API tools faq
paste
Advertisement
Guest User

OTL

a guest
Apr 10th, 2017
698
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 53.24 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 2017-04-10 10:30:20 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Archpeak\Downloads
  3. 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.9600.17843)
  5. Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
  6.  
  7. 8,00 Gb Total Physical Memory | 5,51 Gb Available Physical Memory | 68,85% Memory free
  8. 16,00 Gb Paging File | 12,20 Gb Available in Paging File | 76,29% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 254,79 Gb Total Space | 133,76 Gb Free Space | 52,50% Space Free | Partition Type: NTFS
  13. Drive D: | 200,00 Gb Total Space | 28,38 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
  14. Drive E: | 10,87 Gb Total Space | 1,33 Gb Free Space | 12,21% Space Free | Partition Type: NTFS
  15.  
  16. Computer Name: ARCHPEAK-HP | User Name: Archpeak | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  18. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - File not found --
  23. PRC - [2017-04-10 10:29:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Archpeak\Downloads\OTL.exe
  24. PRC - [2017-03-29 04:03:55 | 000,941,912 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  25. PRC - [2016-12-19 23:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  26. PRC - [2015-05-22 10:13:36 | 019,177,784 | ---- | M] (ZWCAD DESIGN CO., LTD.) -- C:\Program Files (x86)\ZWCAD+ 2015\ZWCAD.exe
  27. PRC - [2015-02-04 02:00:09 | 000,409,800 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  28. PRC - [2014-11-13 15:04:54 | 001,087,792 | ---- | M] (Flexera Software LLC) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  29. PRC - [2014-10-08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
  30. PRC - [2014-10-08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
  31. PRC - [2013-09-19 22:42:01 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
  32. PRC - [2013-09-19 22:34:46 | 002,155,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
  33. PRC - [2010-11-21 05:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
  34. PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
  35. PRC - [2010-02-28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
  36. PRC - [2010-02-11 19:07:54 | 000,710,656 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
  37. PRC - [2009-07-02 23:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
  38. PRC - [2009-02-28 04:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
  39. PRC - [2008-11-20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
  40. PRC - [2008-02-22 18:10:38 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\RALINK\Common\RalinkRegistryWriter.exe
  41. PRC - [2007-11-21 10:08:50 | 000,180,224 | ---- | M] () -- C:\ProgramData\RbtProt\sgsrv.exe
  42.  
  43.  
  44. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  45.  
  46. MOD - [2017-03-29 04:04:01 | 002,187,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
  47. MOD - [2017-03-29 04:04:00 | 000,086,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
  48. MOD - [2015-09-22 12:26:20 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll
  49. MOD - [2015-09-22 12:26:04 | 000,251,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\37d326ec04957ca1393ebd5ee8b1cc20\WindowsFormsIntegration.ni.dll
  50. MOD - [2015-09-22 12:16:06 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\232495ea0368dada2d208c51f0e5349c\UIAutomationTypes.ni.dll
  51. MOD - [2015-09-22 12:16:06 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\94c5cba998f28affea3889fcdf99d66c\UIAutomationProvider.ni.dll
  52. MOD - [2015-09-22 12:00:42 | 018,761,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\b61f493e1736be80e7af377a94eb15a1\PresentationFramework.ni.dll
  53. MOD - [2015-09-22 12:00:14 | 001,873,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\1196cc375887ce75f134047505fe19bf\System.Xaml.ni.dll
  54. MOD - [2015-09-22 12:00:06 | 011,013,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\f00c65c9573cb88dfd42ae7634bd88e1\PresentationCore.ni.dll
  55. MOD - [2015-09-22 11:59:41 | 000,286,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatiod51afaa5#\4edaa939589829c3b21a1295310bf2d1\PresentationFramework.Classic.ni.dll
  56. MOD - [2015-09-22 11:59:39 | 000,458,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\5e3e26e6c81809aab854ea76a884fde2\PresentationFramework.Aero.ni.dll
  57. MOD - [2015-09-22 11:59:25 | 001,172,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\a48bd2a02ed1ae2fbb79ef8797f0c5f6\System.Management.ni.dll
  58. MOD - [2015-09-22 11:59:22 | 003,945,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\1fb19af0c16ab00c017781f582e324bf\WindowsBase.ni.dll
  59. MOD - [2015-09-22 11:59:01 | 012,897,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a0b4e6b92d9c147d801a6f2e3a15080b\System.Windows.Forms.ni.dll
  60. MOD - [2015-09-22 11:58:45 | 001,642,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd2f9ea99ac0f984b9dc430824638c9f\System.Drawing.ni.dll
  61. MOD - [2015-09-22 11:58:41 | 007,793,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll
  62. MOD - [2015-09-22 11:58:34 | 000,972,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\93729611cd078029e0000b18ee38f506\System.Configuration.ni.dll
  63. MOD - [2015-09-22 11:58:19 | 007,002,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\02a4633b5f85cdbec8e14a51bdb028f9\System.Core.ni.dll
  64. MOD - [2015-09-22 11:58:03 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
  65. MOD - [2015-05-22 10:22:48 | 001,375,544 | ---- | M] () -- C:\Program Files (x86)\ZWCAD+ 2015\pl-PL\ZwExtendRes.dll
  66. MOD - [2015-05-22 10:13:30 | 009,223,480 | ---- | M] () -- C:\Program Files (x86)\ZWCAD+ 2015\ZwUiMfcEx.dll
  67. MOD - [2015-05-22 10:13:28 | 000,518,456 | ---- | M] () -- C:\Program Files (x86)\ZWCAD+ 2015\Styles\ZwcadStyle.zwstyles
  68. MOD - [2015-05-22 10:13:26 | 000,022,328 | ---- | M] () -- C:\Program Files (x86)\ZWCAD+ 2015\ZwOffsetWrapper.zrx
  69. MOD - [2015-05-22 10:13:24 | 000,028,984 | ---- | M] () -- C:\Program Files (x86)\ZWCAD+ 2015\ZwMouseGestureCmd.zrx
  70. MOD - [2015-05-22 10:13:20 | 001,110,840 | ---- | M] () -- C:\Program Files (x86)\ZWCAD+ 2015\ZwAcisBuilder.dll
  71. MOD - [2010-02-28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
  72. MOD - [2009-07-02 23:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
  73. MOD - [2009-02-28 04:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
  74.  
  75.  
  76. [color=#E56717]========== Services (SafeList) ==========[/color]
  77.  
  78. SRV:[b]64bit:[/b] - [2016-11-28 10:53:35 | 001,357,104 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
  79. SRV:[b]64bit:[/b] - [2015-05-22 20:47:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
  80. SRV:[b]64bit:[/b] - [2015-04-30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
  81. SRV:[b]64bit:[/b] - [2015-04-30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
  82. SRV:[b]64bit:[/b] - [2015-04-14 23:37:02 | 004,621,632 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
  83. SRV:[b]64bit:[/b] - [2015-01-16 08:41:08 | 001,148,560 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
  84. SRV:[b]64bit:[/b] - [2014-01-09 07:15:48 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
  85. SRV:[b]64bit:[/b] - [2013-09-19 22:54:06 | 014,997,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
  86. SRV:[b]64bit:[/b] - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  87. SRV:[b]64bit:[/b] - [2010-10-11 11:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
  88. SRV:[b]64bit:[/b] - [2008-04-10 16:03:46 | 000,020,480 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\Windows\SysNative\spool\drivers\x64\3\OPHMLDCS.EXE -- (OKI OPHM DCS Loader)
  89. SRV - [2017-03-16 10:33:59 | 000,326,160 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\NS.exe -- (NS)
  90. SRV - [2017-03-14 14:08:34 | 000,271,960 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  91. SRV - [2016-12-19 23:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  92. SRV - [2015-05-19 17:22:06 | 000,099,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
  93. SRV - [2015-02-04 02:00:09 | 000,409,800 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
  94. SRV - [2014-11-13 15:04:54 | 001,087,792 | ---- | M] (Flexera Software LLC) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
  95. SRV - [2014-10-08 18:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
  96. SRV - [2014-10-08 18:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
  97. SRV - [2014-04-11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  98. SRV - [2014-03-21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  99. SRV - [2013-09-19 22:34:46 | 002,155,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
  100. SRV - [2011-10-28 10:43:25 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
  101. SRV - [2010-10-12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
  102. SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
  103. SRV - [2008-04-10 16:03:46 | 000,020,480 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\Windows\system32\spool\DRIVERS\x64\3\OPHMLDCS.EXE -- (OKI OPHM DCS Loader)
  104. SRV - [2008-02-22 18:10:38 | 000,054,272 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RALINK\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
  105. SRV - [2007-11-21 10:08:50 | 000,180,224 | ---- | M] () [Auto | Running] -- C:\ProgramData\RbtProt\sgsrv.exe -- (SG_Service)
  106. SRV - [2007-05-31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
  107. SRV - [2007-05-31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
  108.  
  109.  
  110. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  111.  
  112. DRV:[b]64bit:[/b] - [2017-03-16 23:36:47 | 000,770,200 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\srtsp64.sys -- (SRTSP)
  113. DRV:[b]64bit:[/b] - [2017-03-16 23:36:47 | 000,049,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\srtspx64.sys -- (SRTSPX)
  114. DRV:[b]64bit:[/b] - [2017-03-06 16:47:27 | 000,102,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
  115. DRV:[b]64bit:[/b] - [2017-02-20 19:49:19 | 000,567,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\symnets.sys -- (SymNetS)
  116. DRV:[b]64bit:[/b] - [2017-02-20 19:48:55 | 001,716,896 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\symefasi64.sys -- (SymEFASI)
  117. DRV:[b]64bit:[/b] - [2017-02-20 19:46:29 | 000,291,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\ironx64.sys -- (SymIRON)
  118. DRV:[b]64bit:[/b] - [2017-02-20 19:44:45 | 000,174,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\ccsetx64.sys -- (ccSet_NS)
  119. DRV:[b]64bit:[/b] - [2015-11-19 16:06:22 | 002,246,488 | ---- | M] (MediaTek Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
  120. DRV:[b]64bit:[/b] - [2015-04-30 00:01:06 | 000,023,200 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
  121. DRV:[b]64bit:[/b] - [2015-04-14 23:37:00 | 000,162,136 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
  122. DRV:[b]64bit:[/b] - [2015-04-14 23:36:58 | 000,303,624 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
  123. DRV:[b]64bit:[/b] - [2015-04-14 23:36:58 | 000,091,784 | ---- | M] (SafeNet Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
  124. DRV:[b]64bit:[/b] - [2015-04-14 23:36:58 | 000,060,488 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
  125. DRV:[b]64bit:[/b] - [2015-04-14 23:36:56 | 000,331,608 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
  126. DRV:[b]64bit:[/b] - [2015-03-04 19:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
  127. DRV:[b]64bit:[/b] - [2015-02-11 12:38:55 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
  128. DRV:[b]64bit:[/b] - [2014-10-08 18:18:54 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
  129. DRV:[b]64bit:[/b] - [2014-10-08 18:18:54 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
  130. DRV:[b]64bit:[/b] - [2014-10-08 18:18:54 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
  131. DRV:[b]64bit:[/b] - [2014-10-08 18:18:50 | 000,766,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
  132. DRV:[b]64bit:[/b] - [2014-04-07 10:53:13 | 000,036,904 | ---- | M] (Feitian Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rockey4.sys -- (ROCKEYNT)
  133. DRV:[b]64bit:[/b] - [2014-01-07 04:47:06 | 000,014,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
  134. DRV:[b]64bit:[/b] - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  135. DRV:[b]64bit:[/b] - [2013-08-20 15:33:40 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
  136. DRV:[b]64bit:[/b] - [2013-02-12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
  137. DRV:[b]64bit:[/b] - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  138. DRV:[b]64bit:[/b] - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  139. DRV:[b]64bit:[/b] - [2012-06-22 11:01:32 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
  140. DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  141. DRV:[b]64bit:[/b] - [2012-01-18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
  142. DRV:[b]64bit:[/b] - [2011-10-05 09:55:02 | 000,729,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
  143. DRV:[b]64bit:[/b] - [2011-09-22 21:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
  144. DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  145. DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  146. DRV:[b]64bit:[/b] - [2010-12-28 21:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  147. DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  148. DRV:[b]64bit:[/b] - [2009-09-29 14:20:06 | 000,022,528 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VNUSB.sys -- (VNUSB)
  149. DRV:[b]64bit:[/b] - [2009-09-16 09:37:14 | 000,098,352 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OxSer.sys -- (OxSer)
  150. DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  151. DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  152. DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  153. DRV:[b]64bit:[/b] - [2009-07-14 02:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
  154. DRV:[b]64bit:[/b] - [2009-06-10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  155. DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  156. DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  157. DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  158. DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  159. DRV:[b]64bit:[/b] - [2008-07-31 13:13:26 | 000,098,304 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OxPPort.sys -- (OxPPort)
  160. DRV:[b]64bit:[/b] - [2006-11-16 16:58:46 | 000,031,248 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synUSB64.sys -- (SynasUSB)
  161. DRV - [2017-03-07 20:19:03 | 001,038,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\IPSDefs\20170408.002\IDSvia64.sys -- (IDSVia64)
  162. DRV - [2017-03-03 20:46:17 | 001,831,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\BASHDefs\20170405.003\BHDrvx64.sys -- (BHDrvx64)
  163. DRV - [2017-01-26 10:59:18 | 000,497,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
  164. DRV - [2017-01-26 10:59:18 | 000,156,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
  165. DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  166.  
  167.  
  168. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  169.  
  170.  
  171. [color=#E56717]========== Internet Explorer ==========[/color]
  172.  
  173. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
  174. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  175. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
  176. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
  177. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  178. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{EE5AFB69-C655-4D87-A915-D8BB618A920B}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
  179. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  180. IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  181. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
  182. IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
  183. IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  184. IE - HKLM\..\SearchScopes\{EE5AFB69-C655-4D87-A915-D8BB618A920B}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
  185.  
  186. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
  187. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://poczta.wp.pl/https://www.f [Binary data over 200 bytes]
  188. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
  189. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
  190. IE - HKCU\..\SearchScopes,DefaultScope = {76E99CA3-9FDB-4BCE-A07E-D0CA6FCC7F0C}
  191. IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms}&rlz=1I7PRFA_plPL455
  192. IE - HKCU\..\SearchScopes\{76E99CA3-9FDB-4BCE-A07E-D0CA6FCC7F0C}: "URL" = https://www.google.com/search?q={searchTerms}
  193. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  194.  
  195.  
  196. [color=#E56717]========== FireFox ==========[/color]
  197.  
  198. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  199. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
  200. FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
  201. FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
  202. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  203. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  204. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  205. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
  206. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  207. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  208. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  209. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  210. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  211. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
  212. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
  213. FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
  214. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  215.  
  216. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1A2A613-35F1-4FCF-B27F-2840527B6556}: C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\COFFADDON\ [2017-04-07 09:39:21 | 000,000,000 | ---D | M]
  217. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1A2A613-35F1-4FCF-B27F-2840527B6556}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon\ [2017-04-07 09:39:21 | 000,000,000 | ---D | M]
  218.  
  219. [2013-07-10 14:55:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
  220.  
  221. [color=#E56717]========== Chrome ==========[/color]
  222.  
  223. CHR - default_search_provider: ()
  224. CHR - default_search_provider: search_url =
  225. CHR - default_search_provider: suggest_url =
  226. CHR - plugin: Error reading preferences file
  227. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.6_0\
  228. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
  229. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
  230. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.6.92_0\
  231. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlgdeklopcjagknhlchbdjekgpgenad\2_0\
  232. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.5.1.1209_0\
  233. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.6_0\
  234. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
  235. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
  236. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\
  237. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.4.1_0\
  238. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
  239. CHR - Extension: No name found = C:\Users\Archpeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  240.  
  241. O1 HOSTS File: ([2014-03-25 14:27:24 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  242. O1 - Hosts: 127.0.0.1 localhost
  243. O1 - Hosts: ::1 localhost
  244. O2:[b]64bit:[/b] - BHO: (Norton Identity Safety) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\coIEPlg.dll (Symantec Corporation)
  245. O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
  246. O2:[b]64bit:[/b] - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
  247. O2 - BHO: (pdfMachine) - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\Windows\SysWOW64\bgstb.dll (Broadgun Software)
  248. O2 - BHO: (Norton Identity Safety) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\coIEPlg.dll (Symantec Corporation)
  249. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  250. O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
  251. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  252. O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
  253. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
  254. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\coIEPlg.dll (Symantec Corporation)
  255. O3 - HKLM\..\Toolbar: (pdfMachine) - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\Windows\SysWOW64\bgstb.dll (Broadgun Software)
  256. O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\coIEPlg.dll (Symantec Corporation)
  257. O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
  258. O3 - HKCU\..\Toolbar\WebBrowser: (pdfMachine) - {56CF4856-ECB4-4E46-A897-A378821F97B9} - C:\Windows\SysWOW64\bgstb.dll (Broadgun Software)
  259. O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\coIEPlg.dll (Symantec Corporation)
  260. O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\coIEPlg.dll (Symantec Corporation)
  261. O4:[b]64bit:[/b] - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
  262. O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
  263. O4 - HKLM..\Run: [HP KEYBOARDx] C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
  264. O4 - HKCU..\Run: [14VO313YSL] C:\Users\Archpeak\AppData\Local\Temp\Zlap_Kuriera_19_12_2016.js ()
  265. O4 - Startup: C:\Users\Archpeak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zlap_Kuriera_19_12_2016.js ()
  266. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
  267. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
  268. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  269. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  270. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  271. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  272. O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
  273. O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
  274. O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
  275. O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
  276. O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
  277. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
  278. O9:[b]64bit:[/b] - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
  279. O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
  280. O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
  281. O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
  282. O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
  283. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
  284. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
  285. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
  286. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51C73F92-5100-496E-B189-0F6FD5AFF396}: DhcpNameServer = 192.168.42.129
  287. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F3C3293-0971-4A3F-B8F4-6F9E9C332977}: DhcpNameServer = 192.168.1.254
  288. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD8BA716-B438-4E86-8749-8B3D25FB5A5E}: DhcpNameServer = 192.168.42.129
  289. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAE039AD-1CE9-4A44-BBCE-3FCDA398D256}: DhcpNameServer = 192.168.1.254
  290. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCC37F29-E497-4735-B5B0-0393FE9700E8}: DhcpNameServer = 192.168.1.254
  291. O18:[b]64bit:[/b] - Protocol\Handler\linkscanner - No CLSID value found
  292. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  293. O18 - Protocol\Handler\linkscanner - No CLSID value found
  294. O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~2.DLL) - File not found
  295. O20 - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~1.DLL) - File not found
  296. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  297. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  298. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  299. O20 - HKLM Winlogon: UserInit - (c:\windows\syswow64\userinit.exe) - c:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
  300. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  301. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  302. O32 - HKLM CDRom: AutoRun - 1
  303. O32 - AutoRun File - [2014-03-25 13:51:02 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  304. O33 - MountPoints2\{1b03991a-ba1b-11e2-b330-78acc0a7bb31}\Shell - "" = AutoRun
  305. O33 - MountPoints2\{1b03991a-ba1b-11e2-b330-78acc0a7bb31}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Prezentacja_firmy_BRUK_Sp._z_o.o..pdf
  306. O33 - MountPoints2\{2066fe2d-c109-11e6-9ecb-78acc0a7bb31}\Shell - "" = AutoRun
  307. O33 - MountPoints2\{2066fe2d-c109-11e6-9ecb-78acc0a7bb31}\Shell\AutoRun\command - "" = G:\startme.exe
  308. O33 - MountPoints2\{a6200408-2701-11e1-b81e-78acc0a7bb31}\Shell - "" = AutoRun
  309. O33 - MountPoints2\{a6200408-2701-11e1-b81e-78acc0a7bb31}\Shell\AutoRun\command - "" = G:\iStudio.exe
  310. O34 - HKLM BootExecute: (autocheck autochk *)
  311. O34 - HKLM BootExecute: (/sync /restart)
  312. O34 - HKLM BootExecute: (/sync /restart)
  313. O34 - HKLM BootExecute: (/sync /restart)
  314. O34 - HKLM BootExecute: (/sync /restart)
  315. O34 - HKLM BootExecute: (/sync /restart)
  316. O34 - HKLM BootExecute: (/sync /restart)
  317. O34 - HKLM BootExecute: (/sync /restart)
  318. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  319. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  320. O35 - HKLM\..comfile [open] -- "%1" %*
  321. O35 - HKLM\..exefile [open] -- "%1" %*
  322. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  323. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  324. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  325. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  326. O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
  327. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  328. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  329. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  330.  
  331. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  332.  
  333. [2017-04-06 12:56:52 | 000,000,000 | ---D | C] -- C:\Users\Archpeak\Desktop\LESZNO MAPA DWG
  334. [2017-03-27 08:39:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
  335. [2017-03-22 11:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
  336. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  337.  
  338. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  339.  
  340. [2017-04-10 10:14:31 | 001,858,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  341. [2017-04-10 10:14:31 | 000,807,046 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
  342. [2017-04-10 10:14:31 | 000,720,878 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  343. [2017-04-10 10:14:31 | 000,181,452 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
  344. [2017-04-10 10:14:31 | 000,147,582 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  345. [2017-04-10 10:14:08 | 000,004,934 | ---- | M] () -- C:\Users\Archpeak\Documents\cc_20170410_101401.reg
  346. [2017-04-10 10:13:18 | 000,041,276 | ---- | M] () -- C:\Users\Archpeak\Documents\cc_20170410_101312.reg
  347. [2017-04-10 10:02:50 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForArchpeak.job
  348. [2017-04-10 09:29:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  349. [2017-04-07 08:59:07 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  350. [2017-04-07 08:59:07 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  351. [2017-04-07 08:50:05 | 000,000,302 | ---- | M] () -- C:\Windows\tasks\AVG Update.job
  352. [2017-04-07 08:49:58 | 2146,885,631 | -HS- | M] () -- C:\hiberfil.sys
  353. [2017-04-04 12:16:34 | 002,530,185 | ---- | M] () -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\Cat.DB
  354. [2017-04-03 11:29:30 | 000,039,424 | ---- | M] () -- C:\Users\Archpeak\Desktop\kosztorys żytnia 3a.xlt
  355. [2017-04-03 08:19:01 | 000,002,282 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security.lnk
  356. [2017-03-23 15:14:32 | 000,000,044 | -H-- | M] () -- C:\Users\Archpeak\Desktop\KONCEPCJA SILOSY.dwl
  357. [2017-03-16 23:40:07 | 000,492,714 | ---- | M] () -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\symvtcer.dat
  358. [2017-03-16 23:36:47 | 000,770,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\srtsp64.sys
  359. [2017-03-16 23:36:47 | 000,049,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\srtspx64.sys
  360. [2017-03-16 23:36:47 | 000,008,263 | ---- | M] () -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\srtspx64.cat
  361. [2017-03-16 23:36:47 | 000,008,259 | ---- | M] () -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\srtsp64.cat
  362. [2017-03-16 23:36:47 | 000,001,464 | ---- | M] () -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\srtsp64.inf
  363. [2017-03-16 23:36:47 | 000,001,445 | ---- | M] () -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\srtspx64.inf
  364. [2017-03-16 10:34:18 | 000,000,196 | ---- | M] () -- C:\Windows\SysNative\drivers\NSx64\1609010.00C\isolate.ini
  365. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  366.  
  367. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  368.  
  369. [2017-04-10 10:14:04 | 000,004,934 | ---- | C] () -- C:\Users\Archpeak\Documents\cc_20170410_101401.reg
  370. [2017-04-10 10:13:15 | 000,041,276 | ---- | C] () -- C:\Users\Archpeak\Documents\cc_20170410_101312.reg
  371. [2017-04-05 08:52:49 | 000,039,424 | ---- | C] () -- C:\Users\Archpeak\Desktop\kosztorys żytnia 3a.xlt
  372. [2017-03-23 15:14:32 | 000,000,044 | -H-- | C] () -- C:\Users\Archpeak\Desktop\KONCEPCJA SILOSY.dwl
  373. [2017-03-13 11:53:04 | 000,039,644 | -HS- | C] () -- C:\Users\Archpeak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zlap_Kuriera_19_12_2016.js
  374. [2016-01-20 13:35:05 | 000,002,048 | ---- | C] () -- C:\ProgramData\1e1e245d-118d-44dc-a8d0-9659d9aec3f8.set
  375. [2016-01-20 12:13:41 | 000,002,048 | ---- | C] () -- C:\ProgramData\dbd88ec1-0a6c-466a-b1cb-d8631b06339c.set
  376. [2016-01-07 11:10:13 | 000,000,015 | ---- | C] () -- C:\Windows\Robot Office Common.ini
  377. [2015-09-22 14:11:01 | 000,000,114 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
  378. [2015-06-30 12:04:27 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
  379. [2015-06-30 12:04:06 | 000,000,493 | ---- | C] () -- C:\Windows\ODBCINST.INI
  380. [2015-06-30 11:32:16 | 000,000,592 | ---- | C] () -- C:\Users\Archpeak\AppData\Local\GraitecAdvance2016.data
  381. [2015-03-24 09:59:21 | 000,000,000 | ---- | C] () -- C:\Users\Archpeak\AppData\Local\RT73_{D20298A6-17C0-4AA8-BE87-06A010FD1796}_prof
  382. [2013-11-22 14:25:56 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
  383. [2013-10-28 10:43:53 | 000,000,054 | ---- | C] () -- C:\ProgramData\.bf45c81f8dc8abfeecf09.dat
  384. [2012-01-25 12:22:46 | 000,005,120 | ---- | C] () -- C:\Users\Archpeak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  385. [2012-01-05 16:36:02 | 000,326,284 | ---- | C] () -- C:\Users\Archpeak\www.arg
  386. [2012-01-05 16:26:38 | 000,038,163 | ---- | C] () -- C:\Users\Archpeak\www.mnu
  387. [2011-12-06 12:54:14 | 000,007,667 | ---- | C] () -- C:\Users\Archpeak\AppData\Local\Resmon.ResmonCfg
  388. [2011-11-03 13:54:45 | 000,000,034 | ---- | C] () -- C:\Users\Archpeak\AppData\Roaming\Opusbext.dat
  389. [2011-10-29 14:57:40 | 000,000,868 | ---- | C] () -- C:\Users\Archpeak\AppData\Local\RT73_{DAE3EC12-4458-49EF-ADAA-0E4C94E24573}_sta
  390. [2011-10-29 14:57:37 | 000,000,841 | ---- | C] () -- C:\Users\Archpeak\AppData\Local\RT73_{DAE3EC12-4458-49EF-ADAA-0E4C94E24573}_prof
  391. [2011-10-29 12:01:31 | 000,000,858 | ---- | C] () -- C:\Users\Archpeak\AppData\Local\RT73_{FCC37F29-E497-4735-B5B0-0393FE9700E8}_sta
  392. [2011-10-29 12:01:17 | 000,000,833 | ---- | C] () -- C:\Users\Archpeak\AppData\Local\RT73_{FCC37F29-E497-4735-B5B0-0393FE9700E8}_prof
  393.  
  394. [color=#E56717]========== ZeroAccess Check ==========[/color]
  395.  
  396. [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  397.  
  398. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  399.  
  400. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  401.  
  402. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  403.  
  404. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  405.  
  406. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  407. "" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
  408. "ThreadingModel" = Apartment
  409.  
  410. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  411. "" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
  412. "ThreadingModel" = Apartment
  413.  
  414. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  415. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  416. "ThreadingModel" = Free
  417.  
  418. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  419. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  420. "ThreadingModel" = Free
  421.  
  422. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  423. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  424. "ThreadingModel" = Both
  425.  
  426. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  427.  
  428. [color=#E56717]========== LOP Check ==========[/color]
  429.  
  430. [2016-01-11 14:43:15 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Autodesk
  431. [2011-10-29 12:30:42 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Babylon
  432. [2014-03-17 16:56:40 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Blender Foundation
  433. [2017-01-17 16:08:44 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\CrashReport
  434. [2015-09-24 12:01:36 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Drimar
  435. [2013-07-10 14:51:18 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\DVDVideoSoft
  436. [2014-10-17 11:04:02 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Free Picture Solutions
  437. [2015-05-04 12:45:49 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Imagination
  438. [2016-05-04 09:13:16 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Innovative Solutions
  439. [2012-01-25 15:38:56 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\IrfanView
  440. [2013-10-04 13:30:18 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Marine Aquarium Lite
  441. [2015-05-04 12:32:09 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\MODELUR
  442. [2014-04-04 22:40:22 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\OpenCandy
  443. [2012-01-25 12:25:08 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\OpenOffice.org
  444. [2011-11-03 13:55:10 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\OPHM
  445. [2013-10-02 10:19:48 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\PDF Architect
  446. [2013-10-02 10:17:58 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\pdfforge
  447. [2012-01-25 13:46:19 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\PROCAD
  448. [2011-12-05 12:44:45 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\r2 Studios
  449. [2011-10-29 12:25:00 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Robobat
  450. [2016-05-17 09:50:39 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\SimLab
  451. [2017-03-06 09:48:27 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\SketchUp
  452. [2017-04-06 15:37:41 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\SoftGrid Client
  453. [2016-07-01 14:09:26 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Specbud
  454. [2017-03-06 09:56:43 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\SUbD
  455. [2011-10-29 12:31:08 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\SumatraPDF
  456. [2016-06-25 18:38:22 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Szansa
  457. [2015-08-28 11:17:44 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\TeamViewer
  458. [2013-09-13 11:55:56 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\TP
  459. [2017-03-06 10:00:46 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Trimble Connect for SketchUp
  460. [2017-03-06 09:44:28 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Trimble Navigation Limited
  461. [2013-07-10 14:52:15 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\TuneUp Software
  462. [2012-01-23 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Ulead Systems
  463. [2016-09-22 12:15:01 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\Unreal Engine
  464. [2011-11-07 13:08:48 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\WinBatch
  465. [2011-10-31 11:07:16 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\x-formation
  466. [2017-03-07 17:05:33 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\YCanPDF
  467. [2012-01-05 15:47:46 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\zwcad
  468. [2015-06-25 11:11:31 | 000,000,000 | ---D | M] -- C:\Users\Archpeak\AppData\Roaming\ZWSoft
  469.  
  470. [color=#E56717]========== Purity Check ==========[/color]
  471.  
  472.  
  473.  
  474. [color=#E56717]========== Alternate Data Streams ==========[/color]
  475.  
  476. @Alternate Data Stream - 24 bytes -> C:\Windows:2BB3759DA6D83C9B
  477.  
  478. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!