API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 14th, 2016
91
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 50.15 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 2016-09-14 21:58:28 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eda\Downloads
  3. 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.9600.18230)
  5. Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
  6.  
  7. 7,89 Gb Total Physical Memory | 5,18 Gb Available Physical Memory | 65,62% Memory free
  8. 15,77 Gb Paging File | 12,85 Gb Available in Paging File | 81,45% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 452,26 Gb Total Space | 99,14 Gb Free Space | 21,92% Space Free | Partition Type: NTFS
  13. Drive D: | 13,50 Gb Total Space | 13,41 Gb Free Space | 99,34% Space Free | Partition Type: NTFS
  14. Drive F: | 1,84 Gb Total Space | 1,78 Gb Free Space | 96,78% Space Free | Partition Type: FAT
  15. Drive H: | 3,50 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
  16.  
  17. Computer Name: TORPEDA | User Name: Eda | Logged in as Administrator.
  18. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
  19. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  20.  
  21. [color=#E56717]========== Processes (SafeList) ==========[/color]
  22.  
  23. PRC - [2016-09-14 21:57:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eda\Downloads\OTL.exe
  24. PRC - [2016-09-12 23:38:27 | 000,967,496 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  25. PRC - [2016-09-08 00:04:24 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  26. PRC - [2016-05-20 18:42:08 | 000,931,352 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
  27. PRC - [2016-01-13 11:45:30 | 000,106,136 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
  28. PRC - [2016-01-11 12:42:22 | 000,294,552 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
  29. PRC - [2016-01-11 12:42:18 | 000,126,616 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
  30. PRC - [2015-11-26 20:39:08 | 000,224,920 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
  31. PRC - [2015-05-21 15:52:36 | 000,439,096 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
  32. PRC - [2014-06-17 17:47:34 | 000,496,208 | ---- | M] (LG Electronics Inc.) -- C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe
  33. PRC - [2014-03-20 12:43:04 | 000,398,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  34. PRC - [2014-03-20 12:43:02 | 000,154,584 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
  35. PRC - [2013-11-21 09:31:44 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
  36. PRC - [2013-11-21 09:31:44 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  37. PRC - [2013-02-06 16:58:52 | 000,020,792 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
  38. PRC - [2012-06-19 03:17:30 | 000,077,824 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe
  39. PRC - [2010-05-24 16:44:48 | 000,151,552 | ---- | M] (Atheros) -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
  40. PRC - [2000-01-01 02:00:00 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
  41. PRC - [2000-01-01 02:00:00 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
  42.  
  43.  
  44. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  45.  
  46. MOD - [2016-09-12 23:38:40 | 001,806,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.113\libglesv2.dll
  47. MOD - [2016-09-12 23:38:39 | 000,094,024 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.113\libegl.dll
  48. MOD - [2016-06-12 16:04:50 | 001,102,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\a89c70437e01ee7930a7fb9585e92867\System.ServiceModel.Web.ni.dll
  49. MOD - [2016-06-12 16:03:45 | 002,937,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\7e2cd7b058ab3794910884e2c7cdc8c0\System.IdentityModel.ni.dll
  50. MOD - [2016-06-12 16:03:43 | 019,426,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e4f3930a97e251308e11c87959b1b0a6\System.ServiceModel.ni.dll
  51. MOD - [2016-06-12 16:03:24 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\715ead7e499384c2990c04d7e47218e2\UIAutomationTypes.ni.dll
  52. MOD - [2016-06-12 16:03:04 | 000,786,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\cc354216b0ce5586444ca403264d69b6\System.ServiceModel.Internals.ni.dll
  53. MOD - [2016-06-12 16:03:04 | 000,117,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\34e0f821a0ed407fb1d7fff0d186a22a\SMDiagnostics.ni.dll
  54. MOD - [2016-06-12 16:03:03 | 002,772,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b6d63ffdb5553b423ff64963e2cafe3c\System.Runtime.Serialization.ni.dll
  55. MOD - [2016-06-12 02:48:16 | 019,076,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\e45262c6946669a0cba20820116998fa\PresentationFramework.ni.dll
  56. MOD - [2016-06-12 02:48:07 | 011,560,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\2c7f0545c5a1d1bcb67d5d60dd37c69b\PresentationCore.ni.dll
  57. MOD - [2016-06-12 02:48:01 | 012,940,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7fd4e3a5feeec7c17ab59e7c8e59db79\System.Windows.Forms.ni.dll
  58. MOD - [2016-06-12 02:48:00 | 007,378,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\11b24dc1ac9cf4e48b38e022a2383115\System.Xml.ni.dll
  59. MOD - [2016-06-12 02:48:00 | 003,975,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b82ef7d076daa1efb7fe571247bccc11\WindowsBase.ni.dll
  60. MOD - [2016-06-12 02:48:00 | 000,974,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7d8d10038f973cfcc1fc10e265ab792c\System.Configuration.ni.dll
  61. MOD - [2016-06-12 02:47:57 | 007,500,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\529026762352564beb3552b87a09ccf5\System.Core.ni.dll
  62. MOD - [2016-06-12 02:47:55 | 001,876,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6d2fe02064641d5f8652d6126cbbbc2e\System.Xaml.ni.dll
  63. MOD - [2016-06-12 02:47:53 | 001,623,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\57e897088350837437c231235a2aa401\System.Drawing.ni.dll
  64. MOD - [2016-06-12 02:47:53 | 001,150,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5f07210d90ebe7525ff4a5a7ff5c7399\System.Management.ni.dll
  65. MOD - [2016-06-12 02:47:52 | 000,521,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\d8569319e190eff68cbc10dd96b279b9\PresentationFramework.Aero.ni.dll
  66. MOD - [2016-06-12 02:47:50 | 009,983,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\2a2b967a97dc6de6f754bd4b323ad945\System.ni.dll
  67. MOD - [2016-06-12 02:47:45 | 018,111,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\affcb83bba04f782c2586a1788330891\mscorlib.ni.dll
  68. MOD - [2013-07-08 22:05:34 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
  69.  
  70.  
  71. [color=#E56717]========== Services (SafeList) ==========[/color]
  72.  
  73. SRV:[b]64bit:[/b] - [2016-08-20 14:00:02 | 002,780,160 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
  74. SRV:[b]64bit:[/b] - [2016-02-16 11:39:04 | 000,050,680 | ---- | M] (Nikon Corporation) [Auto | Running] -- C:\Program Files\Nikon\Wireless Transmitter Utility\NkVBus\NkPtpEnum.exe -- (NkPtpEnumWT3)
  75. SRV:[b]64bit:[/b] - [2016-02-08 20:14:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
  76. SRV:[b]64bit:[/b] - [2016-01-18 12:39:28 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  77. SRV:[b]64bit:[/b] - [2016-01-13 17:50:28 | 000,319,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
  78. SRV:[b]64bit:[/b] - [2015-07-23 02:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
  79. SRV:[b]64bit:[/b] - [2014-01-31 16:42:00 | 000,887,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
  80. SRV:[b]64bit:[/b] - [2013-11-21 09:31:44 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
  81. SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  82. SRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 015,121,184 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
  83. SRV - [2016-09-14 12:38:16 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  84. SRV - [2016-09-08 00:04:24 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  85. SRV - [2016-09-02 20:51:37 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  86. SRV - [2016-08-23 21:33:10 | 001,465,120 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  87. SRV - [2016-08-15 03:56:34 | 000,029,728 | ---- | M] (HP Inc.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
  88. SRV - [2016-05-23 15:17:32 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  89. SRV - [2016-01-18 12:47:25 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  90. SRV - [2016-01-13 17:50:18 | 000,280,696 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
  91. SRV - [2016-01-13 11:45:30 | 000,106,136 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
  92. SRV - [2016-01-11 12:42:18 | 000,126,616 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
  93. SRV - [2015-12-11 07:21:24 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  94. SRV - [2014-03-20 12:43:04 | 000,398,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  95. SRV - [2014-03-20 12:43:02 | 000,154,584 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
  96. SRV - [2012-06-19 03:17:30 | 000,077,824 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
  97. SRV - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
  98. SRV - [2010-11-25 21:29:54 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
  99. SRV - [2010-05-24 16:44:48 | 000,151,552 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
  100. SRV - [2000-01-01 02:00:00 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
  101.  
  102.  
  103. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  104.  
  105. DRV:[b]64bit:[/b] - [2016-08-20 14:00:13 | 000,153,248 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ekbdflt.sys -- (ekbdflt)
  106. DRV:[b]64bit:[/b] - [2016-08-20 13:59:55 | 000,084,640 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
  107. DRV:[b]64bit:[/b] - [2016-08-20 13:59:54 | 000,208,552 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
  108. DRV:[b]64bit:[/b] - [2016-08-20 13:59:54 | 000,197,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
  109. DRV:[b]64bit:[/b] - [2016-08-20 13:59:54 | 000,061,608 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
  110. DRV:[b]64bit:[/b] - [2016-08-20 13:59:53 | 000,263,296 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
  111. DRV:[b]64bit:[/b] - [2016-05-28 17:54:20 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
  112. DRV:[b]64bit:[/b] - [2016-05-20 10:02:12 | 000,037,360 | ---- | M] (AAA Internet Publishing, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WtfEngineDrv.sys -- (WtfEngineDrv)
  113. DRV:[b]64bit:[/b] - [2016-01-20 01:51:52 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  114. DRV:[b]64bit:[/b] - [2016-01-20 01:51:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  115. DRV:[b]64bit:[/b] - [2016-01-20 01:42:38 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  116. DRV:[b]64bit:[/b] - [2016-01-20 01:42:38 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  117. DRV:[b]64bit:[/b] - [2016-01-20 01:39:26 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  118. DRV:[b]64bit:[/b] - [2016-01-20 01:39:26 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  119. DRV:[b]64bit:[/b] - [2015-12-21 12:58:26 | 003,793,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  120. DRV:[b]64bit:[/b] - [2015-10-29 20:28:48 | 000,221,888 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wofadk.sys -- (WofAdk)
  121. DRV:[b]64bit:[/b] - [2015-08-21 12:50:48 | 000,463,112 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  122. DRV:[b]64bit:[/b] - [2014-03-31 21:06:06 | 000,058,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
  123. DRV:[b]64bit:[/b] - [2014-03-20 12:43:02 | 000,118,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
  124. DRV:[b]64bit:[/b] - [2013-11-21 09:31:28 | 000,632,168 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
  125. DRV:[b]64bit:[/b] - [2013-11-21 09:31:28 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
  126. DRV:[b]64bit:[/b] - [2013-07-08 22:05:34 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
  127. DRV:[b]64bit:[/b] - [2013-02-06 16:59:06 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
  128. DRV:[b]64bit:[/b] - [2012-08-05 20:17:18 | 000,017,280 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
  129. DRV:[b]64bit:[/b] - [2012-07-03 17:32:40 | 000,569,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
  130. DRV:[b]64bit:[/b] - [2012-06-12 22:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  131. DRV:[b]64bit:[/b] - [2012-06-12 00:52:14 | 002,811,904 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
  132. DRV:[b]64bit:[/b] - [2012-04-15 23:32:14 | 001,071,032 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
  133. DRV:[b]64bit:[/b] - [2010-11-25 21:30:12 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
  134. DRV:[b]64bit:[/b] - [2010-11-25 21:30:12 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
  135. DRV:[b]64bit:[/b] - [2010-11-25 21:30:12 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
  136. DRV:[b]64bit:[/b] - [2010-11-25 21:30:12 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
  137. DRV:[b]64bit:[/b] - [2010-11-25 21:30:12 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
  138. DRV:[b]64bit:[/b] - [2010-11-25 21:30:10 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
  139. DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  140. DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  141. DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  142. DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  143. DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  144. DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  145. DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
  146. DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  147. DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  148. DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  149. DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  150. DRV:[b]64bit:[/b] - [2007-09-05 12:48:24 | 000,026,400 | ---- | M] (Nikon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NkVBus.sys -- (VBus)
  151. DRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 000,313,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
  152. DRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
  153. DRV - [2013-07-02 17:45:52 | 000,019,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\SHA1\atkwmiacpi64.sys -- (ATKWMIACPIIO)
  154. DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  155. DRV - [2009-07-02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\SHA1\ASMMAP64.sys -- (ASMMAP64)
  156.  
  157.  
  158. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  159.  
  160.  
  161. [color=#E56717]========== Internet Explorer ==========[/color]
  162.  
  163. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  164. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  165. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  166. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  167. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  168.  
  169.  
  170. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  171.  
  172. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  173.  
  174.  
  175.  
  176. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
  177. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-PL
  178. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 69 95 C1 5A 7E D1 01 [binary data]
  179. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  180. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
  181. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  182.  
  183. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
  184. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-PL
  185. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 69 95 C1 5A 7E D1 01 [binary data]
  186. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  187. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
  188. IE - HKU\S-1-5-21-1705945837-133330387-4030071399-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  189.  
  190. [color=#E56717]========== FireFox ==========[/color]
  191.  
  192. FF - prefs.js..browser.search.countryCode: "PL"
  193. FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
  194. FF - prefs.js..browser.search.region: "PL"
  195. FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
  196. FF - prefs.js..browser.startup.homepage: "gmail.com/"
  197. FF - prefs.js..extensions.enabledAddons: %7B068e178c-61a9-4a63-b74f-87404a6f5ea1%7D:2.0
  198. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:48.0.2
  199. FF - user.js - File not found
  200.  
  201. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll File not found
  202. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  203. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll ( Microsoft Corporation)
  204. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  205. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll ()
  206. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  207. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
  208. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  209. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
  210. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  211. FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
  212. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll ( Microsoft Corporation)
  213. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  214. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  215. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
  216. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
  217. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  218.  
  219. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 48.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  220. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 48.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016-09-02 20:51:29 | 000,000,000 | ---D | M]
  221. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 48.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  222. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 48.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016-09-02 20:51:29 | 000,000,000 | ---D | M]
  223.  
  224. [2016-03-15 12:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\Extensions
  225. [2016-09-02 18:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\Firefox\Profiles\gypw49xj.default\extensions
  226. [2016-04-20 20:23:18 | 009,296,122 | ---- | M] () (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\gypw49xj.default\extensions\adblockultimate@adblockultimate.net.xpi
  227. [2016-09-02 18:07:17 | 000,023,373 | ---- | M] () (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\gypw49xj.default\extensions\firefox-hotfix@mozilla.org.xpi
  228. [2016-08-09 23:34:24 | 000,710,273 | ---- | M] () (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\gypw49xj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
  229. [2016-04-28 20:47:30 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\gypw49xj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  230. [2016-09-07 16:26:56 | 000,006,321 | ---- | M] () (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\gypw49xj.default\features\{0dc41e40-b595-4e0b-9d08-4fc5e81fb4f8}\e10srollout@mozilla.org.xpi
  231. [2016-09-07 16:26:58 | 000,781,661 | ---- | M] () (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\gypw49xj.default\features\{0dc41e40-b595-4e0b-9d08-4fc5e81fb4f8}\firefox@getpocket.com.xpi
  232. [2016-09-07 16:27:13 | 002,034,437 | ---- | M] () (No name found) -- C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\gypw49xj.default\features\{0dc41e40-b595-4e0b-9d08-4fc5e81fb4f8}\loop@mozilla.org.xpi
  233. [2016-09-02 20:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
  234. File not found (No name found) -- C:\USERS\EDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GYPW49XJ.DEFAULT\EXTENSIONS\{068E178C-61A9-4A63-B74F-87404A6F5EA1}
  235. [2015-11-18 15:57:24 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
  236.  
  237. [color=#E56717]========== Chrome ==========[/color]
  238.  
  239. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  240. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  241. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
  242. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
  243. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  244. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
  245. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.1.1_0\
  246. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk\1.0.1.2_0\
  247. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo\1.0.4_0\
  248. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
  249. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  250. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5316.725.0.13_0\
  251. CHR - Extension: No name found = C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5316.725.0.14_0\
  252.  
  253. O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  254. O2:[b]64bit:[/b] - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.o.)
  255. O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
  256. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
  257. O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.o.)
  258. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
  259. O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
  260. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
  261. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.o.)
  262. O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.o.)
  263. O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
  264. O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe (Atheros Communications)
  265. O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
  266. O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
  267. O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
  268. O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
  269. O4 - HKLM..\Run: [] File not found
  270. O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
  271. O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
  272. O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  273. O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  274. O4 - HKU\S-1-5-21-1705945837-133330387-4030071399-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
  275. O4 - HKU\S-1-5-21-1705945837-133330387-4030071399-1000..\Run: [HP Deskjet 3540 series (NET)] C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
  276. O4 - HKU\S-1-5-21-1705945837-133330387-4030071399-1000..\Run: [IROElauncher] C:\Program Files\IVONA Reader\integr\OutlookExpress\IROElauncher.exe (Nektra S.A.)
  277. O4 - HKU\S-1-5-21-1705945837-133330387-4030071399-1001..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun File not found
  278. O4 - HKU\S-1-5-21-1705945837-133330387-4030071399-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
  279. O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  280. O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  281. O4 - HKU\S-1-5-21-1705945837-133330387-4030071399-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  282. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  283. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  284. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  285. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  286. O9:[b]64bit:[/b] - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
  287. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
  288. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
  289. O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
  290. O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
  291. O13[b]64bit:[/b] - gopher Prefix: missing
  292. O13 - gopher Prefix: missing
  293. O15:[b]64bit:[/b] - ..Trusted Domains: eset.com ([help] http in Trusted sites)
  294. O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
  295. O15 - HKU\S-1-5-21-1705945837-133330387-4030071399-1000\..Trusted Domains: localhost ([]* in Trusted sites)
  296. O15 - HKU\S-1-5-21-1705945837-133330387-4030071399-1001\..Trusted Domains: localhost ([]* in Trusted sites)
  297. O15 - HKU\S-1-5-21-1705945837-133330387-4030071399-1001\..Trusted Domains: webcompanion.com ([]http in Trusted sites)
  298. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  299. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C439021-3638-47DE-BF20-7583B36B0287}: DhcpNameServer = 192.168.1.1
  300. O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
  301. O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
  302. O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
  303. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  304. O18 - Protocol\Handler\ms-help - No CLSID value found
  305. O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
  306. O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
  307. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  308. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  309. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  310. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  311. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  312. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  313. O32 - HKLM CDRom: AutoRun - 1
  314. O32 - AutoRun File - [2015-03-20 14:14:40 | 000,000,000 | ---D | M] - H:\Autorun -- [ CDFS ]
  315. O32 - AutoRun File - [2015-03-20 14:08:44 | 000,000,063 | RH-- | M] () - H:\autorun.bat -- [ CDFS ]
  316. O32 - AutoRun File - [2015-03-20 14:14:42 | 000,000,037 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
  317. O33 - MountPoints2\{4713bd80-24c4-11e6-bc26-240a64837ddc}\Shell - "" = AutoRun
  318. O33 - MountPoints2\{4713bd80-24c4-11e6-bc26-240a64837ddc}\Shell\AutoRun\command - "" = H:\Autorun\CDRun.exe -- [2005-12-15 19:12:46 | 000,664,576 | R--- | M] ()
  319. O33 - MountPoints2\{d96eaaba-ef59-11e5-b55e-240a64837ddc}\Shell - "" = AutoRun
  320. O33 - MountPoints2\{d96eaaba-ef59-11e5-b55e-240a64837ddc}\Shell\AutoRun\command - "" = H:\Oribana_Beauty.exe
  321. O34 - HKLM BootExecute: (autocheck autochk *)
  322. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  323. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  324. O35 - HKLM\..comfile [open] -- "%1" %*
  325. O35 - HKLM\..exefile [open] -- "%1" %*
  326. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  327. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  328. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  329. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  330. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  331. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  332. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  333.  
  334. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  335.  
  336. [2016-09-14 21:51:58 | 000,000,000 | R--D | C] -- C:\Users\Eda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
  337. [2016-09-14 21:29:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
  338. [2016-09-14 21:03:08 | 000,000,000 | ---D | C] -- C:\Users\Eda\AppData\Roaming\Opera Software
  339. [2016-09-14 21:03:08 | 000,000,000 | ---D | C] -- C:\Users\Eda\AppData\Local\Opera Software
  340. [2016-09-14 21:02:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
  341. [2016-09-02 20:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
  342. [2016-08-23 15:50:48 | 000,000,000 | ---D | C] -- C:\Windows\pss
  343. [2016-08-20 14:00:13 | 000,153,248 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\ekbdflt.sys
  344. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  345.  
  346. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  347.  
  348. [2016-09-14 22:00:15 | 000,031,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  349. [2016-09-14 22:00:15 | 000,031,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  350. [2016-09-14 21:52:17 | 000,000,196 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
  351. [2016-09-14 21:52:13 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
  352. [2016-09-14 21:52:05 | 000,078,848 | ---- | M] () -- C:\Windows\KMSEmulator.exe
  353. [2016-09-14 21:51:53 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
  354. [2016-09-14 21:51:26 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  355. [2016-09-14 21:50:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  356. [2016-09-14 21:50:23 | 2057,539,583 | -HS- | M] () -- C:\hiberfil.sys
  357. [2016-09-14 21:43:06 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  358. [2016-09-14 21:23:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  359. [2016-09-14 21:02:55 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
  360. [2016-09-14 21:00:28 | 000,002,199 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  361. [2016-09-14 12:38:16 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  362. [2016-09-14 12:38:16 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  363. [2016-09-14 12:38:08 | 006,502,080 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
  364. [2016-09-12 12:18:18 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForEda.job
  365. [2016-09-10 11:40:00 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - Eda).job
  366. [2016-09-03 17:58:43 | 000,002,996 | ---- | M] () -- C:\Users\Eda\AppData\Local\recently-used.xbel
  367. [2016-08-24 21:26:18 | 001,671,648 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  368. [2016-08-24 21:26:18 | 000,740,970 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
  369. [2016-08-24 21:26:18 | 000,654,762 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  370. [2016-08-24 21:26:18 | 000,156,010 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
  371. [2016-08-24 21:26:18 | 000,122,132 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  372. [2016-08-20 14:00:13 | 000,153,248 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\ekbdflt.sys
  373. [2016-08-20 13:59:55 | 000,084,640 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfwwfp.sys
  374. [2016-08-20 13:59:54 | 000,208,552 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfw.sys
  375. [2016-08-20 13:59:54 | 000,197,288 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys
  376. [2016-08-20 13:59:54 | 000,061,608 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\EpfwLWF.sys
  377. [2016-08-20 13:59:53 | 000,263,296 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys
  378. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  379.  
  380. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  381.  
  382. [2016-09-14 21:02:56 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
  383. [2016-09-14 21:02:56 | 000,001,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
  384. [2016-09-03 17:58:43 | 000,002,996 | ---- | C] () -- C:\Users\Eda\AppData\Local\recently-used.xbel
  385. [2016-06-22 23:36:51 | 000,000,083 | ---- | C] () -- C:\Windows\wa.INI
  386. [2016-06-11 14:02:26 | 000,007,597 | ---- | C] () -- C:\Users\Eda\AppData\Local\Resmon.ResmonCfg
  387. [2016-05-28 13:21:39 | 000,000,268 | RH-- | C] () -- C:\ProgramData\SystemConfiguration
  388. [2016-05-28 13:21:39 | 000,000,268 | RH-- | C] () -- C:\Users\Eda\AppData\Roaming\Synth Leads
  389. [2016-05-28 13:21:39 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeq.DAT
  390. [2016-05-28 13:21:39 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Trumpet Section
  391. [2016-05-20 18:22:30 | 000,378,880 | ---- | C] () -- C:\Windows\SysWow64\av_dll.dll
  392. [2016-05-20 18:22:30 | 000,020,992 | ---- | C] () -- C:\Windows\SysWow64\av_proxy.dll
  393. [2016-04-16 00:14:51 | 000,647,168 | ---- | C] () -- C:\Windows\AutoKMS.exe
  394. [2016-04-16 00:14:51 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
  395. [2016-04-16 00:14:38 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe
  396. [2016-04-02 14:15:10 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
  397. [2016-03-25 00:22:55 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
  398. [2016-03-25 00:22:54 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
  399. [2016-03-20 19:16:26 | 000,382,708 | ---- | C] () -- C:\Windows\SysWow64\drivers\FW7650.bin
  400. [2016-03-15 14:01:46 | 008,658,120 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
  401. [2016-03-15 14:01:46 | 000,571,912 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
  402. [2016-03-15 13:47:12 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
  403. [2016-03-15 12:48:31 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
  404. [2016-03-15 01:54:33 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
  405. [2016-01-22 19:52:06 | 001,694,208 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  406. [2015-12-21 12:52:06 | 000,182,784 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
  407. [2015-12-21 12:52:04 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
  408.  
  409. [color=#E56717]========== ZeroAccess Check ==========[/color]
  410.  
  411. [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  412.  
  413. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  414.  
  415. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  416.  
  417. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  418.  
  419. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  420.  
  421. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  422. "" = C:\Windows\SysNative\shell32.dll -- [2016-01-22 08:28:20 | 014,186,496 | ---- | M] (Microsoft Corporation)
  423. "ThreadingModel" = Apartment
  424.  
  425. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  426. "" = %SystemRoot%\system32\shell32.dll -- [2016-01-22 08:08:07 | 012,882,432 | ---- | M] (Microsoft Corporation)
  427. "ThreadingModel" = Apartment
  428.  
  429. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  430. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  431. "ThreadingModel" = Free
  432.  
  433. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  434. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  435. "ThreadingModel" = Free
  436.  
  437. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  438. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  439. "ThreadingModel" = Both
  440.  
  441. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  442.  
  443. [color=#E56717]========== LOP Check ==========[/color]
  444.  
  445. [2016-06-10 16:28:09 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\Amazing
  446. [2016-05-28 17:55:55 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\DAEMON Tools Lite
  447. [2016-03-21 19:50:47 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\DAEMON Tools Pro
  448. [2016-05-20 13:19:42 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\driveridentifier
  449. [2016-06-01 16:59:41 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\InterTrust
  450. [2016-05-12 15:58:38 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\IVONA Reader
  451. [2016-09-14 21:03:08 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\Opera Software
  452. [2016-03-15 17:27:49 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\PotPlayerMini64
  453. [2016-03-24 20:20:17 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\Tibia
  454. [2016-05-06 19:33:13 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\Transformice
  455. [2016-09-05 18:47:04 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\uTorrent
  456. [2016-06-24 20:58:22 | 000,000,000 | ---D | M] -- C:\Users\Eda\AppData\Roaming\WebcamMax
  457.  
  458. [color=#E56717]========== Purity Check ==========[/color]
  459.  
  460.  
  461.  
  462. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!