [2015-03-31 22:09:30 | 000,591,872 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
  146. DRV:[b]64bit:[/b] - [2015-03-20 03:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
  147. DRV:[b]64bit:[/b] - [2015-03-17 19:26:06 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
  148. DRV:[b]64bit:[/b] - [2015-03-13 06:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
  149. DRV:[b]64bit:[/b] - [2015-03-09 04:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
  150. DRV:[b]64bit:[/b] - [2015-03-04 12:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
  151. DRV:[b]64bit:[/b] - [2015-02-11 22:18:23 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\passthruparser.sys -- (passthruparser)
  152. DRV:[b]64bit:[/b] - [2015-02-11 22:18:22 | 000,068,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
  153. DRV:[b]64bit:[/b] - [2015-02-11 22:18:22 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pvhdparser.sys -- (pvhdparser)
  154. DRV:[b]64bit:[/b] - [2015-02-11 22:18:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lunparser.sys -- (lunparser)
  155. DRV:[b]64bit:[/b] - [2015-02-11 22:18:18 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdparser.sys -- (vhdparser)
  156. DRV:[b]64bit:[/b] - [2015-02-04 01:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
  157. DRV:[b]64bit:[/b] - [2015-02-04 01:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
  158. DRV:[b]64bit:[/b] - [2015-02-04 01:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
  159. DRV:[b]64bit:[/b] - [2015-01-03 20:02:37 | 000,040,208 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\Partizan.exe -- (Partizan)
  160. DRV:[b]64bit:[/b] - [2014-12-22 17:50:19 | 000,089,912 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
  161. DRV:[b]64bit:[/b] - [2014-12-22 17:50:19 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
  162. DRV:[b]64bit:[/b] - [2014-12-21 05:38:18 | 000,223,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
  163. DRV:[b]64bit:[/b] - [2014-11-10 20:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
  164. DRV:[b]64bit:[/b] - [2014-11-04 21:33:40 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
  165. DRV:[b]64bit:[/b] - [2014-11-04 08:55:13 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
  166. DRV:[b]64bit:[/b] - [2014-10-29 05:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
  167. DRV:[b]64bit:[/b] - [2014-10-29 05:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
  168. DRV:[b]64bit:[/b] - [2014-10-29 05:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  169. DRV:[b]64bit:[/b] - [2014-10-29 04:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  170. DRV:[b]64bit:[/b] - [2014-10-29 04:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
  171. DRV:[b]64bit:[/b] - [2014-10-29 04:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
  172. DRV:[b]64bit:[/b] - [2014-10-29 04:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
  173. DRV:[b]64bit:[/b] - [2014-10-29 04:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
  174. DRV:[b]64bit:[/b] - [2014-10-28 01:46:14 | 000,062,152 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
  175. DRV:[b]64bit:[/b] - [2014-10-17 06:56:23 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
  176. DRV:[b]64bit:[/b] - [2014-10-17 05:35:04 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
  177. DRV:[b]64bit:[/b] - [2014-10-15 10:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
  178. DRV:[b]64bit:[/b] - [2014-10-09 18:17:27 | 000,874,712 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
  179. DRV:[b]64bit:[/b] - [2014-10-08 09:32:15 | 000,688,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmswitch.sys -- (VMSVSP)
  180. DRV:[b]64bit:[/b] - [2014-10-08 09:32:15 | 000,688,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmswitch.sys -- (VMSVSF)
  181. DRV:[b]64bit:[/b] - [2014-10-08 09:32:15 | 000,688,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmswitch.sys -- (VMSP)
  182. DRV:[b]64bit:[/b] - [2014-10-08 09:32:15 | 000,688,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmswitch.sys -- (VMSMP)
  183. DRV:[b]64bit:[/b] - [2014-10-07 08:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
  184. DRV:[b]64bit:[/b] - [2014-10-07 08:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
  185. DRV:[b]64bit:[/b] - [2014-10-07 08:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
  186. DRV:[b]64bit:[/b] - [2014-09-09 17:27:58 | 000,142,528 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
  187. DRV:[b]64bit:[/b] - [2014-09-07 11:48:50 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
  188. DRV:[b]64bit:[/b] - [2014-08-15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
  189. DRV:[b]64bit:[/b] - [2014-03-13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
  190. DRV:[b]64bit:[/b] - [2014-02-22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
  191. DRV:[b]64bit:[/b] - [2014-02-22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
  192. DRV:[b]64bit:[/b] - [2013-10-26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
  193. DRV:[b]64bit:[/b] - [2013-10-05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
  194. DRV:[b]64bit:[/b] - [2013-09-14 16:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
  195. DRV:[b]64bit:[/b] - [2013-08-23 01:14:37 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
  196. DRV:[b]64bit:[/b] - [2013-08-23 01:14:26 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
  197. DRV:[b]64bit:[/b] - [2013-08-23 01:14:26 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
  198. DRV:[b]64bit:[/b] - [2013-08-23 01:14:26 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
  199. DRV:[b]64bit:[/b] - [2013-08-23 01:14:26 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  200. DRV:[b]64bit:[/b] - [2013-08-23 01:14:25 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
  201. DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
  202. DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  203. DRV:[b]64bit:[/b] - [2013-08-22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
  204. DRV:[b]64bit:[/b] - [2013-08-22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
  205. DRV:[b]64bit:[/b] - [2013-08-22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
  206. DRV:[b]64bit:[/b] - [2013-08-22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
  207. DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  208. DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  209. DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
  210. DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  211. DRV:[b]64bit:[/b] - [2013-08-22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
  212. DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
  213. DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  214. DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  215. DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
  216. DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  217. DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
  218. DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
  219. DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  220. DRV:[b]64bit:[/b] - [2013-08-22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
  221. DRV:[b]64bit:[/b] - [2013-08-22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
  222. DRV:[b]64bit:[/b] - [2013-08-22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  223. DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
  224. DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
  225. DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
  226. DRV:[b]64bit:[/b] - [2013-08-22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
  227. DRV:[b]64bit:[/b] - [2013-08-22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
  228. DRV:[b]64bit:[/b] - [2013-08-22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
  229. DRV:[b]64bit:[/b] - [2013-08-22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
  230. DRV:[b]64bit:[/b] - [2013-08-22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
  231. DRV:[b]64bit:[/b] - [2013-08-22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
  232. DRV:[b]64bit:[/b] - [2013-08-22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
  233. DRV:[b]64bit:[/b] - [2013-08-22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
  234. DRV:[b]64bit:[/b] - [2013-08-22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
  235. DRV:[b]64bit:[/b] - [2013-08-22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
  236. DRV:[b]64bit:[/b] - [2013-08-22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
  237. DRV:[b]64bit:[/b] - [2013-08-22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
  238. DRV:[b]64bit:[/b] - [2013-08-22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
  239. DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  240. DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
  241. DRV:[b]64bit:[/b] - [2013-08-22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  242. DRV:[b]64bit:[/b] - [2013-08-22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
  243. DRV:[b]64bit:[/b] - [2013-08-22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
  244. DRV:[b]64bit:[/b] - [2013-08-13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
  245. DRV:[b]64bit:[/b] - [2013-08-10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
  246. DRV:[b]64bit:[/b] - [2013-07-30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
  247. DRV:[b]64bit:[/b] - [2013-07-25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
  248. DRV:[b]64bit:[/b] - [2012-09-23 01:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
  249. DRV:[b]64bit:[/b] - [2010-07-01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
  250. DRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
  251. DRV - [2015-01-03 20:17:46 | 000,000,775 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\SysWow64\Partizan.RRI -- (Partizan)
  252. DRV - [2014-12-22 17:45:44 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
  253. DRV - [2010-10-22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
  254.  
  255.  
  256. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  257.  
  258.  
  259. [color=#E56717]========== Internet Explorer ==========[/color]
  260.  
  261. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
  262. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  263. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  264. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  265. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
  266. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  267. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  268.  
  269.  
  270. IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  271. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  272.  
  273. IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  274. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  275.  
  276. IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  277.  
  278. IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  279.  
  280. IE - HKU\S-1-5-21-3712932501-997566816-371770968-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
  281. IE - HKU\S-1-5-21-3712932501-997566816-371770968-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  282. IE - HKU\S-1-5-21-3712932501-997566816-371770968-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  283. IE - HKU\S-1-5-21-3712932501-997566816-371770968-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  284.  
  285. [color=#E56717]========== FireFox ==========[/color]
  286.  
  287. FF - prefs.js..browser.search.countryCode: "PL"
  288. FF - prefs.js..browser.search.highlightCount: 4
  289. FF - prefs.js..browser.search.isUS: false
  290. FF - prefs.js..browser.search.region: "PL"
  291. FF - prefs.js..browser.search.useDBForOrder: true
  292. FF - prefs.js..extensions.enabledAddons: firegestures%40xuldev.org:1.8.7
  293. FF - prefs.js..extensions.enabledAddons: %7B899DF1F8-2F43-4394-8315-37F6744E6319%7D:1.0.9.2
  294. FF - prefs.js..extensions.enabledAddons: %7B9efe12fc-8e7b-41dc-917e-b9341daa31e0%7D:1.3.4.3
  295. FF - prefs.js..extensions.enabledAddons: %7B8f8fe09b-0bd3-4470-bc1b-8cad42b8203a%7D:0.17
  296. FF - prefs.js..extensions.enabledAddons: %7Bb749fc7c-e949-447f-926c-3f4eed6accfe%7D:0.7.1.1
  297. FF - prefs.js..extensions.enabledAddons: %7B9aad3da6-6c46-4ef0-9109-6df5eaaf597c%7D:1.4.1
  298. FF - prefs.js..extensions.enabledAddons: firefinder%40robertnyman.com:1.4
  299. FF - prefs.js..extensions.enabledAddons: firebug%40tools.sitepoint.com:1.6
  300. FF - prefs.js..extensions.enabledAddons: yslow%40yahoo-inc.com:3.1.8
  301. FF - prefs.js..extensions.enabledAddons: csscoverage%40spaghetticoder.org:0.3.3
  302. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.2
  303. FF - user.js - File not found
  304.  
  305. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
  306. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  307. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
  308. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
  309. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
  310. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  311. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
  312. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  313. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
  314. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  315. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation)
  316. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  317. FF - HKCU\Software\MozillaPlugins\@hola.org/vlc,version=1.6.463: C:\Users\zakiu_000\AppData\Local\Hola\firefox\app\vlc File not found
  318. FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\zakiu_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  319.  
  320. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox Developer Edition 38.0a2\extensions\\Components: C:\PROGRAM FILES\FIREFOX DEVELOPER EDITION\COMPONENTS
  321. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox Developer Edition 38.0a2\extensions\\Plugins: C:\PROGRAM FILES\FIREFOX DEVELOPER EDITION\PLUGINS
  322. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  323. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  324. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  325. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  326.  
  327. [2014-08-21 18:38:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\Extensions
  328. [2015-05-05 16:14:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\Firefox\Profiles\14vcz1k9.default\extension-data
  329. [2015-05-05 16:16:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\Firefox\Profiles\14vcz1k9.default\extensions
  330. [2015-04-13 16:14:14 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\Firefox\Profiles\14vcz1k9.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
  331. [2015-05-03 10:22:45 | 000,000,000 | ---D | M] (British English Dictionary (Forked by Marco Pinto)) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\Firefox\Profiles\14vcz1k9.default\extensions\marcoagpinto@mail.telepac.pt
  332. [2015-03-02 19:22:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\Firefox\Profiles\mrryja1t.dev-edition-default\extensions
  333. [2014-11-07 21:08:04 | 000,000,000 | ---D | M] (Firefox Developer Tools Adapters) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\Firefox\Profiles\mrryja1t.dev-edition-default\extensions\fxdevtools-adapters@mozilla.org
  334. [2015-04-20 18:12:33 | 000,009,953 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\csscoverage@spaghetticoder.org.xpi
  335. [2015-04-20 18:03:09 | 002,572,023 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\firebug@software.joehewitt.com.xpi
  336. [2015-04-20 18:03:24 | 000,870,767 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\firebug@tools.sitepoint.com.xpi
  337. [2015-04-20 18:03:24 | 000,030,370 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\firefinder@robertnyman.com.xpi
  338. [2014-09-17 21:04:56 | 000,394,918 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\firegestures@xuldev.org.xpi
  339. [2015-02-05 12:04:36 | 000,009,467 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\info@youtube-mp3.org.xpi
  340. [2015-02-19 18:06:52 | 000,018,463 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\jid1-AoXeeOB4j7kFdw@jetpack.xpi
  341. [2015-04-27 18:53:02 | 003,833,948 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\uBlock0@raymondhill.net.xpi
  342. [2015-04-20 18:12:33 | 000,201,121 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\yslow@yahoo-inc.com.xpi
  343. [2015-05-03 10:22:49 | 003,720,915 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi
  344. [2014-12-16 22:14:29 | 000,402,809 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi
  345. [2015-04-20 18:03:24 | 000,338,733 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\{9aad3da6-6c46-4ef0-9109-6df5eaaf597c}.xpi
  346. [2015-04-13 16:13:44 | 000,024,955 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\{9efe12fc-8e7b-41dc-917e-b9341daa31e0}.xpi
  347. [2015-04-13 16:22:06 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
  348. [2015-04-22 08:07:52 | 000,548,269 | ---- | M] () (No name found) -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
  349. [2014-11-22 23:57:00 | 000,002,216 | ---- | M] () -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\searchplugins\bing.xml
  350. [2014-11-22 23:56:50 | 000,004,208 | ---- | M] () -- C:\Users\zakiu_000\AppData\Roaming\mozilla\firefox\profiles\14vcz1k9.default\searchplugins\youtube.xml
  351. [2015-04-22 06:43:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
  352. [2015-04-22 06:43:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  353.  
  354. O1 HOSTS File: ([2015-05-05 16:17:19 | 000,002,036 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  355. O1 - Hosts: 127.0.0.1 localhost
  356. O1 - Hosts: 127.0.0.1 domain.com
  357. O1 - Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
  358. O1 - Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
  359. O1 - Hosts: 0.0.0.0 media.opencandy.com
  360. O1 - Hosts: 0.0.0.0 cdn.opencandy.com
  361. O1 - Hosts: 0.0.0.0 tracking.opencandy.com
  362. O1 - Hosts: 0.0.0.0 api.opencandy.com
  363. O1 - Hosts: 0.0.0.0 installer.betterinstaller.com
  364. O1 - Hosts: 0.0.0.0 installer.filebulldog.com
  365. O1 - Hosts: 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
  366. O1 - Hosts: 0.0.0.0 inno.bisrv.com
  367. O1 - Hosts: 0.0.0.0 nsis.bisrv.com
  368. O1 - Hosts: 0.0.0.0 cdn.file2desktop.com
  369. O1 - Hosts: 0.0.0.0 cdn.goateastcach.us
  370. O1 - Hosts: 0.0.0.0 cdn.guttastatdk.us
  371. O1 - Hosts: 0.0.0.0 cdn.inskinmedia.com
  372. O1 - Hosts: 0.0.0.0 cdn.insta.oibundles2.com
  373. O1 - Hosts: 0.0.0.0 cdn.insta.playbryte.com
  374. O1 - Hosts: 0.0.0.0 cdn.llogetfastcach.us
  375. O1 - Hosts: 0.0.0.0 cdn.montiera.com
  376. O1 - Hosts: 0.0.0.0 cdn.msdwnld.com
  377. O1 - Hosts: 0.0.0.0 cdn.mypcbackup.com
  378. O1 - Hosts: 0.0.0.0 cdn.ppdownload.com
  379. O1 - Hosts: 0.0.0.0 cdn.riceateastcach.us
  380. O1 - Hosts: 12 more lines...
  381. O2:[b]64bit:[/b] - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
  382. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
  383. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
  384. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
  385. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
  386. O4 - HKLM..\Run: [] File not found
  387. O4 - HKLM..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe (Micro-Star INT'L CO., LTD.)
  388. O4 - HKU\S-1-5-21-3712932501-997566816-371770968-1007..\Run: [Mailbird] C:\Program Files (x86)\Mailbird\Mailbird.exe (Mailbird)
  389. O4 - HKU\S-1-5-21-3712932501-997566816-371770968-1007..\Run: [THG] C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe ()
  390. O4 - HKU\S-1-5-21-3712932501-997566816-371770968-1007..\Run: [XMB] C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe (Highresolution Enterprises)
  391. O4 - Startup: C:\Users\zakiu_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WTW.lnk = File not found
  392. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
  393. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  394. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  395. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  396. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  397. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
  398. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  399. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
  400. O8:[b]64bit:[/b] - Extra context menu item: Ściągaj z Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
  401. O8 - Extra context menu item: Ściągaj z Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
  402. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
  403. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
  404. O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
  405. O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
  406. O13[b]64bit:[/b] - gopher Prefix: missing
  407. O13 - gopher Prefix: missing
  408. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
  409. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9115C44B-1C06-4DE8-9C13-D29792FCBC6C}: DhcpNameServer = 192.168.0.1
  410. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  411. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  412. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  413. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  414. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  415. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  416. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  417. O32 - HKLM CDRom: AutoRun - 1
  418. O34 - HKLM BootExecute: (autocheck autochk *)
  419. O34 - HKLM BootExecute: (MACHINE BootExecut)
  420. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  421. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  422. O35 - HKLM\..comfile [open] -- "%1" %*
  423. O35 - HKLM\..exefile [open] -- "%1" %*
  424. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  425. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  426. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  427. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  428. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  429. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  430.  
  431. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  432.  
  433. [2015-05-05 16:15:36 | 000,000,000 | ---D | C] -- C:\AdwCleaner
  434. [2015-05-05 16:12:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\LiveUpdate
  435. [2015-05-05 16:11:41 | 000,000,000 | ---D | C] -- C:\MSI
  436. [2015-05-05 13:10:20 | 000,000,000 | ---D | C] -- C:\Users\zakiu_000\AppData\Local\Composer
  437. [2015-05-05 13:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
  438. [2015-05-05 13:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TortoiseOverlays
  439. [2015-05-05 13:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ComposerSetup
  440. [2015-05-05 13:06:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ComposerSetup
  441. [2015-05-05 13:06:45 | 000,000,000 | ---D | C] -- C:\Users\zakiu_000\AppData\Roaming\Composer
  442. [2015-05-05 12:37:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
  443. [2015-05-05 10:14:15 | 000,000,000 | R--D | C] -- C:\Users\zakiu_000\OneDrive
  444. [2015-05-05 10:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
  445. [2015-05-05 10:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
  446. [2015-05-05 09:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Preview
  447. [2015-05-05 09:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
  448. [2015-05-05 09:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
  449. [2015-05-04 07:08:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe
  450. [2015-05-04 07:08:24 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe
  451. [2015-05-04 07:08:19 | 004,417,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
  452. [2015-05-04 07:08:19 | 002,985,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
  453. [2015-05-04 07:08:19 | 002,256,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
  454. [2015-05-04 07:08:19 | 001,491,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
  455. [2015-05-04 07:08:19 | 001,207,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
  456. [2015-05-04 07:08:18 | 001,943,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
  457. [2015-05-04 07:08:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ahcache.sys
  458. [2015-04-30 12:57:09 | 000,000,000 | ---D | C] -- C:\Users\zakiu_000\AppData\Local\Messenger
  459. [2015-04-30 12:56:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Messenger for Desktop
  460. [2015-04-30 10:17:11 | 000,000,000 | ---D | C] -- C:\Users\zakiu_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
  461. [2015-04-30 10:16:25 | 000,000,000 | ---D | C] -- C:\Users\zakiu_000\AppData\Local\SquirrelTemp
  462. [2015-04-22 13:43:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
  463. [2015-04-22 13:18:49 | 000,792,056 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  464. [2015-04-22 13:18:49 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rascfg.dll
  465. [2015-04-22 13:18:49 | 000,178,168 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  466. [2015-04-22 13:18:49 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rascfg.dll
  467. [2015-04-22 13:17:36 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
  468. [2015-04-22 13:17:34 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
  469. [2015-04-22 13:17:34 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
  470. [2015-04-22 13:17:34 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
  471. [2015-04-22 13:17:34 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
  472. [2015-04-22 13:17:34 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
  473. [2015-04-22 13:17:34 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
  474. [2015-04-22 13:17:34 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
  475. [2015-04-22 13:17:34 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
  476. [2015-04-22 13:17:27 | 002,819,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers.dll
  477. [2015-04-22 13:17:25 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
  478. [2015-04-22 13:17:25 | 000,467,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
  479. [2015-04-22 13:17:25 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthhfenum.sys
  480. [2015-04-22 13:17:24 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
  481. [2015-04-22 13:17:24 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
  482. [2015-04-22 13:17:24 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
  483. [2015-04-22 13:17:24 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tracerpt.exe
  484. [2015-04-22 13:17:24 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tracerpt.exe
  485. [2015-04-22 13:17:24 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sechost.dll
  486. [2015-04-22 13:17:24 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
  487. [2015-04-22 13:17:24 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-system-events.dll
  488. [2015-04-22 13:17:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
  489. [2015-04-22 13:17:21 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Input.Inking.dll
  490. [2015-04-22 13:17:21 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Input.Inking.dll
  491. [2015-04-22 13:17:10 | 002,162,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SRH.dll
  492. [2015-04-22 13:17:10 | 001,812,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SRH.dll
  493. [2015-04-22 13:17:10 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
  494. [2015-04-22 13:17:10 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
  495. [2015-04-22 13:17:09 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
  496. [2015-04-22 13:16:47 | 013,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmms.exe
  497. [2015-04-22 13:16:46 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
  498. [2015-04-22 13:16:46 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
  499. [2015-04-22 13:16:46 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapisrv.dll
  500. [2015-04-22 13:16:22 | 000,239,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
  501. [2015-04-22 13:16:22 | 000,154,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
  502. [2015-04-22 13:15:55 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
  503. [2015-04-22 13:15:55 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
  504. [2015-04-22 13:15:55 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
  505. [2015-04-22 13:15:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
  506. [2015-04-22 13:15:46 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
  507. [2015-04-22 13:15:46 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
  508. [2015-04-22 13:15:46 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
  509. [2015-04-22 13:15:46 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
  510. [2015-04-22 13:15:46 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
  511. [2015-04-22 13:15:46 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
  512. [2015-04-22 13:15:46 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
  513. [2015-04-22 13:15:46 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
  514. [2015-04-22 13:15:46 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
  515. [2015-04-22 13:15:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
  516. [2015-04-22 13:15:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
  517. [2015-04-22 13:15:46 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
  518. [2015-04-22 13:15:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
  519. [2015-04-22 13:15:45 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
  520. [2015-04-22 13:15:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
  521. [2015-04-22 13:15:45 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
  522. [2015-04-22 13:15:45 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
  523. [2015-04-22 13:15:43 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
  524. [2015-04-22 13:15:43 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
  525. [2015-04-22 13:15:43 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
  526. [2015-04-22 13:15:43 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
  527. [2015-04-22 13:15:43 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
  528. [2015-04-22 13:15:43 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
  529. [2015-04-22 13:15:43 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
  530. [2015-04-22 13:15:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
  531. [2015-04-22 06:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
  532. [2015-04-22 06:24:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird
  533. [2015-04-22 06:24:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mailbird
  534. [2015-04-20 17:38:33 | 000,000,000 | ---D | C] -- C:\Users\zakiu_000\AppData\Local\OTLand
  535. [2015-04-17 06:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
  536. [2015-04-17 06:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
  537. [2015-04-17 06:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
  538. [2015-04-17 06:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
  539. [2015-04-17 06:48:34 | 008,381,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
  540. [2015-04-17 06:48:34 | 007,559,840 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
  541. [2015-04-17 06:48:34 | 007,077,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
  542. [2015-04-17 06:48:34 | 000,846,848 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_14.50.dll
  543. [2015-04-17 06:48:34 | 000,144,328 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
  544. [2015-04-17 06:48:34 | 000,127,488 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
  545. [2015-04-17 06:48:34 | 000,126,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
  546. [2015-04-17 06:48:34 | 000,113,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
  547. [2015-04-17 06:48:34 | 000,098,816 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
  548. [2015-04-17 06:48:34 | 000,091,648 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
  549. [2015-04-17 06:48:34 | 000,086,528 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
  550. [2015-04-17 06:48:34 | 000,085,504 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
  551. [2015-04-17 06:48:34 | 000,083,456 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
  552. [2015-04-17 06:48:34 | 000,073,216 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
  553. [2015-04-17 06:48:33 | 047,902,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
  554. [2015-04-17 06:48:33 | 040,990,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
  555. [2015-04-17 06:48:33 | 028,354,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
  556. [2015-04-17 06:48:33 | 023,626,752 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
  557. [2015-04-17 06:48:33 | 019,338,752 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
  558. [2015-04-17 06:48:33 | 015,716,352 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
  559. [2015-04-17 06:48:33 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
  560. [2015-04-17 06:48:33 | 011,083,488 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
  561. [2015-04-17 06:48:33 | 009,406,624 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
  562. [2015-04-17 06:48:33 | 008,368,872 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
  563. [2015-04-17 06:48:33 | 007,915,520 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdhsasc64.dll
  564. [2015-04-17 06:48:33 | 006,375,936 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdhsasc.dll
  565. [2015-04-17 06:48:33 | 005,837,824 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
  566. [2015-04-17 06:48:33 | 004,590,592 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
  567. [2015-04-17 06:48:33 | 001,358,192 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
  568. [2015-04-17 06:48:33 | 001,218,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
  569. [2015-04-17 06:48:33 | 001,134,688 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
  570. [2015-04-17 06:48:33 | 000,905,728 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
  571. [2015-04-17 06:48:33 | 000,776,192 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
  572. [2015-04-17 06:48:33 | 000,591,872 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
  573. [2015-04-17 06:48:33 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
  574. [2015-04-17 06:48:33 | 000,367,104 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
  575. [2015-04-17 06:48:33 | 000,294,600 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
  576. [2015-04-17 06:48:33 | 000,246,272 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
  577. [2015-04-17 06:48:33 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
  578. [2015-04-17 06:48:33 | 000,146,944 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
  579. [2015-04-17 06:48:33 | 000,133,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
  580. [2015-04-17 06:48:33 | 000,128,384 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
  581. [2015-04-17 06:48:33 | 000,118,096 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
  582. [2015-04-17 06:48:33 | 000,118,096 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
  583. [2015-04-17 06:48:33 | 000,102,128 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
  584. [2015-04-17 06:48:33 | 000,100,032 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
  585. [2015-04-17 06:48:33 | 000,096,448 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
  586. [2015-04-17 06:48:33 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
  587. [2015-04-17 06:48:33 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
  588. [2015-04-17 06:48:33 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
  589. [2015-04-17 06:48:33 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
  590. [2015-04-17 06:48:33 | 000,075,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
  591. [2015-04-17 06:48:33 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
  592. [2015-04-17 06:48:33 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
  593. [2015-04-17 06:48:33 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
  594. [2015-04-17 06:48:33 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
  595. [2015-04-17 06:48:33 | 000,065,024 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
  596. [2015-04-17 06:48:33 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
  597. [2015-04-17 06:48:33 | 000,058,880 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
  598. [2015-04-17 06:48:33 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
  599. [2015-04-17 06:48:33 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
  600. [2015-04-17 06:48:33 | 000,049,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
  601. [2015-04-17 06:48:33 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
  602. [2015-04-17 06:48:33 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
  603. [2015-04-17 06:48:33 | 000,038,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
  604. [2015-04-17 06:48:33 | 000,031,232 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
  605. [2015-04-17 06:45:29 | 000,000,000 | ---D | C] -- C:\AMD
  606. [2015-04-07 10:59:12 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
  607. [2015-04-07 10:59:12 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
  608. [2015-04-07 10:55:55 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
  609.  
  610. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  611.  
  612. [2015-05-05 16:18:35 | 027,590,656 | ---- | M] () -- C:\Windows\SysNative\vmguest.iso
  613. [2015-05-05 16:17:14 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
  614. [2015-05-05 16:10:52 | 001,933,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  615. [2015-05-05 16:10:52 | 000,844,662 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
  616. [2015-05-05 16:10:52 | 000,757,286 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  617. [2015-05-05 16:10:52 | 000,182,138 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
  618. [2015-05-05 16:10:52 | 000,149,286 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  619. [2015-05-05 14:30:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  620. [2015-05-05 13:04:09 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\Uninstaller_SkipUac_zakiu_000.job
  621. [2015-05-05 12:30:21 | 000,563,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  622. [2015-04-30 12:56:52 | 000,001,130 | ---- | M] () -- C:\Users\zakiu_000\Desktop\Messenger.lnk
  623. [2015-04-20 11:17:14 | 000,262,144 | ---- | M] () -- C:\Users\zakiu_000\Desktop\bios.rom
  624. [2015-04-20 11:13:43 | 000,131,072 | ---- | M] () -- C:\Users\zakiu_000\Desktop\Oland.rom
  625. [2015-04-14 01:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  626. [2015-04-14 01:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  627. [2015-04-09 11:17:39 | 000,015,297 | ---- | M] () -- C:\Users\zakiu_000\Desktop\newsfox.opml
  628.  
  629. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  630.  
  631. [2015-05-05 16:18:35 | 027,590,656 | ---- | C] () -- C:\Windows\SysNative\vmguest.iso
  632. [2015-05-05 13:03:19 | 000,000,737 | ---- | C] () -- C:\Users\zakiu_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UniController.lnk
  633. [2015-05-04 07:08:18 | 000,410,017 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
  634. [2015-04-30 12:57:10 | 000,001,179 | ---- | C] () -- C:\Users\zakiu_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
  635. [2015-04-30 12:56:52 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Messenger for Desktop.lnk
  636. [2015-04-30 12:56:52 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
  637. [2015-04-30 12:56:52 | 000,001,130 | ---- | C] () -- C:\Users\zakiu_000\Desktop\Messenger.lnk
  638. [2015-04-22 13:17:34 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
  639. [2015-04-22 13:17:34 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
  640. [2015-04-20 11:17:14 | 000,262,144 | ---- | C] () -- C:\Users\zakiu_000\Desktop\bios.rom
  641. [2015-04-20 11:13:43 | 000,131,072 | ---- | C] () -- C:\Users\zakiu_000\Desktop\Oland.rom
  642. [2015-04-17 06:48:34 | 003,471,376 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
  643. [2015-04-17 06:48:34 | 000,235,008 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
  644. [2015-04-17 06:48:34 | 000,083,184 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
  645. [2015-04-17 06:48:33 | 003,437,632 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
  646. [2015-04-17 06:48:33 | 000,819,857 | ---- | C] () -- C:\Windows\SysNative\amdicdxx.dat
  647. [2015-04-17 06:48:33 | 000,639,392 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
  648. [2015-04-17 06:48:33 | 000,639,392 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
  649. [2015-04-17 06:48:33 | 000,450,744 | ---- | C] () -- C:\Windows\SysNative\amdmiracast.dll
  650. [2015-04-17 06:48:33 | 000,134,656 | ---- | C] () -- C:\Windows\SysNative\amdhdl64.dll
  651. [2015-04-17 06:48:33 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll
  652. [2015-04-09 11:11:07 | 000,015,297 | ---- | C] () -- C:\Users\zakiu_000\Desktop\newsfox.opml
  653. [2015-03-31 16:35:44 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
  654. [2015-03-23 17:56:45 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
  655. [2015-03-23 17:56:45 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
  656. [2015-03-02 11:22:35 | 000,189,355 | ---- | C] () -- C:\Windows\hpoins45.dat
  657. [2015-03-02 11:22:35 | 000,000,382 | ---- | C] () -- C:\Windows\hpomdl45.dat
  658. [2015-02-11 21:15:27 | 000,000,696 | ---- | C] () -- C:\Windows\ampa.ini
  659. [2015-02-05 16:27:54 | 000,268,825 | ---- | C] () -- C:\ProgramData\1423146286.bdinstall.bin
  660. [2015-01-16 07:29:23 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
  661. [2015-01-13 20:19:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
  662. [2015-01-13 20:19:15 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
  663. [2015-01-13 20:19:15 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
  664. [2015-01-13 20:19:15 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
  665. [2015-01-13 20:19:14 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
  666. [2015-01-13 20:19:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
  667. [2015-01-13 18:11:51 | 000,000,600 | ---- | C] () -- C:\Users\zakiu_000\AppData\Local\PUTTY.RND
  668. [2014-12-19 07:19:11 | 000,003,072 | ---- | C] () -- C:\ProgramData\wtwLicensing.db
  669. [2014-11-30 21:07:48 | 000,007,598 | ---- | C] () -- C:\Users\zakiu_000\AppData\Local\Resmon.ResmonCfg
  670. [2014-11-27 20:21:25 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
  671. [2014-11-27 20:21:13 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
  672. [2014-11-02 14:26:33 | 000,000,600 | ---- | C] () -- C:\Users\zakiu_000\AppData\Roaming\winscp.rnd
  673. [2014-10-04 19:31:40 | 000,000,706 | ---- | C] () -- C:\Users\zakiu_000\AppData\Local\recently-used.xbel
  674. [2014-08-21 20:06:52 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
  675. [2014-08-21 19:15:26 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
  676. [2013-08-27 14:00:08 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
  677. [2013-08-22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
  678. [2013-08-22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
  679. [2013-08-22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat2.dat
  680. [2013-08-22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
  681. [2013-08-22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
  682. [2013-08-22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
  683.  
  684. [color=#E56717]========== ZeroAccess Check ==========[/color]
  685.  
  686. [2014-08-22 11:19:55 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  687.  
  688. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  689.  
  690. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  691.  
  692. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  693.  
  694. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  695.  
  696. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  697. "" = C:\Windows\SysNative\shell32.dll -- [2015-02-12 19:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
  698. "ThreadingModel" = Apartment
  699.  
  700. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  701. "" = %SystemRoot%\system32\shell32.dll -- [2015-02-12 19:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
  702. "ThreadingModel" = Apartment
  703.  
  704. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  705. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014-10-29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
  706. "ThreadingModel" = Free
  707.  
  708. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  709. "" = %systemroot%\system32\wbem\fastprox.dll -- [2014-10-29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
  710. "ThreadingModel" = Free
  711.  
  712. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  713. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014-10-29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
  714. "ThreadingModel" = Both
  715.  
  716. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  717.  
  718. [color=#E56717]========== LOP Check ==========[/color]
  719.  
  720. [2015-02-04 20:36:09 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\Ad Muncher
  721. [2014-12-20 18:57:40 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\Bitdefender
  722. [2014-12-07 20:26:20 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\Highresolution Enterprises
  723. [2014-10-15 14:40:54 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\IObit
  724. [2015-05-05 15:22:42 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\Kadu
  725. [2014-08-22 19:25:16 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\Maxthon3
  726. [2015-02-19 19:02:08 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\MPC-HC
  727. [2014-09-08 18:17:51 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\NapiProjekt
  728. [2014-10-15 14:40:53 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\ProductData
  729. [2015-01-16 15:00:34 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\Raptr
  730. [2014-10-20 13:39:42 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\Subversion
  731. [2015-05-05 15:22:42 | 000,000,000 | ---D | M] -- C:\Users\iwona_000\AppData\Roaming\uTorrent
  732. [2015-03-16 08:02:08 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\.wtw
  733. [2015-01-18 20:12:36 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\AMD
  734. [2014-10-20 20:28:36 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Awesomium Technologies LLC
  735. [2015-02-13 21:32:24 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Battle.net
  736. [2015-05-05 13:10:49 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Composer
  737. [2014-10-14 21:17:47 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Embarcadero
  738. [2015-02-18 21:22:45 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\foobar2000
  739. [2014-11-30 20:59:47 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\GExperts
  740. [2014-12-07 15:39:21 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Highresolution Enterprises
  741. [2014-10-09 18:14:04 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\IObit
  742. [2014-10-05 13:23:48 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\JetBrains
  743. [2015-01-13 20:21:44 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\library_dir
  744. [2014-10-04 18:44:35 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\LibreOffice
  745. [2014-10-04 18:44:35 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\LolClient
  746. [2015-02-23 19:32:54 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\MPC-HC
  747. [2015-01-31 12:12:36 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\NetBeans
  748. [2014-10-04 18:57:12 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Notepad++
  749. [2014-10-27 07:44:58 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\NuGet
  750. [2015-04-28 12:38:15 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Opera Software
  751. [2015-03-31 11:33:24 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\PowerUp Software
  752. [2014-10-09 17:46:31 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\ProductData
  753. [2014-12-20 16:20:38 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\QuickScan
  754. [2014-10-28 21:39:02 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Remere's Map Editor
  755. [2014-10-14 21:18:22 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Subversion
  756. [2015-03-06 10:58:38 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\TeamViewer
  757. [2015-04-27 18:47:28 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\TS3Client
  758. [2014-11-09 18:13:41 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\TTorg
  759. [2015-05-05 13:14:31 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\uTorrent
  760. [2014-11-30 20:36:03 | 000,000,000 | ---D | M] -- C:\Users\zakiu_000\AppData\Roaming\Yandex
  761.  
  762. [color=#E56717]========== Purity Check ==========[/color]
  763.  
  764.  
  765.  
  766. [color=#E56717]========== Alternate Data Streams ==========[/color]
  767.  
  768. @Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
  769. @Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
  770.  
  771. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!