OTL logfile created on: 2015-05-12 20:44:13 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Czarek1\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17728) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 5,88 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 42,70% Memory free 7,26 Gb Paging File | 2,71 Gb Available in Paging File | 37,30% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 922,32 Gb Total Space | 809,61 Gb Free Space | 87,78% Space Free | Partition Type: NTFS Drive D: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 496,00 Mb Total Space | 470,39 Mb Free Space | 94,84% Space Free | Partition Type: FAT32 Drive X: | 490,00 Mb Total Space | 198,27 Mb Free Space | 40,46% Space Free | Partition Type: NTFS Drive Y: | 8,06 Gb Total Space | 0,74 Gb Free Space | 9,14% Space Free | Partition Type: NTFS Computer Name: CZAREK | User Name: Czarek1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2015-05-12 20:43:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Czarek1\Desktop\OTL.exe PRC - [2015-05-12 20:36:37 | 000,128,248 | ---- | M] () -- C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840\maintainer.exe PRC - [2015-05-06 05:28:11 | 000,368,000 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe PRC - [2015-05-06 05:23:27 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe PRC - [2015-05-06 05:23:20 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe PRC - [2015-04-28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2015-04-10 14:29:26 | 000,455,392 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe PRC - [2015-04-09 08:38:26 | 000,145,288 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe PRC - [2015-02-11 12:36:38 | 000,211,320 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Update\DellUpService.exe PRC - [2015-02-11 12:35:56 | 000,703,352 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Update\DellUpTray.exe PRC - [2014-10-29 04:05:57 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2014-09-18 22:02:14 | 001,924,328 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe PRC - [2014-07-11 02:39:16 | 000,511,872 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2014-07-03 04:56:10 | 000,493,288 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe PRC - [2014-07-03 04:54:34 | 004,167,912 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe PRC - [2014-06-23 09:07:06 | 000,113,376 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2013-10-28 04:02:24 | 000,238,160 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2013-08-28 12:02:58 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2013-08-28 12:02:56 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2013-08-14 04:02:36 | 000,650,320 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2013-08-07 15:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2013-08-07 15:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2013-07-26 20:21:17 | 000,459,008 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe PRC - [2013-07-26 20:21:17 | 000,446,208 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe PRC - [2013-03-05 05:43:20 | 000,110,144 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe PRC - [2012-01-25 16:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE PRC - [2010-09-03 14:52:48 | 000,606,208 | ---- | M] () -- C:\Program Files (x86)\ScreenShooter\screenshooter.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2015-05-06 05:23:42 | 000,065,696 | ---- | M] () -- C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll MOD - [2015-05-06 05:23:27 | 000,185,672 | ---- | M] () -- C:\Program Files (x86)\Elex-tech\YAC\libpng.dll MOD - [2015-04-28 04:07:35 | 014,980,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll MOD - [2015-04-28 04:07:34 | 001,252,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll MOD - [2015-04-28 04:07:33 | 000,080,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll MOD - [2015-04-22 21:19:29 | 001,070,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\17bb10cd98118ee165ce157783564f08\System.ServiceModel.Web.ni.dll MOD - [2015-04-22 21:19:18 | 002,964,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\0e0450c235977889390e797515100aef\System.IdentityModel.ni.dll MOD - [2015-04-22 20:40:05 | 019,567,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\08b29225857fb242da639851aaca037c\System.ServiceModel.ni.dll MOD - [2015-02-14 13:09:29 | 000,392,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\9b0c1539963f393f6641949a67757b8f\System.Xml.Linq.ni.dll MOD - [2015-02-14 13:09:28 | 007,785,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll MOD - [2015-02-14 13:09:23 | 001,874,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6281ab590224520bad7c4f5b3ef37575\System.Xaml.ni.dll MOD - [2015-02-14 13:09:21 | 012,856,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\70c6bf4a51d18b4a9a1805cd48d1caad\System.Windows.Forms.ni.dll MOD - [2015-02-14 13:09:07 | 000,653,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\3d3a4214a03b9bbf74c5adfa9d3bb207\System.Transactions.ni.dll MOD - [2015-02-14 13:09:06 | 000,219,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\2938a07c482f15730b58d0fddbf869d1\System.ServiceProcess.ni.dll MOD - [2015-02-14 13:08:12 | 002,803,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll MOD - [2015-02-14 13:08:07 | 000,522,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\f13998cc28c6bb3c3138398e19c0d631\System.Net.Http.ni.dll MOD - [2015-02-14 13:08:05 | 001,169,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\8843bc51abc35b8247ffb506ef61d954\System.Management.ni.dll MOD - [2015-02-14 13:08:04 | 001,635,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8efdc7a3726640f79d9333da88accaf8\System.Drawing.ni.dll MOD - [2015-02-14 13:07:52 | 000,968,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\00fc7d14bbb38db00e4103912c041adf\System.Configuration.ni.dll MOD - [2015-02-14 13:07:50 | 000,463,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\eb62bc6e97d1d2aafbf3a101d7f029e1\PresentationFramework.Aero2.ni.dll MOD - [2015-02-14 13:07:48 | 018,744,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\377e9afc870e7d53922fbcfd6023b2f7\PresentationFramework.ni.dll MOD - [2015-02-14 13:07:30 | 011,027,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1799dc618cfa61adb75b82311884c3d\PresentationCore.ni.dll MOD - [2015-02-14 13:07:21 | 003,957,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b8e2e79f70d09551560548cda72e2c51\WindowsBase.ni.dll MOD - [2015-01-28 01:10:12 | 006,951,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\483443985708dc5439abe7fd6350abe4\System.Core.ni.dll MOD - [2015-01-28 01:09:57 | 010,030,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll MOD - [2015-01-14 20:28:51 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\3be4139a741b447ab35a2c788a2f4559\UIAutomationTypes.ni.dll MOD - [2014-12-04 15:18:54 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll MOD - [2014-11-21 13:31:54 | 000,663,040 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll MOD - [2014-10-19 01:18:43 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7159bb28e23de8ed898a2acb1dbfef6c\System.ServiceModel.Internals.ni.dll MOD - [2014-10-19 01:18:42 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1c09d6db83322a23a1744d75c4836f85\SMDiagnostics.ni.dll MOD - [2014-07-31 00:37:26 | 001,906,464 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll MOD - [2014-06-23 09:07:06 | 000,113,376 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2014-01-27 13:52:41 | 017,395,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll MOD - [2014-01-03 13:03:40 | 001,425,920 | ---- | M] () -- C:\Program Files (x86)\SplitmediaLabs\XSplit\avformat-54.dll MOD - [2014-01-03 13:03:40 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\SplitmediaLabs\XSplit\avutil-52.dll MOD - [2014-01-03 13:03:40 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\SplitmediaLabs\XSplit\swresample-0.dll MOD - [2014-01-03 13:03:18 | 007,816,192 | ---- | M] () -- C:\Program Files (x86)\SplitmediaLabs\XSplit\avcodec-54.dll MOD - [2014-01-03 13:03:18 | 000,336,896 | ---- | M] () -- C:\Program Files (x86)\SplitmediaLabs\XSplit\swscale-2.dll MOD - [2013-07-26 20:21:17 | 000,459,008 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe MOD - [2013-07-26 20:21:17 | 000,446,208 | ---- | M] () -- C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe MOD - [2013-05-20 12:58:08 | 000,620,718 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll MOD - [2013-03-05 12:41:36 | 000,015,424 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll MOD - [2013-03-05 05:40:16 | 000,626,240 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll MOD - [2012-11-26 06:19:28 | 000,117,608 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll MOD - [2012-11-25 23:19:20 | 001,153,384 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll MOD - [2012-04-30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2011-07-07 15:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll MOD - [2010-09-03 14:52:48 | 000,606,208 | ---- | M] () -- C:\Program Files (x86)\ScreenShooter\screenshooter.exe MOD - [2010-09-03 14:50:48 | 002,537,472 | ---- | M] () -- C:\Program Files (x86)\ScreenShooter\QtCore4.dll MOD - [2010-08-31 15:36:06 | 000,287,232 | ---- | M] () -- C:\Program Files (x86)\ScreenShooter\imageformats\qjpeg4.dll MOD - [2010-08-31 11:49:22 | 009,812,992 | ---- | M] () -- C:\Program Files (x86)\ScreenShooter\QtGui4.dll MOD - [2010-08-31 11:15:32 | 001,140,224 | ---- | M] () -- C:\Program Files (x86)\ScreenShooter\QtNetwork4.dll MOD - [2010-01-11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll MOD - [2009-06-22 20:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\ScreenShooter\libgcc_s_dw2-1.dll MOD - [2009-01-10 12:32:40 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\ScreenShooter\mingwm10.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2015-04-22 05:06:20 | 002,719,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc) SRV:[b]64bit:[/b] - [2015-02-27 15:11:10 | 000,601,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS) SRV:[b]64bit:[/b] - [2015-02-27 12:40:32 | 000,562,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\msc\McAPExe.exe -- (McAPExe) SRV:[b]64bit:[/b] - [2015-02-26 18:02:31 | 000,201,936 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe -- (DellDataVaultWiz) SRV:[b]64bit:[/b] - [2015-02-26 18:02:04 | 002,557,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DellDataVault.exe -- (DellDataVault) SRV:[b]64bit:[/b] - [2015-02-21 01:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2015-02-04 01:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:[b]64bit:[/b] - [2015-02-04 01:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2015-01-22 13:10:44 | 000,422,632 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\CSP\1.3.374.0\McCSPServiceHost.exe -- (mccspsvc) SRV:[b]64bit:[/b] - [2014-12-06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2014-11-06 07:34:38 | 001,050,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe -- (mfecore) SRV:[b]64bit:[/b] - [2014-10-31 21:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McProxy) SRV:[b]64bit:[/b] - [2014-10-31 21:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (mcpltsvc) SRV:[b]64bit:[/b] - [2014-10-31 21:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McOobeSv2) SRV:[b]64bit:[/b] - [2014-10-31 21:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:[b]64bit:[/b] - [2014-10-31 21:10:34 | 000,335,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc) SRV:[b]64bit:[/b] - [2014-10-31 06:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014-10-29 05:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2014-10-29 05:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2014-10-29 04:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2014-10-29 04:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2014-10-29 04:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2014-10-29 04:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2014-10-29 04:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2014-10-29 03:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:[b]64bit:[/b] - [2014-10-29 03:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2014-10-29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2014-10-29 03:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2014-10-29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2014-10-29 03:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2014-10-29 03:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2014-10-29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2014-10-29 03:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2014-10-29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2014-10-29 03:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2014-10-29 03:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2014-10-29 03:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2014-10-29 03:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2014-10-29 03:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2014-10-29 03:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2014-10-29 03:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2014-10-29 03:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2014-10-29 02:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2014-10-29 02:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2014-10-29 02:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2014-10-29 02:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2014-10-01 13:18:08 | 000,189,920 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:[b]64bit:[/b] - [2014-10-01 13:15:18 | 000,221,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:[b]64bit:[/b] - [2013-08-20 11:09:22 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2013-08-07 15:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV:[b]64bit:[/b] - [2013-07-24 19:21:46 | 000,334,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe -- (McAWFwk) SRV:[b]64bit:[/b] - [2013-06-19 05:18:38 | 000,246,488 | ---- | M] (Realtek Semiconductor) [On_Demand | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService) SRV:[b]64bit:[/b] - [2013-05-11 18:45:54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2013-05-11 18:45:38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2009-11-18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [On_Demand | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV - [2015-05-12 20:36:37 | 000,128,248 | ---- | M] () [Auto | Running] -- C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840\maintainer.exe -- (MaintainerSvc1.92.5302915) SRV - [2015-05-06 05:23:27 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) [Auto | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe -- (iSafeService) SRV - [2015-04-17 11:07:38 | 000,154,856 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2015-04-09 08:38:26 | 000,145,288 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe -- (Dell Customer Connect) SRV - [2015-03-04 19:07:32 | 000,019,288 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -- (SupportAssistAgent) SRV - [2015-02-11 12:36:38 | 000,211,320 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Update\DellUpService.exe -- (DellUpdate) SRV - [2014-10-29 05:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2014-10-29 03:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2014-10-29 03:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2014-10-29 02:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2014-09-18 22:02:14 | 001,924,328 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService) SRV - [2014-07-16 04:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013-10-30 00:15:36 | 000,317,568 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2013-10-28 04:02:26 | 000,351,824 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2013-10-05 09:32:26 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2013-08-28 12:02:58 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2013-08-28 12:02:56 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2013-08-14 04:02:36 | 000,650,320 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2013-02-04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012-01-25 16:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE -- (BBUpdate) SRV - [2012-01-25 16:23:54 | 000,192,792 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE -- (BBSvc) SRV - [2011-08-18 02:29:52 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2015-05-06 05:27:33 | 000,053,568 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys -- (iSafeKrnlBoot) DRV:[b]64bit:[/b] - [2015-04-17 04:43:55 | 000,052,392 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys -- (iSafeNetFilter) DRV:[b]64bit:[/b] - [2015-03-04 12:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2015-02-26 18:00:46 | 000,023,760 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DDDriver64Dcsa.sys -- (DDDriver) DRV:[b]64bit:[/b] - [2015-02-26 18:00:46 | 000,023,312 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellProf.sys -- (DellProf) DRV:[b]64bit:[/b] - [2015-02-04 01:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2015-02-04 01:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2015-02-04 01:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2014-12-12 02:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2014-10-29 05:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2014-10-29 05:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2014-10-29 05:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2014-10-29 05:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2014-10-29 04:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2014-10-29 04:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2014-10-29 04:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:[b]64bit:[/b] - [2014-10-29 04:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2014-10-29 04:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2014-10-29 04:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2014-10-25 14:59:10 | 000,030,424 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsomc.sys -- (ggsomc) DRV:[b]64bit:[/b] - [2014-10-25 14:59:10 | 000,016,088 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2014-10-15 10:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS) DRV:[b]64bit:[/b] - [2014-10-13 04:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2014-10-13 04:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2014-10-13 04:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2014-10-08 11:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2014-10-07 08:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2014-10-07 08:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2014-10-07 08:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2014-10-01 13:20:58 | 000,072,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:[b]64bit:[/b] - [2014-10-01 13:18:18 | 000,348,560 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:[b]64bit:[/b] - [2014-10-01 13:16:28 | 000,786,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:[b]64bit:[/b] - [2014-10-01 13:15:28 | 000,526,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:[b]64bit:[/b] - [2014-10-01 13:14:48 | 000,313,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:[b]64bit:[/b] - [2014-10-01 13:14:26 | 000,181,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk) DRV:[b]64bit:[/b] - [2014-10-01 12:16:10 | 000,070,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk) DRV:[b]64bit:[/b] - [2014-09-19 03:44:18 | 000,096,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk) DRV:[b]64bit:[/b] - [2014-09-19 03:43:24 | 000,447,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc) DRV:[b]64bit:[/b] - [2014-08-15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2014-03-13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2014-03-01 13:40:49 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2014-03-01 13:40:38 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2014-03-01 13:40:11 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2014-02-22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2014-02-22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2014-01-22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2014-01-22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2013-12-04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2013-11-01 23:40:22 | 000,330,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR) DRV:[b]64bit:[/b] - [2013-10-29 23:50:14 | 000,596,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2013-10-29 23:50:14 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2013-10-29 23:50:14 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2013-10-29 23:50:14 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2013-10-29 23:50:14 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2013-10-29 23:50:14 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2013-10-29 23:50:12 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2013-10-29 23:50:12 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2013-10-18 05:46:02 | 003,858,944 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr) DRV:[b]64bit:[/b] - [2013-10-01 20:25:24 | 000,449,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2013-10-01 20:16:26 | 004,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2013-09-26 11:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:[b]64bit:[/b] - [2013-09-26 11:08:22 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:[b]64bit:[/b] - [2013-09-06 10:17:36 | 000,531,184 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2013-09-06 10:17:36 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:[b]64bit:[/b] - [2013-09-06 10:17:34 | 000,030,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv) DRV:[b]64bit:[/b] - [2013-08-28 12:02:56 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2013-08-23 01:14:13 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2013-08-22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2013-08-22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2013-08-22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2013-08-22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2013-08-22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2013-08-22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2013-08-22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2013-08-22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2013-08-22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2013-08-22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2013-08-22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2013-08-22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2013-08-22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2013-08-22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2013-08-22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2013-08-22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2013-08-22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2013-08-22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2013-08-22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2013-08-22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2013-08-22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2013-08-22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2013-08-22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2013-08-22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2013-08-22 13:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2013-08-22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2013-08-22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2013-08-22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2013-08-22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2013-08-22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2013-08-22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2013-08-20 12:06:16 | 012,521,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2013-08-20 10:42:28 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2013-08-13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2013-08-10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2013-08-02 19:40:04 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2013-07-30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2013-07-25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2013-06-29 11:17:56 | 000,246,272 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV:[b]64bit:[/b] - [2013-06-22 03:35:14 | 000,816,344 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168) DRV:[b]64bit:[/b] - [2013-05-22 14:38:50 | 000,036,096 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd) DRV:[b]64bit:[/b] - [2013-03-05 13:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV:[b]64bit:[/b] - [2013-03-04 10:32:48 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV:[b]64bit:[/b] - [2013-03-04 10:32:48 | 000,091,648 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2013-03-04 10:32:48 | 000,030,720 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV:[b]64bit:[/b] - [2013-01-25 04:12:08 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn) DRV:[b]64bit:[/b] - [2013-01-25 03:16:40 | 000,109,568 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2012-12-22 03:46:11 | 000,014,976 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2012-05-12 12:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV:[b]64bit:[/b] - [2011-12-07 19:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV - [2015-05-06 05:27:33 | 000,260,344 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys -- (iSafeKrnl) DRV - [2015-05-06 05:27:33 | 000,108,616 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys -- (iSafeKrnlKit) DRV - [2015-05-06 05:27:33 | 000,050,944 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys -- (iSafeKrnlMon) DRV - [2015-05-06 05:27:25 | 000,102,416 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System | Running] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys -- (iSafeKrnlR3) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{DC9D3E30-24E8-4FAB-93F9-DA6F74D81952}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{DC9D3E30-24E8-4FAB-93F9-DA6F74D81952}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR [2015-05-12 10:26:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2015-05-12 10:26:07 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Czarek1\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\internal-nacl-plugin CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java Deployment Toolkit 7.0.650.20 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll CHR - plugin: Java(TM) Platform SE 7 U65 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll CHR - Extension: No name found = C:\Users\Czarek1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.12_0\ CHR - Extension: No name found = C:\Users\Czarek1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\0.1_0\ CHR - Extension: No name found = C:\Users\Czarek1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\ O1 HOSTS File: ([2013-08-22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {c723a437-2eaf-466d-a95b-3fa0966bf88c} - No CLSID value found. O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKCU..\Run: [GG] C:\Users\Czarek1\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) O4 - HKCU..\Run: [GoogleChromeAutoLaunch_17145E6DE8E3A1C8A0A53C3C2F64315E] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKCU..\Run: [screenshooter] C:\Program Files (x86)\ScreenShooter\screenshooter.exe () O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Atheros Communications) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BC4E83A-A0CA-42F1-8338-7162BF586FEE}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1CA7D6B-A0B2-4980-ABE9-4EB3C9665DD9}: NameServer = 89.108.202.20 89.108.195.20 O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2015-01-23 11:33:02 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2013-08-16 08:37:15 | 003,893,056 | R--- | M] (Electronic Arts, Inc.) - D:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2013-08-31 15:31:23 | 000,000,000 | R--D | M] - D:\Autorun -- [ UDF ] O32 - AutoRun File - [2013-08-14 10:28:14 | 000,048,240 | R--- | M] () - D:\Autorun.ico -- [ UDF ] O32 - AutoRun File - [2013-08-31 15:31:21 | 000,000,096 | R--- | M] () - D:\autorun.inf -- [ UDF ] O33 - MountPoints2\{035aea16-6acf-11e4-8271-645a0428a694}\Shell - "" = AutoRun O33 - MountPoints2\{035aea16-6acf-11e4-8271-645a0428a694}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O33 - MountPoints2\{2fc877d6-f04d-11e4-82a3-645a0428a694}\Shell - "" = AutoRun O33 - MountPoints2\{2fc877d6-f04d-11e4-82a3-645a0428a694}\Shell\AutoRun\command - "" = "F:\LG_PC_Programs.exe" O33 - MountPoints2\{449b82c1-a0ec-11e3-824b-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{449b82c1-a0ec-11e3-824b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2013-08-16 08:37:15 | 003,893,056 | R--- | M] (Electronic Arts, Inc.) O33 - MountPoints2\{491bed8e-0e65-11e4-825a-364b50b7ef2d}\Shell - "" = AutoRun O33 - MountPoints2\{491bed8e-0e65-11e4-825a-364b50b7ef2d}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O33 - MountPoints2\{491bee0d-0e65-11e4-825a-364b50b7ef2d}\Shell - "" = AutoRun O33 - MountPoints2\{491bee0d-0e65-11e4-825a-364b50b7ef2d}\Shell\AutoRun\command - "" = "E:\AutoRun.exe" O33 - MountPoints2\{4d724700-0809-11e4-8252-645a0428a694}\Shell - "" = AutoRun O33 - MountPoints2\{4d724700-0809-11e4-8252-645a0428a694}\Shell\AutoRun\command - "" = "E:\AutoRun.exe" O33 - MountPoints2\{5712a28d-724b-11e4-8273-364b50b7ef2d}\Shell - "" = AutoRun O33 - MountPoints2\{5712a28d-724b-11e4-8273-364b50b7ef2d}\Shell\AutoRun\command - "" = "G:\AutoRun.exe" O33 - MountPoints2\{be577e2a-9d4c-11e4-8286-645a0428a694}\Shell - "" = AutoRun O33 - MountPoints2\{be577e2a-9d4c-11e4-8286-645a0428a694}\Shell\AutoRun\command - "" = "F:\LGAutoRun.exe" O33 - MountPoints2\{cf22374f-1047-11e4-825a-364b50b7ef2d}\Shell - "" = AutoRun O33 - MountPoints2\{cf22374f-1047-11e4-825a-364b50b7ef2d}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O33 - MountPoints2\{d7153097-c279-11e4-8298-645a0428a694}\Shell - "" = AutoRun O33 - MountPoints2\{d7153097-c279-11e4-8298-645a0428a694}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O33 - MountPoints2\{e34bb90f-51fa-11e4-8269-645a0428a694}\Shell - "" = AutoRun O33 - MountPoints2\{e34bb90f-51fa-11e4-8269-645a0428a694}\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\AutoRun.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015-05-12 20:43:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Czarek1\Desktop\OTL.exe [2015-05-12 20:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2015-05-12 13:02:51 | 000,053,568 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys [2015-05-12 13:02:51 | 000,052,392 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys [2015-05-12 13:02:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log [2015-05-12 13:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC [2015-05-12 13:02:38 | 000,000,000 | ---D | C] -- C:\Users\Czarek1\AppData\Roaming\Elex-tech [2015-05-12 13:02:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elex-tech [2015-05-12 13:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2015-05-12 13:01:59 | 000,000,000 | ---D | C] -- C:\Users\Czarek1\AppData\Roaming\eCyber [2015-05-12 12:53:35 | 000,000,000 | R--D | C] -- C:\Users\Czarek1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2015-05-12 12:47:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2015-05-12 10:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2015-05-12 10:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2015-05-07 11:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\GG [2015-04-30 11:26:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda [2015-04-30 11:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2015-04-19 21:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Customer Connect [2015-04-15 15:07:54 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2015-04-15 15:07:54 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2015-04-15 15:07:54 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll [2015-04-15 15:07:54 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll [2015-04-15 15:07:54 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sechost.dll [2015-04-15 15:07:53 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tracerpt.exe [2015-04-15 15:07:53 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tracerpt.exe [2015-04-15 15:07:53 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2015-04-15 15:07:53 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-system-events.dll [2015-04-15 15:07:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2015-04-15 15:07:46 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll [2015-04-15 15:07:44 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll [2015-04-15 15:07:36 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2015-04-15 15:07:32 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2015-04-15 15:07:31 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2015-04-15 15:07:30 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2015-04-15 15:07:30 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2015-04-15 15:07:29 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2015-04-15 15:07:29 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2015-04-15 15:07:29 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2015-04-15 15:07:28 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2015-04-15 15:07:12 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys [2015-04-15 15:07:12 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll [2015-04-15 15:07:12 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll [2015-04-15 15:07:11 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2015-04-15 15:07:10 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2015-04-15 15:07:10 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2015-04-15 15:07:10 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2015-04-15 15:07:10 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll [2015-04-15 15:07:10 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll [2015-04-15 15:07:10 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll [2015-04-15 15:07:10 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2015-04-15 15:07:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2015-04-15 15:07:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2015-04-15 15:07:10 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2015-04-15 15:07:10 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2015-04-15 15:07:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2015-04-15 15:07:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2015-04-15 15:07:10 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2015-04-15 15:07:10 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2015-04-15 15:07:10 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll [2015-04-15 15:07:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaext.dll [2015-04-15 15:06:52 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2015-04-15 15:06:52 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll [2015-04-15 15:06:52 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll [2015-04-15 15:06:52 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll [2015-04-15 15:06:52 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll [2015-04-15 15:06:52 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2015-04-15 15:06:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll [2 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015-05-12 20:43:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Czarek1\Desktop\OTL.exe [2015-05-12 20:30:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015-05-12 13:02:42 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\YAC.lnk [2015-05-12 12:52:57 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1d04063b5a2b2f0.job [2015-05-12 12:52:57 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015-05-12 12:52:17 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2015-05-12 12:52:14 | 759,136,255 | -HS- | M] () -- C:\hiberfil.sys [2015-05-12 12:31:51 | 001,828,496 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2015-05-12 12:31:51 | 000,808,198 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2015-05-12 12:31:51 | 000,723,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2015-05-12 12:31:51 | 000,164,014 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2015-05-12 12:31:51 | 000,136,128 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2015-05-12 10:22:08 | 000,000,836 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2015-05-12 10:21:01 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015-05-11 17:57:31 | 000,066,869 | ---- | M] () -- C:\Users\Czarek1\Desktop\tumblr_nn77vb4aUv1slrk0zo5_1280.jpg [2015-05-11 17:50:41 | 000,037,664 | ---- | M] () -- C:\Users\Czarek1\Desktop\nie-dam-rady....jpg [2015-05-11 17:30:40 | 000,079,535 | ---- | M] () -- C:\Users\Czarek1\Desktop\jak-rozstac-sie-z-dziewczyna.jpg [2015-05-11 16:31:40 | 000,098,073 | ---- | M] () -- C:\Users\Czarek1\Desktop\komunia-jest-raz-w-zyciu.jpg [2015-05-10 22:03:02 | 000,045,404 | ---- | M] () -- C:\Users\Czarek1\Desktop\CEq2g11XIAE-bjS.jpg [2015-05-10 12:42:50 | 000,076,575 | ---- | M] () -- C:\Users\Czarek1\Desktop\1431108820_by_Michupl.jpg [2015-05-10 12:26:15 | 000,019,341 | ---- | M] () -- C:\Users\Czarek1\Desktop\11008412_1593095114306388_4632168845070419553_n.jpg [2015-05-09 12:18:45 | 000,189,406 | ---- | M] () -- C:\Users\Czarek1\Desktop\goraczka.jpeg [2015-05-08 23:42:59 | 000,017,380 | ---- | M] () -- C:\Users\Czarek1\Desktop\11253857_845237135560744_1492581333_n.jpg [2015-05-08 12:23:05 | 000,045,108 | ---- | M] () -- C:\Users\Czarek1\Desktop\11218523_958110354208158_1592008581668761008_n.jpg [2015-05-06 16:49:52 | 000,074,395 | ---- | M] () -- C:\Users\Czarek1\Desktop\11210109_680385868732719_1360764236_n.jpg [2015-05-06 16:49:48 | 000,072,119 | ---- | M] () -- C:\Users\Czarek1\Desktop\11195253_680385865399386_1475671331_n.jpg [2015-05-06 05:27:33 | 000,053,568 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys [2015-05-05 22:04:11 | 000,040,985 | ---- | M] () -- C:\Users\Czarek1\Desktop\11188417_10206609592101082_2418572223684727035_n.jpg [2015-05-01 09:38:38 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk [2015-04-30 22:22:39 | 000,002,171 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2015-04-17 04:43:55 | 000,052,392 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys [2015-04-14 01:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2015-04-14 01:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015-05-12 13:02:42 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\YAC.lnk [2015-05-12 10:22:08 | 000,000,836 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2015-05-11 17:57:31 | 000,066,869 | ---- | C] () -- C:\Users\Czarek1\Desktop\tumblr_nn77vb4aUv1slrk0zo5_1280.jpg [2015-05-11 17:50:41 | 000,037,664 | ---- | C] () -- C:\Users\Czarek1\Desktop\nie-dam-rady....jpg [2015-05-11 17:30:38 | 000,079,535 | ---- | C] () -- C:\Users\Czarek1\Desktop\jak-rozstac-sie-z-dziewczyna.jpg [2015-05-11 16:31:39 | 000,098,073 | ---- | C] () -- C:\Users\Czarek1\Desktop\komunia-jest-raz-w-zyciu.jpg [2015-05-10 22:02:59 | 000,045,404 | ---- | C] () -- C:\Users\Czarek1\Desktop\CEq2g11XIAE-bjS.jpg [2015-05-10 12:42:49 | 000,076,575 | ---- | C] () -- C:\Users\Czarek1\Desktop\1431108820_by_Michupl.jpg [2015-05-10 12:26:13 | 000,019,341 | ---- | C] () -- C:\Users\Czarek1\Desktop\11008412_1593095114306388_4632168845070419553_n.jpg [2015-05-09 12:18:44 | 000,189,406 | ---- | C] () -- C:\Users\Czarek1\Desktop\goraczka.jpeg [2015-05-08 23:42:58 | 000,017,380 | ---- | C] () -- C:\Users\Czarek1\Desktop\11253857_845237135560744_1492581333_n.jpg [2015-05-08 12:23:04 | 000,045,108 | ---- | C] () -- C:\Users\Czarek1\Desktop\11218523_958110354208158_1592008581668761008_n.jpg [2015-05-06 16:49:52 | 000,074,395 | ---- | C] () -- C:\Users\Czarek1\Desktop\11210109_680385868732719_1360764236_n.jpg [2015-05-06 16:49:47 | 000,072,119 | ---- | C] () -- C:\Users\Czarek1\Desktop\11195253_680385865399386_1475671331_n.jpg [2015-05-05 22:04:10 | 000,040,985 | ---- | C] () -- C:\Users\Czarek1\Desktop\11188417_10206609592101082_2418572223684727035_n.jpg [2015-04-15 15:07:28 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2015-04-15 15:07:28 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2015-03-05 17:50:47 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2015-03-05 17:49:08 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2014-12-09 20:25:07 | 000,000,513 | ---- | C] () -- C:\Windows\hpwmdl26.dat.temp [2014-12-09 19:37:37 | 000,229,669 | ---- | C] () -- C:\Windows\hpwins26.dat [2014-12-09 19:37:37 | 000,000,513 | ---- | C] () -- C:\Windows\hpwmdl26.dat [2014-10-07 22:21:15 | 000,000,136 | ---- | C] () -- C:\Windows\ODBC.INI [2014-10-07 20:11:34 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014-07-13 12:40:59 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini [2014-03-01 13:09:53 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2014-03-01 13:09:53 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2014-03-01 13:09:51 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2014-03-01 13:09:44 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2014-03-01 13:09:44 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2014-03-01 13:09:41 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll [2014-03-01 13:08:08 | 000,343,040 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll [2014-03-01 13:08:05 | 000,180,736 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2014-03-01 13:08:05 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll [2014-03-01 05:15:28 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2014-03-01 05:14:00 | 001,852,054 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014-03-01 04:53:27 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2013-08-22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2013-08-22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2013-08-22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2013-08-22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2013-08-22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2013-08-22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2013-08-19 14:55:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2014-07-10 18:04:53 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2015-02-12 19:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015-02-12 19:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014-10-29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2014-10-29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014-10-29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 220 bytes -> C:\Users\Czarek1\OneDrive:ms-properties < End of report >