OTL logfile created on: 2013-05-22 17:39:28 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = F:\!Download 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,88 Gb Total Physical Memory | 4,54 Gb Available Physical Memory | 57,64% Memory free 8,85 Gb Paging File | 5,70 Gb Available in Paging File | 64,39% Paging File free Paging file location(s): c:\pagefile.sys 1000 8000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 59,53 Gb Total Space | 8,26 Gb Free Space | 13,87% Space Free | Partition Type: NTFS Drive D: | 3750,10 Gb Total Space | 894,15 Gb Free Space | 23,84% Space Free | Partition Type: NTFS Drive E: | 117,19 Gb Total Space | 78,31 Gb Free Space | 66,83% Space Free | Partition Type: NTFS Drive F: | 1721,26 Gb Total Space | 234,19 Gb Free Space | 13,61% Space Free | Partition Type: NTFS Drive G: | 238,47 Gb Total Space | 238,38 Gb Free Space | 99,96% Space Free | Partition Type: NTFS Drive H: | 1863,01 Gb Total Space | 601,73 Gb Free Space | 32,30% Space Free | Partition Type: NTFS Computer Name: SERV | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-05-22 17:37:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\!Download\OTL.exe PRC - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-05-08 05:33:47 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013-05-07 16:47:12 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013-04-23 09:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe PRC - [2013-04-23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013-04-23 09:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe PRC - [2013-04-10 08:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013-01-23 08:12:42 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe PRC - [2013-01-23 08:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2013-01-19 04:51:31 | 001,129,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2012-11-29 19:47:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012-11-19 13:15:20 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2012-11-19 13:15:20 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012-11-13 15:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe PRC - [2012-11-13 15:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2012-09-18 02:19:50 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-09-18 02:19:48 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-09-18 02:19:34 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012-05-30 07:14:36 | 000,123,904 | ---- | M] (Micro-Star Int'l Co., Ltd.) -- C:\Program Files (x86)\MSI Afterburner\RemoteServer\MSIAfterburnerRemoteServer.exe PRC - [2012-03-23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2012-02-26 18:34:49 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe PRC - [2012-02-26 18:34:49 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe PRC - [2011-10-27 15:56:34 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe PRC - [2010-11-21 05:23:48 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\taskmgr.exe PRC - [2010-10-27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010-10-16 11:00:56 | 000,617,600 | ---- | M] (CM & V) -- C:\Program Files (x86)\DVBViewer\DVBVservice.exe PRC - [2010-03-24 16:17:24 | 000,144,792 | R--- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\MegaRAID Storage Manager\JRE\bin\javaw.exe PRC - [2010-03-18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009-12-21 08:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe PRC - [2009-11-03 14:38:12 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe PRC - [2009-09-09 08:50:00 | 003,514,112 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE PRC - [2009-07-14 03:14:44 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WerFault.exe PRC - [2009-03-25 16:32:18 | 000,102,400 | ---- | M] (LSI) -- C:\Program Files (x86)\MegaRAID Storage Manager\MegaPopup\popup.exe PRC - [2005-12-30 09:15:02 | 000,107,520 | ---- | M] (www.ELMAK.pl) -- C:\Program Files (x86)\irPC\irPC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-05-17 09:29:41 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6f750662bfef47bb20c17230472d8e7f\System.ServiceModel.Discovery.ni.dll MOD - [2013-05-17 09:29:41 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1770f4fb3b437d05badf13679e8ff0bd\System.ServiceModel.Routing.ni.dll MOD - [2013-05-17 09:29:41 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d30d2f75af7cdf3880c1b5d1a2622d81\System.ServiceModel.Channels.ni.dll MOD - [2013-05-17 09:29:28 | 001,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5a838c0771872c7ed471abe4a46e712e\System.ServiceModel.Web.ni.dll MOD - [2013-05-17 09:28:31 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\950a487ee233b20ac56f1e2fbe7b29f6\System.ServiceModel.Activities.ni.dll MOD - [2013-05-17 09:28:30 | 018,123,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\35f10af8371c9953294e6bdc86b5458b\System.ServiceModel.ni.dll MOD - [2013-05-17 09:28:30 | 001,079,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\ce2164d32e319ee1d047119316c19557\System.IdentityModel.ni.dll MOD - [2013-05-17 09:28:16 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\2bb04ca46f8374826e4e6cafae120aa1\System.Runtime.DurableInstancing.ni.dll MOD - [2013-05-17 09:28:15 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c9508bbbee390fa5c287a84d1a88d7d9\System.Runtime.Serialization.ni.dll MOD - [2013-05-16 22:28:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll MOD - [2013-05-16 22:27:54 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll MOD - [2013-05-16 16:12:10 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll MOD - [2013-05-16 16:12:08 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll MOD - [2013-05-16 16:12:04 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll MOD - [2013-04-10 08:56:55 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013-04-04 05:32:22 | 000,016,288 | ---- | M] () -- C:\Program Files (x86)\Java\jre7\bin\jp2native.dll MOD - [2013-02-14 07:56:50 | 001,226,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\4e6c3bdfee038e00582dfdf6dfc8e942\System.WorkflowServices.ni.dll MOD - [2013-02-14 07:56:28 | 000,361,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\40ecf830ae992c8d221f0dc265b02d10\IAStorUtil.ni.dll MOD - [2013-02-08 16:25:59 | 001,027,072 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\cgh1htwx.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll MOD - [2013-01-23 08:12:42 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe MOD - [2013-01-23 08:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe MOD - [2013-01-16 18:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll MOD - [2013-01-16 18:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll MOD - [2013-01-16 18:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll MOD - [2013-01-16 18:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll MOD - [2013-01-16 18:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll MOD - [2013-01-10 06:58:21 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll MOD - [2013-01-10 06:56:05 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013-01-10 06:55:54 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013-01-10 06:55:51 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013-01-10 06:55:47 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013-01-09 17:35:43 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvcInt#\a3f7c523f7f9d86dcf0d1af844d1c73f\IAStorDataMgrSvcInterfaces.ni.dll MOD - [2013-01-09 17:35:41 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\54b8e04a99db645ea668181c325cc4dd\IAStorCommon.ni.dll MOD - [2013-01-09 17:35:35 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll MOD - [2013-01-09 17:35:27 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\a9ecbe8beef8c04f60f9127ec6599abf\SMDiagnostics.ni.dll MOD - [2013-01-09 15:50:04 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll MOD - [2013-01-09 15:50:03 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll MOD - [2013-01-09 15:50:02 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll MOD - [2013-01-09 15:49:58 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll MOD - [2012-12-03 17:47:14 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2012-11-30 12:48:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll MOD - [2012-11-30 12:45:56 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll MOD - [2012-11-30 12:26:54 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll MOD - [2012-11-30 12:24:00 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll MOD - [2011-04-30 21:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll MOD - [2011-04-30 21:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll MOD - [2011-03-02 13:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt32.dll MOD - [2011-02-04 19:54:10 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll MOD - [2010-11-21 05:24:01 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll MOD - [2010-01-11 16:24:20 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\AlertStrings.dll MOD - [2009-07-14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll MOD - [2007-04-19 10:39:08 | 000,436,992 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\fpxlib.dll MOD - [2007-04-19 10:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll MOD - [2007-04-19 10:29:42 | 000,273,216 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\magengin.dll MOD - [2007-04-19 10:29:38 | 000,187,136 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\kgl.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-02-03 20:35:28 | 000,183,264 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService) SRV:[b]64bit:[/b] - [2013-02-03 20:35:22 | 000,552,928 | ---- | M] (Soluto) [Auto | Stopped] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService) SRV:[b]64bit:[/b] - [2013-02-03 20:32:58 | 001,239,552 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService) SRV:[b]64bit:[/b] - [2013-01-27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2013-01-27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2012-06-19 20:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2012-02-09 16:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent) SRV:[b]64bit:[/b] - [2011-03-21 17:19:16 | 001,845,248 | ---- | M] (Locktime Software) [On_Demand | Stopped] -- C:\Program Files\NetLimiter 3\nlsvc.exe -- (nlsvc) SRV:[b]64bit:[/b] - [2011-01-14 18:11:02 | 000,163,328 | ---- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent) SRV:[b]64bit:[/b] - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2010-05-02 17:44:30 | 000,039,424 | ---- | M] (KSE - Korndörfer Software Engineering) [Auto | Running] -- C:\Program Files\nHancer\nHancerService.exe -- (nHancer) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-05-08 05:33:47 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013-05-07 16:47:12 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013-04-23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013-04-10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012-12-17 16:46:50 | 000,137,488 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2012-12-14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-11-29 19:47:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-11-19 18:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-11-19 13:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012-09-18 02:19:50 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-09-18 02:19:48 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-09-18 02:19:34 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012-03-23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2012-02-26 18:34:49 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2012-01-17 12:24:10 | 000,055,296 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT) SRV - [2011-10-27 15:56:34 | 000,113,456 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService) SRV - [2011-09-02 06:13:49 | 000,292,136 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service) SRV - [2011-09-02 06:13:47 | 000,075,048 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service) SRV - [2011-08-24 03:13:43 | 000,083,240 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD) SRV - [2011-05-09 13:01:06 | 000,430,080 | ---- | M] (PowerUp Software, LLC) [Auto | Stopped] -- C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc) SRV - [2010-11-21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010-11-21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010-11-21 05:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010-10-16 11:00:56 | 000,617,600 | ---- | M] (CM & V) [Auto | Running] -- C:\Program Files (x86)\DVBViewer\DVBVservice.exe -- (DVBVRecorder) SRV - [2010-03-24 16:15:10 | 000,072,760 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\MegaRAID Storage Manager\Framework\VivaldiFramework.exe -- (MSMFramework) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010-03-02 16:52:22 | 000,495,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\MegaRAID Storage Manager\MegaMonitor\mrmonitor.exe -- (MegaMonitorSrv) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-05-22 16:45:47 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001) DRV:[b]64bit:[/b] - [2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2013-02-25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2013-02-13 12:12:06 | 000,085,864 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:[b]64bit:[/b] - [2013-02-13 12:12:06 | 000,076,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:[b]64bit:[/b] - [2013-02-07 20:37:48 | 000,023,968 | ---- | M] (Resplendence Software Projects Sp.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rspLLL64.sys -- (rspLLL) DRV:[b]64bit:[/b] - [2013-02-03 20:32:42 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto) DRV:[b]64bit:[/b] - [2013-01-24 15:41:26 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA) DRV:[b]64bit:[/b] - [2013-01-20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2013-01-16 17:25:14 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv) DRV:[b]64bit:[/b] - [2012-12-19 20:57:29 | 000,029,672 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32) DRV:[b]64bit:[/b] - [2012-12-14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-11-19 13:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2012-11-19 13:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF) DRV:[b]64bit:[/b] - [2012-10-15 19:09:30 | 000,435,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:[b]64bit:[/b] - [2012-10-09 02:44:58 | 000,322,920 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx) DRV:[b]64bit:[/b] - [2012-09-20 06:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2012-09-20 06:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2012-09-18 11:32:44 | 000,042,808 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:[b]64bit:[/b] - [2012-09-18 11:32:32 | 000,078,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:[b]64bit:[/b] - [2012-09-18 11:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2012-09-18 11:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2012-09-18 11:32:32 | 000,015,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:[b]64bit:[/b] - [2012-08-23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012-08-23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-08-07 09:09:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:[b]64bit:[/b] - [2012-08-07 09:09:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:[b]64bit:[/b] - [2012-07-03 00:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2012-02-09 16:24:16 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT) DRV:[b]64bit:[/b] - [2012-02-09 16:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent) DRV:[b]64bit:[/b] - [2012-02-09 16:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent) DRV:[b]64bit:[/b] - [2012-02-01 17:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2012-01-16 12:43:06 | 000,108,840 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2012-01-13 13:52:38 | 000,031,016 | ---- | M] (ASRock Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AsrRamDisk.sys -- (AsrRamDisk) DRV:[b]64bit:[/b] - [2011-11-26 20:38:12 | 000,053,544 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\megasas2.sys -- (megasas2) DRV:[b]64bit:[/b] - [2011-10-27 15:56:12 | 000,020,784 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts) DRV:[b]64bit:[/b] - [2011-08-23 20:45:36 | 000,432,680 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2011-08-23 06:12:58 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2011-08-22 20:26:46 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k) DRV:[b]64bit:[/b] - [2011-08-22 20:26:34 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:[b]64bit:[/b] - [2011-08-22 16:14:14 | 000,121,856 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\basp.sys -- (Blfp) DRV:[b]64bit:[/b] - [2011-08-08 20:13:12 | 000,198,480 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus) DRV:[b]64bit:[/b] - [2011-08-01 16:59:06 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:[b]64bit:[/b] - [2011-08-01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:[b]64bit:[/b] - [2011-08-01 16:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr) DRV:[b]64bit:[/b] - [2011-03-30 13:05:55 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:[b]64bit:[/b] - [2011-03-21 17:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisPT) DRV:[b]64bit:[/b] - [2011-03-21 17:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisMP) DRV:[b]64bit:[/b] - [2011-03-21 17:44:28 | 000,088,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\Program Files\NetLimiter 3\nltdi.sys -- (nltdi) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-01-26 18:11:04 | 000,023,048 | ---- | M] (ASRock Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsrVDrive.sys -- (AsrVDrive) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-09-21 10:07:08 | 000,312,184 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcSec.sys -- (ArcSec) DRV:[b]64bit:[/b] - [2010-08-09 18:27:36 | 000,774,360 | ---- | M] (TechnoTrend Goerler GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ttBudget2_amd64.sys -- (ttBudget2_NTAMD64) DRV:[b]64bit:[/b] - [2010-07-07 14:44:10 | 000,136,192 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcHlp.sys -- (archlp) DRV:[b]64bit:[/b] - [2010-06-25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:[b]64bit:[/b] - [2010-06-11 15:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger) DRV:[b]64bit:[/b] - [2010-02-22 16:46:36 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap) DRV:[b]64bit:[/b] - [2009-11-18 08:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt) DRV:[b]64bit:[/b] - [2009-11-01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:[b]64bit:[/b] - [2009-10-19 16:10:54 | 001,257,472 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp) DRV:[b]64bit:[/b] - [2009-09-18 06:13:02 | 000,063,520 | ---- | M] (Siano) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smsbda.sys -- (smsbda) DRV:[b]64bit:[/b] - [2009-08-21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:[b]64bit:[/b] - [2009-08-19 12:26:06 | 000,191,960 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs_x64.sys -- (CbFs) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:[b]64bit:[/b] - [2009-06-10 22:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64) DRV:[b]64bit:[/b] - [2009-06-10 22:35:02 | 000,244,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1q60x64.sys -- (e1qexpress) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-01-31 10:24:32 | 000,093,184 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl) DRV:[b]64bit:[/b] - [2008-01-19 07:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir) DRV:[b]64bit:[/b] - [2008-01-09 19:20:44 | 000,712,848 | ---- | M] (www.ext2fsd.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ext2fsd.sys -- (Ext2Fsd) DRV - [2013-01-23 08:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2011-09-02 13:08:46 | 000,148,976 | ---- | M] (CyberLink Corp.) [2011/11/30 19:12:45] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) DRV - [2011-08-24 03:13:44 | 000,075,248 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys -- (ntk_PowerDVD) DRV - [2011-06-02 12:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008-11-14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-228855754-5744613-1243827483-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-228855754-5744613-1243827483-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-228855754-5744613-1243827483-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-228855754-5744613-1243827483-1000\..\SearchScopes\{3A40E547-20FD-44a2-94D0-1C98342D1507}: "URL" = http://search.daum.net/search?nil_profile=ie&ref_code=ms&q={searchTerms} IE - HKU\S-1-5-21-228855754-5744613-1243827483-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16 FF - prefs.js..extensions.enabledAddons: %7B0538E3E3-7E9B-4d49-8831-A227C80A7AD3%7D:2.2.2 FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20 FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.2.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: f:\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-04-19 15:42:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-04-19 15:42:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions [2013-05-21 23:19:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cgh1htwx.default\extensions [2013-04-19 15:52:18 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cgh1htwx.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013-04-19 15:52:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cgh1htwx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-05-21 23:19:40 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cgh1htwx.default\extensions\foxmarks@kei.com [2013-04-24 20:32:32 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\cgh1htwx.default\extensions\support@lastpass.com [2013-05-07 17:57:41 | 000,534,383 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cgh1htwx.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-05-09 14:33:10 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cgh1htwx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-19 15:52:18 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cgh1htwx.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-04-19 15:52:18 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cgh1htwx.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-04-19 16:07:21 | 000,005,998 | ---- | M] () -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cgh1htwx.default\searchplugins\discogs.xml [2013-04-21 18:39:36 | 000,004,140 | ---- | M] () -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\cgh1htwx.default\searchplugins\youtube.xml [2013-04-19 15:42:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013-04-10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013-04-10 10:57:33 | 000,002,980 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2013-04-10 10:57:33 | 000,001,619 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2013-04-10 10:57:33 | 000,001,130 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2013-04-10 10:57:33 | 000,001,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2013-04-10 10:57:33 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2013-04-10 10:57:33 | 000,001,896 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll CHR - plugin: Picasa (Enabled) = f:\Picasa3\npPicasa3.dll CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Logitech SetPoint = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.51.8_0\ CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013-05-22 17:13:37 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [Popup] C:\Program Files (x86)\MegaRAID Storage Manager\MegaPopup\Popup.exe (LSI) O4 - HKLM..\Run: [Windows Service Manager] C:\ProgramData\Windows Service Manager0\jtkyyvgiu.exe () O4 - HKU\S-1-5-21-228855754-5744613-1243827483-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-228855754-5744613-1243827483-1000..\Run: [Windows Service Manager] C:\ProgramData\Windows Service Manager0\jtkyyvgiu.exe () O4 - HKU\S-1-5-21-228855754-5744613-1243827483-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-228855754-5744613-1243827483-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\irPC.exe — skrót.lnk = C:\Program Files (x86)\irPC\irPC.exe (www.ELMAK.pl) O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSIAfterburnerRemoteServer.exe — skrót.lnk = C:\Program Files (x86)\MSI Afterburner\RemoteServer\MSIAfterburnerRemoteServer.exe (Micro-Star Int'l Co., Ltd.) O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QNIX LCD only.lnk = C:\Users\user\AppData\Roaming\Realtime Soft\UltraMon\3.1.0\Profiles\QNIX LCD only.umprofile () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-228855754-5744613-1243827483-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-228855754-5744613-1243827483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-228855754-5744613-1243827483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-228855754-5744613-1243827483-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: LastPass - file://C:\Users\user\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8:[b]64bit:[/b] - Extra context menu item: Wypełnij formularze LastPass - file://C:\Users\user\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: LastPass - file://C:\Users\user\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8 - Extra context menu item: Wypełnij formularze LastPass - file://C:\Users\user\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O9:[b]64bit:[/b] - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-228855754-5744613-1243827483-1000\..Trusted Ranges: Range1 ([http] in Trusted sites) O15 - HKU\S-1-5-21-228855754-5744613-1243827483-1000\..Trusted Ranges: Range1 ([https] in Trusted sites) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{034C6E1D-8EC3-4FC6-9E34-C4094087AA46}: NameServer = 217.8.168.244,157.25.5.18 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EE7B7B0-F1A5-4E32-8D14-6842CE595131}: DhcpNameServer = 217.8.168.244 157.25.5.18 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5C35493-8764-46B8-AA97-5934B6947BD9}: DhcpNameServer = 217.8.168.244 157.25.5.18 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:[b]64bit:[/b] - HKLM IFEO\hijackthis.exe: Debugger - rzsbko_.exe File not found O27:[b]64bit:[/b] - HKLM IFEO\housecalllauncher.exe: Debugger - qikkcc_.exe File not found O27:[b]64bit:[/b] - HKLM IFEO\rstrui.exe: Debugger - xsljql_.exe File not found O27:[b]64bit:[/b] - HKLM IFEO\spybotsd.exe: Debugger - qafpdc_.exe File not found O27 - HKLM IFEO\hijackthis.exe: Debugger - rzsbko_.exe File not found O27 - HKLM IFEO\housecalllauncher.exe: Debugger - qikkcc_.exe File not found O27 - HKLM IFEO\rstrui.exe: Debugger - xsljql_.exe File not found O27 - HKLM IFEO\spybotsd.exe: Debugger - qafpdc_.exe File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sdnclean64.exe) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-05-22 17:31:17 | 000,000,000 | -HSD | C] -- C:\ProgramData\Windows Service Manager0 [2013-05-22 17:14:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013-05-22 16:50:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013-05-22 16:50:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013-05-22 16:50:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013-05-22 16:49:02 | 000,000,000 | ---D | C] -- C:\Qoobox [2013-05-22 16:48:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013-05-22 14:43:21 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll [2013-05-22 14:42:45 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\UEFI TOOL-V1086 [2013-05-22 14:21:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{09F256A4-B728-4FBC-9D57-B0FECC8CF09B} [2013-05-22 06:11:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\WinDefenders [2013-05-21 23:10:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Color Profile Keeper [2013-05-21 20:28:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{61BD471C-25E7-40F7-8835-7AF822B675D1} [2013-05-21 06:14:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7BC472EE-389E-4D1E-A38B-718EECD1C7EF} [2013-05-20 16:39:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F9F523B5-96D0-48FC-847B-3B0B1B45731D} [2013-05-19 23:51:46 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{790AEB52-9B0D-4179-A9B7-E0069BAF52A2} [2013-05-19 10:41:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E898ED3C-04DE-4284-83DB-BBC51F32FD43} [2013-05-18 10:14:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{810469E8-9CC1-4CA9-A7BE-D7A4A0B20094} [2013-05-17 09:32:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B3676F76-8524-4B9E-86CF-B404AECBFEA7} [2013-05-16 16:09:52 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-05-16 16:09:52 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-05-16 16:09:51 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-05-16 16:09:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-05-16 16:09:51 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-05-16 16:09:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-05-16 16:09:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-05-16 16:09:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-05-16 16:09:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-05-16 16:09:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-05-16 16:09:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-05-16 16:09:50 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-05-16 16:09:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-05-16 16:09:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-05-16 16:09:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-05-16 14:27:19 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013-05-16 14:27:19 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013-05-16 14:27:16 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013-05-16 14:27:16 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013-05-16 14:27:16 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013-05-16 14:27:16 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013-05-16 14:27:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013-05-16 14:17:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BB3DFB72-D1C4-48C5-9654-A8C77CDEC472} [2013-05-14 19:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light [2013-05-14 19:31:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{01F795F7-A726-481F-BAE4-5F9C95D6CCDF} [2013-05-14 19:24:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV [2013-05-14 19:24:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV [2013-05-14 19:23:18 | 027,774,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013-05-14 19:23:18 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013-05-14 19:23:18 | 021,095,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013-05-14 19:23:18 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013-05-14 19:23:18 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013-05-14 19:23:18 | 007,682,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013-05-14 19:23:18 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013-05-14 19:23:18 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013-05-14 19:23:18 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013-05-14 19:23:18 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013-05-14 19:23:18 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013-05-14 19:23:18 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013-05-14 19:23:18 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432014.dll [2013-05-14 19:23:18 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432014.dll [2013-05-14 19:23:18 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013-05-14 19:23:18 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013-05-14 19:23:18 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013-05-14 19:23:18 | 000,432,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2013-05-14 19:23:18 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013-05-14 19:23:18 | 000,370,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2013-05-14 19:23:18 | 000,218,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013-05-14 19:23:18 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2013-05-14 19:23:18 | 000,181,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013-05-14 19:23:18 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2013-05-14 06:39:51 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D55ED361-4E08-48E6-831A-A63698BA3C6A} [2013-05-12 23:16:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7C31FD93-9871-4C31-B7C7-6AC71E2B2892} [2013-05-12 09:38:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D37F26F2-01D0-4B08-9BC4-85B92E81242F} [2013-05-12 00:48:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E04A0195-009C-422A-9B41-EFD066D91728} [2013-05-11 09:04:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{730B5B89-32C0-4F5F-BB1D-727AAB91B204} [2013-05-10 06:30:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{21375E6E-68D0-405F-8A58-AD73DA03741F} [2013-05-09 14:13:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7E24E93D-645B-4729-90D4-E39E394CC779} [2013-05-08 18:25:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{20DB164F-CAD8-442D-B61E-6DC92DAACC6F} [2013-05-08 06:24:28 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{046CA996-DB7D-42EB-A3E9-7313C8794E57} [2013-05-07 18:23:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{00F8B879-9119-4BB0-8CB2-FE41819FB50B} [2013-05-07 16:47:16 | 000,566,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013-05-07 06:23:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D69A0DE8-11EA-40B5-A9C2-17056A6530EA} [2013-05-06 12:39:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{58BBB8D7-120E-42DD-A3A2-0CCED3AF0735} [2013-05-06 00:39:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5FA18675-5179-4BF8-8CFF-AA5D11EE4DBC} [2013-05-05 10:27:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{DD0E111A-9A78-40DA-AC14-4ED9E52454D8} [2013-05-04 11:51:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{198070DE-6DCD-4B3E-9A8E-02F840FCB2EE} [2013-05-03 11:44:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7F7E3095-A421-4756-9EF7-A0D4BCBC5B33} [2013-05-02 20:02:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6827180F-A86A-4333-8C47-F8DCA354F771} [2013-05-02 07:56:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EE0CBCA0-D516-46A2-A838-ED7F8352753C} [2013-04-30 14:07:08 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{83E099E1-E283-48DE-969F-ADFC1FF49B17} [2013-04-29 19:43:42 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7B1A7D95-554F-4E6D-9C98-C848BD5FB971} [2013-04-29 19:38:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0A54974C-C2D4-436F-8917-A1085C9A6533} [2013-04-29 06:54:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{15C36745-542D-4976-9672-2A472886E98D} [2013-04-28 17:22:32 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [2013-04-28 15:08:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E0DB04E0-B41C-4CCD-8C80-BB38EF8875BF} [2013-04-28 01:50:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D584D147-8496-4CE6-9B11-0622E0C64606} [2013-04-27 12:31:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E1970A3C-7576-4617-B0DD-D4FEA496E952} [2013-04-26 14:15:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B78B0891-129B-4FAE-B5A2-088AA3CF29B7} [2013-04-25 19:48:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E697A861-DE48-4D49-9263-64AD49A0A709} [2013-04-25 07:48:11 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C2F72872-3324-4F73-BD29-D8EA08ACFDF4} [2013-04-24 14:12:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C7DB3C46-A09B-471A-8DAF-C9227F94EE17} [2013-04-23 20:03:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3542705E-E3C8-43A0-8E93-12443901AACF} [2013-04-23 08:02:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{909B29A8-CD5D-4551-AF9A-22B7C5D4DCF2} [2013-02-10 17:01:27 | 014,823,424 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-05-22 17:13:37 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013-05-22 16:53:58 | 001,828,642 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-05-22 16:53:58 | 000,799,988 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-05-22 16:53:58 | 000,707,232 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-05-22 16:53:58 | 000,180,756 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-05-22 16:53:58 | 000,139,760 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-05-22 16:52:55 | 000,031,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-05-22 16:52:55 | 000,031,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-05-22 16:45:47 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys [2013-05-22 16:45:46 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job [2013-05-22 16:45:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-05-22 16:44:25 | 000,000,141 | ---- | M] () -- C:\Users\user\AppData\Roaming\Network Monitor II_Traffic.ini [2013-05-22 14:43:19 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\ASUSUEFI.lnk [2013-05-22 06:11:31 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-05-22 06:11:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-05-22 06:10:20 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll [2013-05-21 22:37:33 | 000,001,539 | ---- | M] () -- C:\Users\user\Documents\monitor 0.cpk [2013-05-21 16:04:35 | 000,001,028 | ---- | M] () -- C:\Users\user\Desktop\Miranda IM.lnk [2013-05-19 13:03:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job [2013-05-18 11:51:23 | 000,046,345 | ---- | M] () -- C:\Users\user\Documents\SSDLife_SMART.png [2013-05-18 11:49:32 | 000,041,148 | ---- | M] () -- C:\Users\user\Documents\18-maja-2013_11-49.png [2013-05-18 10:40:20 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2013-05-16 22:55:48 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013-05-16 22:50:03 | 000,001,110 | ---- | M] () -- C:\Users\user\Desktop\WindowsPExE — skrót.lnk [2013-05-16 22:26:41 | 000,426,584 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-05-15 16:42:22 | 000,000,229 | ---- | M] () -- C:\Windows\Bench32.INI [2013-05-15 06:45:48 | 000,000,079 | ---- | M] () -- C:\Users\user\AppData\Local\CrystalDiskMark30.ini [2013-05-14 20:03:01 | 000,000,329 | ---- | M] () -- C:\Users\Public\Documents\Preset 0.mbcfg [2013-05-14 19:42:25 | 000,000,747 | ---- | M] () -- C:\Users\Public\Desktop\Metro Last Light.lnk [2013-05-12 01:09:38 | 000,000,857 | ---- | M] () -- C:\Users\user\Desktop\FaceWorks Real-time Performance Capture.lnk [2013-05-12 01:09:38 | 000,000,841 | ---- | M] () -- C:\Users\user\Desktop\FaceWorks Real-time Performance Capture Configuration.lnk [2013-05-09 14:14:54 | 000,001,386 | ---- | M] () -- C:\Users\user\Desktop\color — skrót.lnk [2013-05-08 05:33:47 | 027,774,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013-05-08 05:33:47 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013-05-08 05:33:47 | 021,095,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013-05-08 05:33:47 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013-05-08 05:33:47 | 015,912,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013-05-08 05:33:47 | 015,143,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013-05-08 05:33:47 | 013,404,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013-05-08 05:33:47 | 012,426,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013-05-08 05:33:47 | 009,233,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013-05-08 05:33:47 | 007,682,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013-05-08 05:33:47 | 007,641,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013-05-08 05:33:47 | 006,324,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013-05-08 05:33:47 | 002,942,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013-05-08 05:33:47 | 002,934,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013-05-08 05:33:47 | 002,754,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013-05-08 05:33:47 | 002,596,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013-05-08 05:33:47 | 002,363,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013-05-08 05:33:47 | 002,002,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013-05-08 05:33:47 | 001,832,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432014.dll [2013-05-08 05:33:47 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432014.dll [2013-05-08 05:33:47 | 001,059,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2013-05-08 05:33:47 | 000,925,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013-05-08 05:33:47 | 000,550,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013-05-08 05:33:47 | 000,518,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013-05-08 05:33:47 | 000,443,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013-05-08 05:33:47 | 000,432,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2013-05-08 05:33:47 | 000,421,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013-05-08 05:33:47 | 000,370,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2013-05-08 05:33:47 | 000,266,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013-05-08 05:33:47 | 000,218,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013-05-08 05:33:47 | 000,214,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013-05-08 05:33:47 | 000,181,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013-05-08 05:33:47 | 000,020,536 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013-05-08 00:35:13 | 006,491,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013-05-08 00:35:13 | 003,514,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013-05-08 00:35:08 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2013-05-08 00:35:08 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2013-05-08 00:35:07 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013-05-07 22:00:17 | 000,001,264 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QNIX LCD only.lnk [2013-05-07 16:47:16 | 000,566,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013-05-05 21:27:49 | 000,085,176 | ---- | M] () -- C:\Users\Public\Documents\OCZ V1 256GB 05-maja-2013_21-27 2.png [2013-05-05 21:27:23 | 000,078,439 | ---- | M] () -- C:\Users\Public\Documents\OCZ V1 256GB 05-maja-2013_21-27.png [2013-05-05 20:31:54 | 000,059,807 | ---- | M] () -- C:\Users\Public\Documents\SSDLife OCZ V1 256GB SMART.png [2013-05-05 20:30:51 | 000,085,648 | ---- | M] () -- C:\Users\Public\Documents\SSDLife OCZ V1 256GB.png [2013-04-30 15:35:00 | 003,165,506 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2013-04-29 19:20:05 | 000,003,408 | ---- | M] () -- C:\bootsqm.dat [2013-04-28 17:26:22 | 000,001,284 | ---- | M] () -- C:\Users\user\Desktop\fc3_blooddragon_d3d11.exe — skrót.lnk [2013-04-26 21:14:58 | 000,028,348 | ---- | M] () -- C:\Users\Public\Documents\26-kwietnia-2013_21-14 2.png [2013-04-26 21:14:44 | 000,028,328 | ---- | M] () -- C:\Users\Public\Documents\26-kwietnia-2013_21-14.png [2013-04-25 19:37:10 | 000,001,026 | ---- | M] () -- C:\Users\Public\Documents\cru imon oc.inf [2013-04-23 21:51:40 | 000,000,022 | ---- | M] () -- C:\Windows\GPU-Z.INI [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-05-22 16:50:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013-05-22 16:50:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013-05-22 16:50:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013-05-22 16:50:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013-05-22 16:50:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013-05-22 14:43:21 | 000,015,232 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2013-05-22 14:43:20 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys [2013-05-22 14:43:19 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\ASUSUEFI.lnk [2013-05-21 22:37:33 | 000,001,539 | ---- | C] () -- C:\Users\user\Documents\monitor 0.cpk [2013-05-21 16:04:35 | 000,001,028 | ---- | C] () -- C:\Users\user\Desktop\Miranda IM.lnk [2013-05-18 11:51:23 | 000,046,345 | ---- | C] () -- C:\Users\user\Documents\SSDLife_SMART.png [2013-05-18 11:49:31 | 000,041,148 | ---- | C] () -- C:\Users\user\Documents\18-maja-2013_11-49.png [2013-05-18 10:40:20 | 000,002,135 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2013-05-16 22:50:03 | 000,001,110 | ---- | C] () -- C:\Users\user\Desktop\WindowsPExE — skrót.lnk [2013-05-14 20:03:01 | 000,000,329 | ---- | C] () -- C:\Users\Public\Documents\Preset 0.mbcfg [2013-05-14 19:42:25 | 000,000,747 | ---- | C] () -- C:\Users\Public\Desktop\Metro Last Light.lnk [2013-05-12 01:09:38 | 000,000,857 | ---- | C] () -- C:\Users\user\Desktop\FaceWorks Real-time Performance Capture.lnk [2013-05-12 01:09:38 | 000,000,841 | ---- | C] () -- C:\Users\user\Desktop\FaceWorks Real-time Performance Capture Configuration.lnk [2013-05-09 14:14:54 | 000,001,386 | ---- | C] () -- C:\Users\user\Desktop\color — skrót.lnk [2013-05-07 22:00:17 | 000,001,264 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QNIX LCD only.lnk [2013-05-05 21:27:48 | 000,085,176 | ---- | C] () -- C:\Users\Public\Documents\OCZ V1 256GB 05-maja-2013_21-27 2.png [2013-05-05 21:27:23 | 000,078,439 | ---- | C] () -- C:\Users\Public\Documents\OCZ V1 256GB 05-maja-2013_21-27.png [2013-05-05 20:31:54 | 000,059,807 | ---- | C] () -- C:\Users\Public\Documents\SSDLife OCZ V1 256GB SMART.png [2013-05-05 20:30:51 | 000,085,648 | ---- | C] () -- C:\Users\Public\Documents\SSDLife OCZ V1 256GB.png [2013-04-29 19:20:05 | 000,003,408 | ---- | C] () -- C:\bootsqm.dat [2013-04-28 17:26:22 | 000,001,284 | ---- | C] () -- C:\Users\user\Desktop\fc3_blooddragon_d3d11.exe — skrót.lnk [2013-04-26 21:14:58 | 000,028,348 | ---- | C] () -- C:\Users\Public\Documents\26-kwietnia-2013_21-14 2.png [2013-04-26 21:14:44 | 000,028,328 | ---- | C] () -- C:\Users\Public\Documents\26-kwietnia-2013_21-14.png [2013-04-25 19:37:10 | 000,001,026 | ---- | C] () -- C:\Users\Public\Documents\cru imon oc.inf [2013-02-13 16:19:42 | 000,002,839 | ---- | C] () -- C:\Users\user\Unigine_Heaven_Benchmark_4.0_20130213_1519.html [2013-02-13 15:56:51 | 001,065,984 | ---- | C] () -- C:\Users\user\AppData\Local\file__0.localstorage [2013-02-04 17:26:21 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI [2013-02-03 20:45:16 | 000,000,104 | ---- | C] () -- C:\Users\user\Panel sterowania — skrót.lnk [2013-01-22 18:22:34 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll [2013-01-22 18:22:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll [2013-01-22 18:22:34 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll [2013-01-05 21:30:39 | 000,000,000 | ---- | C] () -- C:\Windows\exctrlst.INI [2012-12-31 18:57:58 | 000,000,938 | ---- | C] () -- C:\ProgramData\ReclaiMe.config [2012-12-31 18:57:58 | 000,000,438 | ---- | C] () -- C:\Users\user\AppData\Local\ReclaiMe.config [2012-12-14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-12-03 22:29:53 | 000,697,047 | ---- | C] () -- C:\Users\user\.fonts.cache-1 [2012-11-29 19:48:02 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-11-29 19:47:51 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-10-10 03:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012-10-10 03:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012-09-28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2012-07-09 07:25:29 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-07-09 07:25:29 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012-07-09 07:25:29 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2012-07-09 07:25:25 | 000,079,872 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012-06-16 10:55:01 | 000,007,432 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys [2012-06-10 19:00:42 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe [2012-06-10 19:00:42 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll [2012-06-10 19:00:42 | 000,000,057 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini [2012-06-10 19:00:41 | 000,043,281 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl [2012-06-10 12:42:54 | 000,005,670 | ---- | C] () -- C:\Windows\cmudaxp.ini [2012-06-10 12:42:54 | 000,004,145 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg [2012-06-10 12:42:54 | 000,000,840 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi [2012-05-29 15:54:48 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012-05-26 09:14:10 | 000,000,512 | ---- | C] () -- C:\Users\user\AppData\Roaming\GPU Monitor_GPU_Settings.ini [2012-05-23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012-05-23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012-05-23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012-05-23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012-05-23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012-05-19 18:07:18 | 000,000,079 | ---- | C] () -- C:\Users\user\AppData\Local\CrystalDiskMark30.ini [2012-05-07 15:15:04 | 000,000,218 | ---- | C] () -- C:\Users\user\.recently-used.xbel [2012-04-30 10:20:10 | 000,011,761 | ---- | C] () -- C:\Users\user\AppData\Local\unins000.msg [2012-04-30 10:20:10 | 000,002,172 | ---- | C] () -- C:\Users\user\AppData\Local\unins000.dat [2012-04-26 15:52:55 | 000,000,512 | ---- | C] () -- C:\Users\user\AppData\Roaming\GPU Monitor_GPU2_Settings.ini [2012-04-14 15:25:45 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc [2012-02-27 01:00:40 | 000,000,141 | ---- | C] () -- C:\Users\user\AppData\Roaming\Network Monitor II_Traffic.ini [2012-02-27 00:31:59 | 000,000,513 | ---- | C] () -- C:\Users\user\AppData\Roaming\GPU Monitor_GPU0_Settings.ini [2012-02-27 00:31:29 | 000,001,765 | ---- | C] () -- C:\Users\user\AppData\Roaming\System Monitor II_CPU0_Settings.ini [2012-02-26 18:35:18 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe [2012-02-26 18:35:18 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [2012-02-24 19:32:21 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat [2012-02-24 19:32:21 | 000,000,025 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2012-02-15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-02-15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-02-14 18:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012-02-14 18:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012-01-21 19:27:12 | 000,121,289 | ---- | C] () -- C:\Users\user\ISO1_DVD.nri [2012-01-17 12:24:10 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\ASGT.exe [2011-12-23 00:22:01 | 000,000,581 | ---- | C] () -- C:\Users\user\AppData\Roaming\Network Monitor II_Settings.ini [2011-12-12 00:45:34 | 000,000,003 | ---- | C] () -- C:\Users\user\AppData\Local\user_data.ini [2011-12-11 21:01:49 | 000,000,432 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011-12-11 17:09:28 | 000,007,607 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg [2011-12-11 16:16:14 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011-12-11 16:16:14 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011-12-11 14:49:45 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll [2011-12-11 14:49:45 | 000,021,208 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini [2011-12-11 14:49:45 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe [2011-12-11 14:49:45 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe [2011-12-11 14:49:45 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini [2011-12-08 17:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2011-11-30 13:07:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011-11-29 14:27:32 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2011-11-27 13:10:18 | 000,000,482 | ---- | C] () -- C:\Users\user\AppData\Roaming\GPU Monitor_Settings.ini [2011-11-27 13:06:46 | 000,000,229 | ---- | C] () -- C:\Users\user\AppData\Roaming\Top Process Monitor_Settings.ini [2011-11-27 13:05:34 | 000,000,412 | ---- | C] () -- C:\Users\user\AppData\Roaming\Drives Monitor_Settings.ini [2011-11-27 13:01:53 | 000,001,707 | ---- | C] () -- C:\Users\user\AppData\Roaming\System Monitor II_Settings.ini [2011-11-26 02:28:59 | 000,000,229 | ---- | C] () -- C:\Windows\Bench32.INI [2011-11-26 01:43:29 | 001,803,808 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-11-22 04:47:40 | 000,000,127 | ---- | C] () -- C:\Windows\zraidtray.ini [2011-08-31 20:51:16 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-08-21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-08-21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-08-21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013-04-08 21:50:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Aegisub [2012-05-20 16:47:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Ashampoo [2012-06-10 19:00:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ASUS [2012-05-01 20:04:13 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Azureus [2013-05-21 23:10:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Color Profile Keeper [2012-10-13 18:16:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Crysis 2 [2012-02-15 09:26:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DAEMON Tools Lite [2012-03-18 22:36:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DarknessII [2012-01-22 12:57:05 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Day 1 Studios [2012-05-07 15:15:04 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\deluge [2013-05-22 17:22:03 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DisplayTune [2012-12-15 15:05:25 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Dropbox [2012-12-03 08:27:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\EasyDuplicateFinder [2013-03-27 07:31:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\eDownload [2013-03-27 07:31:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\eIntaller [2011-12-21 18:03:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Elmak [2013-02-05 16:32:21 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\foobar2000 [2011-11-29 20:24:13 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GHISLER [2013-02-05 16:27:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\gtk-2.0 [2013-05-03 16:31:21 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HD Tune Pro [2011-12-14 19:34:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ImgBurn [2012-07-26 21:14:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IrfanView [2013-02-01 07:37:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Leadertech [2012-01-22 15:30:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Mael [2012-01-06 14:15:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Miranda [2013-02-15 18:36:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Miranda — kopia [2011-12-03 19:38:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\nicotine [2012-07-18 14:57:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\nicotine - Kopia [2011-12-03 19:43:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Notepad++ [2012-01-21 12:30:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PotPlayer [2012-04-01 00:24:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PotPlayerMini [2013-01-22 18:33:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PowerUp Software [2012-01-08 11:37:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Python-Eggs [2012-12-22 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Samsung [2012-10-14 14:07:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Softland [2013-05-08 00:24:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TeamViewer [2012-07-01 15:18:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Temp [2013-01-31 19:02:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Thinstall [2013-05-22 17:18:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent [2011-12-20 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\VitySoft [2013-05-22 16:45:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WinDefenders [2011-12-14 23:54:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Windows Live Writer [2013-01-23 15:18:16 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WoLEX [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 172 bytes -> C:\ProgramData\Temp:C895616B @Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation @Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:0CE7F3C9 @Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:48A9EADC < End of report >