API tools faq
paste
Advertisement
Guest User

tylkomirko

a guest
Aug 16th, 2017
576
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 91.18 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 16.08.2017 13:39:28 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janusz Rambo\Downloads
  3. 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.15063.0)
  5. Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd.MM.yyyy
  6.  
  7. 7,94 Gb Total Physical Memory | 4,44 Gb Available Physical Memory | 55,85% Memory free
  8. 13,80 Gb Paging File | 10,12 Gb Available in Paging File | 73,32% Paging File free
  9. Paging file location(s): c:\pagefile.sys 6000 6000 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 118,69 Gb Total Space | 21,56 Gb Free Space | 18,16% Space Free | Partition Type: NTFS
  13. Drive D: | 450,00 Mb Total Space | 88,82 Mb Free Space | 19,74% Space Free | Partition Type: NTFS
  14. Drive E: | 100,00 Mb Total Space | 59,36 Mb Free Space | 59,37% Space Free | Partition Type: NTFS
  15. Drive F: | 298,09 Gb Total Space | 28,66 Gb Free Space | 9,61% Space Free | Partition Type: NTFS
  16. Drive G: | 97,56 Gb Total Space | 24,67 Gb Free Space | 25,29% Space Free | Partition Type: NTFS
  17. Drive H: | 135,23 Gb Total Space | 55,05 Gb Free Space | 40,71% Space Free | Partition Type: NTFS
  18.  
  19. Computer Name: DESKTOP-AKUUNPE | User Name: Janusz Rambo | Logged in as Administrator.
  20. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  21. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  22.  
  23. [color=#E56717]========== Processes (SafeList) ==========[/color]
  24.  
  25. PRC - File not found --
  26. PRC - [2017.08.16 13:36:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janusz Rambo\Downloads\OTL.exe
  27. PRC - [2017.07.26 19:09:20 | 000,449,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
  28. PRC - [2017.07.26 19:09:13 | 000,462,784 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
  29. PRC - [2017.07.26 19:09:09 | 015,554,496 | ---- | M] (Node.js) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
  30. PRC - [2017.07.07 08:57:25 | 000,626,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
  31. PRC - [2017.06.27 22:54:13 | 000,462,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  32. PRC - [2017.06.16 10:58:16 | 000,895,688 | ---- | M] (FreeDownloadManager.org) -- F:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
  33. PRC - [2017.05.18 09:02:02 | 002,246,256 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
  34. PRC - [2017.04.14 17:23:12 | 002,353,616 | ---- | M] (SecureMix LLC) -- C:\Program Files (x86)\GlassWire\GWIdlMon.exe
  35. PRC - [2017.04.14 17:23:08 | 004,427,728 | ---- | M] (SecureMix LLC) -- C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
  36. PRC - [2017.04.14 17:23:00 | 005,775,824 | ---- | M] (SecureMix LLC) -- C:\Program Files (x86)\GlassWire\GlassWire.exe
  37. PRC - [2016.10.12 17:28:18 | 000,744,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
  38. PRC - [2016.07.28 23:33:46 | 001,269,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
  39. PRC - [2016.05.27 15:23:57 | 000,419,288 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe
  40. PRC - [2016.04.18 08:33:38 | 000,963,536 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.23\aaHMSvc.exe
  41. PRC - [2016.02.01 17:35:26 | 001,056,256 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
  42. PRC - [2015.11.11 10:55:04 | 001,460,176 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
  43. PRC - [2015.09.17 04:58:24 | 000,936,728 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
  44. PRC - [2014.05.28 14:33:12 | 003,646,264 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
  45. PRC - [2013.01.02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
  46.  
  47.  
  48. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  49.  
  50. MOD - [2017.07.26 19:09:12 | 001,040,320 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
  51. MOD - [2017.07.26 15:40:31 | 002,466,240 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
  52. MOD - [2017.07.26 15:40:31 | 001,255,032 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode_SP1.node
  53. MOD - [2017.07.26 15:40:31 | 000,594,880 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
  54. MOD - [2017.07.26 15:40:31 | 000,523,712 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
  55. MOD - [2017.07.26 15:40:31 | 000,494,016 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
  56. MOD - [2017.07.26 15:40:31 | 000,463,992 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
  57. MOD - [2017.07.26 15:40:31 | 000,394,688 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
  58. MOD - [2017.07.26 15:40:31 | 000,390,264 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
  59. MOD - [2017.07.26 15:40:31 | 000,386,680 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
  60. MOD - [2017.07.26 15:40:31 | 000,364,664 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
  61. MOD - [2017.04.14 17:22:56 | 000,178,128 | ---- | M] () -- C:\Program Files (x86)\GlassWire\EasyHook32.dll
  62. MOD - [2016.07.28 23:33:46 | 001,269,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
  63. MOD - [2016.05.04 21:46:14 | 000,786,416 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
  64. MOD - [2016.04.20 23:52:36 | 000,838,616 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
  65. MOD - [2016.04.20 23:52:28 | 000,828,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
  66. MOD - [2016.04.20 23:52:18 | 000,878,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
  67. MOD - [2016.03.07 21:42:34 | 000,082,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
  68. MOD - [2016.02.01 17:35:26 | 001,056,256 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
  69. MOD - [2015.11.11 10:55:04 | 001,460,176 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
  70. MOD - [2015.09.10 16:06:04 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
  71. MOD - [2015.08.14 11:23:04 | 000,621,056 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\UIImprovmentHelper.dll
  72. MOD - [2014.02.24 17:49:28 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
  73. MOD - [2013.11.20 10:10:22 | 000,662,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
  74. MOD - [2013.07.02 10:40:08 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
  75.  
  76.  
  77. [color=#E56717]========== Services (SafeList) ==========[/color]
  78.  
  79. SRV:[b]64bit:[/b] - [2017.07.26 19:09:15 | 000,512,960 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService)
  80. SRV:[b]64bit:[/b] - [2017.07.26 19:09:15 | 000,512,960 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem)
  81. SRV:[b]64bit:[/b] - [2017.07.07 09:20:19 | 000,923,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
  82. SRV:[b]64bit:[/b] - [2017.07.07 09:13:19 | 000,872,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
  83. SRV:[b]64bit:[/b] - [2017.07.07 09:13:07 | 000,336,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
  84. SRV:[b]64bit:[/b] - [2017.07.07 08:18:36 | 000,548,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
  85. SRV:[b]64bit:[/b] - [2017.07.07 08:17:02 | 000,536,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
  86. SRV:[b]64bit:[/b] - [2017.07.07 08:12:06 | 001,305,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
  87. SRV:[b]64bit:[/b] - [2017.06.27 22:54:13 | 000,462,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem)
  88. SRV:[b]64bit:[/b] - [2017.06.20 08:01:21 | 000,102,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
  89. SRV:[b]64bit:[/b] - [2017.06.20 07:11:29 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
  90. SRV:[b]64bit:[/b] - [2017.06.20 07:09:41 | 000,555,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
  91. SRV:[b]64bit:[/b] - [2017.06.20 07:07:09 | 000,632,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
  92. SRV:[b]64bit:[/b] - [2017.06.20 07:06:00 | 000,847,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
  93. SRV:[b]64bit:[/b] - [2017.06.20 07:05:53 | 000,585,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
  94. SRV:[b]64bit:[/b] - [2017.06.20 07:04:35 | 001,177,600 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
  95. SRV:[b]64bit:[/b] - [2017.06.20 07:04:22 | 000,802,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
  96. SRV:[b]64bit:[/b] - [2017.06.20 07:02:54 | 000,681,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
  97. SRV:[b]64bit:[/b] - [2017.06.20 07:02:40 | 002,804,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
  98. SRV:[b]64bit:[/b] - [2017.06.20 06:58:49 | 000,625,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
  99. SRV:[b]64bit:[/b] - [2017.06.20 06:56:18 | 000,600,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
  100. SRV:[b]64bit:[/b] - [2017.06.03 10:58:32 | 001,046,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
  101. SRV:[b]64bit:[/b] - [2017.06.03 10:58:21 | 002,516,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
  102. SRV:[b]64bit:[/b] - [2017.05.20 08:06:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
  103. SRV:[b]64bit:[/b] - [2017.05.20 08:01:49 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
  104. SRV:[b]64bit:[/b] - [2017.05.20 08:01:35 | 000,970,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
  105. SRV:[b]64bit:[/b] - [2017.05.20 08:00:27 | 001,067,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
  106. SRV:[b]64bit:[/b] - [2017.04.28 01:58:36 | 001,054,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
  107. SRV:[b]64bit:[/b] - [2017.04.14 01:37:14 | 000,301,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
  108. SRV:[b]64bit:[/b] - [2017.04.14 01:29:46 | 000,647,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
  109. SRV:[b]64bit:[/b] - [2017.03.18 22:59:53 | 000,428,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
  110. SRV:[b]64bit:[/b] - [2017.03.18 22:58:33 | 000,706,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
  111. SRV:[b]64bit:[/b] - [2017.03.18 22:58:32 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
  112. SRV:[b]64bit:[/b] - [2017.03.18 22:58:29 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
  113. SRV:[b]64bit:[/b] - [2017.03.18 22:58:24 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
  114. SRV:[b]64bit:[/b] - [2017.03.18 22:58:22 | 000,086,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
  115. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 002,155,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
  116. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 001,135,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
  117. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,777,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
  118. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,582,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
  119. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,334,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
  120. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
  121. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_33cc201)
  122. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_33cc201)
  123. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_33cc201)
  124. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_33cc201)
  125. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_33cc201)
  126. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_33cc201)
  127. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_33cc201)
  128. SRV:[b]64bit:[/b] - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_33cc201)
  129. SRV:[b]64bit:[/b] - [2017.03.18 22:58:18 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
  130. SRV:[b]64bit:[/b] - [2017.03.18 22:58:17 | 001,191,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
  131. SRV:[b]64bit:[/b] - [2017.03.18 22:58:17 | 000,772,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
  132. SRV:[b]64bit:[/b] - [2017.03.18 22:58:17 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
  133. SRV:[b]64bit:[/b] - [2017.03.18 22:58:16 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
  134. SRV:[b]64bit:[/b] - [2017.03.18 22:58:16 | 000,524,288 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
  135. SRV:[b]64bit:[/b] - [2017.03.18 22:58:16 | 000,342,528 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
  136. SRV:[b]64bit:[/b] - [2017.03.18 22:58:16 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
  137. SRV:[b]64bit:[/b] - [2017.03.18 22:58:13 | 000,276,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
  138. SRV:[b]64bit:[/b] - [2017.03.18 22:58:12 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
  139. SRV:[b]64bit:[/b] - [2017.03.18 22:58:10 | 001,628,672 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
  140. SRV:[b]64bit:[/b] - [2017.03.18 22:58:10 | 001,295,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
  141. SRV:[b]64bit:[/b] - [2017.03.18 22:58:10 | 001,284,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
  142. SRV:[b]64bit:[/b] - [2017.03.18 22:58:10 | 000,302,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
  143. SRV:[b]64bit:[/b] - [2017.03.18 22:58:10 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
  144. SRV:[b]64bit:[/b] - [2017.03.18 22:58:09 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
  145. SRV:[b]64bit:[/b] - [2017.03.18 22:58:09 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
  146. SRV:[b]64bit:[/b] - [2017.03.18 22:58:07 | 000,233,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
  147. SRV:[b]64bit:[/b] - [2017.03.18 22:58:07 | 000,210,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
  148. SRV:[b]64bit:[/b] - [2017.03.18 22:58:07 | 000,182,272 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
  149. SRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,301,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.dll -- (xbgm)
  150. SRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
  151. SRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
  152. SRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,026,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
  153. SRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
  154. SRV:[b]64bit:[/b] - [2017.03.18 22:58:01 | 000,723,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
  155. SRV:[b]64bit:[/b] - [2017.03.18 22:58:01 | 000,064,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
  156. SRV:[b]64bit:[/b] - [2017.03.18 22:58:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
  157. SRV:[b]64bit:[/b] - [2017.03.18 22:58:00 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
  158. SRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,877,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
  159. SRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
  160. SRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,165,888 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
  161. SRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,095,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
  162. SRV:[b]64bit:[/b] - [2017.03.18 22:57:54 | 000,346,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
  163. SRV:[b]64bit:[/b] - [2017.03.18 22:57:54 | 000,292,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
  164. SRV:[b]64bit:[/b] - [2017.03.18 22:57:54 | 000,059,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
  165. SRV:[b]64bit:[/b] - [2017.03.18 22:57:47 | 000,699,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
  166. SRV:[b]64bit:[/b] - [2017.03.18 22:57:47 | 000,261,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
  167. SRV:[b]64bit:[/b] - [2017.03.18 22:57:46 | 005,302,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
  168. SRV:[b]64bit:[/b] - [2017.03.18 22:57:46 | 000,455,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
  169. SRV:[b]64bit:[/b] - [2017.03.18 22:57:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
  170. SRV:[b]64bit:[/b] - [2017.03.18 22:57:16 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
  171. SRV:[b]64bit:[/b] - [2017.03.18 22:57:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
  172. SRV:[b]64bit:[/b] - [2017.03.18 22:57:15 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
  173. SRV:[b]64bit:[/b] - [2017.03.18 22:57:05 | 000,891,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
  174. SRV:[b]64bit:[/b] - [2017.03.18 22:57:03 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
  175. SRV:[b]64bit:[/b] - [2017.03.18 22:57:00 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
  176. SRV:[b]64bit:[/b] - [2017.03.18 22:56:56 | 001,832,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
  177. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,342,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
  178. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,307,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
  179. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,307,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
  180. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
  181. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
  182. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
  183. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
  184. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
  185. SRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
  186. SRV:[b]64bit:[/b] - [2017.03.18 22:56:20 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  187. SRV:[b]64bit:[/b] - [2017.03.18 22:56:19 | 000,431,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
  188. SRV - [2017.07.28 15:19:42 | 000,487,488 | ---- | M] (GOG.com) [On_Demand | Stopped] -- C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe -- (GalaxyClientService)
  189. SRV - [2017.07.26 20:07:01 | 008,163,392 | ---- | M] (GOG.com) [On_Demand | Stopped] -- C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe -- (GalaxyCommunication)
  190. SRV - [2017.07.26 19:09:20 | 000,449,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -- (NvTelemetryContainer)
  191. SRV - [2017.07.07 08:23:46 | 000,583,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
  192. SRV - [2017.07.07 08:04:29 | 000,394,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
  193. SRV - [2017.07.01 13:47:29 | 000,175,560 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  194. SRV - [2017.06.20 06:39:05 | 000,969,728 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
  195. SRV - [2017.05.28 11:19:24 | 000,271,864 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  196. SRV - [2017.05.18 09:02:02 | 002,246,256 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService)
  197. SRV - [2017.04.28 02:40:07 | 000,799,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
  198. SRV - [2017.04.16 16:35:33 | 000,026,112 | ---- | M] () [Auto | Running] -- C:\Windows\KMS-R@1n.exe -- (KMS-R@1n)
  199. SRV - [2017.04.14 17:23:08 | 004,427,728 | ---- | M] (SecureMix LLC) [Auto | Running] -- C:\Program Files (x86)\GlassWire\GWCtlSrv.exe -- (GlassWire)
  200. SRV - [2017.03.18 22:58:47 | 004,212,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
  201. SRV - [2017.03.18 22:58:46 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
  202. SRV - [2017.03.18 22:56:20 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  203. SRV - [2017.02.16 13:49:00 | 006,498,816 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ADATA\SSD ToolBox\ToolBoxSvc.exe -- (ADATA ToolBox Service)
  204. SRV - [2016.10.12 17:28:18 | 000,744,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe -- (AdobeUpdateService)
  205. SRV - [2016.07.23 01:36:30 | 000,837,312 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  206. SRV - [2016.05.27 15:23:57 | 000,419,288 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe -- (AsusFanControlService)
  207. SRV - [2016.04.18 08:33:38 | 000,963,536 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.23\aaHMSvc.exe -- (asHmComSvc)
  208. SRV - [2015.09.17 04:58:24 | 000,936,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe -- (asComSvc)
  209. SRV - [2013.01.02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
  210.  
  211.  
  212. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  213.  
  214. DRV:[b]64bit:[/b] - [2017.08.16 13:36:53 | 000,055,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hitmanpro37.sys -- (hitmanpro37)
  215. DRV:[b]64bit:[/b] - [2017.07.26 19:09:23 | 000,057,792 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvhci.sys -- (nvvhci)
  216. DRV:[b]64bit:[/b] - [2017.07.26 19:09:22 | 000,048,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
  217. DRV:[b]64bit:[/b] - [2017.07.26 19:08:47 | 000,030,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
  218. DRV:[b]64bit:[/b] - [2017.07.07 09:24:00 | 000,117,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
  219. DRV:[b]64bit:[/b] - [2017.07.07 09:20:52 | 000,382,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
  220. DRV:[b]64bit:[/b] - [2017.07.07 09:13:20 | 000,554,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
  221. DRV:[b]64bit:[/b] - [2017.06.28 17:00:36 | 015,625,336 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys -- (nvlddmkm)
  222. DRV:[b]64bit:[/b] - [2017.06.28 00:39:35 | 000,218,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
  223. DRV:[b]64bit:[/b] - [2017.06.20 08:00:36 | 000,142,752 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
  224. DRV:[b]64bit:[/b] - [2017.06.20 07:07:09 | 000,757,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
  225. DRV:[b]64bit:[/b] - [2017.06.03 12:00:17 | 000,219,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
  226. DRV:[b]64bit:[/b] - [2017.06.03 11:11:56 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
  227. DRV:[b]64bit:[/b] - [2017.05.20 09:07:32 | 000,287,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
  228. DRV:[b]64bit:[/b] - [2017.05.20 08:59:08 | 000,112,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
  229. DRV:[b]64bit:[/b] - [2017.05.20 08:54:43 | 000,144,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
  230. DRV:[b]64bit:[/b] - [2017.05.20 08:07:38 | 000,277,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
  231. DRV:[b]64bit:[/b] - [2017.04.28 02:59:04 | 000,388,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
  232. DRV:[b]64bit:[/b] - [2017.04.19 08:18:19 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
  233. DRV:[b]64bit:[/b] - [2017.03.20 06:01:31 | 000,037,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  234. DRV:[b]64bit:[/b] - [2017.03.20 06:01:27 | 000,040,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
  235. DRV:[b]64bit:[/b] - [2017.03.20 06:01:24 | 000,030,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  236. DRV:[b]64bit:[/b] - [2017.03.18 22:59:50 | 000,030,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
  237. DRV:[b]64bit:[/b] - [2017.03.18 22:58:33 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
  238. DRV:[b]64bit:[/b] - [2017.03.18 22:58:18 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
  239. DRV:[b]64bit:[/b] - [2017.03.18 22:58:16 | 000,127,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
  240. DRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,263,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
  241. DRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,179,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
  242. DRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
  243. DRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,070,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
  244. DRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,059,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
  245. DRV:[b]64bit:[/b] - [2017.03.18 22:58:04 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
  246. DRV:[b]64bit:[/b] - [2017.03.18 22:58:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
  247. DRV:[b]64bit:[/b] - [2017.03.18 22:58:01 | 000,217,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
  248. DRV:[b]64bit:[/b] - [2017.03.18 22:58:01 | 000,012,288 | ---- | M] (Microsoft Corporation) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
  249. DRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,154,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
  250. DRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
  251. DRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,074,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
  252. DRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,039,840 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
  253. DRV:[b]64bit:[/b] - [2017.03.18 22:57:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
  254. DRV:[b]64bit:[/b] - [2017.03.18 22:57:57 | 000,075,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
  255. DRV:[b]64bit:[/b] - [2017.03.18 22:57:57 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
  256. DRV:[b]64bit:[/b] - [2017.03.18 22:57:54 | 000,208,288 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
  257. DRV:[b]64bit:[/b] - [2017.03.18 22:57:54 | 000,169,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
  258. DRV:[b]64bit:[/b] - [2017.03.18 22:57:54 | 000,128,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
  259. DRV:[b]64bit:[/b] - [2017.03.18 22:57:53 | 000,164,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
  260. DRV:[b]64bit:[/b] - [2017.03.18 22:57:53 | 000,072,192 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
  261. DRV:[b]64bit:[/b] - [2017.03.18 22:57:47 | 000,080,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
  262. DRV:[b]64bit:[/b] - [2017.03.18 22:57:39 | 001,735,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
  263. DRV:[b]64bit:[/b] - [2017.03.18 22:57:39 | 000,936,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refsv1.sys -- (ReFSv1)
  264. DRV:[b]64bit:[/b] - [2017.03.18 22:57:39 | 000,239,616 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
  265. DRV:[b]64bit:[/b] - [2017.03.18 22:57:39 | 000,215,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
  266. DRV:[b]64bit:[/b] - [2017.03.18 22:57:39 | 000,033,688 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  267. DRV:[b]64bit:[/b] - [2017.03.18 22:57:38 | 000,056,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
  268. DRV:[b]64bit:[/b] - [2017.03.18 22:57:38 | 000,049,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
  269. DRV:[b]64bit:[/b] - [2017.03.18 22:57:35 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
  270. DRV:[b]64bit:[/b] - [2017.03.18 22:57:24 | 000,088,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
  271. DRV:[b]64bit:[/b] - [2017.03.18 22:57:05 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
  272. DRV:[b]64bit:[/b] - [2017.03.18 22:57:03 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
  273. DRV:[b]64bit:[/b] - [2017.03.18 22:57:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
  274. DRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,294,816 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
  275. DRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,121,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
  276. DRV:[b]64bit:[/b] - [2017.03.18 22:56:44 | 000,044,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
  277. DRV:[b]64bit:[/b] - [2017.03.18 22:56:41 | 000,213,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
  278. DRV:[b]64bit:[/b] - [2017.03.18 22:56:41 | 000,127,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
  279. DRV:[b]64bit:[/b] - [2017.03.18 22:56:41 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  280. DRV:[b]64bit:[/b] - [2017.03.18 22:56:41 | 000,054,272 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
  281. DRV:[b]64bit:[/b] - [2017.03.18 22:56:41 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
  282. DRV:[b]64bit:[/b] - [2017.03.18 22:56:41 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
  283. DRV:[b]64bit:[/b] - [2017.03.18 22:56:35 | 000,094,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
  284. DRV:[b]64bit:[/b] - [2017.03.18 22:56:35 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
  285. DRV:[b]64bit:[/b] - [2017.03.18 22:56:35 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
  286. DRV:[b]64bit:[/b] - [2017.03.18 22:56:35 | 000,051,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
  287. DRV:[b]64bit:[/b] - [2017.03.18 22:56:35 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
  288. DRV:[b]64bit:[/b] - [2017.03.18 22:56:35 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
  289. DRV:[b]64bit:[/b] - [2017.03.18 22:56:35 | 000,018,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
  290. DRV:[b]64bit:[/b] - [2017.03.18 22:56:34 | 000,138,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
  291. DRV:[b]64bit:[/b] - [2017.03.18 22:56:34 | 000,098,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
  292. DRV:[b]64bit:[/b] - [2017.03.18 22:56:34 | 000,049,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
  293. DRV:[b]64bit:[/b] - [2017.03.18 22:56:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
  294. DRV:[b]64bit:[/b] - [2017.03.18 22:56:34 | 000,029,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
  295. DRV:[b]64bit:[/b] - [2017.03.18 22:56:34 | 000,028,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
  296. DRV:[b]64bit:[/b] - [2017.03.18 22:56:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
  297. DRV:[b]64bit:[/b] - [2017.03.18 22:56:34 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
  298. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,168,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
  299. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,165,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
  300. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,085,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
  301. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
  302. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,074,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
  303. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,070,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
  304. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
  305. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,053,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
  306. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  307. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  308. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
  309. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
  310. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
  311. DRV:[b]64bit:[/b] - [2017.03.18 22:56:28 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
  312. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,673,184 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
  313. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,604,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
  314. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,587,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
  315. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,405,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
  316. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,101,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
  317. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,095,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
  318. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,091,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
  319. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimmn.sys -- (nvdimmn)
  320. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,078,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
  321. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
  322. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
  323. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,051,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
  324. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,036,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
  325. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,031,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
  326. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,029,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
  327. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,016,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
  328. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
  329. DRV:[b]64bit:[/b] - [2017.03.18 22:56:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
  330. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 002,104,224 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
  331. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 001,135,512 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
  332. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,842,656 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
  333. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,526,240 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
  334. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,347,032 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
  335. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,305,568 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
  336. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,259,488 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  337. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,123,808 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
  338. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,122,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
  339. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,108,960 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
  340. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,107,424 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
  341. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,103,328 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
  342. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,083,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  343. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,082,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
  344. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
  345. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,064,416 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  346. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,064,416 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
  347. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,063,904 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
  348. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
  349. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,058,784 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
  350. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,032,160 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
  351. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,031,136 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  352. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,027,040 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  353. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
  354. DRV:[b]64bit:[/b] - [2017.03.18 22:56:25 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
  355. DRV:[b]64bit:[/b] - [2017.03.18 22:56:23 | 003,419,040 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  356. DRV:[b]64bit:[/b] - [2017.03.18 22:56:23 | 000,533,920 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  357. DRV:[b]64bit:[/b] - [2017.03.18 22:56:23 | 000,074,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
  358. DRV:[b]64bit:[/b] - [2017.03.18 22:56:23 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
  359. DRV:[b]64bit:[/b] - [2017.03.18 22:56:19 | 000,119,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
  360. DRV:[b]64bit:[/b] - [2017.03.18 22:56:19 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
  361. DRV:[b]64bit:[/b] - [2017.03.18 22:56:19 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
  362. DRV:[b]64bit:[/b] - [2017.03.18 22:56:19 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
  363. DRV:[b]64bit:[/b] - [2017.03.18 22:56:19 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys -- (CompositeBus)
  364. DRV:[b]64bit:[/b] - [2017.03.18 22:56:19 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
  365. DRV:[b]64bit:[/b] - [2016.01.19 22:50:38 | 000,202,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
  366. DRV:[b]64bit:[/b] - [2015.10.29 21:43:10 | 000,025,928 | ---- | M] (TP Microelectronic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpfilter.sys -- (tpfilter)
  367. DRV:[b]64bit:[/b] - [2015.05.29 06:15:44 | 000,033,152 | ---- | M] (SecureMix LLC) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gwdrv.sys -- (gwdrv)
  368. DRV:[b]64bit:[/b] - [2010.04.27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
  369. DRV:[b]64bit:[/b] - [2010.04.27 16:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
  370. DRV:[b]64bit:[/b] - [2010.04.27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
  371. DRV:[b]64bit:[/b] - [2010.04.27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
  372. DRV:[b]64bit:[/b] - [2010.04.27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
  373. DRV - [2017.08.16 13:36:54 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{203FBFCD-B166-48C7-B89F-4A01EE731F54}\MpKsl1aa9d81d.sys -- (MpKsl1aa9d81d)
  374. DRV - [2017.07.26 13:10:11 | 000,046,400 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Users\JANUSZ~1\AppData\Local\Temp\cpuz141\cpuz141_x64.sys -- (cpuz141)
  375. DRV - [2017.06.28 17:00:36 | 015,625,336 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2386fda73b467ac8\nvlddmkm.sys -- (nvlddmkm)
  376. DRV - [2017.03.18 22:56:19 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys -- (CompositeBus)
  377. DRV - [2016.10.24 12:03:56 | 000,014,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
  378.  
  379.  
  380. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  381.  
  382.  
  383. [color=#E56717]========== Internet Explorer ==========[/color]
  384.  
  385. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  386. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  387. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  388. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  389. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  390.  
  391. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
  392. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  393. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  394.  
  395. [color=#E56717]========== FireFox ==========[/color]
  396.  
  397. FF - prefs.js..browser.search.countryCode: "PL"
  398. FF - prefs.js..browser.search.region: "PL"
  399. FF - prefs.js..browser.search.update: false
  400. FF - prefs.js..extensions.enabledAddons: %7B46551EC9-40F0-4e47-8E18-8E5CF550CFB8%7D:2.0.7
  401. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:54.0.1
  402. FF - user.js - File not found
  403.  
  404. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll File not found
  405. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: f:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
  406. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
  407. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll ()
  408. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  409. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  410. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
  411. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
  412. FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
  413.  
  414. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  415. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  416.  
  417. [2017.04.16 16:27:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\Extensions
  418. [2017.08.10 16:23:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\Firefox\Profiles\y1uncvdc.default\extension-data
  419. [2017.07.26 20:03:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\Firefox\Profiles\y1uncvdc.default\extensions
  420. [2017.04.21 06:50:50 | 000,157,498 | ---- | M] () (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\firefox\profiles\y1uncvdc.default\extensions\jid0-GaZOxvWNYcafEsmayJDIG3XXVi8@jetpack.xpi
  421. [2017.07.26 20:03:20 | 001,728,718 | ---- | M] () (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\firefox\profiles\y1uncvdc.default\extensions\uBlock0@raymondhill.net.xpi
  422. [2017.04.21 06:50:50 | 000,221,125 | ---- | M] () (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\firefox\profiles\y1uncvdc.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
  423. [2017.07.26 20:03:16 | 000,008,945 | ---- | M] () (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\firefox\profiles\y1uncvdc.default\features\{5cbaf8f3-c9c4-4f64-af93-71ea49bc58a9}\e10srollout@mozilla.org.xpi
  424. [2017.07.26 20:03:16 | 000,009,974 | ---- | M] () (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\firefox\profiles\y1uncvdc.default\features\{5cbaf8f3-c9c4-4f64-af93-71ea49bc58a9}\followonsearch@mozilla.com.xpi
  425. [2017.07.26 20:03:16 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\Janusz Rambo\AppData\Roaming\mozilla\firefox\profiles\y1uncvdc.default\features\{5cbaf8f3-c9c4-4f64-af93-71ea49bc58a9}\shield-recipe-client@mozilla.org.xpi
  426. [2017.07.01 13:47:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
  427.  
  428. [color=#E56717]========== Chrome ==========[/color]
  429.  
  430. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.6_0\
  431. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  432. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  433. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
  434. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
  435. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm\1.13.8_0\
  436. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\4.3.6_0\
  437. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff\4.0.21_0\
  438. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  439. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja\2.6.7_0\
  440. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
  441. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\3.1.17325.1420_0\
  442. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\johjcheghocokbkhacbfbhojoangkpcb\1.5.9_0\
  443. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegnjbncdcliihbemealioapbifiaedg\1.2_0\
  444. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci\0.0.61_0\
  445. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\0.98.92.2_0\
  446. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibmplgflabdmnnoncnedjfdpidjblnk\1.45_0\
  447. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
  448. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  449. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl\1.0.2_0\
  450. CHR - Extension: No name found = C:\Users\Janusz Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6017.605.1.4_0\
  451.  
  452. O1 HOSTS File: ([2017.05.28 17:32:02 | 000,000,826 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  453. O2:[b]64bit:[/b] - BHO: (no name) - {13D67BB7-DB5F-48AA-884D-7A5D94168509} - No CLSID value found.
  454. O2 - BHO: (no name) - {13D67BB7-DB5F-48AA-884D-7A5D94168509} - No CLSID value found.
  455. O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
  456. O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
  457. O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
  458. O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
  459. O4:[b]64bit:[/b] - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
  460. O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
  461. O4 - HKCU..\Run: [Discord] C:\Users\Janusz Rambo\AppData\Local\Discord\app-0.0.297\Discord.exe (Hammer & Chisel, Inc.)
  462. O4 - HKCU..\Run: [GlassWire] C:\Program Files (x86)\GlassWire\glasswire.exe (SecureMix LLC)
  463. O4 - HKCU..\Run: [PeerBlock] f:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
  464. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  465. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  466. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
  467. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  468. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  469. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
  470. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
  471. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  472. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  473. O13[b]64bit:[/b] - gopher Prefix: missing
  474. O13 - gopher Prefix: missing
  475. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
  476. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31a9ef30-f662-4183-b6d0-44747b26936e}: DhcpNameServer = 192.168.1.1 192.168.1.1
  477. O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
  478. O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
  479. O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
  480. O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
  481. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  482. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  483. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  484. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  485. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  486. O32 - HKLM CDRom: AutoRun - 1
  487. O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - G:\autoexec.bat -- [ NTFS ]
  488. O34 - HKLM BootExecute: (autocheck autochk *)
  489. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  490. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  491. O35 - HKLM\..comfile [open] -- "%1" %*
  492. O35 - HKLM\..exefile [open] -- "%1" %*
  493. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  494. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  495. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  496. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  497. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  498. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  499.  
  500. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  501.  
  502. [2017.08.16 13:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
  503. [2017.08.16 13:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
  504. [2017.08.16 02:00:02 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\AdobeGC
  505. [2017.08.16 00:42:53 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
  506. [2017.08.16 00:42:42 | 000,057,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvhci.sys
  507. [2017.08.16 00:42:42 | 000,048,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
  508. [2017.08.14 21:41:21 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\Desktop\rgr
  509. [2017.08.11 09:33:10 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Roaming\Trimble Connect for SketchUp
  510. [2017.08.11 08:57:15 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Roaming\SketchUp
  511. [2017.08.11 08:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017
  512. [2017.08.11 08:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Reprise
  513. [2017.08.11 08:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SketchUp
  514. [2017.08.02 15:35:02 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\CrashRpt
  515. [2017.07.31 20:37:25 | 000,000,000 | ---D | C] -- C:\ProgramData\360TSBackup
  516. [2017.07.26 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Recovery
  517. [2017.07.23 15:27:49 | 000,000,000 | ---D | C] -- C:\The Sims 4
  518. [2017.07.23 14:46:51 | 000,135,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
  519. [2017.07.23 14:46:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
  520. [2017.07.23 14:46:20 | 000,549,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
  521. [2017.07.23 14:46:20 | 000,069,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
  522. [2017.07.23 14:41:31 | 035,838,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
  523. [2017.07.23 14:41:31 | 028,953,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
  524. [2017.07.23 14:41:31 | 012,337,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
  525. [2017.07.23 14:41:31 | 012,132,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
  526. [2017.07.23 14:41:31 | 010,381,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
  527. [2017.07.23 14:41:31 | 009,982,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
  528. [2017.07.23 14:41:31 | 001,988,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6438476.dll
  529. [2017.07.23 14:41:31 | 001,615,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
  530. [2017.07.23 14:41:31 | 001,597,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6438476.dll
  531. [2017.07.23 14:41:31 | 001,278,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncMFTH264.dll
  532. [2017.07.23 14:41:31 | 001,276,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncMFThevc.dll
  533. [2017.07.23 14:41:31 | 001,067,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
  534. [2017.07.23 14:41:31 | 001,004,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
  535. [2017.07.23 14:41:31 | 000,996,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncMFTH264.dll
  536. [2017.07.23 14:41:31 | 000,995,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncMFThevc.dll
  537. [2017.07.23 14:41:31 | 000,972,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
  538. [2017.07.23 14:41:31 | 000,924,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
  539. [2017.07.23 14:41:31 | 000,781,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
  540. [2017.07.23 14:41:31 | 000,689,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
  541. [2017.07.23 14:41:31 | 000,618,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmcumd.dll
  542. [2017.07.23 14:41:31 | 000,617,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
  543. [2017.07.23 14:41:31 | 000,609,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
  544. [2017.07.23 14:41:31 | 000,578,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
  545. [2017.07.23 14:41:31 | 000,499,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
  546. [2017.07.23 14:41:31 | 000,218,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
  547. [2017.07.23 14:41:31 | 000,045,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
  548. [2017.07.23 14:41:30 | 040,239,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
  549. [2017.07.23 14:41:30 | 035,314,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
  550. [2017.07.23 14:41:30 | 013,559,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
  551. [2017.07.23 14:41:30 | 011,501,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
  552. [2017.07.23 14:41:30 | 004,208,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
  553. [2017.07.23 14:41:30 | 004,163,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
  554. [2017.07.23 14:41:30 | 003,709,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
  555. [2017.07.23 14:41:30 | 003,595,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
  556. [2017.07.23 14:41:30 | 000,725,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvDecMFTMjpeg.dll
  557. [2017.07.23 14:41:30 | 000,584,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvDecMFTMjpeg.dll
  558. [2017.07.21 16:38:41 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsignad28436cdf90b7c9
  559. [2017.07.21 16:36:48 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsignbee047f3d7abd232
  560. [2017.07.21 16:09:08 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign84b2afa0ed05205a
  561. [2017.07.21 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign6372fe2fc82d42d4
  562. [2017.07.21 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign2e205ddd34c436df
  563. [2017.07.21 16:05:06 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign085ca3900f14d3c1
  564. [2017.07.21 15:56:40 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\Desktop\WKLEJKI
  565. [2017.07.21 14:36:17 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsignfe59705502dae6b4
  566. [2017.07.21 14:32:35 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign6dbd2184a56e1735
  567. [2017.07.21 14:32:29 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign4306b5a83199814c
  568. [2017.07.21 14:32:28 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsignc36f661873011de5
  569. [2017.07.21 14:31:48 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsignc9709cb659c7c2a1
  570. [2017.07.21 14:31:21 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign06d20362a93f24da
  571. [2017.07.21 14:30:27 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign295c215382c302f1
  572. [2017.07.21 14:30:25 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign2c86eae19116409c
  573. [2017.07.21 14:30:25 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign0034b2b253f5bc51
  574. [2017.07.21 14:26:19 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign09492c84e0731dd6
  575. [2017.07.21 14:26:15 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign7d9ebf7990c68476
  576. [2017.07.21 14:26:14 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Tempzxpsign3f2151684c00fad1
  577. [2017.07.21 14:26:06 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Roaming\NVIDIA
  578. [2017.07.21 14:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
  579. [2017.07.21 14:21:15 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\Documents\Adobe
  580. [2017.07.21 14:20:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
  581. [2017.07.21 14:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
  582. [2017.07.21 14:19:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
  583. [2017.07.21 14:19:35 | 000,000,000 | ---D | C] -- C:\Users\Janusz Rambo\AppData\Local\Adobe
  584. [2017.07.21 14:19:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
  585. [2017.07.21 14:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
  586. [2017.07.20 09:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\360Quarant
  587. [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
  588. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  589.  
  590. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  591.  
  592. [2017.08.16 13:36:53 | 000,055,232 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
  593. [2017.08.16 13:33:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  594. [2017.08.16 07:04:36 | 007,899,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  595. [2017.08.16 07:04:36 | 003,887,030 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
  596. [2017.08.16 07:04:36 | 001,701,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  597. [2017.08.16 07:04:36 | 001,104,842 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
  598. [2017.08.16 07:04:36 | 001,057,254 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  599. [2017.08.16 06:57:38 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
  600. [2017.08.12 12:50:23 | 025,851,259 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\jdmbimma.psd
  601. [2017.08.11 17:13:46 | 000,000,535 | ---- | M] () -- C:\Users\Public\Desktop\Overwatch Test.lnk
  602. [2017.08.07 15:00:03 | 000,396,174 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\7313670_orig.jpg
  603. [2017.08.07 09:04:57 | 001,074,626 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\087.jpg
  604. [2017.08.06 16:38:34 | 000,169,971 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\02_audi_a4_deval_roof_spoiler_02.jpg
  605. [2017.07.31 20:44:58 | 000,007,594 | ---- | M] () -- C:\Users\Janusz Rambo\AppData\Local\resmon.resmoncfg
  606. [2017.07.29 15:44:52 | 000,164,043 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\ultraracing28.jpg
  607. [2017.07.29 15:37:32 | 000,087,873 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\img_ur_img01.jpg
  608. [2017.07.29 15:35:47 | 000,046,747 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\ultra-racing-8-point-side-bar-proton-wira-1-3-1-5-1-6-1-8-sedan-eddy204-1501-02-eddy204@343.jpg
  609. [2017.07.29 14:19:12 | 000,447,171 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\editetk6qrbm.jpg
  610. [2017.07.29 14:14:33 | 000,023,111 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\25jb801.jpg
  611. [2017.07.26 19:09:28 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
  612. [2017.07.26 19:09:27 | 001,755,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
  613. [2017.07.26 19:09:27 | 001,505,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
  614. [2017.07.26 19:09:27 | 001,317,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
  615. [2017.07.26 19:09:27 | 000,121,280 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
  616. [2017.07.26 19:09:23 | 000,057,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvhci.sys
  617. [2017.07.26 19:09:22 | 000,048,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
  618. [2017.07.26 19:09:21 | 000,179,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
  619. [2017.07.26 19:09:21 | 000,146,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
  620. [2017.07.26 15:40:31 | 000,001,951 | ---- | M] () -- C:\Windows\NvTelemetryContainerRecovery.bat
  621. [2017.07.26 15:36:56 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat
  622. [2017.07.25 21:35:50 | 000,000,007 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\Nowy dokument sformatowany.rtf
  623. [2017.07.25 15:37:54 | 000,192,832 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\E46o91k.jpg
  624. [2017.07.23 11:31:45 | 000,001,345 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\TS4_x64 — skrót .lnk
  625. [2017.07.22 07:44:47 | 000,227,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  626. [2017.07.21 14:27:13 | 000,001,099 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\Adobe Photoshop CC 2017.lnk
  627. [2017.07.21 14:20:12 | 000,001,300 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
  628. [2017.07.17 21:00:40 | 001,395,166 | ---- | M] () -- C:\Users\Janusz Rambo\Desktop\goodwood-festivalofspeed-jordanbutters-speedhunters-4301.jpg
  629. [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
  630. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  631.  
  632. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  633.  
  634. [2017.08.16 13:36:53 | 000,055,232 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
  635. [2017.08.12 12:50:23 | 025,851,259 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\jdmbimma.psd
  636. [2017.08.07 15:00:01 | 000,396,174 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\7313670_orig.jpg
  637. [2017.08.07 09:04:57 | 001,074,626 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\087.jpg
  638. [2017.08.06 16:38:31 | 000,169,971 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\02_audi_a4_deval_roof_spoiler_02.jpg
  639. [2017.07.29 15:44:50 | 000,164,043 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\ultraracing28.jpg
  640. [2017.07.29 15:37:30 | 000,087,873 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\img_ur_img01.jpg
  641. [2017.07.29 15:35:45 | 000,046,747 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\ultra-racing-8-point-side-bar-proton-wira-1-3-1-5-1-6-1-8-sedan-eddy204-1501-02-eddy204@343.jpg
  642. [2017.07.29 14:19:11 | 000,447,171 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\editetk6qrbm.jpg
  643. [2017.07.29 14:14:31 | 000,023,111 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\25jb801.jpg
  644. [2017.07.25 21:35:50 | 000,000,007 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\Nowy dokument sformatowany.rtf
  645. [2017.07.25 15:37:47 | 000,192,832 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\E46o91k.jpg
  646. [2017.07.23 14:46:35 | 000,536,864 | ---- | C] () -- C:\Windows\SysNative\vulkan-1.dll
  647. [2017.07.23 14:46:35 | 000,525,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
  648. [2017.07.23 14:46:35 | 000,254,240 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo.exe
  649. [2017.07.23 14:46:35 | 000,233,760 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
  650. [2017.07.23 14:41:31 | 000,046,373 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
  651. [2017.07.23 14:41:30 | 000,000,669 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
  652. [2017.07.23 14:41:30 | 000,000,669 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
  653. [2017.07.23 11:31:52 | 000,001,345 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\TS4_x64 — skrót .lnk
  654. [2017.07.21 14:27:13 | 000,001,099 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\Adobe Photoshop CC 2017.lnk
  655. [2017.07.21 14:21:14 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
  656. [2017.07.21 14:20:12 | 000,001,312 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
  657. [2017.07.21 14:20:12 | 000,001,300 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
  658. [2017.07.21 04:06:32 | 000,227,216 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
  659. [2017.07.17 21:00:38 | 001,395,166 | ---- | C] () -- C:\Users\Janusz Rambo\Desktop\goodwood-festivalofspeed-jordanbutters-speedhunters-4301.jpg
  660. [2017.07.04 16:33:31 | 000,001,658 | ---- | C] () -- C:\Users\Janusz Rambo\AppData\Local\recently-used.xbel
  661. [2017.06.14 07:55:25 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\xboxgipsynthetic.dll
  662. [2017.05.13 06:28:03 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
  663. [2017.05.13 06:27:16 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
  664. [2017.05.12 09:11:04 | 005,191,808 | ---- | C] () -- C:\Windows\PE_File.dll
  665. [2017.05.12 09:10:33 | 005,135,488 | ---- | C] () -- C:\Windows\PE_Rom.dll
  666. [2017.05.12 08:56:31 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
  667. [2017.04.16 18:00:09 | 000,007,594 | ---- | C] () -- C:\Users\Janusz Rambo\AppData\Local\resmon.resmoncfg
  668. [2017.04.16 16:47:01 | 000,015,232 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
  669. [2017.04.16 16:35:33 | 000,026,112 | ---- | C] () -- C:\Windows\KMS-R@1n.exe
  670. [2017.04.16 16:35:33 | 000,005,120 | ---- | C] () -- C:\Windows\KMS-R@1nHook.exe
  671. [2017.04.16 16:35:33 | 000,004,096 | ---- | C] () -- C:\Windows\KMS-R@1nHook.dll
  672. [2017.04.16 16:17:24 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
  673. [2017.03.18 23:03:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
  674. [2017.03.18 23:03:41 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
  675. [2017.03.18 22:58:56 | 000,054,272 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
  676. [2017.03.18 22:58:54 | 000,116,824 | ---- | C] () -- C:\Windows\SysWow64\InputHost.dll
  677. [2017.03.18 22:58:54 | 000,112,128 | ---- | C] () -- C:\Windows\SysWow64\HeatCore.dll
  678. [2017.03.18 22:58:54 | 000,086,528 | ---- | C] () -- C:\Windows\SysWow64\WindowsDefaultHeatProcessor.dll
  679. [2017.03.18 22:58:52 | 003,200,000 | ---- | C] () -- C:\Windows\SysWow64\Windows.UI.Input.Inking.Analysis.dll
  680. [2017.03.18 22:58:51 | 000,167,640 | ---- | C] () -- C:\Windows\SysWow64\chs_singlechar_pinyin.dat
  681. [2017.03.18 22:58:48 | 000,002,307 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
  682. [2017.03.18 22:58:42 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
  683. [2017.03.18 22:58:39 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\ssdm.dll
  684. [2017.03.18 22:58:37 | 001,859,072 | ---- | C] () -- C:\Windows\SysWow64\Windows.Mirage.dll
  685. [2017.03.18 22:57:47 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
  686. [2017.03.18 22:57:03 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
  687. [2017.03.10 23:17:28 | 000,525,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-42-1.dll
  688. [2017.03.10 23:17:20 | 000,233,760 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-42-1.exe
  689.  
  690. [color=#E56717]========== ZeroAccess Check ==========[/color]
  691.  
  692. [2017.05.13 08:53:42 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  693.  
  694. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  695.  
  696. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  697.  
  698. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  699.  
  700. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  701.  
  702. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  703. "" = C:\Windows\SysNative\windows.storage.dll -- [2017.07.07 09:14:39 | 007,325,584 | ---- | M] (Microsoft Corporation)
  704. "ThreadingModel" = Apartment
  705.  
  706. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  707. "" = %SystemRoot%\system32\windows.storage.dll -- [2017.07.07 08:31:01 | 005,820,984 | ---- | M] (Microsoft Corporation)
  708. "ThreadingModel" = Apartment
  709.  
  710. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  711. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017.03.18 22:57:58 | 000,961,024 | ---- | M] (Microsoft Corporation)
  712. "ThreadingModel" = Free
  713.  
  714. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  715. "" = %systemroot%\system32\wbem\fastprox.dll -- [2017.03.18 22:58:50 | 000,770,560 | ---- | M] (Microsoft Corporation)
  716. "ThreadingModel" = Free
  717.  
  718. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  719. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017.03.18 22:57:53 | 000,510,464 | ---- | M] (Microsoft Corporation)
  720. "ThreadingModel" = Both
  721.  
  722. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  723.  
  724. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!