Nieoryginalny oryginalny Windows i dziwny problem

Całe forum

Przeszukaj

Całe forum

Użytkownicy

Tryb drzewa \| Tryb normalny Nieoryginalny oryginalny Windows i dziwny problem
Sido92 Nowy Liczba postów: 6	Post: #4 RE: Nieoryginalny oryginalny windows + dziwny problem Wrzucam logi z OTL: Cytat:OTL logfile created on: 2014-04-08 07:47:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Adam\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 00000415 \| Country: Polska \| Language: PLK \| Date Format: yyyy-MM-dd 7,90 Gb Total Physical Memory \| 5,51 Gb Available Physical Memory \| 69,67% Memory free 15,81 Gb Paging File \| 12,98 Gb Available in Paging File \| 82,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 886,32 Gb Total Space \| 457,61 Gb Free Space \| 51,63% Space Free \| Partition Type: NTFS Drive D: \| 25,47 Gb Total Space \| 21,69 Gb Free Space \| 85,15% Space Free \| Partition Type: NTFS Drive G: \| 209,28 Mb Total Space \| 0,00 Mb Free Space \| 0,00% Space Free \| Partition Type: CDFS Computer Name: KOMPUTER-ADAMA \| User Name: Adam \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014-04-08 00:22:56 \| 003,854,640 \| ---- \| M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2014-04-08 00:22:56 \| 000,050,344 \| ---- \| M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2014-04-08 00:16:41 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Users\Adam\Downloads\OTL.exe PRC - [2014-04-02 15:29:05 \| 002,201,032 \| ---- \| M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014-04-02 15:28:46 \| 001,615,192 \| ---- \| M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2014-02-28 18:11:46 \| 000,905,296 \| ---- \| M] (BitTorrent Inc.) -- C:\Users\Adam\AppData\Roaming\uTorrent\uTorrent.exe PRC - [2014-01-03 02:46:10 \| 030,714,328 \| ---- \| M] (Dropbox, Inc.) -- C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013-10-15 12:27:38 \| 003,921,880 \| ---- \| M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2013-09-20 10:57:26 \| 001,042,272 \| ---- \| M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2013-09-13 10:38:30 \| 000,171,416 \| ---- \| M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2013-08-23 03:24:05 \| 003,233,806 \| ---- \| M] () -- C:\Program Files (x86)\Tor\tor.exe PRC - [2013-07-25 11:19:26 \| 005,624,784 \| ---- \| M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2012-08-15 01:41:36 \| 000,329,056 \| ---- \| M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe PRC - [2012-08-15 01:39:40 \| 000,099,680 \| ---- \| M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe PRC - [2012-05-21 09:26:28 \| 000,291,648 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012-02-28 11:20:02 \| 000,363,800 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2012-02-28 11:19:56 \| 000,277,784 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2012-02-28 11:19:46 \| 000,161,560 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe PRC - [2011-12-08 11:12:40 \| 000,291,272 \| ---- \| M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe PRC - [2011-11-29 20:04:56 \| 000,013,592 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011-11-29 20:04:54 \| 000,284,440 \| ---- \| M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2011-08-25 20:43:44 \| 000,337,776 \| ---- \| M] ( ) -- C:\Program Files (x86)\LockKey\LockKey.exe PRC - [2011-06-06 12:55:28 \| 000,064,952 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-01-28 23:29:36 \| 000,136,488 \| ---- \| M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe ========== Modules (No Company Name) ========== MOD - [2014-04-08 00:22:57 \| 019,336,120 \| ---- \| M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2014-02-26 14:32:43 \| 000,190,976 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll MOD - [2014-02-26 13:22:08 \| 018,813,440 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll MOD - [2014-02-26 13:22:01 \| 001,889,792 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll MOD - [2014-02-26 13:21:59 \| 012,894,208 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll MOD - [2014-02-26 13:21:53 \| 011,025,920 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll MOD - [2014-02-26 13:21:50 \| 001,644,544 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll MOD - [2014-02-26 13:21:47 \| 006,990,336 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll MOD - [2014-02-26 13:21:46 \| 007,662,080 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll MOD - [2014-02-26 13:21:44 \| 003,950,080 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll MOD - [2014-02-26 13:21:42 \| 000,976,384 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll MOD - [2014-02-26 13:21:42 \| 000,470,528 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll MOD - [2014-02-26 13:21:40 \| 010,060,800 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll MOD - [2014-02-26 13:21:35 \| 016,953,856 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll MOD - [2014-02-17 12:23:25 \| 000,487,424 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\55da6ea9407e647930ccfa94f1d02567\IAStorUtil.ni.dll MOD - [2014-02-17 12:23:25 \| 000,014,336 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\33f1f62a80540af6dba6af268692c041\IAStorCommon.ni.dll MOD - [2014-02-17 12:05:59 \| 000,771,584 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll MOD - [2014-02-17 12:05:24 \| 012,436,480 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll MOD - [2014-02-17 12:05:18 \| 001,593,344 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll MOD - [2014-02-17 12:04:46 \| 003,348,480 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll MOD - [2014-02-17 12:04:41 \| 005,464,064 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll MOD - [2014-02-17 12:04:38 \| 000,978,432 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll MOD - [2014-02-17 12:04:37 \| 007,989,760 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll MOD - [2014-02-17 12:04:31 \| 011,499,520 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll MOD - [2014-01-03 02:45:04 \| 003,558,400 \| ---- \| M] () -- C:\Users\Adam\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2013-12-19 22:33:31 \| 000,013,088 \| ---- \| M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2013-10-19 01:55:02 \| 025,100,288 \| ---- \| M] () -- C:\Users\Adam\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013-05-16 10:55:26 \| 000,113,496 \| ---- \| M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2013-05-16 10:55:24 \| 000,416,600 \| ---- \| M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2012-08-15 10:38:06 \| 000,032,768 \| ---- \| M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2012-08-15 01:41:35 \| 000,013,664 \| ---- \| M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll MOD - [2012-08-15 01:39:40 \| 000,099,680 \| ---- \| M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe MOD - [2011-12-08 11:12:40 \| 000,291,272 \| ---- \| M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe MOD - [2011-06-02 13:58:18 \| 000,132,448 \| ---- \| M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll MOD - [2011-06-02 13:57:44 \| 000,161,120 \| ---- \| M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll MOD - [2010-11-13 04:37:37 \| 000,311,296 \| ---- \| M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll ========== Services (SafeList) ========== SRV:64bit: - [2014-04-08 00:22:56 \| 000,050,344 \| ---- \| M] (AVAST Software) [Auto \| Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2014-04-02 15:28:36 \| 020,541,216 \| ---- \| M] (NVIDIA Corporation) [Auto \| Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:64bit: - [2014-02-06 12:48:45 \| 000,111,616 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013-05-27 07:50:47 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2013-02-26 00:05:10 \| 000,384,048 \| ---- \| M] (McAfee, Inc.) [On_Demand \| Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS) SRV:64bit: - [2013-02-19 14:56:14 \| 000,182,752 \| R--- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:64bit: - [2013-02-19 14:53:32 \| 000,218,760 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:64bit: - [2013-02-19 14:51:54 \| 000,241,456 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV:64bit: - [2012-08-31 14:20:06 \| 000,201,304 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV:64bit: - [2012-08-31 14:20:06 \| 000,201,304 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy) SRV:64bit: - [2012-08-31 14:20:06 \| 000,201,304 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv) SRV:64bit: - [2012-08-31 14:20:06 \| 000,201,304 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc) SRV:64bit: - [2012-08-31 14:20:06 \| 000,201,304 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:64bit: - [2012-08-31 14:20:06 \| 000,201,304 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV:64bit: - [2012-08-31 14:20:06 \| 000,201,304 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV:64bit: - [2012-08-31 14:20:06 \| 000,201,304 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service) SRV:64bit: - [2012-02-02 22:29:52 \| 000,628,448 \| ---- \| M] (Intel® Corporation) [Auto \| Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel® SRV:64bit: - [2012-02-01 18:31:02 \| 000,945,440 \| ---- \| M] (Broadcom Corporation.) [Auto \| Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2011-12-23 18:51:22 \| 000,120,160 \| R--- \| M] (Lenovo) [Auto \| Stopped] -- C:\Windows\SysNative\NSDSvc.exe -- (NSDSvc) SRV:64bit: - [2011-12-08 10:44:04 \| 000,594,704 \| ---- \| M] (Intel® Corporation) [Auto \| Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV:64bit: - [2011-12-08 10:43:56 \| 000,273,168 \| ---- \| M] () [On_Demand \| Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2011-12-08 10:43:48 \| 000,618,256 \| ---- \| M] (Intel® Corporation) [Auto \| Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2011-12-08 10:43:44 \| 000,148,752 \| ---- \| M] (Intel® Corporation) [Auto \| Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2011-12-05 09:30:50 \| 000,659,968 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:64bit: - [2011-12-05 08:55:36 \| 000,135,952 \| ---- \| M] (Intel® Corporation) [Auto \| Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:64bit: - [2011-01-28 12:28:54 \| 000,225,216 \| ---- \| M] (McAfee, Inc.) [On_Demand \| Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk) SRV:64bit: - [2010-09-22 18:10:10 \| 000,057,184 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2014-04-02 15:28:46 \| 001,615,192 \| ---- \| M] (NVIDIA Corporation) [Auto \| Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2014-03-29 12:03:13 \| 000,119,408 \| ---- \| M] (Mozilla Foundation) [On_Demand \| Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-09-11 22:21:54 \| 000,105,144 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013-08-23 03:24:05 \| 003,233,806 \| ---- \| M] () [Auto \| Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor) SRV - [2013-08-10 21:09:52 \| 000,148,000 \| ---- \| M] (DealPly Technologies Ltd) [On_Demand \| Stopped] -- C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem) SRV - [2013-08-10 21:09:52 \| 000,148,000 \| ---- \| M] (DealPly Technologies Ltd) [Auto \| Stopped] -- C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive) SRV - [2013-03-01 13:11:32 \| 000,161,384 \| R--- \| M] (Skype Technologies) [Auto \| Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-06-07 06:03:02 \| 000,276,288 \| ---- \| M] (Intel Corporation) [On_Demand \| Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-02-28 11:20:02 \| 000,363,800 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-02-28 11:19:56 \| 000,277,784 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-02-28 11:19:46 \| 000,161,560 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2011-11-29 20:04:56 \| 000,013,592 \| ---- \| M] (Intel Corporation) [Auto \| Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011-06-06 12:55:28 \| 000,064,952 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2009-06-10 23:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2014-04-08 00:23:02 \| 000,208,928 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2014-04-08 00:23:02 \| 000,084,816 \| ---- \| M] (AVAST Software) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) DRV:64bit: - [2014-04-08 00:23:01 \| 001,039,096 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2014-04-08 00:23:01 \| 000,423,240 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2014-04-08 00:23:01 \| 000,079,184 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2014-04-08 00:23:01 \| 000,065,776 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2014-04-08 00:23:00 \| 000,093,568 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2014-03-21 21:43:52 \| 000,040,392 \| ---- \| M] (NVIDIA Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2013-12-19 22:33:31 \| 000,032,544 \| R--- \| M] (NVIDIA Corporation) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2013-03-12 01:06:04 \| 000,283,200 \| R--- \| M] (DT Soft Ltd) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2013-02-19 14:59:06 \| 000,070,112 \| R--- \| M] (McAfee, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:64bit: - [2013-02-19 14:56:26 \| 000,340,216 \| R--- \| M] (McAfee, Inc.) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:64bit: - [2013-02-19 14:55:14 \| 000,106,552 \| R--- \| M] (McAfee, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet) DRV:64bit: - [2013-02-19 14:54:32 \| 000,771,536 \| R--- \| M] (McAfee, Inc.) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:64bit: - [2013-02-19 14:53:42 \| 000,515,968 \| R--- \| M] (McAfee, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:64bit: - [2013-02-19 14:53:02 \| 000,309,840 \| R--- \| M] (McAfee, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:64bit: - [2013-02-19 14:52:44 \| 000,179,280 \| R--- \| M] (McAfee, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk) DRV:64bit: - [2012-08-15 10:45:41 \| 000,023,408 \| ---- \| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012-08-15 01:43:13 \| 000,057,952 \| R--- \| M] (Lenovo) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon) DRV:64bit: - [2012-08-15 01:43:13 \| 000,013,408 \| R--- \| M] (Lenovo) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv) DRV:64bit: - [2012-08-15 01:42:49 \| 000,039,008 \| R--- \| M] (Lenovo.) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:64bit: - [2012-08-15 01:42:49 \| 000,030,816 \| R--- \| M] (Lenovo Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:64bit: - [2012-06-07 05:49:08 \| 014,760,096 \| R--- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012-05-21 09:25:32 \| 000,789,824 \| R--- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012-05-21 09:25:32 \| 000,357,184 \| R--- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012-05-21 09:25:32 \| 000,019,264 \| R--- \| M] (Intel Corporation) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012-04-20 17:40:58 \| 000,196,440 \| R--- \| M] (McAfee, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK) DRV:64bit: - [2012-03-02 12:49:20 \| 000,104,048 \| R--- \| M] (Qualcomm Atheros Co., Ltd.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2012-02-02 05:07:18 \| 000,615,976 \| R--- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2012-02-02 05:07:18 \| 000,134,696 \| R--- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums) DRV:64bit: - [2012-02-02 05:07:12 \| 000,211,496 \| R--- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2012-02-02 05:07:12 \| 000,184,360 \| R--- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2012-02-02 05:07:12 \| 000,039,976 \| R--- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2012-02-02 05:07:12 \| 000,021,544 \| R--- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2012-01-27 10:00:28 \| 000,109,056 \| R--- \| M] (Ozmo Inc) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\hswpan.sys -- (hswpan) DRV:64bit: - [2012-01-26 18:37:24 \| 000,034,200 \| R--- \| M] (Intel Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2012-01-26 18:37:24 \| 000,025,496 \| R--- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011-12-23 17:45:50 \| 000,024,160 \| R--- \| M] (Lenovo Corporation") [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\nsd.sys -- (NSD) DRV:64bit: - [2011-12-21 21:57:42 \| 000,059,488 \| R--- \| M] (Lenovo Corporation) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\Nsdfltr.sys -- (Nsdfltr) DRV:64bit: - [2011-12-16 03:04:02 \| 000,411,920 \| R--- \| M] (Synaptics Incorporated) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011-12-06 13:23:10 \| 000,331,264 \| R--- \| M] (Intel® Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011-12-05 09:22:58 \| 000,195,584 \| R--- \| M] (Windows ® Win 7 DDK provider) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2011-12-05 09:22:58 \| 000,195,584 \| R--- \| M] (Windows ® Win 7 DDK provider) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2011-12-01 22:51:00 \| 011,417,088 \| R--- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2011-11-29 19:40:32 \| 000,568,600 \| R--- \| M] (Intel Corporation) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011-11-09 19:04:14 \| 000,060,184 \| R--- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2011-10-10 09:56:15 \| 000,107,904 \| R--- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-10-10 09:56:15 \| 000,027,008 \| R--- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011-09-06 17:28:38 \| 008,208,488 \| R--- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc) DRV:64bit: - [2011-08-25 04:21:00 \| 000,173,656 \| R--- \| M] (JMicron Technology Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2011-01-28 23:29:58 \| 000,031,088 \| R--- \| M] (CyberLink Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010-11-21 05:24:33 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010-11-21 05:23:47 \| 000,109,056 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010-11-21 05:23:47 \| 000,078,720 \| R--- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-11-21 05:23:47 \| 000,031,232 \| R--- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010-09-23 00:36:48 \| 000,048,488 \| R--- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2009-07-21 14:20:06 \| 000,121,840 \| R--- \| M] (CyberLink) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2009-07-14 03:52:20 \| 000,194,128 \| R--- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 03:48:04 \| 000,065,600 \| R--- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 03:45:55 \| 000,024,656 \| R--- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-14 01:21:48 \| 000,038,400 \| R--- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009-06-10 22:34:33 \| 003,286,016 \| R--- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 22:34:28 \| 000,468,480 \| R--- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 \| 000,270,848 \| R--- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 22:31:59 \| 000,031,232 \| R--- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 03:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_me...1376161775 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_me...1376161775 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775 IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTe...urceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_me...1376161775 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_me...1376161775 IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775 IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTe...urceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchTe...d=ie7&rlz= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com/ig/redirectdomain?...&bmod=KMOH IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerm...ORM=IE11SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.searchgol.com/?q={searchTerms...3&tsp=4970 IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b...1376161775 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?FORM=UP21DF&P...-SearchBox IE - HKCU\..\SearchScopes\{E5A4AD13-191A-4FC3-959D-6D0224BE0F70}: "URL" = http://www.google.com/search?sourceid=ie...OH_plPL528 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd) FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014-02-17 11:53:48 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-08 00:23:25 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-03-29 12:03:09 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013-03-12 01:45:27 \| 000,000,000 \| ---D \| M] [2013-03-11 20:04:57 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Extensions [2014-04-07 22:18:06 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\extensions [2013-08-10 21:09:44 \| 000,000,000 \| ---D \| M] (DealPly Shopping) -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979} [2014-04-01 17:48:02 \| 000,957,290 \| ---- \| M] () (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-10 21:12:55 \| 000,006,547 \| ---- \| M] () -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\babylon.xml [2013-08-10 21:12:55 \| 000,006,547 \| ---- \| M] () -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\BrowserProtect.xml [2013-05-26 20:31:49 \| 000,001,294 \| ---- \| M] () -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\a7s3se1d.default\searchplugins\delta.xml [2014-03-29 12:03:08 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014-03-29 12:03:13 \| 000,000,000 \| ---D \| M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014-02-17 11:53:48 \| 000,000,000 \| ---D \| M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://www.google.com CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnckahndcieonmmijnhgkecfcekfafp\2.8.2_0\ CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.122.0_0\ CHR - Extension: No name found = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009-06-10 23:00:26 \| 000,000,824 \| R--- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (no name) - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - No CLSID value found. O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo) O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics) O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe () O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O4 - HKLM..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe ( ) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [uTorrent] C:\Users\Adam\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja produktu firmy Lenovo.lnk = C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/sh...wflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.60 62.179.1.61 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BCA65E94-7C34-40F8-A3EE-534809337320}: DhcpNameServer = 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F837BF0E-BE74-4B73-9CD5-8DC38909A2D9}: DhcpNameServer = 62.179.1.60 62.179.1.61 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [1831-04-23 08:15:01 \| 000,000,045 \| R--- \| M] () - G:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{a6a70ce3-8a9d-11e2-94ee-08edb9d8fe93}\Shell - "" = AutoRun O33 - MountPoints2\{a6a70ce3-8a9d-11e2-94ee-08edb9d8fe93}\Shell\AutoRun\command - "" = G:\CSetup.exe -- [1928-01-02 00:08:40 \| 004,292,608 \| R--- \| M] (GSC Game World) O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit: - HKLM\..comfile [open] -- "%1" % O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014-04-08 07:44:57 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2014-04-08 00:25:50 \| 000,000,000 \| ---D \| C] -- C:\Users\Adam\AppData\Roaming\AVAST Software [2014-04-08 00:25:37 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast [2014-04-08 00:23:52 \| 000,084,816 \| ---- \| C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2014-04-08 00:23:50 \| 001,039,096 \| ---- \| C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014-04-08 00:23:50 \| 000,423,240 \| ---- \| C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2014-04-08 00:23:45 \| 000,079,184 \| ---- \| C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014-04-08 00:23:43 \| 000,093,568 \| ---- \| C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014-04-08 00:23:37 \| 000,334,648 \| ---- \| C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014-04-08 00:22:58 \| 000,043,152 \| ---- \| C] (AVAST Software) -- C:\Windows\avastSS.scr [2014-04-08 00:21:54 \| 000,000,000 \| ---D \| C] -- C:\Program Files\AVAST Software [2014-04-08 00:20:26 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\AVAST Software [2014-04-07 15:54:53 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2014-04-07 15:54:49 \| 000,021,040 \| ---- \| C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2014-04-07 15:54:47 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Spybot - Search & Destroy [2014-04-07 15:54:42 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2014-04-07 15:39:13 \| 000,040,392 \| ---- \| C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys [2014-04-07 15:39:13 \| 000,033,568 \| ---- \| C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll [2014-04-05 23:16:41 \| 000,000,000 \| ---D \| C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cossacks - The Art Of War [2014-04-05 23:16:41 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cossacks - The Art Of War [2014-04-05 23:16:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Cossacks - The Art Of War [2014-04-05 23:00:55 \| 000,000,000 \| ---D \| C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kozacy - Europejskie boje [2014-04-05 23:00:55 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kozacy - Europejskie boje [2014-04-05 22:59:49 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Cossacks [2014-04-05 22:24:39 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [2014-04-05 22:22:57 \| 004,358,144 \| R--- \| C] (GSC Game World) -- C:\Windows\uncsetup.exe [2014-04-05 22:22:16 \| 000,000,000 \| ---D \| C] -- C:\GOG Games [2014-03-31 12:31:11 \| 000,000,000 \| ---D \| C] -- C:\Users\Adam\AppData\Local\Microsoft Help [2014-03-31 12:30:53 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft Help [2014-03-31 11:37:19 \| 000,000,000 \| ---D \| C] -- C:\Users\Adam\Desktop\screenyHEARTH [2014-03-29 12:03:08 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Mozilla Firefox [2014-03-25 22:40:47 \| 000,000,000 \| ---D \| C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antichamber [2014-03-25 22:40:21 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Antichamber [2014-03-18 21:07:47 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\CODEX [2014-03-18 21:05:45 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead Season 2 EP 2 [2014-03-18 21:03:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\The Walking Dead Season 2 EP 2 ========== Files - Modified Within 30 Days ========== [2014-04-08 07:39:51 \| 000,001,044 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf49321ef9805a.job [2014-04-08 07:39:51 \| 000,000,898 \| ---- \| M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineCore.job [2014-04-08 07:38:43 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2014-04-08 07:38:36 \| 2070,691,839 \| -HS- \| M] () -- C:\hiberfil.sys [2014-04-08 00:30:40 \| 000,002,188 \| ---- \| M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-04-08 00:25:37 \| 000,001,977 \| ---- \| M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014-04-08 00:24:57 \| 000,000,350 \| -H-- \| M] () -- C:\Windows\tasks\avast! Emergency Update.job [2014-04-08 00:23:02 \| 000,208,928 \| ---- \| M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014-04-08 00:23:02 \| 000,084,816 \| ---- \| M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2014-04-08 00:23:01 \| 001,039,096 \| ---- \| M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014-04-08 00:23:01 \| 000,423,240 \| ---- \| M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2014-04-08 00:23:01 \| 000,334,648 \| ---- \| M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014-04-08 00:23:01 \| 000,079,184 \| ---- \| M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014-04-08 00:23:01 \| 000,065,776 \| ---- \| M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014-04-08 00:23:00 \| 000,093,568 \| ---- \| M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014-04-08 00:22:58 \| 000,043,152 \| ---- \| M] (AVAST Software) -- C:\Windows\avastSS.scr [2014-04-07 20:34:00 \| 000,001,048 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf49321f95c2a4.job [2014-04-07 20:31:00 \| 000,000,930 \| ---- \| M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-04-07 20:15:50 \| 000,000,902 \| ---- \| M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job [2014-04-07 15:54:53 \| 000,001,394 \| ---- \| M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2014-04-07 12:10:01 \| 000,001,128 \| ---- \| M] () -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja produktu firmy Lenovo.lnk [2014-04-05 22:59:43 \| 000,053,248 \| ---- \| M] () -- C:\Windows\SysWow64\unrar.dll [2014-04-05 22:28:47 \| 004,358,144 \| R--- \| M] (GSC Game World) -- C:\Windows\uncsetup.exe [2014-04-05 22:24:51 \| 000,001,725 \| ---- \| M] () -- C:\Users\Public\Desktop\Age of Wonders III.lnk [2014-04-05 12:00:25 \| 000,125,158 \| ---- \| M] () -- C:\Users\Adam\Desktop\tusk.jpg [2014-04-03 23:01:06 \| 000,278,773 \| ---- \| M] () -- C:\Users\Adam\Desktop\wipla.jpg [2014-04-02 23:32:25 \| 000,002,009 \| ---- \| M] () -- C:\Users\Adam\Desktop\Kindle.lnk [2014-04-02 15:27:17 \| 001,081,112 \| ---- \| M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll [2014-04-02 15:27:05 \| 001,225,920 \| ---- \| M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll [2014-03-26 18:50:55 \| 000,011,590 \| ---- \| M] () -- C:\Users\Adam\AppData\Local\recently-used.xbel [2014-03-26 18:49:44 \| 000,016,511 \| ---- \| M] () -- C:\Users\Adam\pspp.jnl [2014-03-26 18:49:28 \| 000,001,434 \| ---- \| M] () -- C:\Users\Adam\AppData\Local\psppirerc [2014-03-25 22:40:46 \| 000,002,125 \| ---- \| M] () -- C:\Users\Adam\Desktop\Antichamber.lnk [2014-03-21 21:43:52 \| 000,040,392 \| ---- \| M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys [2014-03-21 21:43:50 \| 000,037,320 \| ---- \| M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll [2014-03-21 21:43:50 \| 000,033,568 \| ---- \| M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll [2014-03-18 21:05:45 \| 000,000,982 \| ---- \| M] () -- C:\Users\Adam\Desktop\The Walking Dead Season 2 EP 2.lnk [2014-03-18 20:39:07 \| 000,015,793 \| ---- \| M] () -- C:\Users\Adam\Desktop\praca domowa.odt [2014-03-16 19:40:34 \| 000,000,234 \| ---- \| M] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job ========== Files Created - No Company Name ========== [2014-04-08 00:25:37 \| 000,001,977 \| ---- \| C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014-04-08 00:24:57 \| 000,000,350 \| -H-- \| C] () -- C:\Windows\tasks\avast! Emergency Update.job [2014-04-08 00:23:51 \| 000,208,928 \| ---- \| C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014-04-08 00:23:50 \| 000,065,776 \| ---- \| C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014-04-07 15:54:53 \| 000,001,406 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2014-04-07 15:54:53 \| 000,001,394 \| ---- \| C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2014-04-05 22:59:43 \| 000,053,248 \| ---- \| C] () -- C:\Windows\SysWow64\unrar.dll [2014-04-05 22:24:51 \| 000,001,725 \| ---- \| C] () -- C:\Users\Public\Desktop\Age of Wonders III.lnk [2014-04-05 11:59:39 \| 000,125,158 \| ---- \| C] () -- C:\Users\Adam\Desktop\tusk.jpg [2014-04-03 23:01:06 \| 000,278,773 \| ---- \| C] () -- C:\Users\Adam\Desktop\wipla.jpg [2014-03-26 22:29:44 \| 000,001,048 \| ---- \| C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf49321f95c2a4.job [2014-03-26 22:29:43 \| 000,001,044 \| ---- \| C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf49321ef9805a.job [2014-03-26 18:50:55 \| 000,011,590 \| ---- \| C] () -- C:\Users\Adam\AppData\Local\recently-used.xbel [2014-03-26 18:49:28 \| 000,001,434 \| ---- \| C] () -- C:\Users\Adam\AppData\Local\psppirerc [2014-03-25 22:40:46 \| 000,002,125 \| ---- \| C] () -- C:\Users\Adam\Desktop\Antichamber.lnk [2014-03-18 21:05:45 \| 000,000,982 \| ---- \| C] () -- C:\Users\Adam\Desktop\The Walking Dead Season 2 EP 2.lnk [2014-03-17 22:57:49 \| 000,015,793 \| ---- \| C] () -- C:\Users\Adam\Desktop\praca domowa.odt [2014-03-16 19:40:34 \| 000,000,234 \| ---- \| C] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job [2014-03-10 00:51:56 \| 000,001,128 \| ---- \| C] () -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rejestracja produktu firmy Lenovo.lnk [2014-03-05 16:56:20 \| 000,000,000 \| ---- \| C] () -- C:\Users\Adam\AppData\Local\{FA72FB75-9421-42F2-8D31-88D428B738D6} [2014-01-21 23:18:02 \| 000,000,000 \| ---- \| C] () -- C:\Users\Adam\AppData\Local\{A114EFB8-5E28-428D-B4D3-725372A0D6CE} [2014-01-13 01:15:14 \| 000,000,151 \| ---- \| C] () -- C:\Users\Adam\AppData\Roaming\usde.conf [2014-01-08 18:03:51 \| 000,314,656 \| ---- \| C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll [2013-08-12 01:21:26 \| 000,000,005 \| ---- \| C] () -- C:\Users\Adam\AppData\Roaming\WBPU-Q5-TTL.DAT [2013-08-10 22:09:11 \| 000,000,074 \| ---- \| C] () -- C:\Users\Adam\AppData\Roaming\WB.CFG [2013-08-10 22:09:11 \| 000,000,005 \| ---- \| C] () -- C:\Users\Adam\AppData\Roaming\WBPU-TTL.DAT [2013-07-27 15:09:12 \| 000,000,059 \| ---- \| C] () -- C:\Windows\RUNAWAY.INI [2013-05-30 16:55:39 \| 000,122,884 \| ---- \| C] () -- C:\Windows\UnGins.exe [2013-04-12 20:11:01 \| 000,669,184 \| ---- \| C] () -- C:\Windows\SysWow64\pbsvc.exe [2013-04-02 22:52:51 \| 000,114,176 \| ---- \| C] () -- C:\Users\Adam\AppData\Roaming\BabMaint.exe [2013-03-15 16:42:41 \| 000,001,455 \| ---- \| C] () -- C:\Users\Adam\statystyka 15.03.sav [2013-03-15 00:03:31 \| 000,016,511 \| ---- \| C] () -- C:\Users\Adam\pspp.jnl [2013-03-11 18:55:44 \| 000,000,000 \| ---- \| C] () -- C:\Windows\firstboot.dat [2012-08-15 01:41:44 \| 002,086,240 \| ---- \| C] () -- C:\Windows\SysWow64\LenovoVeriface.Interface.dll [2012-08-15 01:41:44 \| 001,500,512 \| ---- \| C] () -- C:\Windows\SysWow64\Apblend.dll [2012-08-15 01:41:44 \| 000,472,416 \| ---- \| C] () -- C:\Windows\SysWow64\Lenovo.VerifaceStub.dll [2012-08-15 01:41:43 \| 001,171,456 \| ---- \| C] () -- C:\Windows\SysWow64\PicNotify.dll [2012-08-15 01:41:33 \| 001,044,480 \| ---- \| C] () -- C:\Windows\SysWow64\3DImageRenderer.dll [2012-08-15 01:12:17 \| 001,643,124 \| ---- \| C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-07-09 02:56:50 \| 000,755,572 \| ---- \| C] () -- C:\Windows\SysWow64\igkrng700.bin [2012-07-09 02:56:45 \| 000,559,972 \| ---- \| C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012-07-09 02:56:42 \| 000,058,880 \| ---- \| C] () -- C:\Windows\SysWow64\igdde32.dll [2012-07-09 02:56:36 \| 013,026,816 \| ---- \| C] () -- C:\Windows\SysWow64\ig7icd32.dll ========== ZeroAccess Check ========== [2009-07-14 06:55:00 \| 000,000,227 \| RHS- \| M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:57 \| 014,172,672 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 \| 012,872,704 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 \| 000,909,312 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 \| 000,606,208 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 \| 000,505,856 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] I kawałek, który się nie zmieścił: ========== Files - Unicode (All) ========== [2013-11-24 23:18:23 \| 105,952,601 \| ---- \| M] ()(C:\Windows\SysWow64\??b) -- C:\Windows\SysWow64\濿㷋b [2013-11-24 16:22:28 \| 105,952,601 \| ---- \| C] ()(C:\Windows\SysWow64\??b) -- C:\Windows\SysWow64\濿㷋b [2013-11-19 11:01:03 \| 105,029,326 \| ---- \| M] ()(C:\Windows\SysWow64\?) -- C:\Windows\SysWow64\櫦簔 [2013-11-19 11:01:03 \| 105,029,326 \| ---- \| C] ()(C:\Windows\ (Ten post był ostatnio modyfikowany: 08.04.2014 07:14 przez Sido92.) 08.04.2014 07:11
Podziękowania od:

Wiadomości w tym wątku

Nieoryginalny oryginalny Windows i dziwny problem - Sido92 - 07.04.2014, 21:02

RE: Nieoryginalny oryginalny windows + dziwny problem - LadyInBlue - 07.04.2014, 21:15

RE: Nieoryginalny oryginalny windows + dziwny problem - Illidan - 08.04.2014, 04:49

RE: Nieoryginalny oryginalny windows + dziwny problem - Sido92 - 08.04.2014 07:11

RE: Nieoryginalny oryginalny windows + dziwny problem - LadyInBlue - 08.04.2014, 08:56

RE: Nieoryginalny oryginalny windows + dziwny problem - Illidan - 08.04.2014, 19:44

RE: Nieoryginalny oryginalny windows + dziwny problem - Sido92 - 08.04.2014, 22:31

RE: Nieoryginalny oryginalny windows + dziwny problem - Illidan - 09.04.2014, 06:04

RE: Nieoryginalny oryginalny windows + dziwny problem - Sido92 - 09.04.2014, 09:51

RE: Nieoryginalny oryginalny Windows i dziwny problem - Illidan - 09.04.2014, 19:52

RE: Nieoryginalny oryginalny Windows i dziwny problem - Sido92 - 10.04.2014, 14:36

RE: Nieoryginalny oryginalny Windows i dziwny problem - Illidan - 10.04.2014, 15:43

RE: Nieoryginalny oryginalny Windows i dziwny problem - Sido92 - 11.04.2014, 07:15

RE: Nieoryginalny oryginalny Windows i dziwny problem - Illidan - 13.04.2014, 03:10

RE: Nieoryginalny oryginalny Windows i dziwny problem - thermalfake - 27.04.2014, 11:30

RE: Nieoryginalny oryginalny Windows i dziwny problem - Illidan - 27.04.2014, 14:54

RE: Nieoryginalny oryginalny Windows i dziwny problem - thermalfake - 27.04.2014, 15:20

Podobne wątki
Wątek:	Autor	Odpowiedzi:	Wyświetleń:	Ostatni post
Dziwny dokument tekstowy w SysWOW64	zpfd	1	1.573	09.03.2016 19:21 Ostatni post: patrykk114
Rozwiązany Plik csrss.exe wirusem?? Dziwny artykuł na sforze...	beabea	2	7.882	15.02.2011 22:05 Ostatni post: beabea
Wyskakuje mi dziwny komunikat	yaro555	4	4.441	04.11.2010 10:22 Ostatni post: War_3_

« Starszy wątek | Nowszy wątek »

Autor: Sido92
Temat został oceniony na 0 w skali 1-5 gwiazdek.
Zebrano 1 głosów.