Lapek zamula, dużo procesów

**Posty:** 4 · przez **TuMichau** 04 Wrz 2014, 00:50

Siema, ostatnimi czasy mój laptop ma bardzo duże użycie dysku (przy starcie 100% i długo nie schodzi) i użycie pamięci (mam prawie nic po włączane i stoi na 50%). Gdy próbuje robić logi programem GMER wywala niebieski ekran zaraz po starcie programu. ASUS nie bardzo pomaga, bo nie wyświetla mi opcji uruchamiania aby uruchomić w trybie awaryjnym (męcze f8 i nic)... Siedzi też bardzo dużo procesów (75 w tle,26 windowsa)
Poczęstuje was samymi logami z OTL

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2014-09-04 00:21:47 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bloondas\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,89 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 36,42% Memory free 7,89 Gb Paging File | 5,77 Gb Available in Paging File | 73,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 185,87 Gb Total Space | 120,98 Gb Free Space | 65,09% Space Free | Partition Type: NTFS Drive D: | 258,15 Gb Total Space | 83,79 Gb Free Space | 32,46% Space Free | Partition Type: NTFS Computer Name: BLONDASOWY | User Name: Bloondas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0AA8017F-4CEB-4D04-A8B7-90EF0FEF1C40}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{101E0F9C-5227-42E2-84AB-86A503DE9DAB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{15CC1E41-3AE9-4621-B125-06B9A468035B}" = lport=2869 | protocol=6 | dir=in | app=system | "{19AA3F52-15F5-41AC-A664-1EDC798355E1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{1D9FBE42-540C-42A5-9F15-25D9665745E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{27827516-AFEA-4EA3-8F9F-7B4A55D37099}" = lport=138 | protocol=17 | dir=in | app=system | "{3187FF14-0F91-4B76-82DD-25FDBBF1B1AB}" = lport=445 | protocol=6 | dir=in | app=system | "{37379A0B-0333-4965-BBC2-905BAEC5F69C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{39134A23-8032-4CB2-A295-8C50B8532F63}" = rport=138 | protocol=17 | dir=out | app=system | "{3914F7F8-2A36-44B8-8C7D-124DCC58D535}" = rport=10243 | protocol=6 | dir=out | app=system | "{3BC110D0-0974-4B57-96ED-55317107602A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{3E0097CD-BB38-4744-9914-16F3AEA5BECD}" = lport=10243 | protocol=6 | dir=in | app=system | "{40685F3D-52A4-48CE-83C5-1482DF1BB3CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4069E991-52FD-487D-8C86-CFB3A64A6149}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{46D35AB5-7716-4B82-B173-B6AAA5E11E6B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{47536504-9866-4888-9C70-460B1C4BAA15}" = rport=137 | protocol=17 | dir=out | app=system | "{50D71FD2-9183-4D2A-992F-AC7AEED78DFB}" = rport=445 | protocol=6 | dir=out | app=system | "{52D1EDB3-381B-42D9-892D-C0466114D62E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{69E0FAC3-E198-439F-A9E0-0516BF5BD694}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{89839A2C-DE79-4547-BA6A-74366285E73A}" = rport=139 | protocol=6 | dir=out | app=system | "{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{A489F90D-65DD-4C69-B054-675AC66108FC}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{B4F897E3-11C1-40CB-AA92-7549DB931E8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{CBD32BD2-D131-4031-AB5B-6FAA2C4B26EF}" = lport=139 | protocol=6 | dir=in | app=system | "{CFA7B0B5-1CCB-4EE1-B881-F25374F31ABE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D575638C-835E-4275-BD40-A10766AF9BBE}" = lport=137 | protocol=17 | dir=in | app=system | "{D67C4935-675A-43FF-B41A-37D4BF73F82B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{E4EC0DB5-F5C7-4898-8481-A59CD998A148}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{FF7C464E-1E02-44BF-88F0-3111598831FD}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00B301AD-79D0-4C67-AC4F-3F9676DB5147}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{012CFE49-A400-4D19-9901-1BD0ACB157E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{032BA3A2-E940-4C52-9AF5-8D18AA5453AB}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | "{0544E31D-F5F5-49E9-A249-13692A7A8B33}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0587DBB6-ED94-41FC-944A-8B2BCBFF224F}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\warface\live\nw.exe | "{05FDB735-7C0F-4FB7-84C7-2D84D0F90F33}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{09648EB3-2A3D-4B3A-859F-1379DEBFC67C}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{09E3F335-4458-4B83-90D7-055A918308AA}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | "{0ADAE680-E07F-4534-91E7-D5BC0864EE54}" = dir=in | name=@{magix.musicmakerjam_2.1.1027.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | "{0BD99981-8300-4062-AD24-8CDDCD0CFE0A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0CE41139-82F2-4C8E-8415-CD52CADFDC68}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | "{0D0294A7-A98A-45B3-AC8A-E911F0B1C92A}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{0D4B731B-4C21-452B-83E2-38E32B95D82A}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{10C3BDEF-26DC-46C6-A94B-FABC28DEE254}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{11415AD9-906F-4136-9286-DBEFCFB1755B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | "{123AC4BC-0808-40CD-9FB8-D17981EECA22}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{152ADE52-AE0F-435A-9AF5-75BDEE2F8DF0}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{15DD302C-5B55-4097-9FD1-86D105BFC6CF}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | "{1741EDB7-0364-4323-AAF4-9923F7B8B255}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{185BDEAA-656E-49D3-92D9-9A527E468532}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{195A5B50-7C34-4A74-8B45-CE43E66EB1F7}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{19BC906D-910E-4524-827D-5682849A3F40}" = dir=in | name=f5 vpn | "{1B156A3A-C2B4-4A95-8726-07DA4F2CECDB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | "{1B300352-2AD7-47B5-AB81-6F764A01B140}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{1ED22E71-2A2E-4CE5-B9D3-2DE6C1FD160E}" = dir=in | name=skype | "{20FB047B-3A77-4AB6-B03D-03F235A9D58A}" = dir=out | name=@{microsoft.bingnews_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | "{23C404C7-058D-4E88-9266-F25E4E0403B2}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | "{25B638AF-1554-4B52-9353-5D6ADFD90E41}" = dir=out | name=f5 vpn | "{25D3DB95-6A93-400F-8E66-BE9E673FA8E6}" = dir=out | name=skype | "{26396FCD-F9B6-4A25-B961-F75DA53F9B21}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{2AB19BAE-501A-44CF-8114-EE61D6BE26C1}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{35D05CC1-A915-4DC8-8A75-BBC788BC7684}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.315_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{369983E0-7696-4498-BA35-765B354320ED}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{3C3880B4-118A-4840-B7DD-BDC2D669AC6F}" = dir=out | name=fresh paint | "{3EAE6039-518B-4F24-A7EB-75CF0B0C4493}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | "{3EBCDB4F-001F-4638-A313-C2927FC8C356}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{40C949B0-7C31-4B82-85D0-01B27FA820EE}" = dir=in | name=pinball fx2 | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{46AD9F88-2ECC-4A18-A09D-25FC9CE76F28}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{46C74C63-182D-4F53-B435-36F47592315D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | "{4A18A380-DA86-44D9-99C0-C4AF8A59F0FE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4C3F48DE-31A8-45A9-BD07-2A170D280004}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{4DF18F45-71B2-4410-8200-95D35441C7D3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | "{5310E61A-EB7B-476D-BCAD-A6797FC526F2}" = dir=out | name=@{microsoft.zunemusic_2.2.931.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{5397F20F-E464-4772-AB7F-012250BE1839}" = dir=in | name=check point vpn | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{54E622A2-AE7F-4400-B8B6-EEB9C86D3EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{5A7E9FA3-3332-4451-8540-3BDF3441F0E8}" = dir=out | name=@{microsoft.bingsports_3.0.2.317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{60323695-CD3D-4B02-8A2F-3EE780271D8A}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{61CC3D8E-B935-46D6-9A27-7EFFF49632DD}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{63E93715-C120-41A9-A540-154B9C9B3304}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | "{64C1B908-E6A5-4F5A-91BD-25AA7331F1BD}" = dir=out | name=@{microsoft.bingtravel_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | "{705C4C9D-065D-4BBD-B892-34564CD7D98E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{712454C3-3919-41C4-82EE-A6B6704127E6}" = dir=in | name=sonicwall mobile connect | "{74136D89-5745-43EC-97EE-4CD33A829310}" = dir=in | name=juniper networks junos pulse | "{7473301C-CC07-4F78-954F-3BD82A9D78E6}" = dir=out | name=@{microsoft.bingweather_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} | "{7601D450-ED91-4F55-9CF6-83FC9AA40C1C}" = dir=in | name=onenote | "{7AB06557-1030-4622-A76B-EBBCE384D156}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | "{7B0DA738-456B-4331-90A5-BF59E6FD22B0}" = dir=out | name=check point vpn | "{7F277995-5030-4D30-AD31-EF036177D0A4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{866EA703-F0E5-4DCE-B03F-69355AE44113}" = dir=out | name=windows_ie_ac_001 | "{93484712-BA60-46D5-9026-5E3687DA4C96}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{94AD2D43-6830-4256-A2CB-04D93CF39108}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | "{9571F58C-F3BC-4722-BD8C-5CBB07D6AD06}" = dir=out | name=sonicwall mobile connect | "{95FEA04F-4A03-4792-90DF-55D6BA46A8EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9B757136-9A3F-4463-9300-D7F6C7FDE28C}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\warface\live\nw.exe | "{9D1B5EBC-C4A0-45F2-8C75-E3E7DD464A0C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{9D6FBE55-6D14-4F2C-B997-445F9A4B1D47}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{9E4F5D1E-3FB6-450B-AFCC-5B4CFBF728DA}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{A1C40A5F-EA15-45E4-8BAB-F4EFA4B74681}" = dir=out | name=windows_ie_ac_001 | "{A291C6A9-09BC-438F-B3B9-AF6D2C18983D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{A73CB054-E06E-402A-8E79-F6BFA592D873}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A8E27501-979E-48AC-B760-93B0E8B46AC4}" = protocol=17 | dir=in | app=c:\users\bloondas\appdata\roaming\bittorrent\bittorrent.exe | "{A94164A9-223A-4D12-9EF8-BE41B40ECC5B}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{AABC6609-D5BE-46CB-BBEE-9311848F33D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{ACDDD211-CDDD-48B3-958F-166D12A2D9C9}" = protocol=6 | dir=out | app=system | "{AF702977-4330-41DC-B7EB-971528C7BDD5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{B11B0EE3-FBFE-48D7-A2E3-C168BF9AF0E1}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{B5A05D1A-8813-4BAA-A24D-298D06CBC64A}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{BA31C389-3CFA-4C66-AF4C-4EFD7B18BE89}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{BA390505-B003-4CC4-B0B5-85139B5D5AE4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | "{BBA4E808-5C50-4BDD-B3F8-D397C0DAA020}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | "{C12D812F-ECD9-4B2C-A9B8-94942F5A63CD}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{C5001BD6-BDFB-4671-9D57-32E6974F39F0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | "{CAC48BF3-7AF9-4CEE-99B2-64C9790B5595}" = dir=out | name=pinball fx2 | "{CF30C493-6B9B-40BF-98B1-A17C96FA8E84}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{D13D8956-3F9C-4D7E-9DA1-27C326F7712C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{D1D4AA36-9486-4635-89D2-8D062EA5AEE2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{D2459526-EEAB-4F1E-8CC0-64CE260A8898}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | "{D2C135B7-CB8F-4D46-B645-81AD4B5BC785}" = dir=out | name=- games app - | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{D8861C77-A592-4C2E-A2E5-4822EBDF2CA2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{DE9BFB2E-0625-45F6-A058-F65C9D71BBA9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | "{E118916C-7984-494E-8362-11B2AC95F48F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | "{E151EB81-52F8-44A8-A3FC-5599CFE469F1}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{E267BE1D-9907-4733-B20C-269577442A9A}" = dir=out | name=juniper networks junos pulse | "{E267DC30-5E45-44FA-8C9E-559D2D5853F5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | "{E3B66DB9-C58D-4FC6-B04F-FB1ACB7D3191}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{E8DB9CA2-D87E-4C19-B6F3-A09EA0808B30}" = protocol=17 | dir=in | app=d:\games\battlefield 3™\bf3.exe | "{E929D91A-C171-4B1A-8903-F52374828A49}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | "{EAA0C912-5097-49DD-9F3B-A42E9DA9BB2A}" = protocol=6 | dir=in | app=d:\games\battlefield 3™\bf3.exe | "{EB2F55B6-F230-4193-9B9B-1A5EA485829E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{EBA20918-8C61-4262-98C3-9DF932D47BCE}" = dir=out | name=@{magix.musicmakerjam_2.1.1027.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{ECF322AF-E9D3-4EF6-B1BA-0BA80653C017}" = protocol=6 | dir=in | app=c:\users\bloondas\appdata\roaming\bittorrent\bittorrent.exe | "{EF108594-092C-4B29-851F-AF1EFDB374DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F040DCB4-E61D-42F1-A43A-F7992EE56EC1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{F1332D09-E130-46D3-AD97-DA227EAACBEA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | "{F30656CD-A25D-49C1-AB22-B046D2EF55EC}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{F5492C13-2DF5-41B8-80EA-6C5EF3B489D3}" = dir=out | name=onenote | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{F8B18127-7EDE-4DE6-A151-DEFC8ECC58E9}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{FA6C1519-3E3E-4103-AE21-098317E5BBB8}" = dir=out | name=@{microsoft.zunevideo_2.6.256.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{FB822E81-5CEF-4BB0-A7EF-084446F9D074}" = dir=out | name=windows_ie_ac_001 | "{FCC629B6-7FE1-4B42-8F0F-3283B3B26800}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{FDA758E0-75FD-4E02-A68F-BB3927219D77}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "TCP Query User{0159A33E-11C4-42C7-B5C6-C308EEE94AB0}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe | "TCP Query User{02F09F9D-5347-4468-9F07-8FD4E57FF7E1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{0508F064-EEED-4F1B-9714-E9723DA218B1}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ea games\need for speed most wanted\nfs13.exe | "TCP Query User{3264F950-E9CC-48AA-96FA-72F0CE729150}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe | "TCP Query User{3DA6AEE7-AB80-4864-A458-2AF6CF773E20}D:\program files (x86)\deep silver\saints row the third - the full package\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=d:\program files (x86)\deep silver\saints row the third - the full package\saintsrowthethird_dx11.exe | "TCP Query User{58BA1CA4-3849-4991-B1BA-4E81CC6F1DA5}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{69BBD73B-A731-4E2D-9506-528645EC3A7D}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ea games\need for speed most wanted\nfs13.exe | "TCP Query User{70710B50-7D32-4341-B9FB-D168CD673104}D:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | "TCP Query User{88AEC2E0-1D2A-47B3-9030-4E4E8C8C29FF}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe | "TCP Query User{8E894D3E-9E46-4223-A805-4347B03E0924}D:\program files (x86)\r.g. mechanics\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=d:\program files (x86)\r.g. mechanics\saints row iv\saintsrowiv.exe | "TCP Query User{D85786AA-74CD-49F1-95B3-A418568E454F}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe | "TCP Query User{EF5710C6-D394-431F-907B-62C45F220D6B}D:\program files (x86)\r.g. mechanics\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=d:\program files (x86)\r.g. mechanics\saints row iv\saintsrowiv.exe | "UDP Query User{1935DA73-660F-4305-A90C-4C7890CD4D43}D:\program files (x86)\r.g. mechanics\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=d:\program files (x86)\r.g. mechanics\saints row iv\saintsrowiv.exe | "UDP Query User{19E74300-4FC2-4642-B55B-291EF597D360}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe | "UDP Query User{22BEBDEA-0D28-4779-862B-3F1ED5BDC9C0}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "UDP Query User{2EB376F9-011D-4374-AEE5-2CE924C23A83}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe | "UDP Query User{31095A8E-5D11-4F7E-A830-93FB85E0F8A1}D:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{41EFB25B-A650-4A19-BFBE-BA344C136F2B}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe | "UDP Query User{6D089BEC-4865-48AE-BA26-AF580B7B7469}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe | "UDP Query User{87DBA7FA-EDD5-4630-8913-440EC977787D}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "UDP Query User{A2E245D0-D058-41AF-8DDE-ED95AA6E8287}D:\program files (x86)\r.g. mechanics\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=d:\program files (x86)\r.g. mechanics\saints row iv\saintsrowiv.exe | "UDP Query User{A6CD25AF-CCE9-4A04-BA5A-E8714FC46E24}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ea games\need for speed most wanted\nfs13.exe | "UDP Query User{D13375BA-2F08-4715-B76F-28DF10A7649D}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ea games\need for speed most wanted\nfs13.exe | "UDP Query User{E918700A-41BF-488C-8E98-A7FAB2C046E1}D:\program files (x86)\deep silver\saints row the third - the full package\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=d:\program files (x86)\deep silver\saints row the third - the full package\saintsrowthethird_dx11.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86417055FF}" = Java 7 Update 55 (64-bit) "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 "{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 337.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 337.88 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.67 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 12.4.67 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.30.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.67 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23 "{B42D82E8-FF97-48BB-91AA-86717B2B6B16}" = AVG 2014 "{B93627CF-447B-4036-9621-9864D40F92C2}" = AVG 2014 "{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}" = Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client "4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5" = Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) "AVG" = AVG 2014 "GIMP-2_is1" = GIMP 2.8.10 "WinRAR archiver" = WinRAR 5.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{0DF95460-2887-4011-9344-1959CDF18ADC}" = Photo Common "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program "{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV "{56232E3D-7EA9-45E0-A371-26CD80510AF7}" = Windows Live UX Platform Language Pack "{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}" = Microsoft Games for Windows Marketplace "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus" = WildTangent Games App "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{749F674B-2674-47E8-879C-5626A06B2A91}" = ASUS InstantOn "{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18 "{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}" = Windows Live UX Platform Language Pack "{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 "{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}" = Windows Live Essentials "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office "{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}" = Fotogaléria "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3 "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}" = Movie Maker "{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker "{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie "{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection "{A47EA9D4-BB87-415E-9239-28860434E5A0}" = Movie Maker "{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live "{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}" = Windows Live Essentials "{C67BC332-A59A-4D40-977F-664F60AB21D8}" = Photo Common "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack "{E50E3DBC-46AA-4827-B2A6-F995D81DF526}" = Fotótár "{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 "{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package "{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "«Euro Truck Simulator 2 - Gold Edition»_is1" = «Euro Truck Simulator 2 - Gold Edition» v.1.8.2.5s "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "AP Tuner 3.08" = AP Tuner 3.08 "Astroburn Lite" = Astroburn Lite "Asus Vibe2.0" = AsusVibe2.0 "ASUS WebStorage" = ASUS WebStorage Sync Agent "Audacity_is1" = Audacity 2.0.5 "AVG SafeGuard toolbar" = AVG SafeGuard toolbar "Google Chrome" = Google Chrome "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD "LAME_is1" = LAME v3.99.3 (for Windows) "Mozilla Firefox 30.0 (x86 pl)" = Mozilla Firefox 30.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MyBitCast" = MyBitCast 2.0 "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "Need for Speed Most Wanted_is1" = Need for Speed Most Wanted "Neverwinter" = Neverwinter "PhotoScape" = PhotoScape "PunkBusterSvc" = PunkBuster Services "Saints Row IV_R.G. Mechanics_is1" = Saints Row IV "Saints Row The Third - The Full Package_is1" = Saints Row The Third - The Full Package "Steam" = Steam "Steam App 291480" = Warface "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2 "The Elder Scrolls V Skyrim_is1" = The Elder Scrolls V Skyrim "WildTangent wildgames Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "WTA-1137fe53-d992-40ce-a7c1-592d61593a12" = Cut the Rope "WTA-1aa96af5-7897-4b52-871b-5672bf2a93b1" = Peggle "WTA-2f1b39cc-83cd-4559-b10f-61626726b133" = Bejeweled 3 "WTA-2f3263a5-c48e-44bb-8641-562ea5476a87" = Azteca "WTA-6c851d85-eca4-4ecf-853a-81473e512af5" = Tales of Lagoona "WTA-f7af5d5d-ca08-4f1e-b605-50cc7e4d969d" = Penguins! [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-08-21 15:42:52 | Computer Name = Blondasowy | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "d:\program files (x86)\scs software\euro truck simulator 2\_commonredist\vcredist\vcredist_arm.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-08-22 10:41:41 | Computer Name = Blondasowy | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "d:\program files (x86)\scs software\euro truck simulator 2\_commonredist\vcredist\vcredist_arm.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-08-22 21:59:55 | Computer Name = Blondasowy | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "d:\program files (x86)\scs software\euro truck simulator 2\_commonredist\vcredist\vcredist_arm.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2014-08-23 04:20:49 | Computer Name = Blondasowy | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Nazwa modułu powodującego błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ab3d Identyfikator procesu powodującego błąd: 0x1acc Godzina uruchomienia aplikacji powodującej błąd: 0x01cfbeab22acbcac Ścieżka aplikacji powodującej błąd: D:\Games\Battlefield 3™\bf3.exe Ścieżka modułu powodującego błąd: D:\Games\Battlefield 3™\bf3.exe Identyfikator raportu: 62ec40aa-2a9e-11e4-be98-240a642727f2 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2014-08-23 04:21:03 | Computer Name = Blondasowy | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Nazwa modułu powodującego błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ab3d Identyfikator procesu powodującego błąd: 0x1f3c Godzina uruchomienia aplikacji powodującej błąd: 0x01cfbeab2cc49b3e Ścieżka aplikacji powodującej błąd: D:\Games\Battlefield 3™\bf3.exe Ścieżka modułu powodującego błąd: D:\Games\Battlefield 3™\bf3.exe Identyfikator raportu: 6b7edc95-2a9e-11e4-be98-240a642727f2 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2014-08-23 04:25:15 | Computer Name = Blondasowy | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Nazwa modułu powodującego błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ab3d Identyfikator procesu powodującego błąd: 0x2140 Godzina uruchomienia aplikacji powodującej błąd: 0x01cfbeabc2b0ff05 Ścieżka aplikacji powodującej błąd: D:\Games\Battlefield 3™\bf3.exe Ścieżka modułu powodującego błąd: D:\Games\Battlefield 3™\bf3.exe Identyfikator raportu: 0171aa23-2a9f-11e4-be98-240a642727f2 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2014-08-23 04:25:27 | Computer Name = Blondasowy | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Nazwa modułu powodującego błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ab3d Identyfikator procesu powodującego błąd: 0x1cc0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cfbeabca45124f Ścieżka aplikacji powodującej błąd: F:\Crack\bf3.exe Ścieżka modułu powodującego błąd: F:\Crack\bf3.exe Identyfikator raportu: 0907e07f-2a9f-11e4-be98-240a642727f2 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2014-08-23 17:59:09 | Computer Name = Blondasowy | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Nazwa modułu powodującego błąd: bf3.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4e9d3315 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ab3d Identyfikator procesu powodującego błąd: 0x1cd4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cfbf1d7523ea89 Ścieżka aplikacji powodującej błąd: D:\Games\Battlefield 3™\bf3.exe Ścieżka modułu powodującego błąd: D:\Games\Battlefield 3™\bf3.exe Identyfikator raportu: b4d05630-2b10-11e4-be98-240a642727f2 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2014-08-23 18:11:16 | Computer Name = Blondasowy | Source = Desktop Window Manager | ID = 9020 Description = Menedżer okien pulpitu napotkał błąd krytyczny (0x8898008d). Error - 2014-08-23 18:18:43 | Computer Name = Blondasowy | Source = Desktop Window Manager | ID = 9020 Description = Menedżer okien pulpitu napotkał błąd krytyczny (0x8898008d). [ System Events ] Error - 2014-07-21 03:17:43 | Computer Name = Blondasowy | Source = Service Control Manager | ID = 7022 Description = Usługa AVGIDSAgent zawiesiła się podczas uruchamiania. Error - 2014-07-21 03:17:53 | Computer Name = Blondasowy | Source = DCOM | ID = 10016 Description = Error - 2014-07-21 03:17:53 | Computer Name = Blondasowy | Source = DCOM | ID = 10016 Description = Error - 2014-07-21 03:17:53 | Computer Name = Blondasowy | Source = DCOM | ID = 10016 Description = Error - 2014-07-21 03:18:59 | Computer Name = Blondasowy | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Asus WebStorage Windows Service. Error - 2014-07-21 03:18:59 | Computer Name = Blondasowy | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Asus WebStorage Windows Service z powodu następującego błędu: %%1053 Error - 2014-08-19 05:10:52 | Computer Name = Blondasowy | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi FDResPub. Error - 2014-08-19 05:11:04 | Computer Name = Blondasowy | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi NcdAutoSetup. Error - 2014-08-21 15:25:58 | Computer Name = Blondasowy | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 21:08:42 na ?2014-?08-?21 było nieoczekiwane. Error - 2014-08-21 15:26:51 | Computer Name = Blondasowy | Source = Service Control Manager | ID = 7043 Description = Usługa AVGIDSAgent nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. < End of report >

i drugi log

Kod: Zaznacz wszystko: OTL logfile created on: 2014-09-04 00:21:47 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bloondas\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,89 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 36,42% Memory free 7,89 Gb Paging File | 5,77 Gb Available in Paging File | 73,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 185,87 Gb Total Space | 120,98 Gb Free Space | 65,09% Space Free | Partition Type: NTFS Drive D: | 258,15 Gb Total Space | 83,79 Gb Free Space | 32,46% Space Free | Partition Type: NTFS Computer Name: BLONDASOWY | User Name: Bloondas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-04 00:20:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bloondas\Downloads\OTL_[www.programosy.pl].exe PRC - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe PRC - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe PRC - [2014-08-25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe PRC - [2014-08-18 02:49:05 | 001,820,184 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe PRC - [2014-08-18 02:49:05 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe PRC - [2014-08-07 05:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-04-30 20:28:45 | 002,199,840 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014-04-30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2014-04-24 23:19:56 | 002,725,912 | ---- | M] () -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe PRC - [2013-04-16 18:25:30 | 000,020,792 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe PRC - [2013-03-27 11:57:52 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2013-02-26 12:08:24 | 000,176,240 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe PRC - [2012-11-28 18:56:40 | 000,054,488 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2012-10-26 15:35:44 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2012-10-17 20:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2012-10-05 16:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2012-09-18 13:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2012-09-14 14:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2012-08-31 20:27:20 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe PRC - [2012-08-22 10:24:28 | 001,559,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe PRC - [2012-07-17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-07-17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-06-27 13:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012-06-25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012-05-28 11:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe PRC - [2012-04-13 11:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe PRC - [2012-03-28 19:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2011-11-21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-08-31 20:58:18 | 001,654,296 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll MOD - [2014-08-07 05:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll MOD - [2014-08-07 05:20:54 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll MOD - [2014-08-07 05:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll MOD - [2014-08-07 05:20:49 | 000,718,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll MOD - [2014-08-07 05:20:47 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll MOD - [2014-08-07 05:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll MOD - [2014-07-21 09:48:12 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\e1c86f334a29d92ca264950085cd817e\PresentationFramework.Aero2.ni.dll MOD - [2014-07-20 15:06:03 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll MOD - [2014-07-20 15:05:39 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll MOD - [2014-07-20 15:05:38 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll MOD - [2014-07-20 15:05:19 | 007,802,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll MOD - [2014-07-20 15:05:17 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll MOD - [2014-07-20 15:05:14 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll MOD - [2014-07-20 15:05:13 | 000,188,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\3be4139a741b447ab35a2c788a2f4559\UIAutomationTypes.ni.dll MOD - [2014-07-20 15:05:12 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll MOD - [2014-07-20 15:05:08 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll MOD - [2014-07-20 14:16:53 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll MOD - [2014-05-20 04:44:03 | 000,012,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2014-04-24 23:19:56 | 002,725,912 | ---- | M] () -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe MOD - [2014-03-18 11:58:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014-08-18 02:20:44 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2014-04-30 20:28:23 | 021,007,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2014-03-18 11:58:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2014-03-18 11:58:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2014-03-18 11:58:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:15 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2014-03-18 11:58:15 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2014-03-18 11:58:14 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2013-08-22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2013-08-22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2013-08-22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2013-08-22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2013-08-22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2013-08-22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2013-08-22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2013-08-22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2013-08-22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2013-08-22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2013-08-22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2013-08-22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2013-08-22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2013-08-22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2013-08-22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2013-01-07 14:04:48 | 001,280,768 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:[b]64bit:[/b] - [2012-04-20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2014-08-28 13:48:02 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2014-08-18 02:49:05 | 001,820,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9) SRV - [2014-07-18 22:44:24 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2014-06-06 06:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-04-30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2013-08-22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2013-08-22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2013-03-27 12:39:42 | 000,227,968 | ---- | M] (Qualcomm Atheros Commnucations) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2013-03-27 11:57:52 | 000,323,584 | R--- | M] (Atheros) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent) SRV - [2012-12-19 08:10:38 | 000,072,192 | ---- | M] () [On_Demand | Running] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service) SRV - [2012-12-14 00:14:24 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-10-05 16:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2012-09-13 05:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012-07-17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-07-17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-06-27 13:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012-06-25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2012-04-13 11:14:00 | 000,277,120 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2011-11-21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2010-10-12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-08-18 02:49:05 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp) DRV:[b]64bit:[/b] - [2014-08-06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2014-07-21 21:03:12 | 000,244,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2014-07-18 22:55:08 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2014-07-18 22:52:41 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2014-07-18 22:50:21 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2014-07-18 22:44:23 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2014-06-30 12:43:18 | 000,270,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa) DRV:[b]64bit:[/b] - [2014-06-30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:[b]64bit:[/b] - [2014-06-17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2014-06-17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2014-06-17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2014-06-17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2014-05-20 04:44:03 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2014-04-30 20:28:22 | 000,018,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV:[b]64bit:[/b] - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:[b]64bit:[/b] - [2014-03-18 11:58:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS) DRV:[b]64bit:[/b] - [2014-03-18 11:58:16 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2014-03-18 11:58:16 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2014-03-18 11:40:43 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2014-03-18 11:40:40 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2014-01-28 15:32:18 | 000,593,000 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2013-09-04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2013-08-22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2013-08-22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2013-08-22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2013-08-22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2013-08-22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2013-08-22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2013-08-22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2013-08-22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2013-08-22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2013-08-22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2013-08-22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2013-08-22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2013-08-22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2013-08-22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2013-08-22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2013-08-22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2013-08-22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2013-08-22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2013-08-22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2013-08-22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2013-08-22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2013-08-22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2013-08-22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2013-08-22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2013-08-22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2013-08-22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2013-08-22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2013-08-22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2013-08-22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2013-08-13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2013-08-10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2013-07-30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2013-07-25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2013-06-18 16:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168) DRV:[b]64bit:[/b] - [2013-06-18 16:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2013-04-16 18:25:46 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:52 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2013-01-09 04:26:24 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2012-12-14 00:14:20 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-10-08 11:47:42 | 000,298,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR) DRV:[b]64bit:[/b] - [2012-09-18 13:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:[b]64bit:[/b] - [2012-09-14 07:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2012-08-02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2012-07-02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-05-31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch) DRV - [2011-09-07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009-07-02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms} IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={D6CD8444-6693-44E8-86FA-24B92B6D5052}&mid=c112373feedf47d29d39f54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-01 19:31:36&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com?cid={D6CD8444-6693-44E8-86FA-24B92B6D5052}&mid=c112373feedf47d29d39f54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-01 19:31:36&v=18.0.5.292&pid=safeguard&sg=&sap=hp" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 FF - prefs.js..keyword.URL: "" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll File not found FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\ [2014-08-31 20:58:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-01-12 01:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Extensions [2014-07-17 14:52:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions [2014-01-15 19:03:40 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\IplextoALL@ALLPlayer.org [2014-07-17 14:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014-07-17 14:44:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: [ history, homepage, nativeMessaging, tabs ] CHR - homepage: [ browsingData, cookies, history, management, nativeMessaging, tabs, unlimitedStorage, webNavigation, webRequest, webRequestBlocking, webRequestInternal, homepage ] CHR - homepage: http://mysearch.avg.com?cid={D6CD8444-6693-44E8-86FA-24B92B6D5052}&mid=c112373feedf47d29d39f54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-01 19:31:36&v=18.1.5.512&pid=safeguard&sg=&sap=hp CHR - homepage: http://mysearch.avg.com?cid={D6CD8444-6693-44E8-86FA-24B92B6D5052}&mid=c112373feedf47d29d39f54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-01 19:31:36&v=18.1.9.786&pid=safeguard&sg=&sap=hp CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll CHR - plugin: IntelÂ® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: IntelÂ® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java Deployment Toolkit 7.0.550.14 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll CHR - plugin: Java(TM) Platform SE 7 U55 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll CHR - Extension: Google Wallet = C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2013-08-22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) O3 - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe () O4 - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLPlayer Group Ltd.) O4 - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002..\Run: [AVG-Secure-Search-Update_0414c] C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5666ED73-4C17-4624-9EBC-D3A27258B5C0}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B7972E1-0E1C-45F7-8B02-04E580267318}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014-04-10 11:02:29 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{040a6738-0eb6-11e4-824f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{040a6738-0eb6-11e4-824f-806e6f6e6963}\Shell\AutoRun\command - "" = "E:\AUTORUN.EXE" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-09-03 23:49:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2014-09-03 23:25:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2014-09-03 22:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\GFACE [2014-09-03 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\wf-launcher [2014-09-03 10:29:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014-09-02 18:37:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\directx [2014-09-02 18:22:29 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2014-09-02 17:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2014-09-02 17:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2014-09-02 17:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2014-08-30 21:06:48 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\ElevatedDiagnostics [2014-08-30 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Games [2014-08-30 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ALI213 [2014-08-28 13:10:13 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\ALI213 [2014-08-28 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\Skyrim [2014-08-28 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\My Games [2014-08-28 04:40:29 | 001,336,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2014-08-26 10:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Security Toolbar [2014-08-26 10:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0814tb [2014-08-24 00:06:59 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\Battlefield 3 [2014-08-23 11:17:46 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\telpli [2014-08-23 10:15:44 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2014-08-21 21:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014-08-21 21:29:33 | 000,704,480 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2014-08-21 21:29:33 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2014-08-19 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\Szukamy nowego pierdopedu [2014-08-18 21:45:33 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\wakacje [2014-08-18 02:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar [2014-08-18 02:36:33 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl [2014-08-18 02:36:32 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2014-08-18 02:36:29 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl [2014-08-18 02:36:25 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll [2014-08-18 02:36:24 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll [2014-08-18 02:36:23 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll [2014-08-18 02:36:22 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2014-08-18 02:36:22 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll [2014-08-18 02:36:22 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll [2014-08-18 02:36:21 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll [2014-08-18 02:36:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll [2014-08-18 02:36:16 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2014-08-18 02:35:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2014-08-18 02:35:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll [2014-08-18 02:35:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll [2014-08-18 02:35:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll [2014-08-18 02:35:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll [2014-08-18 02:35:49 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll [2014-08-18 02:30:41 | 001,273,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll [2014-08-18 02:30:40 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll [2014-08-18 02:30:40 | 000,517,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll [2014-08-18 02:28:55 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll [2014-08-18 02:28:55 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe [2014-08-18 02:28:54 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll [2014-08-18 02:28:54 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll [2014-08-18 02:28:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe [2014-08-18 02:28:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe [2014-08-18 02:28:16 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll [2014-08-18 02:28:16 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe [2014-08-18 02:28:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll [2014-08-18 02:28:00 | 002,642,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2014-08-18 02:27:59 | 002,790,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2014-08-18 02:27:59 | 002,318,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2014-08-18 02:27:58 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll [2014-08-18 02:27:58 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll [2014-08-18 02:27:58 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe [2014-08-18 02:27:32 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2014-08-18 02:27:32 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll [2014-08-18 02:27:29 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2014-08-18 02:27:28 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2014-08-18 02:27:27 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll [2014-08-18 02:27:27 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2014-08-18 02:27:26 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2014-08-18 02:27:26 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2014-08-18 02:27:25 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll [2014-08-18 02:27:25 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll [2014-08-18 02:27:25 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll [2014-08-18 02:27:23 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll [2014-08-18 02:27:21 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll [2014-08-18 02:27:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll [2014-08-18 02:27:20 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll [2014-08-18 02:27:19 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll [2014-08-18 02:27:19 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll [2014-08-18 02:27:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll [2014-08-18 02:27:18 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe [2014-08-18 02:27:18 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe [2014-08-18 02:27:17 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll [2014-08-18 02:27:17 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe [2014-08-18 02:27:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll [2014-08-18 02:27:16 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2014-08-18 02:27:00 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe [2014-08-18 02:22:36 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll [2014-08-07 22:16:38 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2014-08-06 10:50:04 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-09-04 00:17:00 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2014-09-04 00:07:48 | 000,000,062 | ---- | M] () -- C:\Users\Bloondas\AppData\Roaming\sp_data.sys [2014-09-04 00:06:21 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2014-09-04 00:06:16 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-09-04 00:04:36 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job [2014-09-04 00:04:31 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job [2014-09-04 00:04:14 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2014-09-04 00:04:13 | 3338,403,840 | -HS- | M] () -- C:\hiberfil.sys [2014-09-03 23:55:15 | 468,798,557 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2014-09-02 18:22:29 | 000,000,222 | ---- | M] () -- C:\Users\Bloondas\Desktop\Warface.url [2014-09-02 18:09:50 | 000,160,861 | ---- | M] () -- C:\Users\Bloondas\Desktop\Kask-enduro-6D-podczas-testów.jpg [2014-09-02 17:58:16 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2014-08-31 21:04:28 | 001,825,074 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2014-08-31 21:04:28 | 000,807,160 | ---- | M] () -- C:\WINDOWS\SysNative\perfh015.dat [2014-08-31 21:04:28 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2014-08-31 21:04:28 | 000,163,478 | ---- | M] () -- C:\WINDOWS\SysNative\perfc015.dat [2014-08-31 21:04:28 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2014-08-31 20:57:19 | 000,339,192 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2014-08-28 12:49:31 | 000,000,801 | ---- | M] () -- C:\Users\Bloondas\Desktop\Uruchom program The Elder Scrolls V Skyrim.lnk [2014-08-18 02:49:05 | 000,050,976 | ---- | M] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys [2014-08-18 02:21:03 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll [2014-08-18 02:20:44 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe [2014-08-18 02:20:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll [2014-08-18 02:20:44 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll [2014-08-18 02:20:43 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe [2014-08-18 02:20:43 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll [2014-08-18 02:20:41 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe [2014-08-18 02:20:41 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2014-08-18 02:20:40 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2014-08-18 02:20:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2014-08-18 02:20:40 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2014-08-18 02:20:31 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll [2014-08-18 02:19:24 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll [2014-08-10 15:01:17 | 000,001,635 | ---- | M] () -- C:\Users\Bloondas\AppData\Local\recently-used.xbel [2014-08-07 13:52:20 | 000,003,584 | ---- | M] () -- C:\Users\Bloondas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-08-07 04:12:27 | 001,336,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2014-08-06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-03 23:49:04 | 468,798,557 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2014-09-02 18:22:29 | 000,000,222 | ---- | C] () -- C:\Users\Bloondas\Desktop\Warface.url [2014-09-02 18:09:48 | 000,160,861 | ---- | C] () -- C:\Users\Bloondas\Desktop\Kask-enduro-6D-podczas-testów.jpg [2014-09-02 17:58:16 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2014-08-28 12:49:31 | 000,000,801 | ---- | C] () -- C:\Users\Bloondas\Desktop\Uruchom program The Elder Scrolls V Skyrim.lnk [2014-08-18 02:27:16 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat [2014-08-10 15:01:17 | 000,001,635 | ---- | C] () -- C:\Users\Bloondas\AppData\Local\recently-used.xbel [2014-07-09 17:39:55 | 000,000,021 | ---- | C] () -- C:\Users\Bloondas\AppData\Roaming\my_intel.sys [2014-06-17 23:00:41 | 000,189,248 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2014-06-17 23:00:40 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2014-04-01 19:31:28 | 000,003,750 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml [2014-03-18 11:58:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2014-03-18 11:58:06 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2014-01-15 19:04:10 | 000,644,608 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll [2014-01-15 19:04:10 | 000,258,048 | ---- | C] () -- C:\WINDOWS\SysWow64\libFLAC.dll [2014-01-15 00:12:13 | 000,003,584 | ---- | C] () -- C:\Users\Bloondas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-01-12 00:57:35 | 000,000,062 | ---- | C] () -- C:\Users\Bloondas\AppData\Roaming\sp_data.sys [2013-08-22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2013-08-22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2013-08-22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013-08-22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2013-08-22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2013-08-22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2013-08-22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2013-05-01 13:15:31 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe [2013-05-01 13:15:31 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd [2013-05-01 13:15:31 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS [2013-04-24 05:36:10 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin [2013-04-24 05:36:09 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2013-04-24 05:36:08 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [2014-08-23 10:13:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-07-18 22:44:24 | 021,268,952 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-07-18 22:44:24 | 018,755,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2014-08-31 21:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\.minecraft [2014-01-12 00:56:40 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\ASUS WebStorage [2014-05-17 16:31:18 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\Audacity [2014-03-31 13:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\AVG2014 [2014-08-31 07:32:34 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\BitTorrent [2014-01-13 00:26:53 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\DAEMON Tools Lite [2014-03-31 13:26:01 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\newnext.me [2014-07-01 18:29:57 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\PhotoScape [2014-06-17 23:00:37 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\PunkBuster [2014-05-16 21:58:22 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\Saints Row IV [2014-03-31 13:11:31 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\TuneUp Software [2014-07-20 13:06:08 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\WildTangent [2014-07-18 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage [2014-07-18 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software [2014-07-18 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage [2014-07-18 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 237 bytes -> C:\Users\Bloondas\OneDrive:ms-properties < End of report >

**Posty:** 4765 · przez **ordynat** 04 Wrz 2014, 07:53

Problemy komputerowe to nie do tego działu Forum.

Nie widzę tu żadnej infekcji.

Są sponsorskie śmieci:

1) Odinstaluj:
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar

2) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
[2014-04-01 19:31:28 | 000,003,750 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014-09-04 00:04:36 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job
[2014-09-04 00:04:31 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job
[2014-08-18 02:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2014-08-26 10:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Security Toolbar
[2014-08-26 10:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0814tb
O4 - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002..\Run: [AVG-Secure-Search-Update_0414c] C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe ()
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O3:64bit: - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com?cid={D6CD8444-6693-44E8-86FA-24B92B6D5052}&mid=c112373feedf47d29d39f54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-01 19:31:36&v=18.0.5.292&pid=safeguard&sg=&sap=hp"
IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS
DRV:64bit: - [2014-08-18 02:49:05 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
SRV - [2014-08-18 02:49:05 | 001,820,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9)
MOD - [2014-08-31 20:58:18 | 001,654,296 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
MOD - [2014-04-24 23:19:56 | 002,725,912 | ---- | M] () -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe

:Files
C:\Users\wangzhisong

:Reg
[-HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.

**Posty:** 4 · przez **TuMichau** 04 Wrz 2014, 10:07

OTL.txt:

Kod: Zaznacz wszystko: OTL logfile created on: 2014-09-04 09:43:12 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bloondas\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,89 Gb Total Physical Memory | 2,33 Gb Available Physical Memory | 59,85% Memory free 7,89 Gb Paging File | 6,25 Gb Available in Paging File | 79,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 185,87 Gb Total Space | 121,56 Gb Free Space | 65,40% Space Free | Partition Type: NTFS Drive D: | 258,15 Gb Total Space | 83,79 Gb Free Space | 32,46% Space Free | Partition Type: NTFS Computer Name: BLONDASOWY | User Name: Bloondas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-04 00:20:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bloondas\Downloads\OTL_[www.programosy.pl].exe PRC - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe PRC - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe PRC - [2014-08-25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe PRC - [2014-08-07 05:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-04-30 20:28:45 | 002,199,840 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014-04-30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2013-05-01 13:16:10 | 003,187,360 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\APRP\APRP.EXE PRC - [2013-04-16 18:25:30 | 000,020,792 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe PRC - [2013-03-27 11:57:52 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2013-02-26 12:08:24 | 000,176,240 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe PRC - [2012-11-28 18:56:40 | 000,054,488 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2012-10-26 15:35:44 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2012-10-17 20:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2012-10-05 16:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2012-09-18 13:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2012-09-14 14:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2012-08-31 20:27:20 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe PRC - [2012-08-22 10:24:28 | 001,559,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe PRC - [2012-07-17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-07-17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-06-27 13:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012-06-25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012-05-28 11:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe PRC - [2012-04-13 11:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe PRC - [2012-03-28 19:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2011-11-21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-08-07 05:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll MOD - [2014-08-07 05:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll MOD - [2014-08-07 05:20:49 | 000,718,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll MOD - [2014-08-07 05:20:47 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll MOD - [2014-08-07 05:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll MOD - [2014-07-21 09:48:12 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\e1c86f334a29d92ca264950085cd817e\PresentationFramework.Aero2.ni.dll MOD - [2014-07-20 15:06:03 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll MOD - [2014-07-20 15:05:39 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll MOD - [2014-07-20 15:05:38 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll MOD - [2014-07-20 15:05:19 | 007,802,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll MOD - [2014-07-20 15:05:17 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll MOD - [2014-07-20 15:05:14 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll MOD - [2014-07-20 15:05:13 | 000,188,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\3be4139a741b447ab35a2c788a2f4559\UIAutomationTypes.ni.dll MOD - [2014-07-20 15:05:12 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll MOD - [2014-07-20 15:05:08 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll MOD - [2014-07-20 14:16:53 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll MOD - [2014-05-20 04:44:03 | 000,012,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2014-03-18 11:58:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014-08-18 02:20:44 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2014-04-30 20:28:23 | 021,007,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2014-03-18 11:58:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2014-03-18 11:58:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2014-03-18 11:58:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:15 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2014-03-18 11:58:15 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2014-03-18 11:58:14 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2013-08-22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2013-08-22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2013-08-22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2013-08-22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2013-08-22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2013-08-22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2013-08-22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2013-08-22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2013-08-22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2013-08-22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2013-08-22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2013-08-22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2013-08-22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2013-08-22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2013-08-22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2013-01-07 14:04:48 | 001,280,768 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:[b]64bit:[/b] - [2012-04-20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2014-08-28 13:48:02 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2014-07-18 22:44:24 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2014-06-06 06:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-04-30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2013-08-22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2013-08-22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2013-03-27 12:39:42 | 000,227,968 | ---- | M] (Qualcomm Atheros Commnucations) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2013-03-27 11:57:52 | 000,323,584 | R--- | M] (Atheros) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent) SRV - [2012-12-19 08:10:38 | 000,072,192 | ---- | M] () [On_Demand | Running] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service) SRV - [2012-12-14 00:14:24 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-10-05 16:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2012-09-13 05:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012-07-17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-07-17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-06-27 13:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012-06-25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2012-04-13 11:14:00 | 000,277,120 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2011-11-21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2010-10-12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-08-06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2014-07-21 21:03:12 | 000,244,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2014-07-18 22:55:08 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2014-07-18 22:52:41 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2014-07-18 22:50:21 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2014-07-18 22:44:23 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2014-06-30 12:43:18 | 000,270,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa) DRV:[b]64bit:[/b] - [2014-06-30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:[b]64bit:[/b] - [2014-06-17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2014-06-17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2014-06-17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2014-06-17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2014-05-20 04:44:03 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2014-04-30 20:28:22 | 000,018,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV:[b]64bit:[/b] - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:[b]64bit:[/b] - [2014-03-18 11:58:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS) DRV:[b]64bit:[/b] - [2014-03-18 11:58:16 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2014-03-18 11:58:16 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2014-03-18 11:40:43 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2014-03-18 11:40:40 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2014-01-28 15:32:18 | 000,593,000 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2013-09-04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2013-08-22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2013-08-22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2013-08-22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2013-08-22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2013-08-22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2013-08-22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2013-08-22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2013-08-22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2013-08-22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2013-08-22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2013-08-22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2013-08-22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2013-08-22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2013-08-22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2013-08-22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2013-08-22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2013-08-22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2013-08-22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2013-08-22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2013-08-22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2013-08-22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2013-08-22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2013-08-22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2013-08-22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2013-08-22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2013-08-22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2013-08-22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2013-08-22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2013-08-22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2013-08-13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2013-08-10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2013-07-30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2013-07-25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2013-06-18 16:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168) DRV:[b]64bit:[/b] - [2013-06-18 16:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2013-04-16 18:25:46 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:52 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2013-01-09 04:26:24 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2012-12-14 00:14:20 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-10-08 11:47:42 | 000,298,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR) DRV:[b]64bit:[/b] - [2012-09-18 13:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:[b]64bit:[/b] - [2012-09-14 07:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2012-08-02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2012-07-02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-05-31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch) DRV - [2011-09-07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009-07-02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 FF - prefs.js..keyword.URL: "" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-01-12 01:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Extensions [2014-07-17 14:52:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions [2014-01-15 19:03:40 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\IplextoALL@ALLPlayer.org [2014-07-17 14:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014-07-17 14:44:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Error reading preferences file CHR - Extension: Google Wallet = C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2013-08-22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLPlayer Group Ltd.) O4 - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002..\Run: [AVG-Secure-Search-Update_0814av] C:\Users\Bloondas\AppData\Roaming\Avg_Update_0814av\AVG-Secure-Search-Update_0814av.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5666ED73-4C17-4624-9EBC-D3A27258B5C0}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B7972E1-0E1C-45F7-8B02-04E580267318}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014-04-10 11:02:29 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{040a6738-0eb6-11e4-824f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{040a6738-0eb6-11e4-824f-806e6f6e6963}\Shell\AutoRun\command - "" = "E:\AUTORUN.EXE" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-09-04 09:45:49 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Roaming\Avg_Update_0814av [2014-09-04 09:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0814av [2014-09-04 09:35:28 | 000,000,000 | ---D | C] -- C:\_OTL [2014-09-03 23:49:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2014-09-03 23:25:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2014-09-03 22:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\GFACE [2014-09-03 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\wf-launcher [2014-09-03 10:29:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014-09-02 18:37:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\directx [2014-09-02 18:22:29 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2014-09-02 17:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2014-09-02 17:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2014-09-02 17:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2014-08-30 21:06:48 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\ElevatedDiagnostics [2014-08-30 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Games [2014-08-30 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ALI213 [2014-08-28 13:10:13 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\ALI213 [2014-08-28 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\Skyrim [2014-08-28 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\My Games [2014-08-28 04:40:29 | 001,336,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2014-08-24 00:06:59 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\Battlefield 3 [2014-08-23 11:17:46 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\telpli [2014-08-23 10:15:44 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2014-08-21 21:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014-08-21 21:29:33 | 000,704,480 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2014-08-21 21:29:33 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2014-08-19 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\Szukamy nowego pierdopedu [2014-08-18 21:45:33 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\wakacje [2014-08-18 02:36:33 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl [2014-08-18 02:36:32 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2014-08-18 02:36:29 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl [2014-08-18 02:36:25 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll [2014-08-18 02:36:24 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll [2014-08-18 02:36:23 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll [2014-08-18 02:36:22 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2014-08-18 02:36:22 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll [2014-08-18 02:36:22 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll [2014-08-18 02:36:21 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll [2014-08-18 02:36:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll [2014-08-18 02:36:16 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2014-08-18 02:35:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2014-08-18 02:35:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll [2014-08-18 02:35:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll [2014-08-18 02:35:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll [2014-08-18 02:35:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll [2014-08-18 02:35:49 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll [2014-08-18 02:30:41 | 001,273,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll [2014-08-18 02:30:40 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll [2014-08-18 02:30:40 | 000,517,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll [2014-08-18 02:28:55 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll [2014-08-18 02:28:55 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe [2014-08-18 02:28:54 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll [2014-08-18 02:28:54 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll [2014-08-18 02:28:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe [2014-08-18 02:28:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe [2014-08-18 02:28:16 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll [2014-08-18 02:28:16 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe [2014-08-18 02:28:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll [2014-08-18 02:28:00 | 002,642,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2014-08-18 02:27:59 | 002,790,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2014-08-18 02:27:59 | 002,318,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2014-08-18 02:27:58 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll [2014-08-18 02:27:58 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll [2014-08-18 02:27:58 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe [2014-08-18 02:27:32 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2014-08-18 02:27:32 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll [2014-08-18 02:27:29 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2014-08-18 02:27:28 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2014-08-18 02:27:27 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll [2014-08-18 02:27:27 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2014-08-18 02:27:26 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2014-08-18 02:27:26 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2014-08-18 02:27:25 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll [2014-08-18 02:27:25 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll [2014-08-18 02:27:25 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll [2014-08-18 02:27:23 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll [2014-08-18 02:27:21 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll [2014-08-18 02:27:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll [2014-08-18 02:27:20 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll [2014-08-18 02:27:19 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll [2014-08-18 02:27:19 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll [2014-08-18 02:27:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll [2014-08-18 02:27:18 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe [2014-08-18 02:27:18 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe [2014-08-18 02:27:17 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll [2014-08-18 02:27:17 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe [2014-08-18 02:27:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll [2014-08-18 02:27:16 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2014-08-18 02:27:00 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe [2014-08-18 02:22:36 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll [2014-08-07 22:16:38 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2014-08-06 10:50:04 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-09-04 09:50:52 | 001,825,074 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2014-09-04 09:50:52 | 000,807,160 | ---- | M] () -- C:\WINDOWS\SysNative\perfh015.dat [2014-09-04 09:50:52 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2014-09-04 09:50:52 | 000,163,478 | ---- | M] () -- C:\WINDOWS\SysNative\perfc015.dat [2014-09-04 09:50:52 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2014-09-04 09:45:47 | 000,000,550 | ---- | M] () -- C:\WINDOWS\tasks\AVG_SYS_TASK_0814av.job [2014-09-04 09:45:44 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\AVG_SYS_TASK_0814av_DELETE.job [2014-09-04 09:41:30 | 000,000,062 | ---- | M] () -- C:\Users\Bloondas\AppData\Roaming\sp_data.sys [2014-09-04 09:41:03 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-09-04 09:40:50 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2014-09-04 09:39:01 | 3338,403,840 | -HS- | M] () -- C:\hiberfil.sys [2014-09-04 09:39:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2014-09-04 01:17:42 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2014-09-03 23:55:15 | 468,798,557 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2014-09-02 18:22:29 | 000,000,222 | ---- | M] () -- C:\Users\Bloondas\Desktop\Warface.url [2014-09-02 18:09:50 | 000,160,861 | ---- | M] () -- C:\Users\Bloondas\Desktop\Kask-enduro-6D-podczas-testów.jpg [2014-09-02 17:58:16 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2014-08-31 20:57:19 | 000,339,192 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2014-08-28 12:49:31 | 000,000,801 | ---- | M] () -- C:\Users\Bloondas\Desktop\Uruchom program The Elder Scrolls V Skyrim.lnk [2014-08-18 02:21:03 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll [2014-08-18 02:20:44 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe [2014-08-18 02:20:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll [2014-08-18 02:20:44 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll [2014-08-18 02:20:43 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe [2014-08-18 02:20:43 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll [2014-08-18 02:20:41 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe [2014-08-18 02:20:41 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2014-08-18 02:20:40 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2014-08-18 02:20:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2014-08-18 02:20:40 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2014-08-18 02:20:31 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll [2014-08-18 02:19:24 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll [2014-08-10 15:01:17 | 000,001,635 | ---- | M] () -- C:\Users\Bloondas\AppData\Local\recently-used.xbel [2014-08-07 13:52:20 | 000,003,584 | ---- | M] () -- C:\Users\Bloondas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-08-07 04:12:27 | 001,336,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2014-08-06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-04 09:45:44 | 000,000,550 | ---- | C] () -- C:\WINDOWS\tasks\AVG_SYS_TASK_0814av.job [2014-09-04 09:45:44 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\AVG_SYS_TASK_0814av_DELETE.job [2014-09-03 23:49:04 | 468,798,557 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2014-09-02 18:22:29 | 000,000,222 | ---- | C] () -- C:\Users\Bloondas\Desktop\Warface.url [2014-09-02 18:09:48 | 000,160,861 | ---- | C] () -- C:\Users\Bloondas\Desktop\Kask-enduro-6D-podczas-testów.jpg [2014-09-02 17:58:16 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2014-08-28 12:49:31 | 000,000,801 | ---- | C] () -- C:\Users\Bloondas\Desktop\Uruchom program The Elder Scrolls V Skyrim.lnk [2014-08-18 02:27:16 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat [2014-08-10 15:01:17 | 000,001,635 | ---- | C] () -- C:\Users\Bloondas\AppData\Local\recently-used.xbel [2014-07-09 17:39:55 | 000,000,021 | ---- | C] () -- C:\Users\Bloondas\AppData\Roaming\my_intel.sys [2014-06-17 23:00:41 | 000,189,248 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2014-06-17 23:00:40 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2014-03-18 11:58:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2014-03-18 11:58:06 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2014-01-15 19:04:10 | 000,644,608 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll [2014-01-15 19:04:10 | 000,258,048 | ---- | C] () -- C:\WINDOWS\SysWow64\libFLAC.dll [2014-01-15 00:12:13 | 000,003,584 | ---- | C] () -- C:\Users\Bloondas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-01-12 00:57:35 | 000,000,062 | ---- | C] () -- C:\Users\Bloondas\AppData\Roaming\sp_data.sys [2013-08-22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2013-08-22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2013-08-22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013-08-22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2013-08-22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2013-08-22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2013-08-22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2013-05-01 13:15:31 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe [2013-05-01 13:15:31 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd [2013-05-01 13:15:31 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS [2013-04-24 05:36:10 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin [2013-04-24 05:36:09 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2013-04-24 05:36:08 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [2014-08-23 10:13:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-07-18 22:44:24 | 021,268,952 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-07-18 22:44:24 | 018,755,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2014-08-31 21:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\.minecraft [2014-01-12 00:56:40 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\ASUS WebStorage [2014-05-17 16:31:18 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\Audacity [2014-03-31 13:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\AVG2014 [2014-09-04 09:45:52 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\Avg_Update_0814av [2014-08-31 07:32:34 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\BitTorrent [2014-01-13 00:26:53 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\DAEMON Tools Lite [2014-03-31 13:26:01 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\newnext.me [2014-07-01 18:29:57 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\PhotoScape [2014-06-17 23:00:37 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\PunkBuster [2014-05-16 21:58:22 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\Saints Row IV [2014-03-31 13:11:31 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\TuneUp Software [2014-07-20 13:06:08 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\WildTangent [2014-07-18 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage [2014-07-18 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software [2014-07-18 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage [2014-07-18 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 237 bytes -> C:\Users\Bloondas\OneDrive:ms-properties < End of report >

Raport z usuwania skryptem:

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml moved successfully. C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job moved successfully. C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job moved successfully. Folder C:\Program Files\AVG SafeGuard toolbar\ not found. C:\Program Files (x86)\AVG Security Toolbar folder moved successfully. C:\ProgramData\Avg_Update_0814tb folder moved successfully. Registry value HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_0414c deleted successfully. C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt not found. File C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. File C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. File C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. File C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll not found. Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename Prefs.js: "AVG Secure Search" removed from browser.search.selectedEngine Prefs.js: "http://mysearch.avg.com?cid={D6CD8444-6693-44E8-86FA-24B92B6D5052}&mid=c112373feedf47d29d39f54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-01 19:31:36&v=18.0.5.292&pid=safeguard&sg=&sap=hp" removed from browser.startup.homepage HKU\S-1-5-21-2573020086-1577984347-1742758831-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Error: No service named avgtp was found to stop! Service\Driver key avgtp not found. File C:\Windows\SysNative\drivers\avgtpx64.sys not found. Error: No service named vToolbarUpdater18.1.9 was found to stop! Service\Driver key vToolbarUpdater18.1.9 not found. File C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe not found. Releasing module C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll moved successfully. ========== FILES ========== File\Folder C:\Users\wangzhisong not found. ========== REGISTRY ========== Registry key HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found. HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Bloondas ->Temp folder emptied: 128961613 bytes ->Temporary Internet Files folder emptied: 98192267 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 205943587 bytes ->Google Chrome cache emptied: 76147377 bytes ->Flash cache emptied: 20166 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default.migrated User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1715889 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 162116226 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 642,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 09042014_093528 Files\Folders moved on Reboot... C:\Users\Bloondas\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...

**Posty:** 4765 · przez **ordynat** 04 Wrz 2014, 10:44

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
[2014-03-31 13:26:01 | 000,000,000 | ---D | M] -- C:\Users\Bloondas\AppData\Roaming\newnext.me
O4 - HKU\S-1-5-21-2573020086-1577984347-1742758831-1002..\Run: [AVG-Secure-Search-Update_0814av] C:\Users\Bloondas\AppData\Roaming\Avg_Update_0814av\AVG-Secure-Search-Update_0814av.exe ()
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-page.com/web/?type=ds&ts=1389574923&from=cor&uid=TOSHIBAXMQ01ABD050_53IEFEEJSXX53IEFEEJS&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.

**Posty:** 4 · przez **TuMichau** 04 Wrz 2014, 22:38

Raport z usuwania:

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== C:\Users\Bloondas\AppData\Roaming\newnext.me\cache folder moved successfully. C:\Users\Bloondas\AppData\Roaming\newnext.me folder moved successfully. Registry value HKEY_USERS\S-1-5-21-2573020086-1577984347-1742758831-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_0814av not found. File C:\Users\Bloondas\AppData\Roaming\Avg_Update_0814av\AVG-Secure-Search-Update_0814av.exe not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Bloondas ->Temp folder emptied: 3879439 bytes ->Temporary Internet Files folder emptied: 1806307 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 24313866 bytes ->Flash cache emptied: 492 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default.migrated User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 63162210 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 89,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 09042014_221110 Files\Folders moved on Reboot... C:\Users\Bloondas\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020 moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021 moved successfully. C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022 moved successfully. File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000f9 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fa not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fb not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fc not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fd not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000fe not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ff not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000100 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000101 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000102 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000103 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000104 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000105 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000106 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000107 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000108 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000109 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010a not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010b not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010c not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010d not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010e not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00010f not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000110 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000111 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000112 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000113 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000114 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000115 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000116 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000117 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000118 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000119 not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011a not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011b not found! File\Folder C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00011c not found! C:\WINDOWS\temp\1D6.tmp moved successfully. File move failed. C:\WINDOWS\temp\avg_secure_search.log scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...

Skan:

Kod: Zaznacz wszystko: OTL logfile created on: 2014-09-04 22:18:15 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bloondas\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,89 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 57,20% Memory free 7,89 Gb Paging File | 6,27 Gb Available in Paging File | 79,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 185,87 Gb Total Space | 120,40 Gb Free Space | 64,78% Space Free | Partition Type: NTFS Drive D: | 258,15 Gb Total Space | 83,79 Gb Free Space | 32,46% Space Free | Partition Type: NTFS Computer Name: BLONDASOWY | User Name: Bloondas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-04 10:55:44 | 001,820,184 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe PRC - [2014-09-04 10:55:44 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe PRC - [2014-09-04 00:20:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bloondas\Downloads\OTL_[www.programosy.pl].exe PRC - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe PRC - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe PRC - [2014-08-25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe PRC - [2014-08-07 05:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-04-30 20:28:45 | 002,199,840 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014-04-30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2013-05-01 13:16:10 | 003,187,360 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\APRP\APRP.EXE PRC - [2013-04-16 18:25:30 | 000,020,792 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe PRC - [2013-03-27 11:57:52 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2013-02-26 12:08:24 | 000,176,240 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe PRC - [2012-11-28 18:56:40 | 000,054,488 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2012-10-26 15:35:44 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2012-10-17 20:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2012-10-05 16:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2012-09-18 13:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2012-09-14 14:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2012-08-31 20:27:20 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe PRC - [2012-08-22 10:24:28 | 001,559,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe PRC - [2012-07-17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-07-17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-06-27 13:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012-06-25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012-05-28 11:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe PRC - [2012-04-13 11:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe PRC - [2012-03-28 19:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2011-11-21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2010-11-15 22:02:24 | 000,035,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-09-04 10:55:44 | 001,654,296 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll MOD - [2014-08-07 05:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll MOD - [2014-08-07 05:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll MOD - [2014-08-07 05:20:49 | 000,718,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll MOD - [2014-08-07 05:20:47 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll MOD - [2014-08-07 05:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll MOD - [2014-07-20 15:06:03 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll MOD - [2014-07-20 15:05:39 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll MOD - [2014-07-20 15:05:38 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll MOD - [2014-07-20 15:05:17 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll MOD - [2014-07-20 15:05:14 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll MOD - [2014-07-20 15:05:12 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll MOD - [2014-07-20 14:16:53 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll MOD - [2014-05-20 04:44:03 | 000,012,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2014-03-18 11:58:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014-08-18 02:20:44 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2014-04-30 20:28:23 | 021,007,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2014-03-18 11:58:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2014-03-18 11:58:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2014-03-18 11:58:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:15 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2014-03-18 11:58:15 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2014-03-18 11:58:14 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2013-08-22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2013-08-22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2013-08-22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2013-08-22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2013-08-22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2013-08-22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2013-08-22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2013-08-22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2013-08-22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2013-08-22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2013-08-22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2013-08-22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2013-08-22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2013-08-22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2013-08-22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2013-01-07 14:04:48 | 001,280,768 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:[b]64bit:[/b] - [2012-04-20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2014-09-04 10:55:44 | 001,820,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9) SRV - [2014-08-28 13:48:02 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2014-07-18 22:44:24 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2014-06-06 06:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-04-30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2013-08-22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2013-08-22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2013-03-27 12:39:42 | 000,227,968 | ---- | M] (Qualcomm Atheros Commnucations) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2013-03-27 11:57:52 | 000,323,584 | R--- | M] (Atheros) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent) SRV - [2012-12-19 08:10:38 | 000,072,192 | ---- | M] () [On_Demand | Running] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service) SRV - [2012-12-14 00:14:24 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-10-05 16:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2012-09-13 05:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012-07-17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-07-17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-06-27 13:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012-06-25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2012-04-13 11:14:00 | 000,277,120 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2011-11-21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2010-10-12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-09-04 10:55:44 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp) DRV:[b]64bit:[/b] - [2014-08-06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2014-07-21 21:03:12 | 000,244,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2014-07-18 22:55:08 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2014-07-18 22:52:41 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2014-07-18 22:50:21 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2014-07-18 22:44:23 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2014-06-30 12:43:18 | 000,270,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa) DRV:[b]64bit:[/b] - [2014-06-30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:[b]64bit:[/b] - [2014-06-17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2014-06-17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2014-06-17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2014-06-17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2014-05-20 04:44:03 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2014-04-30 20:28:22 | 000,018,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV:[b]64bit:[/b] - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:[b]64bit:[/b] - [2014-03-18 11:58:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS) DRV:[b]64bit:[/b] - [2014-03-18 11:58:16 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2014-03-18 11:58:16 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2014-03-18 11:40:43 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2014-03-18 11:40:40 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2014-01-28 15:32:18 | 000,593,000 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2013-09-04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2013-08-22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2013-08-22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2013-08-22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2013-08-22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2013-08-22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2013-08-22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2013-08-22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2013-08-22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2013-08-22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2013-08-22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2013-08-22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2013-08-22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2013-08-22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2013-08-22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2013-08-22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2013-08-22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2013-08-22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2013-08-22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2013-08-22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2013-08-22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2013-08-22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2013-08-22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2013-08-22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2013-08-22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2013-08-22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2013-08-22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2013-08-22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2013-08-22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2013-08-22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2013-08-13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2013-08-10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2013-07-30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2013-07-25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2013-06-18 16:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168) DRV:[b]64bit:[/b] - [2013-06-18 16:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2013-04-16 18:25:46 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:52 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2013-01-09 04:26:24 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2012-12-14 00:14:20 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-10-08 11:47:42 | 000,298,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR) DRV:[b]64bit:[/b] - [2012-09-18 13:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:[b]64bit:[/b] - [2012-09-14 07:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2012-08-02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2012-07-02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-05-31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch) DRV - [2011-09-07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009-07-02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={01840520-01F2-420D-8FE5-396372EB51CA}&mid=c003914400c247d29d2ff54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-04 10:56:00&v=18.1.9.786&pid=safeguard&sg=&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "https://mysearch.avg.com?cid={01840520-01F2-420D-8FE5-396372EB51CA}&mid=c003914400c247d29d2ff54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-04 10:56:00&v=18.1.9.786&pid=safeguard&sg=&sap=hp" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 FF - prefs.js..keyword.URL: "" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll File not found FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-01-12 01:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Extensions [2014-09-04 10:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions [2014-09-04 10:56:15 | 000,000,000 | ---D | M] (AVG SafeGuard toolbar) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar [2014-01-15 19:03:40 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\IplextoALL@ALLPlayer.org [2014-09-04 10:55:49 | 000,003,736 | ---- | M] () -- C:\Users\Bloondas\AppData\Roaming\mozilla\firefox\profiles\w2jn36hy.default\searchplugins\avg-secure-search.xml [2014-07-17 14:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014-07-17 14:44:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2013-08-22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.786\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.786\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe () O4 - HKCU..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLPlayer Group Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5666ED73-4C17-4624-9EBC-D3A27258B5C0}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B7972E1-0E1C-45F7-8B02-04E580267318}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014-04-10 11:02:29 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{040a6738-0eb6-11e4-824f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{040a6738-0eb6-11e4-824f-806e6f6e6963}\Shell\AutoRun\command - "" = "E:\AUTORUN.EXE" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-09-04 10:56:20 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\AVG SafeGuard toolbar [2014-09-04 10:55:59 | 000,050,976 | ---- | C] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys [2014-09-04 10:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2014-09-04 10:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search [2014-09-04 10:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar [2014-09-04 10:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar [2014-09-04 10:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar [2014-09-04 09:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0814av [2014-09-04 09:35:28 | 000,000,000 | ---D | C] -- C:\_OTL [2014-09-03 23:49:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2014-09-03 23:25:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2014-09-03 22:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\GFACE [2014-09-03 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\wf-launcher [2014-09-03 10:29:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014-09-02 18:37:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\directx [2014-09-02 18:22:29 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2014-09-02 17:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2014-09-02 17:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2014-09-02 17:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2014-08-30 21:06:48 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\ElevatedDiagnostics [2014-08-30 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Games [2014-08-30 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ALI213 [2014-08-28 13:10:13 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\ALI213 [2014-08-28 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\Skyrim [2014-08-28 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\My Games [2014-08-28 04:40:29 | 001,336,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2014-08-24 00:06:59 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\Battlefield 3 [2014-08-23 11:17:46 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\telpli [2014-08-23 10:15:44 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2014-08-21 21:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014-08-21 21:29:33 | 000,704,480 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2014-08-21 21:29:33 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2014-08-19 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\Szukamy nowego pierdopedu [2014-08-18 21:45:33 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\wakacje [2014-08-18 02:36:33 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl [2014-08-18 02:36:32 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2014-08-18 02:36:29 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl [2014-08-18 02:36:25 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll [2014-08-18 02:36:24 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll [2014-08-18 02:36:23 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll [2014-08-18 02:36:22 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2014-08-18 02:36:22 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll [2014-08-18 02:36:22 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll [2014-08-18 02:36:21 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll [2014-08-18 02:36:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll [2014-08-18 02:36:16 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2014-08-18 02:35:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2014-08-18 02:35:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll [2014-08-18 02:35:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll [2014-08-18 02:35:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll [2014-08-18 02:35:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll [2014-08-18 02:35:49 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll [2014-08-18 02:30:41 | 001,273,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll [2014-08-18 02:30:40 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll [2014-08-18 02:30:40 | 000,517,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll [2014-08-18 02:28:55 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll [2014-08-18 02:28:55 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe [2014-08-18 02:28:54 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll [2014-08-18 02:28:54 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll [2014-08-18 02:28:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe [2014-08-18 02:28:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe [2014-08-18 02:28:16 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll [2014-08-18 02:28:16 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe [2014-08-18 02:28:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll [2014-08-18 02:28:00 | 002,642,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2014-08-18 02:27:59 | 002,790,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2014-08-18 02:27:59 | 002,318,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2014-08-18 02:27:58 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll [2014-08-18 02:27:58 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll [2014-08-18 02:27:58 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe [2014-08-18 02:27:32 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2014-08-18 02:27:32 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll [2014-08-18 02:27:29 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2014-08-18 02:27:28 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2014-08-18 02:27:27 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll [2014-08-18 02:27:27 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2014-08-18 02:27:26 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2014-08-18 02:27:26 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2014-08-18 02:27:25 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll [2014-08-18 02:27:25 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll [2014-08-18 02:27:25 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll [2014-08-18 02:27:23 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll [2014-08-18 02:27:21 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll [2014-08-18 02:27:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll [2014-08-18 02:27:20 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll [2014-08-18 02:27:19 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll [2014-08-18 02:27:19 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll [2014-08-18 02:27:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll [2014-08-18 02:27:18 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe [2014-08-18 02:27:18 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe [2014-08-18 02:27:17 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll [2014-08-18 02:27:17 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe [2014-08-18 02:27:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll [2014-08-18 02:27:16 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2014-08-18 02:27:00 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe [2014-08-18 02:22:36 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll [2014-08-07 22:16:38 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2014-08-06 10:50:04 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-09-04 22:18:22 | 000,000,062 | ---- | M] () -- C:\Users\Bloondas\AppData\Roaming\sp_data.sys [2014-09-04 22:17:40 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-09-04 22:17:00 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2014-09-04 22:16:51 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2014-09-04 22:15:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2014-09-04 22:15:34 | 3338,403,840 | -HS- | M] () -- C:\hiberfil.sys [2014-09-04 22:11:14 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\Open Chrome.job [2014-09-04 10:55:44 | 000,050,976 | ---- | M] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys [2014-09-04 09:50:52 | 001,825,074 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2014-09-04 09:50:52 | 000,807,160 | ---- | M] () -- C:\WINDOWS\SysNative\perfh015.dat [2014-09-04 09:50:52 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2014-09-04 09:50:52 | 000,163,478 | ---- | M] () -- C:\WINDOWS\SysNative\perfc015.dat [2014-09-04 09:50:52 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2014-09-03 23:55:15 | 468,798,557 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2014-09-02 18:22:29 | 000,000,222 | ---- | M] () -- C:\Users\Bloondas\Desktop\Warface.url [2014-09-02 18:09:50 | 000,160,861 | ---- | M] () -- C:\Users\Bloondas\Desktop\Kask-enduro-6D-podczas-testów.jpg [2014-09-02 17:58:16 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2014-08-31 20:57:19 | 000,339,192 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2014-08-28 12:49:31 | 000,000,801 | ---- | M] () -- C:\Users\Bloondas\Desktop\Uruchom program The Elder Scrolls V Skyrim.lnk [2014-08-18 02:21:03 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll [2014-08-18 02:20:44 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe [2014-08-18 02:20:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll [2014-08-18 02:20:44 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll [2014-08-18 02:20:43 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe [2014-08-18 02:20:43 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll [2014-08-18 02:20:41 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe [2014-08-18 02:20:41 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2014-08-18 02:20:40 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2014-08-18 02:20:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2014-08-18 02:20:40 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2014-08-18 02:20:31 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll [2014-08-18 02:19:24 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll [2014-08-10 15:01:17 | 000,001,635 | ---- | M] () -- C:\Users\Bloondas\AppData\Local\recently-used.xbel [2014-08-07 13:52:20 | 000,003,584 | ---- | M] () -- C:\Users\Bloondas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-08-07 04:12:27 | 001,336,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2014-08-06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-04 10:56:22 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\Open Chrome.job [2014-09-03 23:49:04 | 468,798,557 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2014-09-02 18:22:29 | 000,000,222 | ---- | C] () -- C:\Users\Bloondas\Desktop\Warface.url [2014-09-02 18:09:48 | 000,160,861 | ---- | C] () -- C:\Users\Bloondas\Desktop\Kask-enduro-6D-podczas-testów.jpg [2014-09-02 17:58:16 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2014-08-28 12:49:31 | 000,000,801 | ---- | C] () -- C:\Users\Bloondas\Desktop\Uruchom program The Elder Scrolls V Skyrim.lnk [2014-08-18 02:27:16 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat [2014-08-10 15:01:17 | 000,001,635 | ---- | C] () -- C:\Users\Bloondas\AppData\Local\recently-used.xbel [2014-07-09 17:39:55 | 000,000,021 | ---- | C] () -- C:\Users\Bloondas\AppData\Roaming\my_intel.sys [2014-06-17 23:00:41 | 000,189,248 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2014-06-17 23:00:40 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2014-03-18 11:58:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2014-03-18 11:58:06 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2014-01-15 19:04:10 | 000,644,608 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll [2014-01-15 19:04:10 | 000,258,048 | ---- | C] () -- C:\WINDOWS\SysWow64\libFLAC.dll [2014-01-15 00:12:13 | 000,003,584 | ---- | C] () -- C:\Users\Bloondas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-01-12 00:57:35 | 000,000,062 | ---- | C] () -- C:\Users\Bloondas\AppData\Roaming\sp_data.sys [2013-08-22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2013-08-22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2013-08-22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013-08-22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2013-08-22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2013-08-22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2013-08-22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2013-05-01 13:15:31 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe [2013-05-01 13:15:31 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd [2013-05-01 13:15:31 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS [2013-04-24 05:36:10 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin [2013-04-24 05:36:09 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2013-04-24 05:36:08 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [2014-08-23 10:13:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-07-18 22:44:24 | 021,268,952 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-07-18 22:44:24 | 018,755,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 237 bytes -> C:\Users\Bloondas\OneDrive:ms-properties < End of report >

**Posty:** 4765 · przez **ordynat** 05 Wrz 2014, 07:46

Ależ ten AVG jest śmieciarski!

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
[2014-09-04 10:56:20 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\AVG SafeGuard toolbar
[2014-09-04 10:55:59 | 000,050,976 | ---- | C] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2014-09-04 10:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2014-09-04 10:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2014-09-04 10:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2014-09-04 10:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2014-09-04 10:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2014-09-04 09:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0814av
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O3:64bit: - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.786\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.786\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
[2014-09-04 10:56:15 | 000,000,000 | ---D | M] (AVG SafeGuard toolbar) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar
[2014-09-04 10:55:49 | 000,003,736 | ---- | M] () -- C:\Users\Bloondas\AppData\Roaming\mozilla\firefox\profiles\w2jn36hy.default\searchplugins\avg-secure-search.xml
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll File not found
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "https://mysearch.avg.com?cid={01840520-01F2-420D-8FE5-396372EB51CA}&mid=c003914400c247d29d2ff54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-04 10:56:00&v=18.1.9.786&pid=safeguard&sg=&sap=hp"
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={01840520-01F2-420D-8FE5-396372EB51CA}&mid=c003914400c247d29d2ff54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-04 10:56:00&v=18.1.9.786&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SRV - [2014-09-04 10:55:44 | 001,820,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9)
MOD - [2014-09-04 10:55:44 | 001,654,296 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.
.

**Posty:** 4 · przez **TuMichau** 05 Wrz 2014, 23:07

Usuwanie skryptem:

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== C:\Users\Bloondas\AppData\Local\AVG SafeGuard toolbar\Statistics folder moved successfully. C:\Users\Bloondas\AppData\Local\AVG SafeGuard toolbar\SiteSafety folder moved successfully. C:\Users\Bloondas\AppData\Local\AVG SafeGuard toolbar\DNT folder moved successfully. C:\Users\Bloondas\AppData\Local\AVG SafeGuard toolbar\Chrome\Default folder moved successfully. C:\Users\Bloondas\AppData\Local\AVG SafeGuard toolbar\Chrome folder moved successfully. C:\Users\Bloondas\AppData\Local\AVG SafeGuard toolbar folder moved successfully. C:\Windows\SysNative\drivers\avgtpx64.sys moved successfully. C:\ProgramData\AVG Secure Search\Logger folder moved successfully. C:\ProgramData\AVG Secure Search folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9 folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9 folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\ToolBandTlb\18.1.9 folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\ToolBandTlb folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9 folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.1.9 folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.1.9 folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\18.1.9 folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\18.1.9 folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller folder moved successfully. C:\Program Files (x86)\Common Files\AVG Secure Search folder moved successfully. C:\Program Files\AVG SafeGuard toolbar\18.1.9.799 folder moved successfully. C:\Program Files\AVG SafeGuard toolbar\18.1.9.786 folder moved successfully. C:\Program Files\AVG SafeGuard toolbar folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\UninstallRes folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\Licenses folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\IeDspHelperRes\Images folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\IeDspHelperRes folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\EnableHelperRes\Images folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\EnableHelperRes folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\DSPDlg_IE folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\ChromeRes\AVG Secure Search folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\ChromeRes\AVG SafeGuard toolbar folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\ChromeRes\AVG Nation toolbar folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\ChromeRes folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\ChromeGuardRes folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\Chrome\content\icons folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\Chrome\content folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\Chrome folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\BundleInstall folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799 folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.786 folder moved successfully. C:\Program Files (x86)\AVG SafeGuard toolbar folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FirefoxSaps\18.1.9.786 folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FirefoxSaps folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\skin folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\zh-tw folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\zh-cn folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\tr folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\th folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\sv folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\sr folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\sk folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\ru folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\ro folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\pt-br folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\pt folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\pl folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\nl folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\nb folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\ms folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\ko folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\ja folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\it folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\id folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\hu folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\hi folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\fr folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\fi folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\es-es folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\es folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\en folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\el folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\de folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\da folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\cs folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale\af folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules\locale folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\modules folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\locale\en-US folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\locale folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\components folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799\chrome folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\CrashReport folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.9.799 folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.9.786\Chrome\content\js folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.9.786\Chrome\content folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.9.786\Chrome folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.9.786 folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar\ChromeExt folder moved successfully. C:\ProgramData\AVG SafeGuard toolbar folder moved successfully. C:\ProgramData\Avg_Update_0814av folder moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully. File C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. File C:\Program Files\AVG SafeGuard toolbar\18.1.9.786\AVG SafeGuard toolbar_toolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. File C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.786\AVG SafeGuard toolbar_toolbar.dll not found. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\skin folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\zh-tw folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\zh-cn folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\tr folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\th folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\sv folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\sr folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\sk folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\ru folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\ro folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\pt-br folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\pt folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\pl folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\nl folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\nb folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\ms folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\ko folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\ja folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\it folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\id folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\hu folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\hi folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\fr folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\fi folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\es-es folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\es folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\en folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\el folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\de folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\da folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\cs folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale\af folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules\locale folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\modules folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\locale\en-US folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\locale folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\components folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar\chrome folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\avg@toolbar folder moved successfully. C:\Users\Bloondas\AppData\Roaming\mozilla\firefox\profiles\w2jn36hy.default\searchplugins\avg-secure-search.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ deleted successfully. Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename Prefs.js: "AVG Secure Search" removed from browser.search.selectedEngine Prefs.js: "https://mysearch.avg.com?cid={01840520-01F2-420D-8FE5-396372EB51CA}&mid=c003914400c247d29d2ff54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-04 10:56:00&v=18.1.9.786&pid=safeguard&sg=&sap=hp" removed from browser.startup.homepage Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Service vToolbarUpdater18.1.9 stopped successfully! Service vToolbarUpdater18.1.9 deleted successfully! File C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Bloondas ->Temp folder emptied: 1170234 bytes ->Temporary Internet Files folder emptied: 13903671 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 357288446 bytes ->Flash cache emptied: 492 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default.migrated User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 62702062 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 415,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 09052014_223503 Files\Folders moved on Reboot... C:\Users\Bloondas\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully. File\Folder C:\WINDOWS\temp\37.0.2062.103_36.0.1985.143_chrome_updater.exe4baa4ae not found! C:\WINDOWS\temp\chrome_installer.log moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...

Log z OTL:

Kod: Zaznacz wszystko: OTL logfile created on: 2014-09-05 22:42:00 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bloondas\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,89 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,49% Memory free 7,89 Gb Paging File | 6,18 Gb Available in Paging File | 78,38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 185,87 Gb Total Space | 119,85 Gb Free Space | 64,48% Space Free | Partition Type: NTFS Drive D: | 258,15 Gb Total Space | 83,79 Gb Free Space | 32,46% Space Free | Partition Type: NTFS Computer Name: BLONDASOWY | User Name: Bloondas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-09-04 00:20:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bloondas\Downloads\OTL_[www.programosy.pl].exe PRC - [2014-08-30 04:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe PRC - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe PRC - [2014-08-25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe PRC - [2014-04-30 20:28:45 | 002,199,840 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014-04-30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2013-05-01 13:16:10 | 003,187,360 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\APRP\APRP.EXE PRC - [2013-04-16 18:25:30 | 000,020,792 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe PRC - [2013-03-27 11:57:52 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2013-02-26 12:08:24 | 000,176,240 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe PRC - [2013-01-04 13:00:20 | 000,923,312 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\Asus\AsusVibe\AsusVibe2.0.exe PRC - [2012-11-28 18:56:40 | 000,054,488 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2012-10-26 15:35:44 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2012-10-17 20:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2012-10-05 16:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2012-09-18 13:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2012-09-14 14:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2012-08-31 20:27:20 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe PRC - [2012-08-22 10:24:28 | 001,559,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe PRC - [2012-07-17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-07-17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-06-27 13:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012-06-25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012-05-28 11:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe PRC - [2012-04-13 11:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe PRC - [2012-03-28 19:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2011-11-21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-08-30 04:49:41 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll MOD - [2014-08-30 04:49:38 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll MOD - [2014-08-30 04:49:33 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll MOD - [2014-08-30 04:49:31 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll MOD - [2014-08-30 04:49:30 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll MOD - [2014-07-20 15:07:07 | 000,592,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ShadowPlay\550d55751aedca16ec757813581b9f94\ShadowPlay.ni.dll MOD - [2014-07-20 15:07:07 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GridService\d5b5f7401b9cc1d169cf9e1319ae3158\GridService.ni.dll MOD - [2014-07-20 15:07:06 | 000,037,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NVIDIA.Settdff9733c#\ffa9c760e764574ef9b764524063eb2e\NVIDIA.Settings.Properties.ni.dll MOD - [2014-07-20 15:07:05 | 000,167,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NVIDIA.UpdateService\d5b4f6f93a9371cb218bffa3692fefa3\NVIDIA.UpdateService.ni.dll MOD - [2014-07-20 15:07:05 | 000,076,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GalaSoft.Mv954dba8c#\d3ab9a16a2ccafea94049a924d34153c\GalaSoft.MvvmLight.Extras.WPF4.ni.dll MOD - [2014-07-20 15:07:04 | 000,017,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NVIDIA.GFEx7f299113#\a2a9965c05e98e3770236af56e143c71\NVIDIA.GFExperience.Resources.Localization.ni.dll MOD - [2014-07-20 15:07:02 | 000,588,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GFExperienceControls\ab235f788c54220abb6dc68e6441dc39\GFExperienceControls.ni.dll MOD - [2014-07-20 15:06:55 | 005,760,512 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Reactive.Linq\31494d298634fc988355f81fc8b10e7f\System.Reactive.Linq.ni.dll MOD - [2014-07-20 15:06:47 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.P4d3ce419#\dfb12d395914f7812ef82fc42a2f0b32\Microsoft.Practices.ServiceLocation.ni.dll MOD - [2014-07-20 15:06:46 | 000,401,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Reactive.Core\336771611421c551356692ccea1f2df9\System.Reactive.Core.ni.dll MOD - [2014-07-20 15:06:46 | 000,024,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Reac207edc4d#\7ca03c9b75a4a05468accac67480ae20\System.Reactive.Interfaces.ni.dll MOD - [2014-07-20 15:06:45 | 000,495,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GFExperienceCore\1e7cf4647228a6ccafad1f58e0d83948\GFExperienceCore.ni.dll MOD - [2014-07-20 15:06:44 | 000,297,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NVIDIA.Win32Api\5c6658f96426e00abbe0fbaea2a4899d\NVIDIA.Win32Api.ni.dll MOD - [2014-07-20 15:06:40 | 000,219,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\5e015d37aa3fdc75648e9d00d44d13ac\System.ServiceProcess.ni.dll MOD - [2014-07-20 15:06:05 | 000,797,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\3e17b0be5e7a03853d44d996d366e88b\System.Runtime.Remoting.ni.dll MOD - [2014-07-20 15:06:03 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll MOD - [2014-07-20 15:05:41 | 000,770,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\8c8d4f3b7c40f3e087fbc00bed5b7bb3\log4net.ni.dll MOD - [2014-07-20 15:05:39 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll MOD - [2014-07-20 15:05:38 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll MOD - [2014-07-20 15:05:36 | 000,140,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NVIDIA.Settings\0633a89a53e99a8caee2c6fdb23b11f3\NVIDIA.Settings.ni.dll MOD - [2014-07-20 15:05:19 | 007,802,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll MOD - [2014-07-20 15:05:17 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll MOD - [2014-07-20 15:05:14 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll MOD - [2014-07-20 15:05:13 | 004,922,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GFExperience\24c15b0904fde2b22d5de2d77a00ef2a\GFExperience.ni.exe MOD - [2014-07-20 15:05:12 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll MOD - [2014-07-20 15:05:09 | 000,149,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GalaSoft.Mv2ad69d8b#\dab9ec483655adc2a166acddc57c81bb\GalaSoft.MvvmLight.WPF4.ni.dll MOD - [2014-07-20 15:05:08 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll MOD - [2014-07-20 14:17:04 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\c1194e56644c7688e7eb0f68a57dcc30\System.Core.ni.dll MOD - [2014-07-20 14:16:53 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll MOD - [2014-05-20 04:44:03 | 000,012,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2014-03-18 11:58:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014-08-18 02:20:44 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2014-07-18 22:44:24 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2014-04-30 20:28:23 | 021,007,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2014-03-18 11:58:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2014-03-18 11:58:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2014-03-18 11:58:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2014-03-18 11:58:15 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2014-03-18 11:58:15 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2014-03-18 11:58:14 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2013-08-22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2013-08-22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2013-08-22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2013-08-22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2013-08-22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2013-08-22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2013-08-22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2013-08-22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2013-08-22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2013-08-22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2013-08-22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2013-08-22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2013-08-22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2013-08-22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2013-08-22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2013-01-07 14:04:48 | 001,280,768 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:[b]64bit:[/b] - [2012-04-20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2014-08-28 13:48:02 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014-08-25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014-08-25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2014-07-18 22:44:24 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2014-06-06 06:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-04-30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2013-08-22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2013-08-22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2013-03-27 12:39:42 | 000,227,968 | ---- | M] (Qualcomm Atheros Commnucations) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2013-03-27 11:57:52 | 000,323,584 | R--- | M] (Atheros) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent) SRV - [2012-12-19 08:10:38 | 000,072,192 | ---- | M] () [On_Demand | Running] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service) SRV - [2012-12-14 00:14:24 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-10-05 16:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2012-09-13 05:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012-07-17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-07-17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-06-27 13:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012-06-25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012-04-24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2012-04-13 11:14:00 | 000,277,120 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2011-11-21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2010-10-12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-08-06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2014-07-21 21:03:12 | 000,244,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2014-07-18 22:55:08 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2014-07-18 22:52:41 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2014-07-18 22:52:40 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2014-07-18 22:50:21 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2014-07-18 22:45:22 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2014-07-18 22:44:23 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2014-06-30 12:43:18 | 000,270,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa) DRV:[b]64bit:[/b] - [2014-06-30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:[b]64bit:[/b] - [2014-06-17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2014-06-17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2014-06-17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2014-06-17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2014-05-20 04:44:03 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2014-04-30 20:28:22 | 000,018,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV:[b]64bit:[/b] - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:[b]64bit:[/b] - [2014-03-18 11:58:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS) DRV:[b]64bit:[/b] - [2014-03-18 11:58:16 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2014-03-18 11:58:16 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2014-03-18 11:58:05 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2014-03-18 11:58:04 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2014-03-18 11:40:43 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2014-03-18 11:40:40 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2014-01-28 15:32:18 | 000,593,000 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2013-09-04 15:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2013-08-22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2013-08-22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2013-08-22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2013-08-22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2013-08-22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2013-08-22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2013-08-22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2013-08-22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2013-08-22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2013-08-22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2013-08-22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2013-08-22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2013-08-22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2013-08-22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2013-08-22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2013-08-22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2013-08-22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2013-08-22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2013-08-22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2013-08-22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2013-08-22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2013-08-22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2013-08-22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2013-08-22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2013-08-22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2013-08-22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2013-08-22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2013-08-22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2013-08-22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2013-08-13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2013-08-10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2013-07-30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2013-07-25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2013-06-18 16:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168) DRV:[b]64bit:[/b] - [2013-06-18 16:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2013-04-16 18:25:46 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:52 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2013-03-27 12:18:50 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2013-03-27 12:18:48 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2013-01-09 04:26:24 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2012-12-14 00:14:20 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-10-08 11:47:42 | 000,298,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR) DRV:[b]64bit:[/b] - [2012-09-18 13:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:[b]64bit:[/b] - [2012-09-14 07:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2012-08-02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2012-07-02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-05-31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch) DRV - [2011-09-07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009-07-02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 FF - prefs.js..keyword.URL: "" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-01-12 01:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Extensions [2014-09-05 22:35:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions [2014-01-15 19:03:40 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Bloondas\AppData\Roaming\mozilla\Firefox\Profiles\w2jn36hy.default\extensions\IplextoALL@ALLPlayer.org [2014-07-17 14:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014-07-17 14:44:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: https://mysearch.avg.com?cid={01840520-01F2-420D-8FE5-396372EB51CA}&mid=c003914400c247d29d2ff54322c3ce01-8a4d3776101d1ba48e1a417caccf015fe813f561&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-04 10:56:00&v=18.1.9.786&pid=safeguard&sg=&sap=hp CHR - plugin: Error reading preferences file CHR - Extension: Google Wallet = C:\Users\Bloondas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2013-08-22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKCU..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLPlayer Group Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5666ED73-4C17-4624-9EBC-D3A27258B5C0}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B7972E1-0E1C-45F7-8B02-04E580267318}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll File not found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014-04-10 11:02:29 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{040a6738-0eb6-11e4-824f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{040a6738-0eb6-11e4-824f-806e6f6e6963}\Shell\AutoRun\command - "" = "E:\AUTORUN.EXE" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-09-04 09:35:28 | 000,000,000 | ---D | C] -- C:\_OTL [2014-09-03 23:49:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2014-09-03 23:25:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2014-09-03 22:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\GFACE [2014-09-03 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\wf-launcher [2014-09-03 10:29:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014-09-02 18:37:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\directx [2014-09-02 18:22:29 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2014-09-02 17:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2014-09-02 17:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2014-09-02 17:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2014-08-30 21:06:48 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\ElevatedDiagnostics [2014-08-30 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Games [2014-08-30 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ALI213 [2014-08-28 13:10:13 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\ALI213 [2014-08-28 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\AppData\Local\Skyrim [2014-08-28 12:56:50 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\My Games [2014-08-28 04:40:29 | 001,336,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2014-08-24 00:06:59 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Documents\Battlefield 3 [2014-08-23 11:17:46 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\telpli [2014-08-23 10:15:44 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2014-08-21 21:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014-08-21 21:29:33 | 000,704,480 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2014-08-21 21:29:33 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2014-08-19 00:25:29 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\Szukamy nowego pierdopedu [2014-08-18 21:45:33 | 000,000,000 | ---D | C] -- C:\Users\Bloondas\Desktop\wakacje [2014-08-18 02:36:33 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl [2014-08-18 02:36:32 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2014-08-18 02:36:29 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl [2014-08-18 02:36:25 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll [2014-08-18 02:36:24 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll [2014-08-18 02:36:23 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll [2014-08-18 02:36:22 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2014-08-18 02:36:22 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll [2014-08-18 02:36:22 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll [2014-08-18 02:36:21 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll [2014-08-18 02:36:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll [2014-08-18 02:36:16 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2014-08-18 02:35:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2014-08-18 02:35:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll [2014-08-18 02:35:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll [2014-08-18 02:35:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll [2014-08-18 02:35:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll [2014-08-18 02:35:49 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll [2014-08-18 02:30:41 | 001,273,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll [2014-08-18 02:30:40 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll [2014-08-18 02:30:40 | 000,517,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll [2014-08-18 02:28:55 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll [2014-08-18 02:28:55 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe [2014-08-18 02:28:54 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll [2014-08-18 02:28:54 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll [2014-08-18 02:28:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe [2014-08-18 02:28:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe [2014-08-18 02:28:16 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll [2014-08-18 02:28:16 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe [2014-08-18 02:28:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll [2014-08-18 02:28:00 | 002,642,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2014-08-18 02:27:59 | 002,790,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2014-08-18 02:27:59 | 002,318,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2014-08-18 02:27:58 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll [2014-08-18 02:27:58 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll [2014-08-18 02:27:58 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe [2014-08-18 02:27:32 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2014-08-18 02:27:32 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll [2014-08-18 02:27:29 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2014-08-18 02:27:28 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2014-08-18 02:27:27 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll [2014-08-18 02:27:27 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2014-08-18 02:27:26 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2014-08-18 02:27:26 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2014-08-18 02:27:25 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll [2014-08-18 02:27:25 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll [2014-08-18 02:27:25 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll [2014-08-18 02:27:23 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll [2014-08-18 02:27:21 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll [2014-08-18 02:27:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll [2014-08-18 02:27:20 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll [2014-08-18 02:27:19 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll [2014-08-18 02:27:19 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll [2014-08-18 02:27:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll [2014-08-18 02:27:18 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe [2014-08-18 02:27:18 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe [2014-08-18 02:27:17 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll [2014-08-18 02:27:17 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe [2014-08-18 02:27:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll [2014-08-18 02:27:16 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2014-08-18 02:27:00 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe [2014-08-18 02:22:36 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll [2014-08-07 22:16:38 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-09-05 22:40:59 | 000,000,062 | ---- | M] () -- C:\Users\Bloondas\AppData\Roaming\sp_data.sys [2014-09-05 22:39:52 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-09-05 22:38:56 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2014-09-05 22:37:51 | 3338,403,840 | -HS- | M] () -- C:\hiberfil.sys [2014-09-05 22:37:51 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2014-09-05 22:17:00 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2014-09-04 23:12:26 | 000,053,423 | ---- | M] () -- C:\Users\Bloondas\Desktop\10681583_784716948233804_444213496_n.jpg [2014-09-04 22:42:09 | 000,012,360 | ---- | M] () -- C:\Users\Bloondas\Desktop\pobrane.jpg [2014-09-04 22:11:14 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\Open Chrome.job [2014-09-04 09:50:52 | 001,825,074 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2014-09-04 09:50:52 | 000,807,160 | ---- | M] () -- C:\WINDOWS\SysNative\perfh015.dat [2014-09-04 09:50:52 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2014-09-04 09:50:52 | 000,163,478 | ---- | M] () -- C:\WINDOWS\SysNative\perfc015.dat [2014-09-04 09:50:52 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2014-09-03 23:55:15 | 468,798,557 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2014-09-02 18:22:29 | 000,000,222 | ---- | M] () -- C:\Users\Bloondas\Desktop\Warface.url [2014-09-02 18:09:50 | 000,160,861 | ---- | M] () -- C:\Users\Bloondas\Desktop\Kask-enduro-6D-podczas-testów.jpg [2014-09-02 17:58:16 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2014-08-31 20:57:19 | 000,339,192 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2014-08-28 12:49:31 | 000,000,801 | ---- | M] () -- C:\Users\Bloondas\Desktop\Uruchom program The Elder Scrolls V Skyrim.lnk [2014-08-18 02:21:03 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll [2014-08-18 02:20:44 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe [2014-08-18 02:20:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll [2014-08-18 02:20:44 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll [2014-08-18 02:20:43 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe [2014-08-18 02:20:43 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll [2014-08-18 02:20:41 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe [2014-08-18 02:20:41 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2014-08-18 02:20:40 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2014-08-18 02:20:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2014-08-18 02:20:40 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2014-08-18 02:20:31 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll [2014-08-18 02:19:24 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll [2014-08-10 15:01:17 | 000,001,635 | ---- | M] () -- C:\Users\Bloondas\AppData\Local\recently-used.xbel [2014-08-07 13:52:20 | 000,003,584 | ---- | M] () -- C:\Users\Bloondas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-08-07 04:12:27 | 001,336,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-09-04 23:12:25 | 000,053,423 | ---- | C] () -- C:\Users\Bloondas\Desktop\10681583_784716948233804_444213496_n.jpg [2014-09-04 22:42:13 | 000,012,360 | ---- | C] () -- C:\Users\Bloondas\Desktop\pobrane.jpg [2014-09-04 10:56:22 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\Open Chrome.job [2014-09-03 23:49:04 | 468,798,557 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2014-09-02 18:22:29 | 000,000,222 | ---- | C] () -- C:\Users\Bloondas\Desktop\Warface.url [2014-09-02 18:09:48 | 000,160,861 | ---- | C] () -- C:\Users\Bloondas\Desktop\Kask-enduro-6D-podczas-testów.jpg [2014-09-02 17:58:16 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2014-08-28 12:49:31 | 000,000,801 | ---- | C] () -- C:\Users\Bloondas\Desktop\Uruchom program The Elder Scrolls V Skyrim.lnk [2014-08-18 02:27:16 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat [2014-08-10 15:01:17 | 000,001,635 | ---- | C] () -- C:\Users\Bloondas\AppData\Local\recently-used.xbel [2014-07-09 17:39:55 | 000,000,021 | ---- | C] () -- C:\Users\Bloondas\AppData\Roaming\my_intel.sys [2014-06-17 23:00:41 | 000,189,248 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2014-06-17 23:00:40 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2014-03-18 11:58:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2014-03-18 11:58:06 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2014-01-15 19:04:10 | 000,644,608 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll [2014-01-15 19:04:10 | 000,258,048 | ---- | C] () -- C:\WINDOWS\SysWow64\libFLAC.dll [2014-01-15 00:12:13 | 000,003,584 | ---- | C] () -- C:\Users\Bloondas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-01-12 00:57:35 | 000,000,062 | ---- | C] () -- C:\Users\Bloondas\AppData\Roaming\sp_data.sys [2013-08-22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2013-08-22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2013-08-22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013-08-22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2013-08-22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2013-08-22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2013-08-22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2013-05-01 13:15:31 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe [2013-05-01 13:15:31 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd [2013-05-01 13:15:31 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS [2013-04-24 05:36:10 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin [2013-04-24 05:36:09 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2013-04-24 05:36:08 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [2014-08-23 10:13:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-07-18 22:44:24 | 021,268,952 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-07-18 22:44:24 | 018,755,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 237 bytes -> C:\Users\Bloondas\OneDrive:ms-properties < End of report >

**Posty:** 4765 · przez **ordynat** 06 Wrz 2014, 01:39

W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.

Kto jest na forum