API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 6th, 2015
233
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 85.54 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 06.12.2015 19:27:35 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = F:\Pobrane
  3. 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.10240.16384)
  5. Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy
  6.  
  7. 7,90 Gb Total Physical Memory | 6,12 Gb Available Physical Memory | 77,47% Memory free
  8. 9,15 Gb Paging File | 7,32 Gb Available in Paging File | 79,99% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 80,00 Gb Total Space | 11,93 Gb Free Space | 14,92% Space Free | Partition Type: NTFS
  13. Drive D: | 144,52 Gb Total Space | 120,34 Gb Free Space | 83,27% Space Free | Partition Type: NTFS
  14. Drive E: | 450,00 Gb Total Space | 237,32 Gb Free Space | 52,74% Space Free | Partition Type: NTFS
  15. Drive F: | 481,51 Gb Total Space | 99,65 Gb Free Space | 20,69% Space Free | Partition Type: NTFS
  16.  
  17. Computer Name: DESKTOP-2GP4R19 | User Name: Piecho | Logged in as Administrator.
  18. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
  19. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  20.  
  21. [color=#E56717]========== Processes (SafeList) ==========[/color]
  22.  
  23. PRC - File not found --
  24. PRC - [2015.12.06 19:27:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Pobrane\OTL.exe
  25. PRC - [2015.11.10 23:27:17 | 003,426,504 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
  26. PRC - [2015.11.05 16:51:45 | 000,392,872 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  27. PRC - [2015.09.14 16:37:58 | 000,237,568 | ---- | M] () -- C:\Program Files\Mouse\Amoumain.exe
  28. PRC - [2015.07.23 01:10:18 | 001,253,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  29. PRC - [2015.06.23 23:08:22 | 000,223,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
  30. PRC - [2015.06.23 23:08:10 | 000,411,936 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  31. PRC - [2014.12.12 11:55:06 | 000,324,048 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe
  32. PRC - [2014.04.04 20:39:18 | 000,143,288 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
  33. PRC - [2013.10.23 22:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Piecho\AppData\Local\FluxSoftware\Flux\flux.exe
  34.  
  35.  
  36. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  37.  
  38. MOD - [2015.11.10 23:27:17 | 017,604,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
  39. MOD - [2015.09.14 16:37:58 | 000,237,568 | ---- | M] () -- C:\Program Files\Mouse\Amoumain.exe
  40. MOD - [2015.03.28 14:55:16 | 000,084,040 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll
  41.  
  42.  
  43. [color=#E56717]========== Services (SafeList) ==========[/color]
  44.  
  45. SRV:[b]64bit:[/b] - [2015.11.05 04:03:52 | 002,180,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
  46. SRV:[b]64bit:[/b] - [2015.11.05 04:03:49 | 001,015,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
  47. SRV:[b]64bit:[/b] - [2015.11.05 04:01:38 | 000,713,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
  48. SRV:[b]64bit:[/b] - [2015.11.05 03:59:13 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
  49. SRV:[b]64bit:[/b] - [2015.11.05 03:55:55 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
  50. SRV:[b]64bit:[/b] - [2015.10.09 17:33:28 | 000,330,136 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
  51. SRV:[b]64bit:[/b] - [2015.09.25 03:00:50 | 001,423,872 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
  52. SRV:[b]64bit:[/b] - [2015.09.25 02:59:48 | 000,288,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
  53. SRV:[b]64bit:[/b] - [2015.09.25 02:59:38 | 001,205,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
  54. SRV:[b]64bit:[/b] - [2015.09.17 06:48:41 | 000,809,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
  55. SRV:[b]64bit:[/b] - [2015.09.17 06:06:04 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
  56. SRV:[b]64bit:[/b] - [2015.09.17 06:03:28 | 000,267,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
  57. SRV:[b]64bit:[/b] - [2015.09.17 05:58:01 | 000,503,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
  58. SRV:[b]64bit:[/b] - [2015.09.17 05:52:31 | 000,591,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
  59. SRV:[b]64bit:[/b] - [2015.09.17 05:48:26 | 002,093,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
  60. SRV:[b]64bit:[/b] - [2015.09.17 05:47:56 | 000,513,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
  61. SRV:[b]64bit:[/b] - [2015.09.17 05:44:10 | 000,526,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
  62. SRV:[b]64bit:[/b] - [2015.09.17 05:44:08 | 001,844,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
  63. SRV:[b]64bit:[/b] - [2015.09.17 05:43:32 | 000,378,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
  64. SRV:[b]64bit:[/b] - [2015.09.14 12:12:01 | 002,251,992 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
  65. SRV:[b]64bit:[/b] - [2015.09.14 12:01:14 | 000,249,032 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe -- (SynTPEnhService)
  66. SRV:[b]64bit:[/b] - [2015.08.18 06:58:25 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
  67. SRV:[b]64bit:[/b] - [2015.08.18 06:54:03 | 000,322,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
  68. SRV:[b]64bit:[/b] - [2015.07.30 03:44:49 | 000,280,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
  69. SRV:[b]64bit:[/b] - [2015.07.30 03:44:28 | 000,229,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
  70. SRV:[b]64bit:[/b] - [2015.07.24 02:34:54 | 000,343,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
  71. SRV:[b]64bit:[/b] - [2015.07.19 04:04:10 | 000,658,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
  72. SRV:[b]64bit:[/b] - [2015.07.12 00:25:16 | 001,031,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
  73. SRV:[b]64bit:[/b] - [2015.07.10 16:35:02 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  74. SRV:[b]64bit:[/b] - [2015.07.10 11:01:10 | 000,621,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
  75. SRV:[b]64bit:[/b] - [2015.07.10 11:01:10 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
  76. SRV:[b]64bit:[/b] - [2015.07.10 11:01:10 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
  77. SRV:[b]64bit:[/b] - [2015.07.10 11:00:41 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
  78. SRV:[b]64bit:[/b] - [2015.07.10 11:00:36 | 000,115,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
  79. SRV:[b]64bit:[/b] - [2015.07.10 11:00:20 | 000,749,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
  80. SRV:[b]64bit:[/b] - [2015.07.10 11:00:16 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
  81. SRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,337,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
  82. SRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
  83. SRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
  84. SRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
  85. SRV:[b]64bit:[/b] - [2015.07.10 11:00:07 | 001,149,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
  86. SRV:[b]64bit:[/b] - [2015.07.10 11:00:07 | 001,019,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
  87. SRV:[b]64bit:[/b] - [2015.07.10 11:00:07 | 000,268,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
  88. SRV:[b]64bit:[/b] - [2015.07.10 11:00:07 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
  89. SRV:[b]64bit:[/b] - [2015.07.10 11:00:07 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
  90. SRV:[b]64bit:[/b] - [2015.07.10 11:00:07 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
  91. SRV:[b]64bit:[/b] - [2015.07.10 11:00:06 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
  92. SRV:[b]64bit:[/b] - [2015.07.10 11:00:06 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
  93. SRV:[b]64bit:[/b] - [2015.07.10 11:00:03 | 003,467,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
  94. SRV:[b]64bit:[/b] - [2015.07.10 11:00:02 | 000,918,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
  95. SRV:[b]64bit:[/b] - [2015.07.10 11:00:02 | 000,836,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
  96. SRV:[b]64bit:[/b] - [2015.07.10 11:00:02 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
  97. SRV:[b]64bit:[/b] - [2015.07.10 11:00:01 | 000,096,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
  98. SRV:[b]64bit:[/b] - [2015.07.10 11:00:01 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
  99. SRV:[b]64bit:[/b] - [2015.07.10 11:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
  100. SRV:[b]64bit:[/b] - [2015.07.10 10:59:59 | 000,296,960 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
  101. SRV:[b]64bit:[/b] - [2015.07.10 10:59:59 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
  102. SRV:[b]64bit:[/b] - [2015.07.10 10:59:59 | 000,027,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
  103. SRV:[b]64bit:[/b] - [2015.07.10 10:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_Session1)
  104. SRV:[b]64bit:[/b] - [2015.07.10 10:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_Session1)
  105. SRV:[b]64bit:[/b] - [2015.07.10 10:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_Session1)
  106. SRV:[b]64bit:[/b] - [2015.07.10 10:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_Session1)
  107. SRV:[b]64bit:[/b] - [2015.07.10 10:59:57 | 000,405,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
  108. SRV:[b]64bit:[/b] - [2015.07.10 10:59:57 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
  109. SRV:[b]64bit:[/b] - [2015.07.10 10:59:56 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
  110. SRV:[b]64bit:[/b] - [2015.07.10 10:59:55 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
  111. SRV:[b]64bit:[/b] - [2015.07.10 10:59:55 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
  112. SRV:[b]64bit:[/b] - [2015.07.10 10:59:54 | 000,275,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
  113. SRV:[b]64bit:[/b] - [2015.07.10 10:59:53 | 000,063,488 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
  114. SRV:[b]64bit:[/b] - [2015.07.10 10:59:51 | 000,583,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
  115. SRV:[b]64bit:[/b] - [2015.07.10 10:59:50 | 000,550,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
  116. SRV:[b]64bit:[/b] - [2015.07.10 10:59:50 | 000,362,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
  117. SRV:[b]64bit:[/b] - [2015.07.10 10:59:50 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
  118. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
  119. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
  120. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
  121. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
  122. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
  123. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
  124. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
  125. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
  126. SRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
  127. SRV:[b]64bit:[/b] - [2015.07.10 10:59:37 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  128. SRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
  129. SRV:[b]64bit:[/b] - [2015.07.10 09:53:53 | 001,169,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
  130. SRV:[b]64bit:[/b] - [2015.05.21 23:24:00 | 000,881,152 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
  131. SRV - [2015.11.10 23:27:17 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  132. SRV - [2015.11.05 16:51:45 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  133. SRV - [2015.11.05 03:27:12 | 002,049,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
  134. SRV - [2015.10.09 17:33:28 | 000,291,744 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
  135. SRV - [2015.10.07 19:38:44 | 000,838,224 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  136. SRV - [2015.10.05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
  137. SRV - [2015.10.05 09:48:44 | 001,513,784 | ---- | M] (Malwarebytes) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
  138. SRV - [2015.10.02 14:36:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
  139. SRV - [2015.09.25 02:34:00 | 000,928,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
  140. SRV - [2015.09.17 05:45:35 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
  141. SRV - [2015.09.17 05:16:16 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
  142. SRV - [2015.07.10 11:00:30 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
  143. SRV - [2015.07.10 11:00:24 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
  144. SRV - [2015.07.10 10:59:37 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  145. SRV - [2015.07.09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  146. SRV - [2015.06.23 23:08:22 | 000,223,008 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
  147. SRV - [2015.06.23 23:08:10 | 000,411,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  148. SRV - [2014.12.12 11:55:06 | 000,324,048 | ---- | M] (Steganos Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe -- (Online Shield Starter Service)
  149. SRV - [2014.04.04 20:39:18 | 000,143,288 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe -- (Start8)
  150. SRV - [2012.04.24 12:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
  151.  
  152.  
  153. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  154.  
  155. DRV:[b]64bit:[/b] - [2015.10.09 17:33:27 | 003,797,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  156. DRV:[b]64bit:[/b] - [2015.10.05 09:50:22 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
  157. DRV:[b]64bit:[/b] - [2015.10.05 09:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
  158. DRV:[b]64bit:[/b] - [2015.09.17 06:50:17 | 000,099,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
  159. DRV:[b]64bit:[/b] - [2015.09.17 06:48:41 | 000,278,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
  160. DRV:[b]64bit:[/b] - [2015.09.17 06:48:22 | 000,516,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
  161. DRV:[b]64bit:[/b] - [2015.09.17 05:50:08 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
  162. DRV:[b]64bit:[/b] - [2015.09.14 16:37:58 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt)
  163. DRV:[b]64bit:[/b] - [2015.09.14 16:37:58 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter)
  164. DRV:[b]64bit:[/b] - [2015.09.14 12:33:11 | 000,042,328 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
  165. DRV:[b]64bit:[/b] - [2015.09.14 12:32:24 | 000,031,376 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
  166. DRV:[b]64bit:[/b] - [2015.09.14 12:28:05 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
  167. DRV:[b]64bit:[/b] - [2015.09.14 12:12:00 | 000,188,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
  168. DRV:[b]64bit:[/b] - [2015.09.14 12:12:00 | 000,173,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
  169. DRV:[b]64bit:[/b] - [2015.08.21 10:50:48 | 000,463,112 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  170. DRV:[b]64bit:[/b] - [2015.08.18 07:55:45 | 000,373,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
  171. DRV:[b]64bit:[/b] - [2015.08.11 10:02:56 | 000,080,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
  172. DRV:[b]64bit:[/b] - [2015.08.06 03:17:40 | 000,200,528 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
  173. DRV:[b]64bit:[/b] - [2015.08.06 02:22:03 | 000,685,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
  174. DRV:[b]64bit:[/b] - [2015.08.03 02:18:37 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
  175. DRV:[b]64bit:[/b] - [2015.08.03 02:17:53 | 000,052,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
  176. DRV:[b]64bit:[/b] - [2015.07.30 03:44:26 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
  177. DRV:[b]64bit:[/b] - [2015.07.24 02:29:58 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
  178. DRV:[b]64bit:[/b] - [2015.07.20 19:45:04 | 000,050,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
  179. DRV:[b]64bit:[/b] - [2015.07.20 19:45:04 | 000,038,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
  180. DRV:[b]64bit:[/b] - [2015.07.17 04:23:30 | 000,934,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
  181. DRV:[b]64bit:[/b] - [2015.07.16 05:39:09 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
  182. DRV:[b]64bit:[/b] - [2015.07.14 02:04:21 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
  183. DRV:[b]64bit:[/b] - [2015.07.10 16:35:17 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  184. DRV:[b]64bit:[/b] - [2015.07.10 16:35:02 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  185. DRV:[b]64bit:[/b] - [2015.07.10 11:01:20 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
  186. DRV:[b]64bit:[/b] - [2015.07.10 11:00:14 | 000,380,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
  187. DRV:[b]64bit:[/b] - [2015.07.10 11:00:14 | 000,215,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
  188. DRV:[b]64bit:[/b] - [2015.07.10 11:00:10 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
  189. DRV:[b]64bit:[/b] - [2015.07.10 11:00:10 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
  190. DRV:[b]64bit:[/b] - [2015.07.10 11:00:10 | 000,031,072 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  191. DRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,200,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
  192. DRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,153,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
  193. DRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,061,952 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
  194. DRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
  195. DRV:[b]64bit:[/b] - [2015.07.10 11:00:09 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
  196. DRV:[b]64bit:[/b] - [2015.07.10 11:00:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
  197. DRV:[b]64bit:[/b] - [2015.07.10 11:00:00 | 000,245,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
  198. DRV:[b]64bit:[/b] - [2015.07.10 11:00:00 | 000,159,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
  199. DRV:[b]64bit:[/b] - [2015.07.10 11:00:00 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
  200. DRV:[b]64bit:[/b] - [2015.07.10 11:00:00 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
  201. DRV:[b]64bit:[/b] - [2015.07.10 11:00:00 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
  202. DRV:[b]64bit:[/b] - [2015.07.10 11:00:00 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
  203. DRV:[b]64bit:[/b] - [2015.07.10 10:59:59 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
  204. DRV:[b]64bit:[/b] - [2015.07.10 10:59:59 | 000,088,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
  205. DRV:[b]64bit:[/b] - [2015.07.10 10:59:59 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
  206. DRV:[b]64bit:[/b] - [2015.07.10 10:59:56 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
  207. DRV:[b]64bit:[/b] - [2015.07.10 10:59:53 | 000,129,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
  208. DRV:[b]64bit:[/b] - [2015.07.10 10:59:53 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
  209. DRV:[b]64bit:[/b] - [2015.07.10 10:59:52 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
  210. DRV:[b]64bit:[/b] - [2015.07.10 10:59:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
  211. DRV:[b]64bit:[/b] - [2015.07.10 10:59:50 | 000,082,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
  212. DRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,291,680 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
  213. DRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
  214. DRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
  215. DRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,083,968 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
  216. DRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  217. DRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
  218. DRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,044,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
  219. DRV:[b]64bit:[/b] - [2015.07.10 10:59:48 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
  220. DRV:[b]64bit:[/b] - [2015.07.10 10:59:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  221. DRV:[b]64bit:[/b] - [2015.07.10 10:59:40 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
  222. DRV:[b]64bit:[/b] - [2015.07.10 10:59:40 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
  223. DRV:[b]64bit:[/b] - [2015.07.10 10:59:40 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
  224. DRV:[b]64bit:[/b] - [2015.07.10 10:59:40 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
  225. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
  226. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,474,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
  227. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
  228. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
  229. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
  230. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
  231. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
  232. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
  233. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
  234. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
  235. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
  236. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
  237. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
  238. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
  239. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
  240. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,040,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
  241. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  242. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
  243. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
  244. DRV:[b]64bit:[/b] - [2015.07.10 10:59:39 | 000,017,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys -- (swenum)
  245. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  246. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
  247. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
  248. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  249. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  250. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,222,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
  251. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,207,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
  252. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,116,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
  253. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
  254. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
  255. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
  256. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  257. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
  258. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  259. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
  260. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  261. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
  262. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
  263. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
  264. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
  265. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
  266. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
  267. DRV:[b]64bit:[/b] - [2015.07.10 10:59:38 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
  268. DRV:[b]64bit:[/b] - [2015.07.10 10:59:37 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
  269. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 003,349,984 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
  270. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,237,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
  271. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,122,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
  272. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,116,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
  273. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
  274. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
  275. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,092,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
  276. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
  277. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
  278. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
  279. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,043,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
  280. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
  281. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys -- (CompositeBus)
  282. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
  283. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  284. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fcvsc.sys -- (fcvsc)
  285. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
  286. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
  287. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
  288. DRV:[b]64bit:[/b] - [2015.07.10 10:59:36 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
  289. DRV:[b]64bit:[/b] - [2015.06.12 02:54:56 | 000,183,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
  290. DRV:[b]64bit:[/b] - [2015.06.10 21:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
  291. DRV:[b]64bit:[/b] - [2015.06.04 01:33:50 | 000,021,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semav6msr64.sys -- (semav6msr64)
  292. DRV:[b]64bit:[/b] - [2013.11.16 04:59:44 | 000,632,168 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
  293. DRV:[b]64bit:[/b] - [2013.09.13 13:57:26 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
  294. DRV:[b]64bit:[/b] - [2013.07.18 11:55:44 | 000,130,248 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
  295. DRV:[b]64bit:[/b] - [2013.03.08 15:58:18 | 000,473,840 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
  296. DRV:[b]64bit:[/b] - [2013.03.08 15:58:18 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
  297. DRV:[b]64bit:[/b] - [2012.06.22 13:22:16 | 000,174,176 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
  298. DRV - [2015.07.10 10:59:39 | 000,017,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys -- (swenum)
  299. DRV - [2015.07.10 10:59:36 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys -- (CompositeBus)
  300.  
  301.  
  302. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  303.  
  304.  
  305. [color=#E56717]========== Internet Explorer ==========[/color]
  306.  
  307. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
  308. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
  309. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
  310. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
  311. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  312. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  313. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
  314. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
  315. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  316. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
  317. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
  318. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  319. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  320.  
  321.  
  322. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  323.  
  324. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  325.  
  326. IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
  327.  
  328. IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
  329.  
  330. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
  331. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultWANProfile = 129924164
  332. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
  333. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
  334. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
  335. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-PL
  336. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C3 E3 6C 25 0A EF D0 01 [binary data]
  337. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
  338. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
  339. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  340. IE - HKU\S-1-5-21-3225399492-912441592-2079658180-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:4441
  341.  
  342. [color=#E56717]========== FireFox ==========[/color]
  343.  
  344. FF - prefs.js..browser.search.countryCode: "PT"
  345. FF - prefs.js..browser.search.region: "PT"
  346. FF - prefs.js..browser.search.searchengine.alias: "omniboxes"
  347. FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine"
  348. FF - prefs.js..browser.search.searchengine.iconURL: "http://www.omniboxes.com/favicon.ico"
  349. FF - prefs.js..browser.search.searchengine.name: "omniboxes"
  350. FF - prefs.js..browser.search.searchengine.ptid: "wpm07163"
  351. FF - prefs.js..browser.search.searchengine.uid: "CrucialXCT256MX100SSD1_14370D3087A70D3087A7"
  352. FF - prefs.js..browser.search.searchengine.url: "http://www.omniboxes.com/web/?type=ds&ts=1447143663&z=eb4372aa68794c568e0d92bgbzez6m2gdz4cdq5q3e&from=wpm07163&uid=CrucialXCT256MX100SSD1_14370D3087A70D3087A7&q={searchTerms}"
  353. FF - prefs.js..browser.search.useDBForOrder: true
  354. FF - prefs.js..browser.startup.homepage: "about:home"
  355. FF - prefs.js..extensions.enabledAddons: %7Bc36177c0-224a-11da-8cd6-0800200c9a91%7D:3.9.85.1-signed
  356. FF - prefs.js..extensions.enabledAddons: %7B46551EC9-40F0-4e47-8E18-8E5CF550CFB8%7D:2.0.2.1-signed.1-let-fixed
  357. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
  358. FF - user.js - File not found
  359.  
  360. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
  361. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  362. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: d:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
  363. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
  364. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  365. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
  366. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  367. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  368. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
  369. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  370. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
  371. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  372. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  373. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
  374. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
  375. FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Piecho\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
  376. FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Piecho\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
  377. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Piecho\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
  378. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Piecho\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
  379.  
  380. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  381. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  382.  
  383. [2015.09.14 12:08:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\Extensions
  384. [2015.12.06 19:26:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\Firefox\Profiles\pbi1edm8.default\extension-data
  385. [2015.12.06 02:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\Firefox\Profiles\pbi1edm8.default\extensions
  386. [2015.09.14 12:09:23 | 000,088,072 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\@bandcamp-volume.xpi
  387. [2015.09.14 12:09:13 | 000,150,710 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi
  388. [2015.12.05 17:51:55 | 003,622,458 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi
  389. [2015.12.06 02:37:52 | 000,199,141 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
  390. [2015.09.16 08:34:48 | 000,057,513 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
  391. [2015.11.20 18:45:16 | 000,147,854 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
  392. [2015.09.14 12:09:26 | 000,009,703 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
  393. [2015.09.14 12:19:28 | 000,106,836 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
  394. [2015.11.20 18:45:15 | 000,356,897 | ---- | M] () (No name found) -- C:\Users\Piecho\AppData\Roaming\mozilla\firefox\profiles\pbi1edm8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
  395. [2015.09.14 12:06:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
  396. [2015.11.05 16:51:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  397.  
  398. [color=#E56717]========== Chrome ==========[/color]
  399.  
  400. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  401. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  402. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
  403. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
  404. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
  405. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.12_0\
  406. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  407. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
  408. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
  409. CHR - Extension: No name found = C:\Users\Piecho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  410.  
  411. O1 HOSTS File: ([2015.12.04 15:23:44 | 000,004,876 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  412. O1 - Hosts: 0.0.0.0 spynet2.microsoft.com
  413. O1 - Hosts: 0.0.0.0 spynetalt.microsoft.com
  414. O1 - Hosts: 0.0.0.0 fe3.delivery.dsp.mp.microsoft.com.nsatc.net
  415. O1 - Hosts: 0.0.0.0 a.ads1.msn.com
  416. O1 - Hosts: 0.0.0.0 a.ads2.msads.net
  417. O1 - Hosts: 0.0.0.0 a.ads2.msn.com
  418. O1 - Hosts: 0.0.0.0 a.rad.msn.com
  419. O1 - Hosts: 0.0.0.0 a-0001.a-msedge.net
  420. O1 - Hosts: 0.0.0.0 a-0002.a-msedge.net
  421. O1 - Hosts: 0.0.0.0 a-0003.a-msedge.net
  422. O1 - Hosts: 0.0.0.0 a-0004.a-msedge.net
  423. O1 - Hosts: 0.0.0.0 a-0005.a-msedge.net
  424. O1 - Hosts: 0.0.0.0 a-0006.a-msedge.net
  425. O1 - Hosts: 0.0.0.0 a-0007.a-msedge.net
  426. O1 - Hosts: 0.0.0.0 a-0008.a-msedge.net
  427. O1 - Hosts: 0.0.0.0 a-0009.a-msedge.net
  428. O1 - Hosts: 0.0.0.0 ac3.msn.com
  429. O1 - Hosts: 0.0.0.0 ad.doubleclick.net
  430. O1 - Hosts: 0.0.0.0 adnexus.net
  431. O1 - Hosts: 0.0.0.0 adnxs.com
  432. O1 - Hosts: 0.0.0.0 ads.msn.com
  433. O1 - Hosts: 0.0.0.0 ads1.msads.net
  434. O1 - Hosts: 0.0.0.0 ads1.msn.com
  435. O1 - Hosts: 0.0.0.0 aidps.atdmt.com
  436. O1 - Hosts: 0.0.0.0 aka-cdn-ns.adtech.de
  437. O1 - Hosts: 88 more lines...
  438. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
  439. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
  440. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
  441. O4:[b]64bit:[/b] - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
  442. O4:[b]64bit:[/b] - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited)
  443. O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
  444. O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
  445. O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
  446. O4:[b]64bit:[/b] - HKLM..\Run: [WheelMouse] C:\Program Files\Mouse\Amoumain.exe ()
  447. O4 - HKLM..\Run: [BCSSync] E:\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
  448. O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
  449. O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
  450. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [Clavier+] C:\Users\Piecho\AppData\Local\Clavier+\Clavier.exe (Guillaume Ryder (http://utilfr42.free.fr))
  451. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min File not found
  452. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [Discord] C:\Users\Piecho\AppData\Local\Discord\app-0.0.283\Discord.exe (Hammer & Chisel, Inc.)
  453. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [f.lux] C:\Users\Piecho\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
  454. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [MP3 Skype recorder] C:\Users\Piecho\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe (Domit UK LTD)
  455. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [OneDrive] C:\Users\Piecho\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
  456. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [SOS Browser Monitor] C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe (Steganos Software GmbH)
  457. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [SOS_Agent] C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe (Steganos Software GmbH)
  458. O4 - HKU\S-1-5-21-3225399492-912441592-2079658180-1001..\Run: [Steam] d:\Program Files\Steam\steam.exe (Valve Corporation)
  459. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  460. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  461. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  462. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  463. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
  464. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
  465. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  466. O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
  467. O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
  468. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\PrxerNsp.dll ()
  469. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
  470. O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
  471. O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  472. O13[b]64bit:[/b] - gopher Prefix: missing
  473. O13 - gopher Prefix: missing
  474. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.137.46.252 193.137.46.248
  475. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0af3a503-a6ff-4e06-85bb-c1da0171b64e}: DhcpNameServer = 193.137.46.252 193.137.46.248
  476. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  477. O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
  478. O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
  479. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  480. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  481. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
  482. O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
  483. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  484. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  485. O32 - HKLM CDRom: AutoRun - 1
  486. O34 - HKLM BootExecute: (autocheck autochk *)
  487. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  488. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  489. O35 - HKLM\..comfile [open] -- "%1" %*
  490. O35 - HKLM\..exefile [open] -- "%1" %*
  491. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  492. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  493. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  494. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  495. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  496. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  497.  
  498. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  499.  
  500. [2015.12.05 17:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
  501. [2015.12.05 13:59:22 | 000,000,000 | ---D | C] -- C:\Users\Piecho\Documents\My Games
  502. [2015.12.05 13:58:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
  503. [2015.12.05 13:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange
  504. [2015.12.04 16:43:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
  505. [2015.12.04 16:36:50 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\Intel Corporation
  506. [2015.12.04 16:27:41 | 000,000,000 | ---D | C] -- C:\Users\Piecho\Desktop\ir
  507. [2015.12.01 18:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nGlide
  508. [2015.12.01 18:49:01 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Local\ElevatedDiagnostics
  509. [2015.11.24 12:53:45 | 002,675,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
  510. [2015.11.24 12:53:45 | 002,639,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
  511. [2015.11.24 12:53:45 | 002,180,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
  512. [2015.11.24 12:53:45 | 002,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
  513. [2015.11.24 12:53:45 | 000,966,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
  514. [2015.11.24 12:53:45 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
  515. [2015.11.24 12:53:45 | 000,607,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
  516. [2015.11.24 12:53:45 | 000,539,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
  517. [2015.11.24 12:53:44 | 021,873,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
  518. [2015.11.24 12:53:44 | 003,587,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
  519. [2015.11.24 12:53:44 | 003,248,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
  520. [2015.11.24 12:53:44 | 001,795,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
  521. [2015.11.24 12:53:43 | 002,987,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
  522. [2015.11.24 12:53:43 | 001,383,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
  523. [2015.11.24 12:53:42 | 018,803,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
  524. [2015.11.24 12:53:42 | 002,647,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
  525. [2015.11.24 12:53:40 | 000,541,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcupdate_GenuineIntel.dll
  526. [2015.11.24 12:53:40 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dlnashext.dll
  527. [2015.11.24 12:53:40 | 000,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dlnashext.dll
  528. [2015.11.24 12:53:39 | 002,418,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
  529. [2015.11.24 12:53:39 | 001,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
  530. [2015.11.24 12:53:39 | 001,392,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
  531. [2015.11.24 12:53:39 | 001,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
  532. [2015.11.24 12:53:39 | 000,961,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
  533. [2015.11.24 12:53:39 | 000,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
  534. [2015.11.24 12:53:38 | 008,020,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
  535. [2015.11.24 12:53:38 | 000,762,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
  536. [2015.11.24 12:53:38 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
  537. [2015.11.24 12:53:38 | 000,579,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
  538. [2015.11.24 12:53:38 | 000,515,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\internetmail.dll
  539. [2015.11.24 12:53:38 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
  540. [2015.11.24 12:53:38 | 000,459,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
  541. [2015.11.24 12:53:38 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
  542. [2015.11.24 12:53:38 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
  543. [2015.11.24 12:53:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
  544. [2015.11.24 12:53:37 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
  545. [2015.11.24 12:53:37 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
  546. [2015.11.24 12:53:37 | 000,650,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
  547. [2015.11.24 12:53:37 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Usb.dll
  548. [2015.11.24 12:53:37 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
  549. [2015.11.20 14:52:16 | 000,000,000 | ---D | C] -- C:\Users\Piecho\Desktop\pendrive 015
  550. [2015.11.20 13:58:04 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\tox
  551. [2015.11.20 13:31:28 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
  552. [2015.11.20 13:31:27 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\discord
  553. [2015.11.20 13:31:24 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Local\Discord
  554. [2015.11.20 13:31:23 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Local\SquirrelTemp
  555. [2015.11.19 23:18:58 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital - A Love Story
  556. [2015.11.19 22:18:22 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\RenPy
  557. [2015.11.19 22:16:39 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Katawa Shoujo
  558. [2015.11.19 20:53:00 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Local\Overwolf
  559. [2015.11.19 20:47:59 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\TS3Client
  560. [2015.11.19 20:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
  561. [2015.11.19 12:26:11 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\Yacht Club Games
  562. [2015.11.18 00:41:20 | 000,000,000 | ---D | C] -- C:\Users\Piecho\Desktop\ib
  563. [2015.11.17 17:45:44 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT
  564. [2015.11.14 12:17:12 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Local\UNDERTALE
  565. [2015.11.14 12:16:23 | 000,000,000 | ---D | C] -- C:\Users\Piecho\AppData\Roaming\Steam
  566. [2015.11.14 11:55:58 | 000,000,000 | ---D | C] -- C:\Users\Piecho\Documents\Klei
  567. [2015.11.10 08:48:41 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
  568. [2015.11.10 08:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  569. [2015.11.10 08:48:11 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
  570. [2015.11.10 08:48:11 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
  571. [2015.11.10 08:48:11 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
  572. [2015.11.10 08:48:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
  573. [2015.11.10 08:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
  574.  
  575. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  576.  
  577. [2015.12.06 19:28:30 | 002,027,886 | ---- | M] () -- C:\WINDOWS\SysNative\perfh015.dat
  578. [2015.12.06 19:28:30 | 001,126,656 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
  579. [2015.12.06 19:28:30 | 000,546,422 | ---- | M] () -- C:\WINDOWS\SysNative\perfc015.dat
  580. [2015.12.06 19:28:30 | 000,516,398 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
  581. [2015.12.06 19:28:30 | 000,005,430 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
  582. [2015.12.06 19:27:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
  583. [2015.12.06 19:24:10 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
  584. [2015.12.06 19:22:17 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  585. [2015.12.06 19:22:13 | 000,016,148 | ---- | M] () -- C:\WINDOWS\SysNative\DESKTOP-2GP4R19_Piecho_HistoryPrediction.bin
  586. [2015.12.06 19:22:08 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
  587. [2015.12.06 19:22:03 | 3395,014,656 | -HS- | M] () -- C:\hiberfil.sys
  588. [2015.12.06 18:38:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3225399492-912441592-2079658180-1001UA.job
  589. [2015.12.06 18:37:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  590. [2015.12.06 17:38:00 | 000,001,042 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3225399492-912441592-2079658180-1001Core.job
  591. [2015.12.06 12:42:46 | 001,842,597 | ---- | M] () -- C:\Users\Piecho\Desktop\Interna strategies.pdf
  592. [2015.12.05 13:51:11 | 000,000,856 | ---- | M] () -- C:\Users\Piecho\Desktop\Life Is Strange Episode 5.lnk
  593. [2015.12.05 02:37:34 | 000,002,266 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  594. [2015.12.03 13:05:07 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
  595. [2015.12.01 19:53:23 | 000,614,418 | ---- | M] () -- C:\Users\Piecho\Desktop\nfs2se01.tga
  596. [2015.12.01 19:36:15 | 000,614,418 | ---- | M] () -- C:\Users\Piecho\Desktop\nfs2se02.tga
  597. [2015.12.01 19:33:03 | 000,000,704 | ---- | M] () -- C:\Users\Piecho\Desktop\Nfs2sen.lnk
  598. [2015.12.01 18:57:06 | 000,060,808 | ---- | M] () -- C:\WINDOWS\SysWow64\nglide_uninst.exe
  599. [2015.12.01 15:53:23 | 000,002,636 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
  600. [2015.12.01 15:53:23 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Steganos Online Shield.lnk
  601. [2015.12.01 15:53:23 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\Castle Crashers.lnk
  602. [2015.12.01 15:53:23 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
  603. [2015.12.01 15:53:23 | 000,000,663 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
  604. [2015.12.01 15:53:23 | 000,000,659 | ---- | M] () -- C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
  605. [2015.12.01 15:53:07 | 000,000,677 | ---- | M] () -- C:\Users\Piecho\Desktop\The Beginner's Guide.lnk
  606. [2015.12.01 15:53:07 | 000,000,645 | ---- | M] () -- C:\Users\Piecho\Desktop\Uplay.lnk
  607. [2015.12.01 15:53:06 | 000,002,184 | ---- | M] () -- C:\Users\Piecho\Desktop\Discord.lnk
  608. [2015.12.01 15:53:06 | 000,001,218 | ---- | M] () -- C:\Users\Piecho\Desktop\Continue Jdownloader Installation.lnk
  609. [2015.12.01 15:53:06 | 000,000,840 | ---- | M] () -- C:\Users\Piecho\Desktop\Antichamber.lnk
  610. [2015.12.01 15:53:06 | 000,000,815 | ---- | M] () -- C:\Users\Piecho\Desktop\Katawa Shoujo.lnk
  611. [2015.12.01 15:53:06 | 000,000,703 | ---- | M] () -- C:\Users\Piecho\Desktop\Start Tor Browser.lnk
  612. [2015.12.01 15:53:06 | 000,000,660 | ---- | M] () -- C:\Users\Piecho\Desktop\Digital - A Love Story.lnk
  613. [2015.12.01 15:53:06 | 000,000,561 | ---- | M] () -- C:\Users\Piecho\Desktop\Diablo.lnk
  614. [2015.12.01 15:53:06 | 000,000,355 | ---- | M] () -- C:\Users\Piecho\Desktop\Ten komputer.lnk
  615. [2015.12.01 14:29:17 | 000,000,001 | ---- | M] () -- C:\WINDOWS\SysWow64\pl.html
  616. [2015.11.20 18:18:59 | 000,017,477 | ---- | M] () -- C:\Users\Piecho\Documents\aaaaaluna_s_cutie_mark_vector_by_n00btendo-d5uz97h.jpg
  617. [2015.11.20 15:02:26 | 000,000,408 | RHS- | M] () -- C:\ProgramData\ntuser.pol
  618. [2015.11.20 14:05:43 | 000,273,800 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
  619. [2015.11.20 14:02:13 | 033,157,120 | ---- | M] () -- C:\Users\Piecho\Desktop\qtox.exe
  620. [2015.11.18 19:26:54 | 696,990,685 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
  621. [2015.11.10 08:21:03 | 000,000,380 | ---- | M] () -- C:\WINDOWS\SysWow64\data.bin
  622.  
  623. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  624.  
  625. [2015.12.06 19:22:13 | 000,016,148 | ---- | C] () -- C:\WINDOWS\SysNative\DESKTOP-2GP4R19_Piecho_HistoryPrediction.bin
  626. [2015.12.05 13:51:11 | 000,000,856 | ---- | C] () -- C:\Users\Piecho\Desktop\Life Is Strange Episode 5.lnk
  627. [2015.12.01 19:36:15 | 000,614,418 | ---- | C] () -- C:\Users\Piecho\Desktop\nfs2se02.tga
  628. [2015.12.01 19:35:15 | 000,614,418 | ---- | C] () -- C:\Users\Piecho\Desktop\nfs2se01.tga
  629. [2015.12.01 19:33:03 | 000,000,704 | ---- | C] () -- C:\Users\Piecho\Desktop\Nfs2sen.lnk
  630. [2015.12.01 18:54:50 | 000,060,808 | ---- | C] () -- C:\WINDOWS\SysWow64\nglide_uninst.exe
  631. [2015.12.01 12:14:19 | 000,000,001 | ---- | C] () -- C:\WINDOWS\SysWow64\pl.html
  632. [2015.11.20 18:18:59 | 000,017,477 | ---- | C] () -- C:\Users\Piecho\Documents\aaaaaluna_s_cutie_mark_vector_by_n00btendo-d5uz97h.jpg
  633. [2015.11.20 14:50:57 | 000,000,408 | RHS- | C] () -- C:\ProgramData\ntuser.pol
  634. [2015.11.20 14:26:09 | 000,001,094 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3225399492-912441592-2079658180-1001UA.job
  635. [2015.11.20 14:26:09 | 000,001,042 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3225399492-912441592-2079658180-1001Core.job
  636. [2015.11.20 13:31:28 | 000,002,184 | ---- | C] () -- C:\Users\Piecho\Desktop\Discord.lnk
  637. [2015.11.19 23:18:58 | 000,000,660 | ---- | C] () -- C:\Users\Piecho\Desktop\Digital - A Love Story.lnk
  638. [2015.11.19 22:16:39 | 000,000,815 | ---- | C] () -- C:\Users\Piecho\Desktop\Katawa Shoujo.lnk
  639. [2015.11.19 20:47:58 | 000,000,663 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
  640. [2015.11.19 19:15:32 | 033,157,120 | ---- | C] () -- C:\Users\Piecho\Desktop\qtox.exe
  641. [2015.11.10 08:21:03 | 000,000,380 | ---- | C] () -- C:\WINDOWS\SysWow64\data.bin
  642. [2015.11.05 01:08:07 | 000,007,604 | ---- | C] () -- C:\Users\Piecho\AppData\Local\Resmon.ResmonCfg
  643. [2015.10.13 18:47:20 | 001,766,952 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
  644. [2015.10.09 17:33:27 | 000,194,560 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
  645. [2015.10.09 17:33:27 | 000,154,096 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
  646. [2015.10.06 17:34:55 | 000,000,600 | ---- | C] () -- C:\Users\Piecho\AppData\Local\PUTTY.RND
  647. [2015.10.06 17:32:14 | 000,084,040 | ---- | C] () -- C:\WINDOWS\SysWow64\PrxerNsp.dll
  648. [2015.10.02 14:36:41 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysWow64\srvany.exe
  649. [2015.09.14 12:53:48 | 001,823,232 | ---- | C] () -- C:\WINDOWS\SysWow64\InputService.dll
  650. [2015.09.14 12:53:46 | 000,200,704 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputFramework.dll
  651. [2015.09.14 12:32:22 | 037,749,064 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
  652. [2015.09.14 12:20:15 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
  653. [2015.07.10 12:20:52 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
  654. [2015.07.10 11:04:39 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
  655. [2015.07.10 11:04:38 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
  656. [2015.07.10 11:00:35 | 000,161,632 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
  657. [2015.07.10 11:00:33 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
  658. [2015.07.10 11:00:32 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
  659. [2015.07.10 11:00:31 | 000,156,672 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
  660. [2015.07.10 11:00:30 | 000,028,672 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
  661. [2015.07.10 11:00:29 | 000,081,408 | ---- | C] () -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
  662. [2015.07.10 11:00:29 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
  663. [2015.07.10 11:00:29 | 000,053,760 | ---- | C] () -- C:\WINDOWS\SysWow64\WpKbdLayout.dll
  664. [2015.07.10 11:00:29 | 000,022,016 | ---- | C] () -- C:\WINDOWS\SysWow64\WordBreakers.dll
  665. [2015.07.10 11:00:28 | 000,270,848 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
  666. [2015.07.10 11:00:27 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
  667. [2015.07.10 11:00:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
  668. [2015.07.10 11:00:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
  669. [2015.07.10 11:00:24 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
  670. [2015.07.10 10:59:51 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
  671.  
  672. [color=#E56717]========== ZeroAccess Check ==========[/color]
  673.  
  674. [2015.09.15 19:41:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
  675.  
  676. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  677.  
  678. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  679.  
  680. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  681.  
  682. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  683.  
  684. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  685. "" = C:\Windows\SysNative\windows.storage.dll -- [2015.09.17 06:49:11 | 006,487,248 | ---- | M] (Microsoft Corporation)
  686. "ThreadingModel" = Apartment
  687.  
  688. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  689. "" = %SystemRoot%\system32\windows.storage.dll -- [2015.09.17 06:28:40 | 005,120,056 | ---- | M] (Microsoft Corporation)
  690. "ThreadingModel" = Apartment
  691.  
  692. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  693. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015.07.10 10:59:53 | 000,995,328 | ---- | M] (Microsoft Corporation)
  694. "ThreadingModel" = Free
  695.  
  696. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  697. "" = %systemroot%\system32\wbem\fastprox.dll -- [2015.07.10 11:00:23 | 000,754,688 | ---- | M] (Microsoft Corporation)
  698. "ThreadingModel" = Free
  699.  
  700. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  701. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015.07.10 10:59:55 | 000,516,096 | ---- | M] (Microsoft Corporation)
  702. "ThreadingModel" = Both
  703.  
  704. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  705.  
  706. [color=#E56717]========== LOP Check ==========[/color]
  707.  
  708. [2015.12.02 21:05:56 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\Audacity
  709. [2015.11.20 14:06:09 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\discord
  710. [2015.09.25 08:08:07 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\Foxit Software
  711. [2015.10.06 14:58:49 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\I2P
  712. [2015.09.14 16:46:55 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\MP3SkypeRecorder
  713. [2015.09.14 21:36:00 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\mxnitro
  714. [2015.10.01 14:47:40 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\NapiProjekt
  715. [2015.10.06 17:32:20 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\Proxifier
  716. [2015.10.10 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\qBittorrent
  717. [2015.11.19 23:19:09 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\RenPy
  718. [2015.11.14 12:16:23 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\Steam
  719. [2015.10.06 18:25:12 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\Steganos
  720. [2015.10.04 18:45:45 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\Steganos Updates
  721. [2015.10.19 10:05:02 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\Steganos VPN
  722. [2015.11.20 14:04:18 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\tox
  723. [2015.11.20 19:35:23 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\TS3Client
  724. [2015.11.19 12:26:11 | 000,000,000 | ---D | M] -- C:\Users\Piecho\AppData\Roaming\Yacht Club Games
  725.  
  726. [color=#E56717]========== Purity Check ==========[/color]
  727.  
  728.  
  729.  
  730. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!