OTL logfile created on: 2023-02-18 17:56:12 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jarek\Downloads\Programs 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16438) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,95 Gb Total Physical Memory | 3,04 Gb Available Physical Memory | 38,23% Memory free 15,89 Gb Paging File | 10,53 Gb Available in Paging File | 66,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100,00 Gb Total Space | 28,64 Gb Free Space | 28,64% Space Free | Partition Type: NTFS Drive D: | 100,01 Gb Total Space | 53,95 Gb Free Space | 53,94% Space Free | Partition Type: NTFS Drive E: | 150,00 Gb Total Space | 5,93 Gb Free Space | 3,95% Space Free | Partition Type: NTFS Drive G: | 154,09 Gb Total Space | 53,54 Gb Free Space | 34,75% Space Free | Partition Type: NTFS Drive H: | 150,60 Gb Total Space | 20,78 Gb Free Space | 13,80% Space Free | Partition Type: NTFS Computer Name: JAREK-KOMPUTER | User Name: jarek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2023-02-18 17:51:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jarek\Downloads\Programs\OTL.exe PRC - [2022-10-18 22:01:45 | 000,309,720 | ---- | M] (Google LLC) -- C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe PRC - [2022-10-16 11:07:38 | 032,282,016 | ---- | M] (Garmin Ltd. or its subsidiaries) -- C:\Program Files (x86)\Garmin\Express\express.exe PRC - [2022-09-26 22:04:54 | 000,173,040 | ---- | M] (Adobe Inc.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2021-11-25 15:34:42 | 000,920,768 | ---- | M] (DEVGURU Co., LTD.) -- C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe PRC - [2021-11-25 15:34:42 | 000,752,224 | ---- | M] (DEVGURU Co., LTD.) -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe PRC - [2020-11-27 03:38:46 | 000,007,680 | ---- | M] (The CefSharp Authors) -- C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe PRC - [2018-03-24 02:13:29 | 015,997,376 | ---- | M] (Node.js) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe PRC - [2018-03-24 02:13:29 | 000,469,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe PRC - [2018-03-24 02:13:29 | 000,469,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe PRC - [2017-03-22 22:41:44 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2015-04-20 13:48:18 | 001,391,616 | ---- | M] (Tonec Inc.) -- D:\Internet Download Manager\IDMan.exe PRC - [2014-02-17 17:14:52 | 000,459,000 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe PRC - [2014-02-17 10:47:48 | 001,579,880 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe PRC - [2012-12-03 14:49:32 | 002,571,704 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe PRC - [2012-03-04 01:23:00 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe PRC - [2011-09-16 14:39:24 | 000,188,776 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011-01-29 00:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe PRC - [2011-01-12 19:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010-12-21 03:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010-12-21 03:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009-12-02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2009-12-02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2021-02-16 14:26:40 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\Garmin\Express\FixBootSector.dll MOD - [2020-11-27 03:38:42 | 000,961,536 | ---- | M] () -- C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll MOD - [2020-11-27 03:38:30 | 001,446,400 | ---- | M] () -- C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll MOD - [2020-11-18 09:14:46 | 117,340,672 | ---- | M] () -- C:\Program Files (x86)\Garmin\Express\libcef.dll MOD - [2020-11-18 07:40:04 | 000,323,072 | ---- | M] () -- C:\Program Files (x86)\Garmin\Express\libegl.dll MOD - [2020-11-18 07:40:02 | 005,441,536 | ---- | M] () -- C:\Program Files (x86)\Garmin\Express\libglesv2.dll MOD - [2020-05-08 21:16:33 | 000,038,400 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Cf61e09c5#\aa7d7c2bf390b327607c0f3dc47741fa\System.IO.Compression.FileSystem.ni.dll MOD - [2020-05-08 21:16:17 | 000,530,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\62765bb26133f581e10bb7c866f35c83\System.Net.Http.ni.dll MOD - [2020-05-08 21:16:11 | 019,974,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e27ae693b6e71bb689ec66761a65901f\System.ServiceModel.ni.dll MOD - [2020-05-08 21:15:41 | 000,396,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f68563fb25af65c25de37130ebcd576c\System.Xml.Linq.ni.dll MOD - [2020-05-06 21:17:01 | 019,943,936 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\b34cda03a984c515b31faf410e5b7e39\PresentationFramework.ni.dll MOD - [2020-05-06 21:16:40 | 012,236,288 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7873d3bd71f6122c2a954be1bb5bb28\PresentationCore.ni.dll MOD - [2020-05-06 21:16:30 | 013,972,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\7c32e936a07e0c7d9cae3ac27497f613\System.Web.ni.dll MOD - [2020-05-06 21:16:23 | 008,260,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\1288d7e030bc0c5d8b2cbe5f33aeed7f\System.Data.ni.dll MOD - [2020-05-06 21:16:23 | 001,075,712 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\ea53e69de4ca155788883a9c2d18f31a\System.ComponentModel.Composition.ni.dll MOD - [2020-05-06 21:16:20 | 004,125,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0d5a8e6f89227cc5d954e65856f9cf1a\WindowsBase.ni.dll MOD - [2020-05-06 21:16:15 | 013,740,544 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2dc6cfd856864312d563098f9486361c\System.Windows.Forms.ni.dll MOD - [2020-05-06 21:16:10 | 001,020,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cd03f9386e02f56502e01a25ddd7e0a7\System.Configuration.ni.dll MOD - [2020-05-06 21:16:08 | 008,246,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\21a1606b6c00f9abe7db55c02e0f87c9\System.Core.ni.dll MOD - [2020-05-06 21:16:02 | 007,589,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7c8f75f367134a030cba4a127dc62a2f\System.Xml.ni.dll MOD - [2020-05-06 21:16:02 | 001,180,672 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\e588691224a17737f3a164cc2d46c156\System.Management.ni.dll MOD - [2020-05-06 21:15:59 | 002,850,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\62a6b39f4f68c25dfd2f6308d7541401\System.Runtime.Serialization.ni.dll MOD - [2020-05-06 21:15:55 | 000,809,472 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7a1dfc357f4135dbddcf38fd9279b2a7\System.ServiceModel.Internals.ni.dll MOD - [2020-05-06 21:15:54 | 000,124,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\a7a48457faaea5fc8a1e59b4921ac4a3\SMDiagnostics.ni.dll MOD - [2020-05-06 21:15:52 | 002,035,712 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d290752f65a065fcde70178562c3383\System.Xaml.ni.dll MOD - [2020-05-06 21:15:52 | 001,646,080 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61dfb69c9ad6ed96809170d54d80b8a6\System.Drawing.ni.dll MOD - [2020-05-06 21:15:49 | 000,835,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\8391072310ccd84eecefe797cfd4a4a5\System.Security.ni.dll MOD - [2020-05-06 21:15:49 | 000,811,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\b90f40ba78ef47ed0a9a563e242f6322\System.Runtime.Remoting.ni.dll MOD - [2020-05-06 21:15:49 | 000,533,504 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\f730acee6c31ccae8256d0abbe9728ae\PresentationFramework.Aero.ni.dll MOD - [2020-05-06 21:15:47 | 010,541,056 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\e071297bb06faa961bef045ae5f25fdc\System.ni.dll MOD - [2020-05-06 21:15:34 | 000,274,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\5ac17cc5b92efda83e2925857f4fa655\System.Numerics.ni.dll MOD - [2020-05-06 21:15:33 | 020,499,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\97e047cf68e9a7d90e196d072cd49cac\mscorlib.ni.dll MOD - [2018-03-24 02:13:29 | 002,722,272 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node MOD - [2018-03-24 02:13:29 | 001,360,864 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node MOD - [2018-03-24 02:13:29 | 001,302,144 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node MOD - [2018-03-24 02:13:29 | 001,041,344 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll MOD - [2018-03-24 02:13:29 | 000,662,144 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvShadowPlayAPINode.node MOD - [2018-03-24 02:13:29 | 000,563,784 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node MOD - [2018-03-24 02:13:29 | 000,525,712 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node MOD - [2018-03-24 02:13:29 | 000,497,632 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node MOD - [2018-03-24 02:13:29 | 000,422,528 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node MOD - [2018-03-24 02:13:29 | 000,421,256 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node MOD - [2018-03-24 02:13:29 | 000,418,888 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node MOD - [2018-03-24 02:13:29 | 000,393,000 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node MOD - [2017-05-08 09:35:46 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll MOD - [2013-12-16 15:44:20 | 000,070,904 | ---- | M] () -- C:\Windows\SysWOW64\BsProfileFunc.dll MOD - [2013-12-16 15:44:06 | 000,360,184 | ---- | M] () -- C:\Windows\SysWOW64\BsExtendFunc.dll MOD - [2013-12-16 15:44:06 | 000,031,480 | ---- | M] () -- C:\Windows\SysWOW64\BsHelpCSps.dll MOD - [2013-12-16 15:44:02 | 000,641,784 | ---- | M] () -- C:\Windows\SysWOW64\BlueSoleilCSps.dll MOD - [2013-12-16 11:24:14 | 000,011,264 | ---- | M] () -- C:\Windows\SysWOW64\SCChangeMonitor.dll MOD - [2012-03-04 01:23:00 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe MOD - [2011-02-16 17:53:14 | 000,133,024 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll MOD - [2011-02-16 17:51:10 | 000,161,696 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll MOD - [2010-01-30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2023-01-24 00:57:54 | 001,725,720 | ---- | M] (Google LLC) [On_Demand | Stopped] -- C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe -- (GoogleChromeElevationService) SRV:[b]64bit:[/b] - [2021-11-25 15:34:42 | 000,920,768 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe -- (ss_conn_service2) SRV:[b]64bit:[/b] - [2021-11-25 15:34:42 | 000,752,224 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service) SRV:[b]64bit:[/b] - [2021-08-05 08:47:34 | 000,206,304 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc) SRV:[b]64bit:[/b] - [2018-03-24 02:13:29 | 000,522,688 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService) SRV:[b]64bit:[/b] - [2018-03-24 02:13:29 | 000,522,688 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem) SRV:[b]64bit:[/b] - [2018-03-24 00:50:50 | 000,464,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem) SRV:[b]64bit:[/b] - [2017-01-11 11:38:16 | 000,320,512 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService) SRV:[b]64bit:[/b] - [2016-07-05 18:33:40 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:[b]64bit:[/b] - [2011-05-12 16:01:46 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2011-05-02 15:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:[b]64bit:[/b] - [2011-05-02 15:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:[b]64bit:[/b] - [2011-05-02 15:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:[b]64bit:[/b] - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2023-02-07 16:55:13 | 000,247,200 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2022-11-09 13:32:26 | 003,497,800 | ---- | M] (Electronic Arts) [Auto | Stopped] -- G:\Origin\OriginWebHelperService.exe -- (Origin Web Helper Service) SRV - [2022-11-09 13:32:20 | 002,579,264 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- G:\Origin\OriginClientService.exe -- (Origin Client Service) SRV - [2022-09-26 22:04:54 | 000,173,040 | ---- | M] (Adobe Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2021-12-01 15:45:02 | 000,934,368 | ---- | M] (Epic Games, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe -- (EpicOnlineServices) SRV - [2018-11-08 20:02:08 | 001,684,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2018-03-26 15:24:54 | 000,107,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2018-03-24 02:13:29 | 000,469,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -- (NvTelemetryContainer) SRV - [2017-03-22 22:41:44 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2014-02-17 10:47:48 | 001,579,880 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe -- (BlueSoleilCS) SRV - [2014-01-05 16:10:03 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2013-12-16 15:45:50 | 000,145,656 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe -- (BsHelpCS) SRV - [2012-12-03 14:49:32 | 002,571,704 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe) SRV - [2011-01-12 19:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010-12-21 03:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010-12-21 03:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009-12-02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2009-12-02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-05-31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2021-12-20 21:23:40 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2018-03-25 17:26:40 | 000,048,032 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2018-03-24 02:13:29 | 000,059,240 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:[b]64bit:[/b] - [2018-03-24 02:13:29 | 000,058,816 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvhci.sys -- (nvvhci) DRV:[b]64bit:[/b] - [2018-03-24 02:13:29 | 000,031,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV:[b]64bit:[/b] - [2017-01-23 23:20:02 | 000,067,736 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGJoyXlCore.sys -- (LGJoyXlCore) DRV:[b]64bit:[/b] - [2017-01-23 23:20:02 | 000,036,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:[b]64bit:[/b] - [2017-01-23 23:20:02 | 000,026,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:[b]64bit:[/b] - [2017-01-18 19:30:28 | 000,016,056 | ---- | M] (SlimWare Utilities, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon) DRV:[b]64bit:[/b] - [2016-02-01 12:05:02 | 000,095,168 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:[b]64bit:[/b] - [2016-02-01 12:05:00 | 000,110,912 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:[b]64bit:[/b] - [2015-04-18 02:06:24 | 000,195,056 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP) DRV:[b]64bit:[/b] - [2014-05-12 10:55:48 | 000,097,152 | ---- | M] (Ross-Tech LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RT-USB64.SYS -- (RT-USB) DRV:[b]64bit:[/b] - [2014-01-20 10:19:28 | 000,051,936 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtUrbBtFlt.sys -- (btUrbFilterDrv) DRV:[b]64bit:[/b] - [2013-11-12 15:59:42 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2013-09-23 10:46:22 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0) DRV:[b]64bit:[/b] - [2013-05-30 16:16:46 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSUsbFilt.sys -- (LGSUsbFilt) DRV:[b]64bit:[/b] - [2013-05-30 16:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV:[b]64bit:[/b] - [2013-04-26 18:18:00 | 000,054,064 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtL2caScoIf.sys -- (BthL2caScoIfSrv) DRV:[b]64bit:[/b] - [2013-01-31 10:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple) DRV:[b]64bit:[/b] - [2012-10-11 04:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam) DRV:[b]64bit:[/b] - [2012-08-27 19:39:20 | 000,226,696 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2012-08-27 19:39:16 | 000,107,912 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2012-07-26 09:01:26 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk) DRV:[b]64bit:[/b] - [2012-06-15 11:22:02 | 000,023,136 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtAudioBus.sys -- (BtAudioBusSrv) DRV:[b]64bit:[/b] - [2012-06-11 10:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2012-04-18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb) DRV:[b]64bit:[/b] - [2011-10-08 10:47:24 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:[b]64bit:[/b] - [2011-10-08 10:47:21 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:[b]64bit:[/b] - [2011-10-08 10:45:09 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon) DRV:[b]64bit:[/b] - [2011-10-08 10:45:09 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv) DRV:[b]64bit:[/b] - [2011-10-08 10:35:42 | 000,020,064 | ---- | M] (Ensurebit Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\delayman.sys -- (DelayMan) DRV:[b]64bit:[/b] - [2011-10-08 10:35:42 | 000,015,456 | ---- | M] (Ensurebit Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\winioex.sys -- (winioex) DRV:[b]64bit:[/b] - [2011-10-08 01:33:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-10-08 01:33:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-08-17 10:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2011-05-13 08:01:36 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN) DRV:[b]64bit:[/b] - [2011-05-13 08:01:34 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL) DRV:[b]64bit:[/b] - [2011-05-13 08:01:24 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2011-05-13 08:01:24 | 000,150,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2011-05-13 08:01:24 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2011-05-13 08:01:24 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2011-05-09 21:42:14 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:[b]64bit:[/b] - [2011-05-01 15:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:[b]64bit:[/b] - [2011-03-26 02:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2011-03-23 15:13:58 | 008,199,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc) DRV:[b]64bit:[/b] - [2011-03-21 06:42:52 | 001,413,168 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2011-01-29 00:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:[b]64bit:[/b] - [2011-01-12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010-12-01 06:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010-10-20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010-10-15 09:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2010-01-07 10:23:18 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:[b]64bit:[/b] - [2009-12-02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b]64bit:[/b] - [2009-12-02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b]64bit:[/b] - [2009-12-02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b]64bit:[/b] - [2009-12-02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b]64bit:[/b] - [2009-08-21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:[b]64bit:[/b] - [2009-07-21 15:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009-07-14 01:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:[b]64bit:[/b] - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = auto:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{01E342EB-7555-496F-A1E2-3B9CC69FCA98}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.gazeta.pl/0,0.html?p=190 IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms} IE - HKCU\..\SearchScopes\{01E342EB-7555-496F-A1E2-3B9CC69FCA98}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.hiddenOneOffs: "DuckDuckGo,Encyklopedia PWN,Wikipedia (pl),Wolne Lektury" FF - prefs.js..browser.search.region: "PL" FF - prefs.js..browser.search.separatePrivateDefault.urlbarResult.enabled: false FF - prefs.js..browser.search.widget.inNavBar: true FF - prefs.js..browser.startup.homepage: "www.wp.pl" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.7.1: C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.8: D:\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.7.1: C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll (EA Digital Illusions CE AB) FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 109.0.1\extensions\\Components: D:\FIREFOX\COMPONENTS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 109.0.1\extensions\\Plugins: D:\FIREFOX\PLUGINS FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\jarek\AppData\Roaming\IDM\idmmzcc5 [2023-02-18 17:50:36 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: D:\Internet Download Manager\idmmzcc2.xpi FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\jarek\AppData\Roaming\IDM\idmmzcc5 [2023-02-18 17:50:36 | 000,000,000 | ---D | M] [2012-02-26 17:49:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Extensions [2017-11-17 14:01:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\SystemExtensionsDev [2022-01-05 20:23:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\browser-extension-data [2022-01-05 20:23:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\browser-extension-data\reset-search-defaults@mozilla.com [2021-08-19 20:47:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\extensions [2020-05-10 21:47:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\storage\archives\0\2021-10-09\default\moz-extension+++3780882e-f5c7-4ae5-8131-c98adc069a5f^userContextId=4294967295 [2021-10-08 20:30:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\storage\archives\0\2021-10-09\default\moz-extension+++3780882e-f5c7-4ae5-8131-c98adc069a5f^userContextId=4294967295\idb [2021-02-11 22:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\storage\archives\0\2022-03-14\default\moz-extension+++d1cd99dd-bea1-4951-8be2-009dc343d800^userContextId=4294967295 [2022-03-13 22:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\storage\archives\0\2022-03-14\default\moz-extension+++d1cd99dd-bea1-4951-8be2-009dc343d800^userContextId=4294967295\idb [2021-08-19 21:03:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\storage\default\moz-extension+++ba345a75-f4ba-4380-ba6c-9f1ca6f8590b^userContextId=4294967295 [2023-02-18 16:41:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\Firefox\Profiles\q73v466d.default-1443643391790-1589143656818\storage\default\moz-extension+++ba345a75-f4ba-4380-ba6c-9f1ca6f8590b^userContextId=4294967295\idb [2020-05-25 10:56:53 | 000,179,228 | ---- | M] () (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\firefox\profiles\q73v466d.default-1443643391790-1589143656818\extensions\jid1-yA1PzMgpqSEk1Q@jetpack.xpi [2021-08-19 20:47:04 | 000,045,933 | ---- | M] () (No name found) -- C:\Users\jarek\AppData\Roaming\mozilla\firefox\profiles\q73v466d.default-1443643391790-1589143656818\extensions\{8792af17-0df8-40ab-81d3-6cc777171564}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\jarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.50.1_0\ CHR - Extension: No name found = C:\Users\jarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.40.12_0\ CHR - Extension: No name found = C:\Users\jarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\ O1 HOSTS File: ([2019-09-23 22:21:45 | 000,001,066 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 http://www.driver-soft.com O1 - Hosts: 127.0.0.1 www.driver-soft.com O1 - Hosts: 127.0.0.1 http://www.driver-soft.com O1 - Hosts: 127.0.0.1 www.driver-soft.com O1 - Hosts: 127.0.0.1 http://www.driver-soft.com O1 - Hosts: 127.0.0.1 www.driver-soft.com O1 - Hosts: 104.31.93.101 darkw.pl O1 - Hosts: 192.168.1.1 O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:[b]64bit:[/b] - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo) O4:[b]64bit:[/b] - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_LENOVO_MICPKEY] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation) O4 - HKLM..\Run: [Codec Settings UAC Manager] C:\windows\SysWow64\Codecs\CodecUACManager.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe () O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\windows\system32\spool\DRIVERS\x64\3\E_YATIX0E.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-2150 Series" /EF "HKCU" File not found O4 - HKCU..\Run: [GarminExpress] C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries) O4 - HKCU..\Run: [Opera GX Stable] C:\Users\jarek\AppData\Local\Programs\Opera GX\launcher.exe (Opera Software) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - D:\Internet Download Manager\IEExt.htm () O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Internet Download Manager\IEGetAll.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Ściągnij przez IDM - D:\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: drp.su ([update] http in Local intranet) O15 - HKCU\..Trusted Domains: drp.su ([update] https in Local intranet) O15 - HKCU\..Trusted Domains: drp.su ([update-test2] http in Local intranet) O15 - HKCU\..Trusted Domains: drp.su ([update-test2] https in Local intranet) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{436A24ED-6D33-4C76-95EC-44F898C5902D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA9F01FF-C01A-4CAD-80EE-38B3AE0ECBAF}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2021-12-16 18:12:21 | 000,000,217 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2021-12-16 18:12:21 | 000,000,248 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2021-12-16 18:12:21 | 000,000,384 | RHS- | M] () - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2021-12-16 18:12:21 | 000,000,312 | RHS- | M] () - G:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2021-12-16 18:12:21 | 000,000,200 | RHS- | M] () - H:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{09de17ab-fe3c-11e4-8087-b870f44b6742}\Shell - "" = AutoRun O33 - MountPoints2\{09de17ab-fe3c-11e4-8087-b870f44b6742}\Shell\AutoRun\command - "" = J:\AutoRun.exe O33 - MountPoints2\{09de17bf-fe3c-11e4-8087-b870f44b6742}\Shell - "" = AutoRun O33 - MountPoints2\{09de17bf-fe3c-11e4-8087-b870f44b6742}\Shell\AutoRun\command - "" = J:\AutoRun.exe O33 - MountPoints2\{4fd7d237-1ef6-11e5-97e5-60d819ebcd6d}\Shell - "" = AutoRun O33 - MountPoints2\{4fd7d237-1ef6-11e5-97e5-60d819ebcd6d}\Shell\AutoRun\command - "" = J:\CMADownloader.exe O33 - MountPoints2\{70c47d3b-e0ba-11e2-b46a-b870f44b6742}\Shell - "" = AutoRun O33 - MountPoints2\{70c47d3b-e0ba-11e2-b46a-b870f44b6742}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a O33 - MountPoints2\{f5a88656-2231-11e8-b4eb-60d819ebcd6d}\Shell - "" = AutoRun O33 - MountPoints2\{f5a88656-2231-11e8-b4eb-60d819ebcd6d}\Shell\AutoRun\command - "" = J:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2023-02-18 17:01:23 | 000,000,000 | ---D | C] -- C:\Users\jarek\Desktop\Nowy folder (2) [2023-02-17 21:46:44 | 000,000,000 | ---D | C] -- C:\Users\jarek\AppData\Local\Opera Software [2023-02-17 21:45:04 | 000,000,000 | ---D | C] -- C:\Users\jarek\AppData\Roaming\Opera Software [2023-02-09 15:45:25 | 000,000,000 | ---D | C] -- C:\Users\jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urządzenia interfejsu Bluetooth [2012-07-12 09:28:44 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll [6 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ] [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2023-02-18 17:29:57 | 000,001,209 | ---- | M] () -- C:\Users\jarek\Desktop\ESET Online Scanner.lnk [2023-02-18 17:15:00 | 000,000,911 | ---- | M] () -- C:\windows\tasks\EPSON XP-2150 Series Update {9332C2CB-7E62-401D-AA81-F4A2B2C3CD78}.job [2023-02-18 17:06:00 | 000,000,911 | ---- | M] () -- C:\windows\tasks\EPSON XP-2150 Series Update {114072B6-C530-46F0-A045-6A48ACF40644}.job [2023-02-18 15:25:59 | 001,672,134 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2023-02-18 15:25:59 | 000,741,124 | ---- | M] () -- C:\windows\SysNative\perfh015.dat [2023-02-18 15:25:59 | 000,654,916 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2023-02-18 15:25:59 | 000,156,408 | ---- | M] () -- C:\windows\SysNative\perfc015.dat [2023-02-18 15:25:59 | 000,122,530 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2023-02-18 15:14:25 | 000,028,704 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2023-02-18 15:14:25 | 000,028,704 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2023-02-18 15:06:42 | 000,000,000 | -H-- | M] () -- C:\ProgramData\cm-lock [2023-02-18 15:06:06 | 000,110,004 | ---- | M] () -- C:\windows\SysNative\fastboot.set [2023-02-18 15:05:45 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl [2023-02-18 15:05:41 | 000,001,059 | ---- | M] () -- C:\windows\SysWow64\bscs.ini [2023-02-18 15:05:28 | 000,000,358 | ---- | M] () -- C:\windows\tasks\DriverToolkit Autorun.job [2023-02-18 15:05:03 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat [2023-02-18 15:04:42 | 2103,332,863 | -HS- | M] () -- C:\hiberfil.sys [2023-02-17 21:46:37 | 000,001,365 | ---- | M] () -- C:\Users\jarek\Desktop\Przeglądarka Opera GX.lnk [2023-01-28 15:43:58 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [6 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ] [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2023-02-18 16:35:08 | 000,001,209 | ---- | C] () -- C:\Users\jarek\Desktop\ESET Online Scanner.lnk [2023-02-18 15:06:42 | 000,000,000 | -H-- | C] () -- C:\ProgramData\cm-lock [2023-02-17 21:46:37 | 000,001,365 | ---- | C] () -- C:\Users\jarek\Desktop\Przeglądarka Opera GX.lnk [2023-02-17 21:46:37 | 000,001,365 | ---- | C] () -- C:\Users\jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk [2022-04-11 16:25:16 | 000,000,000 | ---- | C] () -- C:\windows\EEventManager.INI [2022-03-09 07:01:44 | 000,058,184 | ---- | C] () -- C:\windows\SysWow64\DiscHandler.exe [2022-02-28 16:21:42 | 000,343,392 | ---- | C] () -- C:\windows\SysWow64\libbluray.dll [2021-12-16 17:44:24 | 000,000,266 | RHS- | C] () -- C:\Users\jarek\ntuser.pol [2021-12-16 17:44:24 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2021-09-13 19:23:27 | 000,074,703 | ---- | C] () -- C:\windows\SysWow64\mfc45.dat [2021-05-18 21:47:23 | 000,000,859 | ---- | C] () -- C:\Users\jarek\AppData\Roaming\downloads.json [2014-09-02 19:00:28 | 000,003,007 | ---- | C] () -- C:\Users\jarek\photorec.cfg [2014-04-02 12:29:24 | 000,000,969 | ---- | C] () -- C:\Users\jarek\AppData\Local\recently-used.xbel [2013-12-30 17:58:56 | 000,000,643 | ---- | C] () -- C:\Users\jarek\.swfinfo [2012-09-18 11:32:56 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2012-02-24 22:12:08 | 000,007,616 | ---- | C] () -- C:\Users\jarek\AppData\Local\resmon.resmoncfg [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-01-04 11:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-01-04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >