Prośba o sprawdzenie logów z OTL

[sapphire21]

Witam

W związku ze znalezieniem paru infekcji na PC'cie chciałbym prosić o sprawdzenie logów z OTL:

Kod: Zaznacz cały

OTL logfile created on: 2013-04-11 20:07:53 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sapphire21\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 5,31 Gb Available Physical Memory | 66,78% Memory free
9,95 Gb Paging File | 6,69 Gb Available in Paging File | 67,26% Paging File free
Paging file location(s): c:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 31,75 Gb Free Space | 26,65% Space Free | Partition Type: NTFS
Drive D: | 1,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 49,81 Gb Total Space | 11,67 Gb Free Space | 23,42% Space Free | Partition Type: NTFS
Drive F: | 220,14 Gb Total Space | 186,28 Gb Free Space | 84,62% Space Free | Partition Type: NTFS
Drive G: | 195,80 Gb Total Space | 19,01 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
 
Computer Name: KOMPUTER-COOKIE | User Name: Sapphire21 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-04-11 20:05:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sapphire21\Downloads\OTL.exe
PRC - [2013-04-10 19:27:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013-04-09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-03-29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013-03-26 09:21:39 | 003,497,552 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2013-03-14 12:33:10 | 001,977,328 | ---- | M] (Micro-Star International) -- C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
PRC - [2013-01-30 19:47:52 | 002,979,528 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
PRC - [2012-12-18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-14 16:37:18 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012-12-10 18:05:34 | 000,853,048 | ---- | M] (Micro-Star INT'L CO.,LTD.) -- C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
PRC - [2012-11-16 15:24:44 | 000,913,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012-10-26 11:07:34 | 000,103,992 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
PRC - [2012-07-03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012-05-21 01:26:26 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-03-29 14:38:25 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-03-29 14:38:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-03-29 14:38:06 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2010-11-21 05:25:10 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010-04-30 11:36:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe
PRC - [2010-04-28 18:25:44 | 000,228,352 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
PRC - [2009-03-24 15:00:00 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe
PRC - [2009-03-24 14:59:04 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\ZTE Join Air\UIExec.exe
PRC - [2007-02-14 12:11:18 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-04-09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013-04-09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013-04-09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013-04-09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013-04-09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013-04-09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013-03-29 21:53:56 | 001,114,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2013-03-27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013-03-26 09:21:39 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dll
MOD - [2013-03-26 00:23:34 | 000,651,776 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013-02-27 00:37:50 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
MOD - [2013-01-11 18:48:41 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013-01-10 00:26:55 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
MOD - [2013-01-10 00:26:48 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
MOD - [2013-01-10 00:26:45 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013-01-10 00:26:45 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013-01-10 00:26:44 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
MOD - [2013-01-10 00:26:43 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013-01-10 00:26:43 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013-01-10 00:26:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013-01-10 00:26:40 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012-12-14 16:37:18 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012-12-13 16:50:58 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\Samsung_authentic_SSD.dll
MOD - [2012-12-11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-12-11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-12-11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2010-04-30 11:36:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe
MOD - [2010-04-28 18:25:44 | 000,228,352 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
MOD - [2009-03-24 14:59:04 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\ZTE Join Air\UIExec.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012-12-19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012-11-16 15:24:44 | 000,913,184 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2012-09-05 20:38:06 | 006,364,024 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:[b]64bit:[/b] - [2012-06-05 18:40:38 | 000,190,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2012-03-07 03:00:46 | 000,629,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2010-12-13 15:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-04-10 19:27:41 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013-03-21 00:49:41 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-03-13 16:18:39 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-01-08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-12-18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-10-26 11:07:34 | 000,103,992 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe -- (MSI_FastBoot)
SRV - [2012-03-29 14:38:25 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-03-29 14:38:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-03-29 14:38:06 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-24 15:00:00 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe -- (UI Assistant Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013-02-12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2013-01-12 11:40:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2013-01-10 21:44:02 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2012-12-19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012-12-19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-11-16 14:56:48 | 000,209,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2012-11-16 14:56:48 | 000,062,024 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2012-11-06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-07-31 11:45:10 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-03-30 16:38:26 | 000,222,064 | ---- | M] (Focusrite A.E.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Saffire.sys -- (Saffire)
DRV:[b]64bit:[/b] - [2012-03-30 16:38:26 | 000,050,800 | ---- | M] (Focusrite A.E.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaffireMidi.sys -- (SaffireMidi)
DRV:[b]64bit:[/b] - [2012-03-30 16:38:26 | 000,040,176 | ---- | M] (Focusrite A.E.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaffireAudio.sys -- (SaffireAudio)
DRV:[b]64bit:[/b] - [2012-03-15 21:57:30 | 000,514,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:[b]64bit:[/b] - [2012-03-14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-01-06 11:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:[b]64bit:[/b] - [2011-11-10 17:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-12-13 15:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-04-27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:[b]64bit:[/b] - [2010-04-27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:[b]64bit:[/b] - [2010-04-27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:[b]64bit:[/b] - [2010-04-27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:[b]64bit:[/b] - [2010-04-27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:[b]64bit:[/b] - [2009-11-18 08:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:[b]64bit:[/b] - [2009-09-19 17:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2009-09-19 17:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2009-09-19 17:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:[b]64bit:[/b] - [2009-09-04 12:41:24 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2006-01-19 18:33:26 | 000,493,440 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WlanBZ64.sys -- (SG762_64)
DRV:[b]64bit:[/b] - [2006-01-19 18:27:00 | 000,366,080 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WlanUZ64.sys -- (SG760_64)
DRV:[b]64bit:[/b] - [2005-11-07 15:33:12 | 000,021,120 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DB3G.sys -- (Razerlow)
DRV - [2012-10-26 10:56:46 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys -- (NTIOLib_FastBoot)
DRV - [2010-10-22 11:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher%40ea.com:5.0.200.0
FF - prefs.js..extensions.enabledAddons: %7B2c93446d-612b-416d-9af0-b7355797b611%7D:3.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sapphire21\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sapphire21\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Sapphire21\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012-12-14 16:18:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-08 13:29:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-03-21 00:49:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-03-21 00:49:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-14 16:18:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-08 13:29:38 | 000,000,000 | ---D | M]
 
[2013-02-09 00:11:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sapphire21\AppData\Roaming\mozilla\Extensions
[2013-04-05 14:56:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sapphire21\AppData\Roaming\mozilla\Firefox\Profiles\yt7jo4du.default\extensions
[2013-03-25 23:29:01 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Sapphire21\AppData\Roaming\mozilla\Firefox\Profiles\yt7jo4du.default\extensions\battlefieldheroespatcher@ea.com
[2013-04-05 14:56:50 | 000,018,349 | ---- | M] () (No name found) -- C:\Users\Sapphire21\AppData\Roaming\mozilla\firefox\profiles\yt7jo4du.default\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
[2013-03-21 00:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013-03-21 00:49:41 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-11 04:06:08 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2013-03-02 18:21:19 | 000,002,980 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2013-03-02 18:21:19 | 000,001,619 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2013-03-02 18:21:19 | 000,001,130 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2013-03-02 18:21:19 | 000,001,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2013-03-02 18:21:19 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013-03-02 18:21:19 | 000,001,896 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Sapphire21\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - Extension: Dokumenty Google = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe (MSI CO.,LTD.)
O4 - HKLM..\Run: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe ()
O4 - HKLM..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\ZTE Join Air\UIExec.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Sapphire21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{641C063E-4A90-4F27-82F4-25C372495F7C}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF5B498A-AF4B-46B6-A9C3-AEDCAC905911}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4C68899-615E-4900-BF3C-54A644478AF2}: DhcpNameServer = 62.21.99.95
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-06-21 21:07:56 | 000,000,144 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{4c9a9432-5c86-11e2-8eb4-8c89a5c1428f}\Shell - "" = AutoRun
O33 - MountPoints2\{4c9a9432-5c86-11e2-8eb4-8c89a5c1428f}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2007-06-21 21:05:53 | 000,300,036 | R--- | M] ()
O33 - MountPoints2\{4c9a9432-5c86-11e2-8eb4-8c89a5c1428f}\Shell\setup\command - "" = D:\Setup.exe -- [2007-06-21 21:05:53 | 000,300,036 | R--- | M] ()
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setup.exe -- [2007-06-21 21:05:53 | 000,300,036 | R--- | M] ()
O33 - MountPoints2\D\Shell\setup\command - "" = D:\Setup.exe -- [2007-06-21 21:05:53 | 000,300,036 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-04-11 07:25:35 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-04-11 07:25:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-04-11 07:25:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-04-11 07:25:35 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-04-11 07:25:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-04-11 07:25:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-04-11 07:25:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-04-11 07:25:34 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-04-11 07:25:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-04-11 07:25:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-04-11 07:25:33 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-04-11 07:25:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-04-11 07:25:32 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-04-11 07:25:32 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-04-11 07:25:32 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-04-11 07:24:50 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013-04-11 07:24:49 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013-04-11 07:24:49 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013-04-11 07:24:49 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013-04-11 07:24:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013-04-11 07:24:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013-04-11 07:24:46 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013-04-11 07:24:46 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013-04-11 07:24:46 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013-04-11 07:24:45 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013-04-11 07:24:45 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013-04-11 07:24:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013-04-10 23:25:01 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Heaven
[2013-04-10 23:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
[2013-04-10 23:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unigine
[2013-04-10 23:12:17 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
[2013-04-10 23:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2013-04-10 23:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
[2013-04-10 23:05:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Geeks3D
[2013-04-10 18:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2013-04-10 17:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-04-10 17:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-04-10 17:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-04-10 17:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013-04-10 17:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013-04-10 17:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-04-10 17:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013-04-10 17:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013-04-10 17:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013-04-07 16:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013-04-07 16:43:35 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Roaming\Winamp
[2013-04-07 16:43:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013-04-07 10:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Sapphire21\wc
[2013-04-07 10:50:24 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Local\Ubisoft
[2013-04-07 10:50:23 | 000,000,000 | -HSD | C] -- C:\Users\Sapphire21\AppData\Roaming\wyUpdate AU
[2013-04-07 10:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher
[2013-04-07 10:50:21 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Roaming\Ubisoft
[2013-04-06 19:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician
[2013-04-06 19:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung SSD Magician
[2013-04-03 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Local\CrashRpt
[2013-04-03 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Documents\Arktos
[2013-04-03 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Local\Arktos
[2013-04-02 23:09:16 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Documents\The War Z
[2013-04-02 23:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The War Z
[2013-03-26 19:59:00 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2013-03-26 19:59:00 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013-03-26 19:59:00 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2013-03-26 19:59:00 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2013-03-26 19:59:00 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX
[2013-03-26 19:59:00 | 000,067,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SYSINFO.OCX
[2013-03-26 19:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedTestPro
[2013-03-26 19:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedTestPro
[2013-03-26 19:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AF Uninstalls
[2013-03-25 23:39:27 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Documents\Battlefield Heroes
[2013-03-25 23:29:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2013-03-25 18:38:59 | 000,000,000 | -H-D | C] -- C:\Users\Sapphire21\Documents\Runes of Magic
[2013-03-25 18:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Overwolf
[2013-03-25 17:47:41 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Local\Overwolf
[2013-03-21 19:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2013-03-21 19:25:33 | 000,085,504 | ---- | C] (Razer Inc.) -- C:\Windows\SysWow64\diamondback.cpl
[2013-03-21 19:25:32 | 000,021,120 | ---- | C] (Razer (Asia-Pacific) Pte Ltd) -- C:\Windows\SysNative\drivers\DB3G.sys
[2013-03-21 19:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2013-03-21 19:25:14 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Roaming\InstallShield
[2013-03-21 13:26:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys
[2013-03-21 13:26:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013-03-21 11:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2013-03-21 11:04:31 | 000,000,000 | ---D | C] -- C:\MSI
[2013-03-21 11:01:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013-03-21 11:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013-03-21 11:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013-03-21 11:00:44 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2013-03-21 00:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-03-20 07:57:07 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Documents\Niestandardowe szablony pakietu Office
[2013-03-14 10:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rFactor
[2013-03-14 10:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rFactor
[2013-03-14 01:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013-03-14 01:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013-03-14 01:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Sapphire21\Documents\*.tmp files -> C:\Users\Sapphire21\Documents\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-04-11 20:08:31 | 003,670,016 | -HS- | M] () -- C:\Users\Sapphire21\NTUSER.DAT
[2013-04-11 20:04:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-04-11 19:54:48 | 000,032,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-04-11 19:54:48 | 000,032,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-04-11 19:53:41 | 002,197,060 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-04-11 19:53:41 | 001,185,266 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-04-11 19:53:41 | 000,656,096 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-04-11 19:53:41 | 000,599,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-04-11 19:53:41 | 000,006,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-04-11 19:47:48 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-04-11 19:47:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013-04-11 19:47:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-04-11 19:46:22 | 005,748,798 | -H-- | M] () -- C:\Users\Sapphire21\AppData\Local\IconCache.db
[2013-04-11 19:35:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948138967-3353641718-1021249596-1000UA.job
[2013-04-11 19:31:16 | 000,131,941 | ---- | M] () -- C:\Users\Sapphire21\Desktop\duel_miniaturka_odc1.jpg
[2013-04-11 19:30:58 | 000,133,391 | ---- | M] () -- C:\Users\Sapphire21\Desktop\duel_miniaturka_odc2.jpg
[2013-04-11 19:25:25 | 001,422,571 | ---- | M] () -- C:\Users\Sapphire21\Desktop\Might-And-Magic-Duel-Of-Champions_S_Primal_PL_GamesCom.png
[2013-04-11 19:25:09 | 000,189,559 | ---- | M] () -- C:\Users\Sapphire21\Desktop\Logo.png
[2013-04-11 19:18:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-04-11 16:38:53 | 000,000,222 | ---- | M] () -- C:\Users\Sapphire21\Desktop\Sleeping Dogs.url
[2013-04-11 16:35:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948138967-3353641718-1021249596-1000Core.job
[2013-04-11 11:29:50 | 001,065,984 | ---- | M] () -- C:\Users\Sapphire21\AppData\Local\file__0.localstorage
[2013-04-11 07:42:15 | 005,012,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-04-11 00:06:10 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013-04-11 00:06:10 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013-04-11 00:06:01 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013-04-10 23:48:35 | 000,015,848 | ---- | M] () -- C:\Users\Sapphire21\Documents\lol123.veg
[2013-04-10 23:24:32 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2013-04-10 19:27:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-04-10 18:55:20 | 000,001,188 | ---- | M] () -- C:\Users\Sapphire21\Desktop\Battlefield 3.lnk
[2013-04-08 17:53:06 | 000,000,132 | ---- | M] () -- C:\Users\Sapphire21\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-04-07 10:50:22 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\Duel of Champions Launcher.lnk
[2013-04-07 10:10:28 | 000,000,065 | ---- | M] () -- C:\Windows\wininit.ini
[2013-04-06 19:06:24 | 000,116,592 | ---- | M] () -- C:\Users\Sapphire21\AppData\Local\GDIPFONTCACHEV1.DAT
[2013-04-06 19:06:21 | 000,001,189 | ---- | M] () -- C:\Users\Sapphire21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2013-04-05 13:48:24 | 007,013,713 | ---- | M] () -- C:\Users\Sapphire21\tył.EPS
[2013-04-05 13:42:51 | 002,660,237 | ---- | M] () -- C:\Users\Sapphire21\tył.PNG
[2013-04-05 13:42:33 | 001,113,816 | ---- | M] () -- C:\Users\Sapphire21\przód.PNG
[2013-04-04 15:42:01 | 000,030,704 | ---- | M] () -- C:\Users\Sapphire21\Documents\projje.veg
[2013-04-04 13:09:38 | 000,022,240 | ---- | M] () -- C:\Users\Sapphire21\Documents\sss.veg
[2013-03-28 15:45:44 | 000,022,000 | ---- | M] () -- C:\Users\Sapphire21\Documents\duskaicookie.veg
[2013-03-28 14:48:16 | 000,012,800 | ---- | M] () -- C:\Users\Sapphire21\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-27 16:04:15 | 000,044,992 | ---- | M] () -- C:\Users\Sapphire21\Documents\missska.veg
[2013-03-27 14:36:18 | 000,027,120 | ---- | M] () -- C:\Users\Sapphire21\Documents\kuki.veg
[2013-03-27 13:55:54 | 000,027,704 | ---- | M] () -- C:\Users\Sapphire21\Documents\kuki.veg.bak
[2013-03-27 13:46:39 | 006,439,826 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 6 - 4.wav
[2013-03-27 13:46:39 | 000,025,208 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 6 - 4.sfk
[2013-03-26 19:59:07 | 000,000,185 | ---- | M] () -- C:\Windows\SysWow64\msblcd32.dll
[2013-03-26 19:59:00 | 001,081,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2013-03-26 19:59:00 | 000,662,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013-03-26 19:59:00 | 000,212,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2013-03-26 19:59:00 | 000,152,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2013-03-26 19:59:00 | 000,124,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX
[2013-03-26 19:59:00 | 000,067,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SYSINFO.OCX
[2013-03-26 09:55:14 | 000,067,568 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 6.sfk
[2013-03-26 09:53:45 | 012,058,030 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 7.wav
[2013-03-26 09:53:45 | 000,047,160 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 7.sfk
[2013-03-26 09:51:59 | 008,640,750 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 6.wav
[2013-03-26 09:49:27 | 011,860,130 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 5.wav
[2013-03-26 09:49:27 | 000,046,384 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 5.sfk
[2013-03-25 21:18:17 | 000,000,858 | ---- | M] () -- C:\Windows\client.config.ini
[2013-03-25 17:13:35 | 000,061,480 | ---- | M] () -- C:\Users\Sapphire21\Documents\lesin.veg
[2013-03-25 17:10:40 | 000,061,712 | ---- | M] () -- C:\Users\Sapphire21\Documents\lesin.veg.bak
[2013-03-19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013-03-19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013-03-19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013-03-19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013-03-19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013-03-19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013-03-14 01:03:08 | 000,000,513 | ---- | M] () -- C:\Windows\win.ini
[2013-03-13 16:18:39 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-03-13 16:18:39 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Sapphire21\Documents\*.tmp files -> C:\Users\Sapphire21\Documents\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-04-11 19:31:15 | 000,131,941 | ---- | C] () -- C:\Users\Sapphire21\Desktop\duel_miniaturka_odc1.jpg
[2013-04-11 19:30:57 | 000,133,391 | ---- | C] () -- C:\Users\Sapphire21\Desktop\duel_miniaturka_odc2.jpg
[2013-04-11 19:25:25 | 001,422,571 | ---- | C] () -- C:\Users\Sapphire21\Desktop\Might-And-Magic-Duel-Of-Champions_S_Primal_PL_GamesCom.png
[2013-04-11 19:25:09 | 000,189,559 | ---- | C] () -- C:\Users\Sapphire21\Desktop\Logo.png
[2013-04-11 16:38:53 | 000,000,222 | ---- | C] () -- C:\Users\Sapphire21\Desktop\Sleeping Dogs.url
[2013-04-10 23:48:35 | 000,015,848 | ---- | C] () -- C:\Users\Sapphire21\Documents\lol123.veg
[2013-04-10 23:24:47 | 001,065,984 | ---- | C] () -- C:\Users\Sapphire21\AppData\Local\file__0.localstorage
[2013-04-10 23:24:32 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2013-04-10 18:55:20 | 000,001,188 | ---- | C] () -- C:\Users\Sapphire21\Desktop\Battlefield 3.lnk
[2013-04-07 10:50:22 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\Duel of Champions Launcher.lnk
[2013-04-07 10:10:28 | 000,000,065 | ---- | C] () -- C:\Windows\wininit.ini
[2013-04-06 19:06:21 | 000,001,189 | ---- | C] () -- C:\Users\Sapphire21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2013-04-05 13:48:19 | 007,013,713 | ---- | C] () -- C:\Users\Sapphire21\tył.EPS
[2013-04-05 13:41:45 | 002,660,237 | ---- | C] () -- C:\Users\Sapphire21\tył.PNG
[2013-04-05 13:41:45 | 001,113,816 | ---- | C] () -- C:\Users\Sapphire21\przód.PNG
[2013-04-04 15:42:01 | 000,030,704 | ---- | C] () -- C:\Users\Sapphire21\Documents\projje.veg
[2013-04-04 13:09:38 | 000,022,240 | ---- | C] () -- C:\Users\Sapphire21\Documents\sss.veg
[2013-03-28 15:45:44 | 000,022,000 | ---- | C] () -- C:\Users\Sapphire21\Documents\duskaicookie.veg
[2013-03-27 16:04:15 | 000,044,992 | ---- | C] () -- C:\Users\Sapphire21\Documents\missska.veg
[2013-03-27 13:55:53 | 000,027,704 | ---- | C] () -- C:\Users\Sapphire21\Documents\kuki.veg.bak
[2013-03-27 13:55:53 | 000,027,120 | ---- | C] () -- C:\Users\Sapphire21\Documents\kuki.veg
[2013-03-27 13:46:39 | 000,025,208 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 6 - 4.sfk
[2013-03-27 13:45:01 | 006,439,826 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 6 - 4.wav
[2013-03-26 19:59:07 | 000,000,185 | ---- | C] () -- C:\Windows\SysWow64\msblcd32.dll
[2013-03-26 09:53:45 | 000,047,160 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 7.sfk
[2013-03-26 09:51:59 | 012,058,030 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 7.wav
[2013-03-26 09:51:59 | 000,067,568 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 6.sfk
[2013-03-26 09:49:27 | 008,640,750 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 6.wav
[2013-03-26 09:49:27 | 000,046,384 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 5.sfk
[2013-03-26 09:48:01 | 011,860,130 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 5.wav
[2013-03-25 19:14:42 | 000,000,858 | ---- | C] () -- C:\Windows\client.config.ini
[2013-03-25 17:10:40 | 000,061,712 | ---- | C] () -- C:\Users\Sapphire21\Documents\lesin.veg.bak
[2013-03-25 17:10:40 | 000,061,480 | ---- | C] () -- C:\Users\Sapphire21\Documents\lesin.veg
[2013-03-21 11:01:21 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013-03-05 22:57:24 | 004,705,235 | ---- | C] () -- C:\Users\Sapphire21\IMG_1136.JPG
[2013-03-05 22:57:24 | 004,510,388 | ---- | C] () -- C:\Users\Sapphire21\IMG_1147.JPG
[2013-03-02 22:07:14 | 004,859,501 | ---- | C] () -- C:\Users\Sapphire21\IMG_1079.JPG
[2013-03-02 22:07:14 | 003,210,205 | ---- | C] () -- C:\Users\Sapphire21\IMG_0967.JPG
[2013-02-03 00:19:04 | 000,000,117 | ---- | C] () -- C:\Users\Sapphire21\kvirc4.ini
[2013-01-28 21:04:20 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013-01-25 14:30:02 | 000,012,800 | ---- | C] () -- C:\Users\Sapphire21\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-08 13:28:40 | 000,169,716 | ---- | C] () -- C:\Windows\hpoins34.dat
[2013-01-08 13:28:40 | 000,000,396 | ---- | C] () -- C:\Windows\hpomdl34.dat
[2013-01-05 17:12:36 | 000,000,132 | ---- | C] () -- C:\Users\Sapphire21\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-01-05 13:51:24 | 001,107,966 | ---- | C] () -- C:\Users\Sapphire21\42134.png
[2013-01-05 13:51:24 | 001,071,908 | ---- | C] () -- C:\Users\Sapphire21\453265487689.png
[2013-01-05 13:51:24 | 000,565,779 | ---- | C] () -- C:\Users\Sapphire21\1231324141.png
[2012-12-20 22:23:08 | 000,006,480 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-12-16 15:35:41 | 000,000,046 | ---- | C] () -- C:\Windows\adiras.ini
[2012-12-14 20:26:34 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-12-14 20:26:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-12-14 20:26:33 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-12-14 16:36:39 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\Uninstall.dll
[2012-12-14 16:21:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-12-14 16:21:14 | 005,748,798 | -H-- | C] () -- C:\Users\Sapphire21\AppData\Local\IconCache.db
[2012-12-14 15:54:14 | 000,116,592 | ---- | C] () -- C:\Users\Sapphire21\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-12-14 15:45:57 | 003,670,016 | -HS- | C] () -- C:\Users\Sapphire21\NTUSER.DAT
[2012-12-14 15:45:57 | 000,524,288 | -HS- | C] () -- C:\Users\Sapphire21\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012-12-14 15:45:57 | 000,524,288 | -HS- | C] () -- C:\Users\Sapphire21\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012-12-14 15:45:57 | 000,065,536 | -HS- | C] () -- C:\Users\Sapphire21\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012-12-14 15:45:57 | 000,000,020 | -HS- | C] () -- C:\Users\Sapphire21\ntuser.ini
[2012-09-28 17:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012-09-28 03:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-09-28 03:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-07-12 16:25:22 | 000,639,488 | ---- | C] () -- C:\Windows\SysWow64\ficvdec_x86.dll
[2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-03-07 02:40:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-04-06 11:42:53 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\.minecraft
[2013-02-14 17:24:58 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Antares
[2013-01-29 03:03:29 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Bitcoin
[2013-02-04 14:37:19 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-01-12 11:40:59 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\DAEMON Tools Lite
[2012-12-14 16:19:09 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\ESET
[2012-12-14 23:10:01 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\HD Tune Pro
[2012-12-14 17:57:51 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\iZotope
[2013-02-03 00:19:51 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\KVIrc4
[2012-12-14 17:19:59 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\LolClient
[2013-01-03 10:14:37 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Mirillis
[2013-01-09 17:27:39 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\NapiProjekt
[2013-02-28 22:07:42 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Notepad++
[2013-01-28 23:37:02 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\OBS
[2013-01-16 11:08:55 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Origin
[2012-12-31 17:53:18 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Publish Providers
[2013-02-14 14:56:52 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\REAPER
[2013-01-02 23:40:31 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Screaming Bee
[2012-12-31 17:57:55 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Sony
[2013-01-30 19:21:17 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Sony Creative Software Inc
[2013-01-05 16:18:26 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\SplitMediaLabs
[2013-03-02 13:04:46 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013-01-12 11:59:41 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Subversion
[2013-03-02 00:53:28 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\TeamViewer
[2013-01-25 16:15:49 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\TechSmith
[2013-04-08 22:54:15 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\TS3Client
[2013-04-07 10:50:21 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Ubisoft
[2013-04-11 19:48:08 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\uTorrent
[2013-04-07 10:50:23 | 000,000,000 | -HSD | M] -- C:\Users\Sapphire21\AppData\Roaming\wyUpdate AU
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >


Mam nadzieje ze jest czysto

Z góry dziękuje za pomoc

[kominekl]

W związku ze znalezieniem paru infekcji na PC'cie chciałbym prosić o sprawdzenie logów z OTL:

Nazwy i lokalizację infekcji/plików infekcyjnych .

Logi.

Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:

:OTL

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sapphire21\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sapphire21\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Sapphire21\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2013-03-25 23:29:01 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Sapphire21\AppData\Roaming\mozilla\Firefox\Profiles\yt7jo4du.default\extensions\battlefieldheroespatcher@ea.com
[2013-04-05 14:56:50 | 000,018,349 | ---- | M] () (No name found) -- C:\Users\Sapphire21\AppData\Roaming\mozilla\firefox\profiles\yt7jo4du.default\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
[2013-04-07 10:50:23 | 000,000,000 | -HSD | M] -- C:\Users\Sapphire21\AppData\Roaming\wyUpdate AU

:Files
C:\Program Files (x86)\Google\Update
C:\Windows\tasks\*.*

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podaj log z TDSSKiller + nowe logi z OTL (oba!).

[sapphire21]

Logi z usuwania (Za pierwszym razem zapomniałem zmienić w logach nazwę użytkownika w C:\Users - Oryginalnie mam Imię i Nazwisko - wiem, mało to bezpieczne, dlatego pusciłem drugi raz)
*zmieniłem dla bezpieczenstwa

Kod: Zaznacz cały

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-948138967-3353641718-1021249596-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-948138967-3353641718-1021249596-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ not found.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ not found.
File C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ not found.
File C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin\ not found.
C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@talk.google.com/O1DPlugin\ not found.
C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npo1d.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@talk.google.com/O3DPlugin\ not found.
C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ not found.
C:\Users\Sapphire21\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ not found.
File C:\Users\Sapphire21\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0\ not found.
C:\Users\Sapphire21\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ not found.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\Sapphire21\AppData\Roaming\mozilla\Firefox\Profiles\yt7jo4du.default\extensions\battlefieldheroespatcher@ea.com\plugins folder moved successfully.
C:\Users\Sapphire21\AppData\Roaming\mozilla\Firefox\Profiles\yt7jo4du.default\extensions\battlefieldheroespatcher@ea.com\META-INF folder moved successfully.
C:\Users\Sapphire21\AppData\Roaming\mozilla\Firefox\Profiles\yt7jo4du.default\extensions\battlefieldheroespatcher@ea.com folder moved successfully.
C:\Users\Sapphire21\AppData\Roaming\mozilla\firefox\profiles\yt7jo4du.default\extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi moved successfully.
Registry value HKEY_USERS\S-1-5-21-948138967-3353641718-1021249596-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
C:\Users\Sapphire21\AppData\Roaming\wyUpdate AU folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\Google\Update not found.
C:\Windows\tasks\SA.DAT moved successfully.
File move failed. C:\Windows\tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Sapphire21
->Temp folder emptied: 10038 bytes
->Temporary Internet Files folder emptied: 1247631 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 7314175 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3720 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 8,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 04112013_210720

Files\Folders moved on Reboot...
File move failed. C:\Windows\tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
C:\Users\Sapphire21\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Sapphire21\AppData\Local\Temp\JET1ADF.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Logi z TDSSKiller (no threats found)

Kod: Zaznacz cały

21:11:42.0017 0616  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:11:42.0073 0616  ============================================================
21:11:42.0073 0616  Current date / time: 2013/04/11 21:11:42.0073
21:11:42.0073 0616  SystemInfo:
21:11:42.0073 0616 
21:11:42.0073 0616  OS Version: 6.1.7601 ServicePack: 1.0
21:11:42.0073 0616  Product type: Workstation
21:11:42.0073 0616  ComputerName: KOMPUTER-COOKIE
21:11:42.0073 0616  UserName: Sapphire21
21:11:42.0073 0616  Windows directory: C:\Windows
21:11:42.0073 0616  System windows directory: C:\Windows
21:11:42.0073 0616  Running under WOW64
21:11:42.0073 0616  Processor architecture: Intel x64
21:11:42.0073 0616  Number of processors: 4
21:11:42.0073 0616  Page size: 0x1000
21:11:42.0073 0616  Boot type: Normal boot
21:11:42.0073 0616  ============================================================
21:11:42.0263 0616  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:42.0263 0616  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:42.0265 0616  ============================================================
21:11:42.0265 0616  \Device\Harddisk0\DR0:
21:11:42.0265 0616  MBR partitions:
21:11:42.0265 0616  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:11:42.0265 0616  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
21:11:42.0265 0616  \Device\Harddisk1\DR1:
21:11:42.0265 0616  MBR partitions:
21:11:42.0265 0616  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x639D9A7
21:11:42.0265 0616  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x639DA25, BlocksNum 0x18799599
21:11:42.0282 0616  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x1EB36FFD, BlocksNum 0x1B849D83
21:11:42.0282 0616  ============================================================
21:11:42.0283 0616  C: <-> \Device\Harddisk0\DR0\Partition2
21:11:42.0316 0616  E: <-> \Device\Harddisk1\DR1\Partition1
21:11:42.0344 0616  F: <-> \Device\Harddisk1\DR1\Partition3
21:11:42.0372 0616  G: <-> \Device\Harddisk1\DR1\Partition2
21:11:42.0372 0616  ============================================================
21:11:42.0372 0616  Initialize success
21:11:42.0372 0616  ============================================================
21:12:13.0810 3488  ============================================================
21:12:13.0810 3488  Scan started
21:12:13.0810 3488  Mode: Manual;
21:12:13.0810 3488  ============================================================
21:12:13.0903 3488  ================ Scan system memory ========================
21:12:13.0903 3488  System memory - ok
21:12:13.0903 3488  ================ Scan services =============================
21:12:13.0919 3488  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:12:13.0920 3488  1394ohci - ok
21:12:13.0924 3488  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:12:13.0925 3488  ACPI - ok
21:12:13.0927 3488  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:12:13.0928 3488  AcpiPmi - ok
21:12:13.0932 3488  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:12:13.0933 3488  AdobeARMservice - ok
21:12:13.0943 3488  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:12:13.0945 3488  AdobeFlashPlayerUpdateSvc - ok
21:12:13.0950 3488  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:12:13.0952 3488  adp94xx - ok
21:12:13.0956 3488  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:12:13.0958 3488  adpahci - ok
21:12:13.0961 3488  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:12:13.0962 3488  adpu320 - ok
21:12:13.0965 3488  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:12:13.0965 3488  AeLookupSvc - ok
21:12:13.0970 3488  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:12:13.0972 3488  AFD - ok
21:12:13.0974 3488  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:12:13.0975 3488  agp440 - ok
21:12:13.0977 3488  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:12:13.0978 3488  ALG - ok
21:12:13.0979 3488  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:12:13.0980 3488  aliide - ok
21:12:13.0983 3488  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:12:13.0985 3488  AMD External Events Utility - ok
21:12:13.0986 3488  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:12:13.0987 3488  amdide - ok
21:12:13.0989 3488  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:12:13.0989 3488  AmdK8 - ok
21:12:14.0044 3488  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:12:14.0095 3488  amdkmdag - ok
21:12:14.0101 3488  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:12:14.0103 3488  amdkmdap - ok
21:12:14.0105 3488  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:12:14.0106 3488  AmdPPM - ok
21:12:14.0108 3488  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:12:14.0109 3488  amdsata - ok
21:12:14.0112 3488  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:12:14.0113 3488  amdsbs - ok
21:12:14.0115 3488  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:12:14.0115 3488  amdxata - ok
21:12:14.0117 3488  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:12:14.0118 3488  AppID - ok
21:12:14.0119 3488  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:12:14.0120 3488  AppIDSvc - ok
21:12:14.0122 3488  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
21:12:14.0123 3488  Appinfo - ok
21:12:14.0126 3488  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:12:14.0128 3488  AppMgmt - ok
21:12:14.0130 3488  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
21:12:14.0131 3488  arc - ok
21:12:14.0133 3488  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:12:14.0133 3488  arcsas - ok
21:12:14.0135 3488  [ EB6DC008A1F36DFD7999EB57E97EAACE ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
21:12:14.0136 3488  asahci64 - ok
21:12:14.0142 3488  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:12:14.0146 3488  aspnet_state - ok
21:12:14.0147 3488  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:12:14.0148 3488  AsyncMac - ok
21:12:14.0149 3488  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:12:14.0150 3488  atapi - ok
21:12:14.0152 3488  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:12:14.0153 3488  AtiHDAudioService - ok
21:12:14.0159 3488  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:12:14.0163 3488  AudioEndpointBuilder - ok
21:12:14.0167 3488  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:12:14.0169 3488  AudioSrv - ok
21:12:14.0171 3488  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:12:14.0172 3488  AxInstSV - ok
21:12:14.0177 3488  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:12:14.0179 3488  b06bdrv - ok
21:12:14.0183 3488  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:12:14.0185 3488  b57nd60a - ok
21:12:14.0188 3488  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:12:14.0189 3488  BDESVC - ok
21:12:14.0190 3488  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:12:14.0191 3488  Beep - ok
21:12:14.0197 3488  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:12:14.0201 3488  BFE - ok
21:12:14.0208 3488  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:12:14.0213 3488  BITS - ok
21:12:14.0215 3488  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:12:14.0216 3488  blbdrive - ok
21:12:14.0218 3488  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:12:14.0219 3488  bowser - ok
21:12:14.0220 3488  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:12:14.0221 3488  BrFiltLo - ok
21:12:14.0222 3488  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:12:14.0223 3488  BrFiltUp - ok
21:12:14.0225 3488  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:12:14.0226 3488  Browser - ok
21:12:14.0230 3488  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:12:14.0231 3488  Brserid - ok
21:12:14.0233 3488  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:12:14.0234 3488  BrSerWdm - ok
21:12:14.0235 3488  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:12:14.0236 3488  BrUsbMdm - ok
21:12:14.0238 3488  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:12:14.0238 3488  BrUsbSer - ok
21:12:14.0240 3488  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:12:14.0241 3488  BTHMODEM - ok
21:12:14.0243 3488  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:12:14.0244 3488  bthserv - ok
21:12:14.0246 3488  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:12:14.0247 3488  cdfs - ok
21:12:14.0249 3488  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:12:14.0250 3488  cdrom - ok
21:12:14.0253 3488  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:12:14.0254 3488  CertPropSvc - ok
21:12:14.0255 3488  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
21:12:14.0256 3488  circlass - ok
21:12:14.0260 3488  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:12:14.0262 3488  CLFS - ok
21:12:14.0265 3488  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:12:14.0266 3488  clr_optimization_v2.0.50727_32 - ok
21:12:14.0269 3488  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:12:14.0271 3488  clr_optimization_v2.0.50727_64 - ok
21:12:14.0276 3488  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:12:14.0281 3488  clr_optimization_v4.0.30319_32 - ok
21:12:14.0283 3488  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:12:14.0286 3488  clr_optimization_v4.0.30319_64 - ok
21:12:14.0287 3488  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:12:14.0288 3488  CmBatt - ok
21:12:14.0289 3488  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:12:14.0290 3488  cmdide - ok
21:12:14.0295 3488  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:12:14.0297 3488  CNG - ok
21:12:14.0299 3488  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:12:14.0300 3488  Compbatt - ok
21:12:14.0301 3488  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:12:14.0302 3488  CompositeBus - ok
21:12:14.0303 3488  COMSysApp - ok
21:12:14.0305 3488  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:12:14.0306 3488  crcdisk - ok
21:12:14.0309 3488  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:12:14.0310 3488  CryptSvc - ok
21:12:14.0315 3488  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
21:12:14.0318 3488  CSC - ok
21:12:14.0324 3488  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
21:12:14.0328 3488  CscService - ok
21:12:14.0333 3488  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:12:14.0336 3488  DcomLaunch - ok
21:12:14.0340 3488  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:12:14.0341 3488  defragsvc - ok
21:12:14.0344 3488  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:12:14.0344 3488  DfsC - ok
21:12:14.0348 3488  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:12:14.0350 3488  Dhcp - ok
21:12:14.0352 3488  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:12:14.0352 3488  discache - ok
21:12:14.0354 3488  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
21:12:14.0355 3488  Disk - ok
21:12:14.0356 3488  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:12:14.0357 3488  dmvsc - ok
21:12:14.0360 3488  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:12:14.0361 3488  Dnscache - ok
21:12:14.0365 3488  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:12:14.0367 3488  dot3svc - ok
21:12:14.0369 3488  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:12:14.0371 3488  Dot4 - ok
21:12:14.0372 3488  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:12:14.0373 3488  Dot4Print - ok
21:12:14.0374 3488  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:12:14.0375 3488  dot4usb - ok
21:12:14.0378 3488  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:12:14.0379 3488  DPS - ok
21:12:14.0380 3488  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:12:14.0381 3488  drmkaud - ok
21:12:14.0385 3488  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:12:14.0386 3488  dtsoftbus01 - ok
21:12:14.0394 3488  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:12:14.0397 3488  DXGKrnl - ok
21:12:14.0402 3488  [ E53D32044F4A03D64D6C91CF0A22A77E ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
21:12:14.0403 3488  e1cexpress - ok
21:12:14.0405 3488  EagleX64 - ok
21:12:14.0409 3488  [ 5F14A76FFA108ED111CCF763280A2190 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
21:12:14.0409 3488  eamonm - ok
21:12:14.0412 3488  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:12:14.0413 3488  EapHost - ok
21:12:14.0431 3488  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:12:14.0447 3488  ebdrv - ok
21:12:14.0450 3488  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:12:14.0450 3488  EFS - ok
21:12:14.0453 3488  [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
21:12:14.0454 3488  ehdrv - ok
21:12:14.0461 3488  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:12:14.0464 3488  ehRecvr - ok
21:12:14.0467 3488  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:12:14.0467 3488  ehSched - ok
21:12:14.0477 3488  [ 6576CDEF9945DFA6BAE25FA0119468E9 ] ekrn            C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
21:12:14.0479 3488  ekrn - ok
21:12:14.0485 3488  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:12:14.0488 3488  elxstor - ok
21:12:14.0491 3488  [ 587F0F4145A1536A6E37EFD769B7665F ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
21:12:14.0492 3488  epfw - ok
21:12:14.0494 3488  [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
21:12:14.0494 3488  EpfwLWF - ok
21:12:14.0496 3488  [ 1BB9A6D239B35171AD483913468E6C41 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
21:12:14.0496 3488  epfwwfp - ok
21:12:14.0498 3488  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:12:14.0498 3488  ErrDev - ok
21:12:14.0504 3488  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:12:14.0506 3488  EventSystem - ok
21:12:14.0509 3488  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:12:14.0510 3488  exfat - ok
21:12:14.0513 3488  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:12:14.0515 3488  fastfat - ok
21:12:14.0521 3488  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:12:14.0524 3488  Fax - ok
21:12:14.0526 3488  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
21:12:14.0527 3488  fdc - ok
21:12:14.0529 3488  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:12:14.0529 3488  fdPHost - ok
21:12:14.0531 3488  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:12:14.0531 3488  FDResPub - ok
21:12:14.0533 3488  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:12:14.0534 3488  FileInfo - ok
21:12:14.0535 3488  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:12:14.0536 3488  Filetrace - ok
21:12:14.0537 3488  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:12:14.0538 3488  flpydisk - ok
21:12:14.0541 3488  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:12:14.0543 3488  FltMgr - ok
21:12:14.0552 3488  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
21:12:14.0558 3488  FontCache - ok
21:12:14.0560 3488  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:12:14.0562 3488  FontCache3.0.0.0 - ok
21:12:14.0564 3488  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:12:14.0564 3488  FsDepends - ok
21:12:14.0566 3488  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:12:14.0567 3488  Fs_Rec - ok
21:12:14.0570 3488  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:12:14.0571 3488  fvevol - ok
21:12:14.0573 3488  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:12:14.0574 3488  gagp30kx - ok
21:12:14.0580 3488  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:12:14.0585 3488  gpsvc - ok
21:12:14.0588 3488  gupdate - ok
21:12:14.0589 3488  gupdatem - ok
21:12:14.0591 3488  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:12:14.0592 3488  hcw85cir - ok
21:12:14.0596 3488  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:12:14.0598 3488  HdAudAddService - ok
21:12:14.0600 3488  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:12:14.0601 3488  HDAudBus - ok
21:12:14.0602 3488  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:12:14.0603 3488  HidBatt - ok
21:12:14.0605 3488  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:12:14.0606 3488  HidBth - ok
21:12:14.0608 3488  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:12:14.0608 3488  HidIr - ok
21:12:14.0610 3488  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:12:14.0611 3488  hidserv - ok
21:12:14.0613 3488  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:12:14.0613 3488  HidUsb - ok
21:12:14.0615 3488  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:12:14.0616 3488  hkmsvc - ok
21:12:14.0619 3488  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:12:14.0621 3488  HomeGroupListener - ok
21:12:14.0624 3488  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:12:14.0625 3488  HomeGroupProvider - ok
21:12:14.0632 3488  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:12:14.0633 3488  hpqcxs08 - ok
21:12:14.0635 3488  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:12:14.0636 3488  hpqddsvc - ok
21:12:14.0638 3488  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:12:14.0639 3488  HpSAMD - ok
21:12:14.0645 3488  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:12:14.0649 3488  HTTP - ok
21:12:14.0650 3488  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:12:14.0651 3488  hwpolicy - ok
21:12:14.0653 3488  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:12:14.0654 3488  i8042prt - ok
21:12:14.0658 3488  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:12:14.0661 3488  iaStorV - ok
21:12:14.0664 3488  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:12:14.0665 3488  IDriverT - ok
21:12:14.0673 3488  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:12:14.0678 3488  idsvc - ok
21:12:14.0680 3488  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:12:14.0680 3488  iirsp - ok
21:12:14.0688 3488  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:12:14.0693 3488  IKEEXT - ok
21:12:14.0716 3488  [ E0B2C982CA743CE8B3CBD7DD50AB82B0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:12:14.0726 3488  IntcAzAudAddService - ok
21:12:14.0733 3488  [ 0043EC20C06FD9FE339B5D37474B731E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:12:14.0736 3488  Intel(R) Capability Licensing Service Interface - ok
21:12:14.0739 3488  [ A53C54D81C726BEB508F0005F445C4A0 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
21:12:14.0740 3488  Intel(R) PROSet Monitoring Service - ok
21:12:14.0742 3488  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:12:14.0743 3488  intelide - ok
21:12:14.0744 3488  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:12:14.0745 3488  intelppm - ok
21:12:14.0747 3488  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:12:14.0748 3488  IPBusEnum - ok
21:12:14.0750 3488  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:12:14.0751 3488  IpFilterDriver - ok
21:12:14.0757 3488  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:12:14.0760 3488  iphlpsvc - ok
21:12:14.0762 3488  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:12:14.0762 3488  IPMIDRV - ok
21:12:14.0764 3488  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:12:14.0765 3488  IPNAT - ok
21:12:14.0767 3488  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:12:14.0767 3488  IRENUM - ok
21:12:14.0769 3488  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:12:14.0770 3488  isapnp - ok
21:12:14.0773 3488  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:12:14.0775 3488  iScsiPrt - ok
21:12:14.0776 3488  [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:12:14.0777 3488  iusb3hcs - ok
21:12:14.0781 3488  [ 023896E23B61543A15A230EED996D911 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:12:14.0782 3488  iusb3hub - ok
21:12:14.0789 3488  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:12:14.0791 3488  iusb3xhc - ok
21:12:14.0795 3488  [ 4E0B89D1F647166EC78FEF5430126EE0 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:12:14.0796 3488  jhi_service - ok
21:12:14.0798 3488  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:12:14.0798 3488  kbdclass - ok
21:12:14.0800 3488  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:12:14.0800 3488  kbdhid - ok
21:12:14.0802 3488  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:12:14.0802 3488  KeyIso - ok
21:12:14.0804 3488  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:12:14.0805 3488  KSecDD - ok
21:12:14.0807 3488  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:12:14.0808 3488  KSecPkg - ok
21:12:14.0810 3488  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:12:14.0811 3488  ksthunk - ok
21:12:14.0815 3488  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:12:14.0817 3488  KtmRm - ok
21:12:14.0820 3488  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:12:14.0822 3488  LanmanServer - ok
21:12:14.0824 3488  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:12:14.0826 3488  LanmanWorkstation - ok
21:12:14.0828 3488  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:12:14.0829 3488  lltdio - ok
21:12:14.0832 3488  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:12:14.0834 3488  lltdsvc - ok
21:12:14.0836 3488  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:12:14.0836 3488  lmhosts - ok
21:12:14.0840 3488  [ 23C20B19120BE3394EB7968ABD755A2D ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:12:14.0841 3488  LMS - ok
21:12:14.0844 3488  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:12:14.0845 3488  LSI_FC - ok
21:12:14.0847 3488  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:12:14.0848 3488  LSI_SAS - ok
21:12:14.0850 3488  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:12:14.0850 3488  LSI_SAS2 - ok
21:12:14.0853 3488  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:12:14.0854 3488  LSI_SCSI - ok
21:12:14.0856 3488  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:12:14.0857 3488  luafv - ok
21:12:14.0858 3488  [ 23488767CB18FC3FF39E3AF1DB3FB02C ] massfilter      C:\Windows\system32\drivers\massfilter.sys
21:12:14.0859 3488  massfilter - ok
21:12:14.0861 3488  [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
21:12:14.0861 3488  MBfilt - ok
21:12:14.0863 3488  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:12:14.0864 3488  Mcx2Svc - ok
21:12:14.0866 3488  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:12:14.0866 3488  megasas - ok
21:12:14.0870 3488  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:12:14.0872 3488  MegaSR - ok
21:12:14.0873 3488  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:12:14.0874 3488  MEIx64 - ok
21:12:14.0876 3488  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:12:14.0877 3488  MMCSS - ok
21:12:14.0879 3488  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:12:14.0879 3488  Modem - ok
21:12:14.0881 3488  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:12:14.0881 3488  monitor - ok
21:12:14.0883 3488  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:12:14.0884 3488  mouclass - ok
21:12:14.0885 3488  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:12:14.0885 3488  mouhid - ok
21:12:14.0888 3488  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:12:14.0888 3488  mountmgr - ok
21:12:14.0891 3488  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:12:14.0893 3488  MozillaMaintenance - ok
21:12:14.0895 3488  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:12:14.0896 3488  mpio - ok
21:12:14.0898 3488  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:12:14.0899 3488  mpsdrv - ok
21:12:14.0906 3488  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:12:14.0911 3488  MpsSvc - ok
21:12:14.0914 3488  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:12:14.0915 3488  MRxDAV - ok
21:12:14.0917 3488  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:12:14.0918 3488  mrxsmb - ok
21:12:14.0922 3488  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:12:14.0924 3488  mrxsmb10 - ok
21:12:14.0926 3488  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:12:14.0927 3488  mrxsmb20 - ok
21:12:14.0928 3488  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:12:14.0929 3488  msahci - ok
21:12:14.0932 3488  [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
21:12:14.0933 3488  MSCamSvc - ok
21:12:14.0935 3488  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:12:14.0936 3488  msdsm - ok
21:12:14.0939 3488  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:12:14.0940 3488  MSDTC - ok
21:12:14.0943 3488  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:12:14.0944 3488  Msfs - ok
21:12:14.0945 3488  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:12:14.0946 3488  mshidkmdf - ok
21:12:14.0948 3488  [ BB590070D606AE6F008341FC9A7B2AD7 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
21:12:14.0948 3488  MSHUSBVideo - ok
21:12:14.0950 3488  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:12:14.0950 3488  msisadrv - ok
21:12:14.0953 3488  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:12:14.0954 3488  MSiSCSI - ok
21:12:14.0955 3488  msiserver - ok
21:12:14.0959 3488  [ 629CC5BE3BD275ECD8BBDBEC412C3C8A ] MSI_FastBoot    C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
21:12:14.0959 3488  MSI_FastBoot - ok
21:12:14.0960 3488  MSI_MSIBIOS_010507 - ok
21:12:14.0962 3488  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:12:14.0963 3488  MSKSSRV - ok
21:12:14.0964 3488  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:12:14.0965 3488  MSPCLOCK - ok
21:12:14.0966 3488  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:12:14.0967 3488  MSPQM - ok
21:12:14.0970 3488  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:12:14.0972 3488  MsRPC - ok
21:12:14.0975 3488  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:12:14.0975 3488  mssmbios - ok
21:12:14.0976 3488  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:12:14.0977 3488  MSTEE - ok
21:12:14.0978 3488  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:12:14.0979 3488  MTConfig - ok
21:12:14.0980 3488  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:12:14.0981 3488  Mup - ok
21:12:14.0985 3488  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:12:14.0988 3488  napagent - ok
21:12:14.0992 3488  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:12:14.0994 3488  NativeWifiP - ok
21:12:15.0001 3488  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:12:15.0006 3488  NDIS - ok
21:12:15.0008 3488  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:12:15.0009 3488  NdisCap - ok
21:12:15.0010 3488  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:12:15.0011 3488  NdisTapi - ok
21:12:15.0012 3488  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:12:15.0013 3488  Ndisuio - ok
21:12:15.0016 3488  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:12:15.0017 3488  NdisWan - ok
21:12:15.0019 3488  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:12:15.0019 3488  NDProxy - ok
21:12:15.0022 3488  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:12:15.0022 3488  Net Driver HPZ12 - ok
21:12:15.0024 3488  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:12:15.0024 3488  NetBIOS - ok
21:12:15.0028 3488  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:12:15.0029 3488  NetBT - ok
21:12:15.0031 3488  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:12:15.0031 3488  Netlogon - ok
21:12:15.0035 3488  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:12:15.0037 3488  Netman - ok
21:12:15.0039 3488  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:15.0042 3488  NetMsmqActivator - ok
21:12:15.0044 3488  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:15.0045 3488  NetPipeActivator - ok
21:12:15.0049 3488  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:12:15.0052 3488  netprofm - ok
21:12:15.0054 3488  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:15.0054 3488  NetTcpActivator - ok
21:12:15.0056 3488  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:15.0056 3488  NetTcpPortSharing - ok
21:12:15.0058 3488  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:12:15.0059 3488  nfrd960 - ok
21:12:15.0093 3488  [ 93F304DEB07095BCF33BD1C17C2DB2A7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
21:12:15.0122 3488  NIHardwareService - ok
21:12:15.0126 3488  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:12:15.0128 3488  NlaSvc - ok
21:12:15.0130 3488  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:12:15.0130 3488  Npfs - ok
21:12:15.0132 3488  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:12:15.0133 3488  nsi - ok
21:12:15.0134 3488  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:12:15.0135 3488  nsiproxy - ok
21:12:15.0146 3488  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:12:15.0154 3488  Ntfs - ok
21:12:15.0157 3488  [ 1B32C54B95121AB1683C7B83B2DB4B96 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
21:12:15.0157 3488  NTIOLib_1_0_4 - ok
21:12:15.0159 3488  NTIOLib_1_0_C - ok
21:12:15.0161 3488  NTIOLib_1_1_S - ok
21:12:15.0163 3488  [ 992DED5B623BE3C228F32EDB4CA3F2D2 ] NTIOLib_FastBoot C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys
21:12:15.0163 3488  NTIOLib_FastBoot - ok
21:12:15.0164 3488  NTIOLib_SuiteFB - ok
21:12:15.0166 3488  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:12:15.0167 3488  Null - ok
21:12:15.0169 3488  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:12:15.0170 3488  nvraid - ok
21:12:15.0173 3488  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:12:15.0175 3488  nvstor - ok
21:12:15.0177 3488  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:12:15.0178 3488  nv_agp - ok
21:12:15.0180 3488  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:12:15.0181 3488  ohci1394 - ok
21:12:15.0184 3488  [ FDFBFDF3239CEA4C26E3F9F5EC448723 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:12:15.0185 3488  ose64 - ok
21:12:15.0212 3488  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:12:15.0234 3488  osppsvc - ok
21:12:15.0240 3488  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:12:15.0241 3488  p2pimsvc - ok
21:12:15.0246 3488  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:12:15.0248 3488  p2psvc - ok
21:12:15.0251 3488  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
21:12:15.0252 3488  Parport - ok
21:12:15.0253 3488  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:12:15.0254 3488  partmgr - ok
21:12:15.0257 3488  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:12:15.0258 3488  PcaSvc - ok
21:12:15.0261 3488  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:12:15.0262 3488  pci - ok
21:12:15.0264 3488  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:12:15.0264 3488  pciide - ok
21:12:15.0267 3488  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:12:15.0269 3488  pcmcia - ok
21:12:15.0271 3488  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:12:15.0271 3488  pcw - ok
21:12:15.0277 3488  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:12:15.0280 3488  PEAUTH - ok
21:12:15.0290 3488  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:12:15.0297 3488  PeerDistSvc - ok
21:12:15.0306 3488  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:12:15.0307 3488  PerfHost - ok
21:12:15.0319 3488  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:12:15.0326 3488  pla - ok
21:12:15.0331 3488  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:12:15.0333 3488  PlugPlay - ok
21:12:15.0336 3488  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:12:15.0337 3488  Pml Driver HPZ12 - ok
21:12:15.0338 3488  PnkBstrA - ok
21:12:15.0340 3488  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:12:15.0341 3488  PNRPAutoReg - ok
21:12:15.0345 3488  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:12:15.0346 3488  PNRPsvc - ok
21:12:15.0351 3488  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:12:15.0353 3488  PolicyAgent - ok
21:12:15.0357 3488  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:12:15.0358 3488  Power - ok
21:12:15.0360 3488  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:12:15.0361 3488  PptpMiniport - ok
21:12:15.0363 3488  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
21:12:15.0364 3488  Processor - ok
21:12:15.0367 3488  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:12:15.0368 3488  ProfSvc - ok
21:12:15.0370 3488  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:12:15.0371 3488  ProtectedStorage - ok
21:12:15.0373 3488  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:12:15.0374 3488  Psched - ok
21:12:15.0384 3488  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:12:15.0392 3488  ql2300 - ok
21:12:15.0394 3488  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:12:15.0395 3488  ql40xx - ok
21:12:15.0399 3488  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:12:15.0400 3488  QWAVE - ok
21:12:15.0402 3488  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:12:15.0403 3488  QWAVEdrv - ok
21:12:15.0404 3488  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:12:15.0405 3488  RasAcd - ok
21:12:15.0407 3488  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:12:15.0407 3488  RasAgileVpn - ok
21:12:15.0409 3488  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:12:15.0411 3488  RasAuto - ok
21:12:15.0413 3488  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:12:15.0414 3488  Rasl2tp - ok
21:12:15.0418 3488  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:12:15.0420 3488  RasMan - ok
21:12:15.0422 3488  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:12:15.0423 3488  RasPppoe - ok
21:12:15.0425 3488  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:12:15.0425 3488  RasSstp - ok
21:12:15.0427 3488  [ 81DDBF4FE998EF1F4BA230F7E8D8C67E ] Razerlow        C:\Windows\system32\drivers\DB3G.sys
21:12:15.0428 3488  Razerlow - ok
21:12:15.0432 3488  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:12:15.0434 3488  rdbss - ok
21:12:15.0435 3488  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:12:15.0436 3488  rdpbus - ok
21:12:15.0437 3488  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:12:15.0437 3488  RDPCDD - ok
21:12:15.0441 3488  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:12:15.0442 3488  RDPDR - ok
21:12:15.0444 3488  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:12:15.0444 3488  RDPENCDD - ok
21:12:15.0446 3488  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:12:15.0446 3488  RDPREFMP - ok
21:12:15.0449 3488  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:12:15.0451 3488  RDPWD - ok
21:12:15.0454 3488  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:12:15.0455 3488  rdyboost - ok
21:12:15.0457 3488  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:12:15.0459 3488  RemoteAccess - ok
21:12:15.0461 3488  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:12:15.0463 3488  RemoteRegistry - ok
21:12:15.0465 3488  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:12:15.0466 3488  RpcEptMapper - ok
21:12:15.0467 3488  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:12:15.0468 3488  RpcLocator - ok
21:12:15.0473 3488  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:12:15.0475 3488  RpcSs - ok
21:12:15.0477 3488  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:12:15.0478 3488  rspndr - ok
21:12:15.0479 3488  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:12:15.0480 3488  s3cap - ok
21:12:15.0483 3488  [ 6E4582B575CA1EBA50B4DB3D4A06ED12 ] Saffire         C:\Windows\system32\Drivers\Saffire.sys
21:12:15.0484 3488  Saffire - ok
21:12:15.0486 3488  [ 11240427B51EA922600F980852C24407 ] SaffireAudio    C:\Windows\system32\drivers\SaffireAudio.sys
21:12:15.0486 3488  SaffireAudio - ok
21:12:15.0488 3488  [ 89F4C358306A9A0B62639465C9450B3D ] SaffireMidi     C:\Windows\system32\drivers\SaffireMidi.sys
21:12:15.0488 3488  SaffireMidi - ok
21:12:15.0490 3488  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:12:15.0490 3488  SamSs - ok
21:12:15.0492 3488  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:12:15.0493 3488  sbp2port - ok
21:12:15.0496 3488  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:12:15.0498 3488  SCardSvr - ok
21:12:15.0499 3488  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:12:15.0500 3488  scfilter - ok
21:12:15.0508 3488  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:12:15.0515 3488  Schedule - ok
21:12:15.0517 3488  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:12:15.0518 3488  SCPolicySvc - ok
21:12:15.0520 3488  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
21:12:15.0521 3488  ScreamBAudioSvc - ok
21:12:15.0523 3488  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:12:15.0525 3488  SDRSVC - ok
21:12:15.0527 3488  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:12:15.0527 3488  secdrv - ok
21:12:15.0529 3488  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:12:15.0530 3488  seclogon - ok
21:12:15.0531 3488  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:12:15.0532 3488  SENS - ok
21:12:15.0534 3488  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:12:15.0535 3488  SensrSvc - ok
21:12:15.0537 3488  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:12:15.0537 3488  Serenum - ok
21:12:15.0539 3488  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
21:12:15.0540 3488  Serial - ok
21:12:15.0541 3488  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:12:15.0542 3488  sermouse - ok
21:12:15.0546 3488  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:12:15.0547 3488  SessionEnv - ok
21:12:15.0549 3488  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:12:15.0550 3488  sffdisk - ok
21:12:15.0551 3488  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:12:15.0552 3488  sffp_mmc - ok
21:12:15.0553 3488  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:12:15.0554 3488  sffp_sd - ok
21:12:15.0555 3488  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:12:15.0556 3488  sfloppy - ok
21:12:15.0559 3488  [ 8DAA997561F4638A0BBCA3279F370B75 ] SG760_64        C:\Windows\system32\DRIVERS\WlanUZ64.sys
21:12:15.0562 3488  SG760_64 - ok
21:12:15.0566 3488  [ 79C47EA75DBEA178A7C87B080E093E81 ] SG762_64        C:\Windows\system32\DRIVERS\WlanBZ64.sys
21:12:15.0569 3488  SG762_64 - ok
21:12:15.0573 3488  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:12:15.0576 3488  SharedAccess - ok
21:12:15.0579 3488  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:12:15.0582 3488  ShellHWDetection - ok
21:12:15.0584 3488  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:12:15.0584 3488  SiSRaid2 - ok
21:12:15.0586 3488  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:12:15.0587 3488  SiSRaid4 - ok
21:12:15.0590 3488  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:12:15.0591 3488  SkypeUpdate - ok
21:12:15.0593 3488  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:12:15.0594 3488  Smb - ok
21:12:15.0597 3488  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:12:15.0598 3488  SNMPTRAP - ok
21:12:15.0601 3488  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:12:15.0603 3488  Sony PC Companion - ok
21:12:15.0604 3488  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:12:15.0605 3488  spldr - ok
21:12:15.0610 3488  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:12:15.0613 3488  Spooler - ok
21:12:15.0633 3488  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:12:15.0650 3488  sppsvc - ok
21:12:15.0652 3488  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:12:15.0653 3488  sppuinotify - ok
21:12:15.0658 3488  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:12:15.0660 3488  srv - ok
21:12:15.0665 3488  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:12:15.0667 3488  srv2 - ok
21:12:15.0670 3488  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:12:15.0671 3488  srvnet - ok
21:12:15.0674 3488  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:12:15.0675 3488  SSDPSRV - ok
21:12:15.0677 3488  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:12:15.0678 3488  SstpSvc - ok
21:12:15.0680 3488  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:12:15.0681 3488  stexstor - ok
21:12:15.0686 3488  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:12:15.0690 3488  stisvc - ok
21:12:15.0692 3488  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:12:15.0692 3488  storflt - ok
21:12:15.0694 3488  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
21:12:15.0695 3488  StorSvc - ok
21:12:15.0696 3488  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:12:15.0697 3488  storvsc - ok
21:12:15.0698 3488  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:12:15.0699 3488  swenum - ok
21:12:15.0705 3488  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:12:15.0708 3488  SwitchBoard - ok
21:12:15.0713 3488  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:12:15.0716 3488  swprv - ok
21:12:15.0727 3488  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:12:15.0737 3488  SysMain - ok
21:12:15.0739 3488  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:12:15.0740 3488  TabletInputService - ok
21:12:15.0742 3488  [ A3F7EAB3947ADA804D60168119306D43 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
21:12:15.0743 3488  taphss6 - ok
21:12:15.0747 3488  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:12:15.0749 3488  TapiSrv - ok
21:12:15.0751 3488  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:12:15.0752 3488  TBS - ok
21:12:15.0764 3488  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:12:15.0774 3488  Tcpip - ok
21:12:15.0785 3488  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:12:15.0790 3488  TCPIP6 - ok
21:12:15.0793 3488  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:12:15.0794 3488  tcpipreg - ok
21:12:15.0796 3488  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:12:15.0796 3488  TDPIPE - ok
21:12:15.0798 3488  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:12:15.0799 3488  TDTCP - ok
21:12:15.0801 3488  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:12:15.0802 3488  tdx - ok
21:12:15.0804 3488  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:12:15.0804 3488  TermDD - ok
21:12:15.0810 3488  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:12:15.0814 3488  TermService - ok
21:12:15.0816 3488  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:12:15.0817 3488  Themes - ok
21:12:15.0819 3488  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:12:15.0820 3488  THREADORDER - ok
21:12:15.0822 3488  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:12:15.0823 3488  TrkWks - ok
21:12:15.0826 3488  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:12:15.0827 3488  TrustedInstaller - ok
21:12:15.0829 3488  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:12:15.0830 3488  tssecsrv - ok
21:12:15.0832 3488  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:12:15.0832 3488  TsUsbFlt - ok
21:12:15.0834 3488  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:12:15.0835 3488  TsUsbGD - ok
21:12:15.0837 3488  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:12:15.0838 3488  tunnel - ok
21:12:15.0840 3488  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:12:15.0841 3488  uagp35 - ok
21:12:15.0844 3488  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:12:15.0846 3488  udfs - ok
21:12:15.0852 3488  [ B7A165DDC6B2C8ACCFD5986933940285 ] UI Assistant Service C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe
21:12:15.0853 3488  UI Assistant Service - ok
21:12:15.0854 3488  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:12:15.0856 3488  UI0Detect - ok
21:12:15.0857 3488  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:12:15.0858 3488  uliagpkx - ok
21:12:15.0860 3488  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:12:15.0861 3488  umbus - ok
21:12:15.0862 3488  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:12:15.0863 3488  UmPass - ok
21:12:15.0866 3488  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
21:12:15.0868 3488  UmRdpService - ok
21:12:15.0873 3488  [ 25F4EFE9D0624C7C7B0EC823DE901BF3 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:12:15.0874 3488  UNS - ok
21:12:15.0879 3488  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:12:15.0881 3488  upnphost - ok
21:12:15.0883 3488  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:12:15.0884 3488  usbaudio - ok
21:12:15.0886 3488  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:12:15.0887 3488  usbccgp - ok
21:12:15.0889 3488  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:12:15.0890 3488  usbcir - ok
21:12:15.0892 3488  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:12:15.0893 3488  usbehci - ok
21:12:15.0897 3488  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:12:15.0899 3488  usbhub - ok
21:12:15.0900 3488  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:12:15.0901 3488  usbohci - ok
21:12:15.0903 3488  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:12:15.0903 3488  usbprint - ok
21:12:15.0905 3488  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:12:15.0906 3488  usbscan - ok
21:12:15.0908 3488  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:12:15.0909 3488  USBSTOR - ok
21:12:15.0911 3488  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:12:15.0911 3488  usbuhci - ok
21:12:15.0914 3488  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:12:15.0915 3488  usbvideo - ok
21:12:15.0917 3488  [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
21:12:15.0918 3488  usb_rndisx - ok
21:12:15.0920 3488  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:12:15.0921 3488  UxSms - ok
21:12:15.0922 3488  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:12:15.0923 3488  VaultSvc - ok
21:12:15.0924 3488  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:12:15.0925 3488  vdrvroot - ok
21:12:15.0930 3488  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:12:15.0933 3488  vds - ok
21:12:15.0935 3488  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:12:15.0936 3488  vga - ok
21:12:15.0937 3488  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:12:15.0938 3488  VgaSave - ok
21:12:15.0941 3488  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:12:15.0942 3488  vhdmp - ok
21:12:15.0944 3488  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:12:15.0944 3488  viaide - ok
21:12:15.0947 3488  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:12:15.0949 3488  vmbus - ok
21:12:15.0951 3488  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:12:15.0951 3488  VMBusHID - ok
21:12:15.0952 3488  vmci - ok
21:12:15.0954 3488  VMnetAdapter - ok
21:12:15.0956 3488  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:12:15.0957 3488  volmgr - ok
21:12:15.0961 3488  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:12:15.0963 3488  volmgrx - ok
21:12:15.0966 3488  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:12:15.0968 3488  volsnap - ok
21:12:15.0970 3488  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:12:15.0972 3488  vsmraid - ok
21:12:15.0983 3488  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:12:15.0992 3488  VSS - ok
21:12:15.0994 3488  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:12:15.0995 3488  vwifibus - ok
21:12:15.0999 3488  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:12:16.0002 3488  W32Time - ok
21:12:16.0004 3488  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:12:16.0005 3488  WacomPen - ok
21:12:16.0007 3488  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:12:16.0007 3488  WANARP - ok
21:12:16.0009 3488  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:12:16.0009 3488  Wanarpv6 - ok
21:12:16.0018 3488  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:12:16.0025 3488  WatAdminSvc - ok
21:12:16.0036 3488  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:12:16.0045 3488  wbengine - ok
21:12:16.0048 3488  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:12:16.0050 3488  WbioSrvc - ok
21:12:16.0054 3488  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:12:16.0056 3488  wcncsvc - ok
21:12:16.0058 3488  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:12:16.0059 3488  WcsPlugInService - ok
21:12:16.0061 3488  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
21:12:16.0061 3488  Wd - ok
21:12:16.0068 3488  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:12:16.0072 3488  Wdf01000 - ok
21:12:16.0075 3488  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:12:16.0076 3488  WdiServiceHost - ok
21:12:16.0077 3488  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:12:16.0078 3488  WdiSystemHost - ok
21:12:16.0081 3488  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:12:16.0083 3488  WebClient - ok
21:12:16.0086 3488  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:12:16.0088 3488  Wecsvc - ok
21:12:16.0090 3488  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:12:16.0092 3488  wercplsupport - ok
21:12:16.0094 3488  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:12:16.0095 3488  WerSvc - ok
21:12:16.0097 3488  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:12:16.0097 3488  WfpLwf - ok
21:12:16.0099 3488  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:12:16.0099 3488  WIMMount - ok
21:12:16.0100 3488  WinDefend - ok
21:12:16.0103 3488  WinHttpAutoProxySvc - ok
21:12:16.0107 3488  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:12:16.0109 3488  Winmgmt - ok
21:12:16.0112 3488  WinRing0_1_2_0 - ok
21:12:16.0125 3488  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:12:16.0135 3488  WinRM - ok
21:12:16.0139 3488  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:12:16.0140 3488  WinUsb - ok
21:12:16.0147 3488  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:12:16.0152 3488  Wlansvc - ok
21:12:16.0168 3488  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:12:16.0174 3488  wlidsvc - ok
21:12:16.0176 3488  [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
21:12:16.0176 3488  WmBEnum - ok
21:12:16.0179 3488  [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
21:12:16.0180 3488  WmFilter - ok
21:12:16.0181 3488  [ AC4331AF118A720F13C9C5CABBFE27BD ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
21:12:16.0182 3488  WmHidLo - ok
21:12:16.0184 3488  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:12:16.0184 3488  WmiAcpi - ok
21:12:16.0188 3488  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:12:16.0189 3488  wmiApSrv - ok
21:12:16.0191 3488  WMPNetworkSvc - ok
21:12:16.0192 3488  [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
21:12:16.0193 3488  WmVirHid - ok
21:12:16.0195 3488  [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
21:12:16.0195 3488  WmXlCore - ok
21:12:16.0197 3488  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:12:16.0198 3488  WPCSvc - ok
21:12:16.0200 3488  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:12:16.0201 3488  WPDBusEnum - ok
21:12:16.0203 3488  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:12:16.0203 3488  ws2ifsl - ok
21:12:16.0206 3488  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:12:16.0207 3488  wscsvc - ok
21:12:16.0208 3488  WSearch - ok
21:12:16.0223 3488  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:12:16.0236 3488  wuauserv - ok
21:12:16.0239 3488  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:12:16.0240 3488  WudfPf - ok
21:12:16.0243 3488  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:12:16.0244 3488  WUDFRd - ok
21:12:16.0246 3488  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:12:16.0248 3488  wudfsvc - ok
21:12:16.0251 3488  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:12:16.0253 3488  WwanSvc - ok
21:12:16.0256 3488  [ F98415E5B83742C901D0A336972509A0 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
21:12:16.0257 3488  ZTEusbmdm6k - ok
21:12:16.0259 3488  [ F98415E5B83742C901D0A336972509A0 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
21:12:16.0260 3488  ZTEusbnmea - ok
21:12:16.0263 3488  [ F98415E5B83742C901D0A336972509A0 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
21:12:16.0264 3488  ZTEusbser6k - ok
21:12:16.0267 3488  ================ Scan global ===============================
21:12:16.0268 3488  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:12:16.0272 3488  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:12:16.0276 3488  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:12:16.0278 3488  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:12:16.0282 3488  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:12:16.0284 3488  [Global] - ok
21:12:16.0284 3488  ================ Scan MBR ==================================
21:12:16.0285 3488  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:12:16.0338 3488  \Device\Harddisk0\DR0 - ok
21:12:16.0340 3488  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:12:16.0421 3488  \Device\Harddisk1\DR1 - ok
21:12:16.0422 3488  ================ Scan VBR ==================================
21:12:16.0423 3488  [ 24199B93F9D83AC8808ED9F604850085 ] \Device\Harddisk0\DR0\Partition1
21:12:16.0423 3488  \Device\Harddisk0\DR0\Partition1 - ok
21:12:16.0424 3488  [ BBFA4643D09DA6400CD893AC629C8807 ] \Device\Harddisk0\DR0\Partition2
21:12:16.0425 3488  \Device\Harddisk0\DR0\Partition2 - ok
21:12:16.0426 3488  [ 92643C877A2D74ED1BB9BBD0C140062D ] \Device\Harddisk1\DR1\Partition1
21:12:16.0427 3488  \Device\Harddisk1\DR1\Partition1 - ok
21:12:16.0428 3488  [ E1BFE20B457F95C48CAE809EA43DD351 ] \Device\Harddisk1\DR1\Partition2
21:12:16.0428 3488  \Device\Harddisk1\DR1\Partition2 - ok
21:12:16.0429 3488  [ 681CEA5549DBA4239F62CE29EAE95CD2 ] \Device\Harddisk1\DR1\Partition3
21:12:16.0430 3488  \Device\Harddisk1\DR1\Partition3 - ok
21:12:16.0430 3488  ============================================================
21:12:16.0430 3488  Scan finished
21:12:16.0430 3488  ============================================================
21:12:16.0434 1836  Detected object count: 0
21:12:16.0434 1836  Actual detected object count: 0




A teraz nowe logi z OTL:

Kod: Zaznacz cały

OTL logfile created on: 2013-04-11 21:16:10 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sapphire21\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,95 Gb Total Physical Memory | 5,71 Gb Available Physical Memory | 71,81% Memory free
9,95 Gb Paging File | 7,19 Gb Available in Paging File | 72,27% Paging File free
Paging file location(s): c:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 33,84 Gb Free Space | 28,40% Space Free | Partition Type: NTFS
Drive D: | 1,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 49,81 Gb Total Space | 11,67 Gb Free Space | 23,42% Space Free | Partition Type: NTFS
Drive F: | 220,14 Gb Total Space | 186,28 Gb Free Space | 84,62% Space Free | Partition Type: NTFS
Drive G: | 195,80 Gb Total Space | 19,02 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
 
Computer Name: KOMPUTER-COOKIE | User Name: Sapphire21 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-04-11 20:05:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sapphire21\Downloads\OTL.exe
PRC - [2013-04-10 19:27:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013-04-09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-03-29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013-03-26 09:21:39 | 003,497,552 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2013-03-14 12:33:10 | 001,977,328 | ---- | M] (Micro-Star International) -- C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
PRC - [2013-01-30 19:47:52 | 002,979,528 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
PRC - [2012-12-31 14:23:34 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012-12-18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-14 16:37:18 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012-12-10 18:05:34 | 000,853,048 | ---- | M] (Micro-Star INT'L CO.,LTD.) -- C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
PRC - [2012-11-16 15:24:44 | 000,913,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012-10-26 11:07:34 | 000,103,992 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
PRC - [2012-07-03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012-05-21 01:26:26 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-03-29 14:38:25 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-03-29 14:38:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-03-29 14:38:06 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2010-04-30 11:36:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe
PRC - [2010-04-28 18:25:44 | 000,228,352 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
PRC - [2009-03-24 15:00:00 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe
PRC - [2009-03-24 14:59:04 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\ZTE Join Air\UIExec.exe
PRC - [2007-02-14 12:11:18 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-04-09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013-04-09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013-04-09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013-04-09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013-04-09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013-04-09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013-03-29 21:53:56 | 001,114,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2013-03-27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013-03-26 09:21:39 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dll
MOD - [2013-03-26 00:23:34 | 000,651,776 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013-02-27 00:37:50 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
MOD - [2013-01-11 18:48:41 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013-01-10 00:26:55 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
MOD - [2013-01-10 00:26:48 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
MOD - [2013-01-10 00:26:45 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013-01-10 00:26:45 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013-01-10 00:26:44 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
MOD - [2013-01-10 00:26:43 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013-01-10 00:26:43 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013-01-10 00:26:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013-01-10 00:26:40 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012-12-14 16:37:18 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012-12-13 16:50:58 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\Samsung SSD Magician\Samsung_authentic_SSD.dll
MOD - [2012-12-11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-12-11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-12-11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2010-04-30 11:36:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe
MOD - [2010-04-28 18:25:44 | 000,228,352 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
MOD - [2009-03-24 14:59:04 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\ZTE Join Air\UIExec.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012-12-19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012-11-16 15:24:44 | 000,913,184 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2012-09-05 20:38:06 | 006,364,024 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:[b]64bit:[/b] - [2012-06-05 18:40:38 | 000,190,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2012-03-07 03:00:46 | 000,629,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2010-12-13 15:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-04-10 19:27:41 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013-03-21 00:49:41 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-03-13 16:18:39 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-01-08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-12-18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-10-26 11:07:34 | 000,103,992 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe -- (MSI_FastBoot)
SRV - [2012-03-29 14:38:25 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-03-29 14:38:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-03-29 14:38:06 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-24 15:00:00 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe -- (UI Assistant Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013-02-12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2013-01-12 11:40:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2013-01-10 21:44:02 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2012-12-19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012-12-19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-11-16 14:56:48 | 000,209,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2012-11-16 14:56:48 | 000,062,024 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2012-11-06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-07-31 11:45:10 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-05-21 01:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-03-30 16:38:26 | 000,222,064 | ---- | M] (Focusrite A.E.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Saffire.sys -- (Saffire)
DRV:[b]64bit:[/b] - [2012-03-30 16:38:26 | 000,050,800 | ---- | M] (Focusrite A.E.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaffireMidi.sys -- (SaffireMidi)
DRV:[b]64bit:[/b] - [2012-03-30 16:38:26 | 000,040,176 | ---- | M] (Focusrite A.E.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaffireAudio.sys -- (SaffireAudio)
DRV:[b]64bit:[/b] - [2012-03-15 21:57:30 | 000,514,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:[b]64bit:[/b] - [2012-03-14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-01-06 11:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:[b]64bit:[/b] - [2011-11-10 17:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-12-13 15:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-04-27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:[b]64bit:[/b] - [2010-04-27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:[b]64bit:[/b] - [2010-04-27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:[b]64bit:[/b] - [2010-04-27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:[b]64bit:[/b] - [2010-04-27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:[b]64bit:[/b] - [2009-11-18 08:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:[b]64bit:[/b] - [2009-09-19 17:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2009-09-19 17:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2009-09-19 17:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:[b]64bit:[/b] - [2009-09-04 12:41:24 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2006-01-19 18:33:26 | 000,493,440 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WlanBZ64.sys -- (SG762_64)
DRV:[b]64bit:[/b] - [2006-01-19 18:27:00 | 000,366,080 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WlanUZ64.sys -- (SG760_64)
DRV:[b]64bit:[/b] - [2005-11-07 15:33:12 | 000,021,120 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DB3G.sys -- (Razerlow)
DRV - [2012-10-26 10:56:46 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys -- (NTIOLib_FastBoot)
DRV - [2010-10-22 11:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher%40ea.com:5.0.200.0
FF - prefs.js..extensions.enabledAddons: %7B2c93446d-612b-416d-9af0-b7355797b611%7D:3.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012-12-14 16:18:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-08 13:29:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-03-21 00:49:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-03-21 00:49:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-14 16:18:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-08 13:29:38 | 000,000,000 | ---D | M]
 
[2013-02-09 00:11:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sapphire21\AppData\Roaming\mozilla\Extensions
[2013-04-11 21:08:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sapphire21\AppData\Roaming\mozilla\Firefox\Profiles\yt7jo4du.default\extensions
[2013-03-21 00:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\Sapphire21\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YT7JO4DU.DEFAULT\EXTENSIONS\{2C93446D-612B-416D-9AF0-B7355797B611}.XPI
File not found (No name found) -- C:\USERS\Sapphire21\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YT7JO4DU.DEFAULT\EXTENSIONS\BATTLEFIELDHEROESPATCHER@EA.COM
[2013-03-21 00:49:41 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-11 04:06:08 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2013-03-02 18:21:19 | 000,002,980 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2013-03-02 18:21:19 | 000,001,619 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2013-03-02 18:21:19 | 000,001,130 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2013-03-02 18:21:19 | 000,001,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2013-03-02 18:21:19 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013-03-02 18:21:19 | 000,001,896 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Sapphire21\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Sapphire21\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - Extension: Dokumenty Google = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\Sapphire21\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe (MSI CO.,LTD.)
O4 - HKLM..\Run: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe ()
O4 - HKLM..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\ZTE Join Air\UIExec.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Sapphire21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-948138967-3353641718-1021249596-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{641C063E-4A90-4F27-82F4-25C372495F7C}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF5B498A-AF4B-46B6-A9C3-AEDCAC905911}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4C68899-615E-4900-BF3C-54A644478AF2}: DhcpNameServer = 62.21.99.95
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-06-21 21:07:56 | 000,000,144 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{4c9a9432-5c86-11e2-8eb4-8c89a5c1428f}\Shell - "" = AutoRun
O33 - MountPoints2\{4c9a9432-5c86-11e2-8eb4-8c89a5c1428f}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2007-06-21 21:05:53 | 000,300,036 | R--- | M] ()
O33 - MountPoints2\{4c9a9432-5c86-11e2-8eb4-8c89a5c1428f}\Shell\setup\command - "" = D:\Setup.exe -- [2007-06-21 21:05:53 | 000,300,036 | R--- | M] ()
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setup.exe -- [2007-06-21 21:05:53 | 000,300,036 | R--- | M] ()
O33 - MountPoints2\D\Shell\setup\command - "" = D:\Setup.exe -- [2007-06-21 21:05:53 | 000,300,036 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-04-11 21:11:04 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sapphire21\Desktop\TDSSKiller.exe
[2013-04-11 21:01:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-04-11 07:25:35 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-04-11 07:25:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-04-11 07:25:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-04-11 07:25:35 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-04-11 07:25:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-04-11 07:25:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-04-11 07:25:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-04-11 07:25:34 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-04-11 07:25:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-04-11 07:25:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-04-11 07:25:33 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-04-11 07:25:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-04-11 07:25:32 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-04-11 07:25:32 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-04-11 07:25:32 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-04-11 07:24:50 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013-04-11 07:24:49 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013-04-11 07:24:49 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013-04-11 07:24:49 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013-04-11 07:24:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013-04-11 07:24:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013-04-11 07:24:46 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013-04-11 07:24:46 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013-04-11 07:24:46 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013-04-11 07:24:45 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013-04-11 07:24:45 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013-04-11 07:24:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013-04-10 23:25:01 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Heaven
[2013-04-10 23:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
[2013-04-10 23:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unigine
[2013-04-10 23:12:17 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
[2013-04-10 23:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2013-04-10 23:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
[2013-04-10 23:05:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Geeks3D
[2013-04-10 18:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2013-04-10 17:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-04-10 17:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-04-10 17:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-04-10 17:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013-04-10 17:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013-04-10 17:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-04-10 17:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013-04-10 17:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013-04-10 17:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013-04-07 16:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013-04-07 16:43:35 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Roaming\Winamp
[2013-04-07 16:43:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013-04-07 10:50:24 | 000,000,000 | -HSD | C] -- C:\Users\Sapphire21\wc
[2013-04-07 10:50:24 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Local\Ubisoft
[2013-04-07 10:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher
[2013-04-07 10:50:21 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Roaming\Ubisoft
[2013-04-06 19:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician
[2013-04-06 19:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung SSD Magician
[2013-04-03 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Local\CrashRpt
[2013-04-03 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Documents\Arktos
[2013-04-03 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Local\Arktos
[2013-04-02 23:09:16 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Documents\The War Z
[2013-04-02 23:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The War Z
[2013-03-26 19:59:00 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2013-03-26 19:59:00 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013-03-26 19:59:00 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2013-03-26 19:59:00 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2013-03-26 19:59:00 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX
[2013-03-26 19:59:00 | 000,067,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SYSINFO.OCX
[2013-03-26 19:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedTestPro
[2013-03-26 19:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedTestPro
[2013-03-26 19:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AF Uninstalls
[2013-03-25 23:39:27 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Documents\Battlefield Heroes
[2013-03-25 23:29:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2013-03-25 18:38:59 | 000,000,000 | -H-D | C] -- C:\Users\Sapphire21\Documents\Runes of Magic
[2013-03-25 18:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Overwolf
[2013-03-25 17:47:41 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Local\Overwolf
[2013-03-21 19:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2013-03-21 19:25:33 | 000,085,504 | ---- | C] (Razer Inc.) -- C:\Windows\SysWow64\diamondback.cpl
[2013-03-21 19:25:32 | 000,021,120 | ---- | C] (Razer (Asia-Pacific) Pte Ltd) -- C:\Windows\SysNative\drivers\DB3G.sys
[2013-03-21 19:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2013-03-21 19:25:14 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\AppData\Roaming\InstallShield
[2013-03-21 13:26:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys
[2013-03-21 13:26:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013-03-21 11:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2013-03-21 11:04:31 | 000,000,000 | ---D | C] -- C:\MSI
[2013-03-21 11:01:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013-03-21 11:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013-03-21 11:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013-03-21 11:00:44 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2013-03-21 00:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-03-20 07:57:07 | 000,000,000 | ---D | C] -- C:\Users\Sapphire21\Documents\Niestandardowe szablony pakietu Office
[2013-03-14 10:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rFactor
[2013-03-14 10:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rFactor
[2013-03-14 01:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013-03-14 01:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013-03-14 01:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[1 C:\Users\Sapphire21\Documents\*.tmp files -> C:\Users\Sapphire21\Documents\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-04-11 21:15:32 | 000,032,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-04-11 21:15:32 | 000,032,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-04-11 21:14:10 | 002,221,856 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-04-11 21:14:10 | 001,193,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-04-11 21:14:10 | 000,664,500 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-04-11 21:14:10 | 000,607,202 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-04-11 21:14:10 | 000,006,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-04-11 21:08:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-04-11 19:31:16 | 000,131,941 | ---- | M] () -- C:\Users\Sapphire21\Desktop\duel_miniaturka_odc1.jpg
[2013-04-11 19:30:58 | 000,133,391 | ---- | M] () -- C:\Users\Sapphire21\Desktop\duel_miniaturka_odc2.jpg
[2013-04-11 19:25:25 | 001,422,571 | ---- | M] () -- C:\Users\Sapphire21\Desktop\Might-And-Magic-Duel-Of-Champions_S_Primal_PL_GamesCom.png
[2013-04-11 19:25:09 | 000,189,559 | ---- | M] () -- C:\Users\Sapphire21\Desktop\Logo.png
[2013-04-11 16:38:53 | 000,000,222 | ---- | M] () -- C:\Users\Sapphire21\Desktop\Sleeping Dogs.url
[2013-04-11 11:29:50 | 001,065,984 | ---- | M] () -- C:\Users\Sapphire21\AppData\Local\file__0.localstorage
[2013-04-11 07:42:15 | 005,012,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-04-11 00:06:10 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013-04-11 00:06:10 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013-04-11 00:06:01 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013-04-10 23:48:35 | 000,015,848 | ---- | M] () -- C:\Users\Sapphire21\Documents\lol123.veg
[2013-04-10 23:24:32 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2013-04-10 19:27:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-04-10 18:55:20 | 000,001,188 | ---- | M] () -- C:\Users\Sapphire21\Desktop\Battlefield 3.lnk
[2013-04-08 17:53:06 | 000,000,132 | ---- | M] () -- C:\Users\Sapphire21\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-04-07 10:50:22 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\Duel of Champions Launcher.lnk
[2013-04-07 10:10:28 | 000,000,065 | ---- | M] () -- C:\Windows\wininit.ini
[2013-04-06 19:06:21 | 000,001,189 | ---- | M] () -- C:\Users\Sapphire21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2013-04-05 13:48:24 | 007,013,713 | ---- | M] () -- C:\Users\Sapphire21\tył.EPS
[2013-04-05 13:42:51 | 002,660,237 | ---- | M] () -- C:\Users\Sapphire21\tył.PNG
[2013-04-05 13:42:33 | 001,113,816 | ---- | M] () -- C:\Users\Sapphire21\przód.PNG
[2013-04-04 15:42:01 | 000,030,704 | ---- | M] () -- C:\Users\Sapphire21\Documents\projje.veg
[2013-04-04 13:09:38 | 000,022,240 | ---- | M] () -- C:\Users\Sapphire21\Documents\sss.veg
[2013-03-28 15:45:44 | 000,022,000 | ---- | M] () -- C:\Users\Sapphire21\Documents\duskaicookie.veg
[2013-03-28 14:48:16 | 000,012,800 | ---- | M] () -- C:\Users\Sapphire21\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-27 16:04:15 | 000,044,992 | ---- | M] () -- C:\Users\Sapphire21\Documents\missska.veg
[2013-03-27 14:36:18 | 000,027,120 | ---- | M] () -- C:\Users\Sapphire21\Documents\kuki.veg
[2013-03-27 13:55:54 | 000,027,704 | ---- | M] () -- C:\Users\Sapphire21\Documents\kuki.veg.bak
[2013-03-27 13:46:39 | 006,439,826 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 6 - 4.wav
[2013-03-27 13:46:39 | 000,025,208 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 6 - 4.sfk
[2013-03-26 19:59:07 | 000,000,185 | ---- | M] () -- C:\Windows\SysWow64\msblcd32.dll
[2013-03-26 19:59:00 | 001,081,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2013-03-26 19:59:00 | 000,662,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013-03-26 19:59:00 | 000,212,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2013-03-26 19:59:00 | 000,152,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2013-03-26 19:59:00 | 000,124,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX
[2013-03-26 19:59:00 | 000,067,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SYSINFO.OCX
[2013-03-26 09:55:14 | 000,067,568 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 6.sfk
[2013-03-26 09:53:45 | 012,058,030 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 7.wav
[2013-03-26 09:53:45 | 000,047,160 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 7.sfk
[2013-03-26 09:51:59 | 008,640,750 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 6.wav
[2013-03-26 09:49:27 | 011,860,130 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 5.wav
[2013-03-26 09:49:27 | 000,046,384 | ---- | M] () -- C:\Users\Sapphire21\Documents\Track 1 - 5.sfk
[2013-03-25 21:18:17 | 000,000,858 | ---- | M] () -- C:\Windows\client.config.ini
[2013-03-25 17:13:35 | 000,061,480 | ---- | M] () -- C:\Users\Sapphire21\Documents\lesin.veg
[2013-03-25 17:10:40 | 000,061,712 | ---- | M] () -- C:\Users\Sapphire21\Documents\lesin.veg.bak
[2013-03-19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013-03-19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013-03-19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013-03-19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013-03-19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013-03-19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013-03-13 16:18:39 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-03-13 16:18:39 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Users\Sapphire21\Documents\*.tmp files -> C:\Users\Sapphire21\Documents\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-04-11 19:31:15 | 000,131,941 | ---- | C] () -- C:\Users\Sapphire21\Desktop\duel_miniaturka_odc1.jpg
[2013-04-11 19:30:57 | 000,133,391 | ---- | C] () -- C:\Users\Sapphire21\Desktop\duel_miniaturka_odc2.jpg
[2013-04-11 19:25:25 | 001,422,571 | ---- | C] () -- C:\Users\Sapphire21\Desktop\Might-And-Magic-Duel-Of-Champions_S_Primal_PL_GamesCom.png
[2013-04-11 19:25:09 | 000,189,559 | ---- | C] () -- C:\Users\Sapphire21\Desktop\Logo.png
[2013-04-11 16:38:53 | 000,000,222 | ---- | C] () -- C:\Users\Sapphire21\Desktop\Sleeping Dogs.url
[2013-04-10 23:48:35 | 000,015,848 | ---- | C] () -- C:\Users\Sapphire21\Documents\lol123.veg
[2013-04-10 23:24:47 | 001,065,984 | ---- | C] () -- C:\Users\Sapphire21\AppData\Local\file__0.localstorage
[2013-04-10 23:24:32 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
[2013-04-10 18:55:20 | 000,001,188 | ---- | C] () -- C:\Users\Sapphire21\Desktop\Battlefield 3.lnk
[2013-04-07 10:50:22 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\Duel of Champions Launcher.lnk
[2013-04-07 10:10:28 | 000,000,065 | ---- | C] () -- C:\Windows\wininit.ini
[2013-04-06 19:06:21 | 000,001,189 | ---- | C] () -- C:\Users\Sapphire21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2013-04-05 13:48:19 | 007,013,713 | ---- | C] () -- C:\Users\Sapphire21\tył.EPS
[2013-04-05 13:41:45 | 002,660,237 | ---- | C] () -- C:\Users\Sapphire21\tył.PNG
[2013-04-05 13:41:45 | 001,113,816 | ---- | C] () -- C:\Users\Sapphire21\przód.PNG
[2013-04-04 15:42:01 | 000,030,704 | ---- | C] () -- C:\Users\Sapphire21\Documents\projje.veg
[2013-04-04 13:09:38 | 000,022,240 | ---- | C] () -- C:\Users\Sapphire21\Documents\sss.veg
[2013-03-28 15:45:44 | 000,022,000 | ---- | C] () -- C:\Users\Sapphire21\Documents\duskaicookie.veg
[2013-03-27 16:04:15 | 000,044,992 | ---- | C] () -- C:\Users\Sapphire21\Documents\missska.veg
[2013-03-27 13:55:53 | 000,027,704 | ---- | C] () -- C:\Users\Sapphire21\Documents\kuki.veg.bak
[2013-03-27 13:55:53 | 000,027,120 | ---- | C] () -- C:\Users\Sapphire21\Documents\kuki.veg
[2013-03-27 13:46:39 | 000,025,208 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 6 - 4.sfk
[2013-03-27 13:45:01 | 006,439,826 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 6 - 4.wav
[2013-03-26 19:59:07 | 000,000,185 | ---- | C] () -- C:\Windows\SysWow64\msblcd32.dll
[2013-03-26 09:53:45 | 000,047,160 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 7.sfk
[2013-03-26 09:51:59 | 012,058,030 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 7.wav
[2013-03-26 09:51:59 | 000,067,568 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 6.sfk
[2013-03-26 09:49:27 | 008,640,750 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 6.wav
[2013-03-26 09:49:27 | 000,046,384 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 5.sfk
[2013-03-26 09:48:01 | 011,860,130 | ---- | C] () -- C:\Users\Sapphire21\Documents\Track 1 - 5.wav
[2013-03-25 19:14:42 | 000,000,858 | ---- | C] () -- C:\Windows\client.config.ini
[2013-03-25 17:10:40 | 000,061,712 | ---- | C] () -- C:\Users\Sapphire21\Documents\lesin.veg.bak
[2013-03-25 17:10:40 | 000,061,480 | ---- | C] () -- C:\Users\Sapphire21\Documents\lesin.veg
[2013-03-21 11:01:21 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013-03-05 22:57:24 | 004,705,235 | ---- | C] () -- C:\Users\Sapphire21\IMG_1136.JPG
[2013-03-05 22:57:24 | 004,510,388 | ---- | C] () -- C:\Users\Sapphire21\IMG_1147.JPG
[2013-03-02 22:07:14 | 004,859,501 | ---- | C] () -- C:\Users\Sapphire21\IMG_1079.JPG
[2013-03-02 22:07:14 | 003,210,205 | ---- | C] () -- C:\Users\Sapphire21\IMG_0967.JPG
[2013-02-03 00:19:04 | 000,000,117 | ---- | C] () -- C:\Users\Sapphire21\kvirc4.ini
[2013-01-28 21:04:20 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013-01-25 14:30:02 | 000,012,800 | ---- | C] () -- C:\Users\Sapphire21\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-08 13:28:40 | 000,169,716 | ---- | C] () -- C:\Windows\hpoins34.dat
[2013-01-08 13:28:40 | 000,000,396 | ---- | C] () -- C:\Windows\hpomdl34.dat
[2013-01-05 17:12:36 | 000,000,132 | ---- | C] () -- C:\Users\Sapphire21\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-01-05 13:51:24 | 001,107,966 | ---- | C] () -- C:\Users\Sapphire21\42134.png
[2013-01-05 13:51:24 | 001,071,908 | ---- | C] () -- C:\Users\Sapphire21\453265487689.png
[2013-01-05 13:51:24 | 000,565,779 | ---- | C] () -- C:\Users\Sapphire21\1231324141.png
[2012-12-20 22:23:08 | 000,006,480 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-12-16 15:35:41 | 000,000,046 | ---- | C] () -- C:\Windows\adiras.ini
[2012-12-14 20:26:34 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-12-14 20:26:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-12-14 20:26:33 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-12-14 16:36:39 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\Uninstall.dll
[2012-12-14 16:21:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-09-28 17:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012-09-28 03:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-09-28 03:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-07-12 16:25:22 | 000,639,488 | ---- | C] () -- C:\Windows\SysWow64\ficvdec_x86.dll
[2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-03-07 02:40:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-04-06 11:42:53 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\.minecraft
[2013-02-14 17:24:58 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Antares
[2013-01-29 03:03:29 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Bitcoin
[2013-02-04 14:37:19 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-01-12 11:40:59 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\DAEMON Tools Lite
[2012-12-14 16:19:09 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\ESET
[2012-12-14 23:10:01 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\HD Tune Pro
[2012-12-14 17:57:51 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\iZotope
[2013-02-03 00:19:51 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\KVIrc4
[2012-12-14 17:19:59 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\LolClient
[2013-01-03 10:14:37 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Mirillis
[2013-01-09 17:27:39 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\NapiProjekt
[2013-02-28 22:07:42 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Notepad++
[2013-01-28 23:37:02 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\OBS
[2013-01-16 11:08:55 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Origin
[2012-12-31 17:53:18 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Publish Providers
[2013-02-14 14:56:52 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\REAPER
[2013-01-02 23:40:31 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Screaming Bee
[2012-12-31 17:57:55 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Sony
[2013-01-30 19:21:17 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Sony Creative Software Inc
[2013-01-05 16:18:26 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\SplitMediaLabs
[2013-03-02 13:04:46 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013-01-12 11:59:41 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Subversion
[2013-03-02 00:53:28 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\TeamViewer
[2013-01-25 16:15:49 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\TechSmith
[2013-04-08 22:54:15 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\TS3Client
[2013-04-07 10:50:21 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\Ubisoft
[2013-04-11 21:14:13 | 000,000,000 | ---D | M] -- C:\Users\Sapphire21\AppData\Roaming\uTorrent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >


I jak ?

[kominekl]

Logi z usuwania (Za pierwszym razem zapomniałem zmienić w logach nazwę użytkownika w C:\Users - Oryginalnie mam Imię i Nazwisko - wiem, mało to bezpieczne, dlatego pusciłem drugi raz)

Nazwa użytkownika w logu musi być taka sama, jak w systemie. Zagrożenie tutaj jest zerowe.

Logi.

Mają być oba logi z OTL (jak widać w instrukcji Extras.txt tworzy się, gdy w sekcji Rejestr - Skan Dodatkowy użyjemy opcji -> Użyj Filtrowania). Poza tym, zgodnie z instrukcją logi podajemy za pomocą hostingu Dostępne tylko dla zarejestrowanych użytkowników.