OTL.Txt

Laptop/HP/6715B - Zamulanie, brak podswietalania matrycy i inne

Przepraszam wszystkich trochę dłużej się zeszło zanim dostałem laptopa w swoje ręce z powrotem... Udało mi się zlokalizować przyczynę usterki braku podświetlania matrycy - problem tkwi w przełączniku na pł. gł. odpowiedzialnego za przygaszanie matrycy. Działa on jak chce, a w zasadzie większość czasu powoduje właśnie odcięcie podświetlania. Usunałem z panelu ten przycisk więc powiezmy ze chałupniczo probelm rozwiązany. Co do pracy samego laptopa to nadal działa on b. wolno. Słabo wygląda smart dysku. Proszę o pomoc w weryfikacji. Do postu wrzucam komplet logow: hijack, otl, extras, hd tune, mhdd oraz konfiguracje laptopa z cpu-z


OTL logfile created on: 2015-09-20 20:18:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Arek\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,87 Gb Total Physical Memory | 0,57 Gb Available Physical Memory | 30,54% Memory free
3,75 Gb Paging File | 2,40 Gb Available in Paging File | 63,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 34,19 Gb Free Space | 68,39% Space Free | Partition Type: NTFS
Drive D: | 50,00 Gb Total Space | 11,08 Gb Free Space | 22,16% Space Free | Partition Type: NTFS
Drive E: | 49,05 Gb Total Space | 47,60 Gb Free Space | 97,05% Space Free | Partition Type: NTFS
Drive G: | 7,47 Gb Total Space | 2,11 Gb Free Space | 28,23% Space Free | Partition Type: NTFS

Computer Name: AREK-KOMPUTER | User Name: Arek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015-09-20 18:37:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Arek\Desktop\OTL.exe
PRC - [2015-08-10 15:56:05 | 001,286,776 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
PRC - [2015-08-10 15:56:05 | 000,858,744 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
PRC - [2015-08-10 15:56:05 | 000,124,536 | ---- | M] (Qihu Software Co. Limited) -- C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
PRC - [2015-01-12 03:21:30 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2015-01-12 03:16:13 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-11-11 14:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009-08-07 17:03:16 | 000,354,360 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2009-07-29 15:28:44 | 000,256,544 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009-07-29 12:43:50 | 001,201,400 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009-07-28 03:06:04 | 000,078,608 | ---- | M] (Bioscrypt Inc.) -- C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2009-07-14 03:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009-06-03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
PRC - [2009-06-03 16:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2009-06-03 16:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015-08-10 15:56:03 | 000,087,672 | ---- | M] () -- C:\Program Files\360\Total Security\deepscan\qutmload.dll
MOD - [2015-02-12 15:25:56 | 000,688,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\fc21baf1fd69ebbc21be4a9189951fc0\System.Security.ni.dll
MOD - [2015-02-12 15:25:55 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2015-02-12 15:25:53 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2015-02-12 15:25:53 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2015-02-12 15:25:50 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2015-01-12 03:28:54 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_pl_b77a5c561934e089\System.Xml.resources.dll
MOD - [2015-01-12 03:17:35 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015-08-26 14:46:30 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015-08-10 15:56:05 | 000,858,744 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) [Auto | Running] -- C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe -- (QHActiveDefense)
SRV - [2015-07-09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015-03-11 02:26:36 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015-01-12 03:23:24 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2015-01-12 03:15:31 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-08-07 16:59:00 | 000,045,056 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009-07-29 15:28:44 | 000,256,544 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2009-07-29 12:43:50 | 001,201,400 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009-07-28 02:59:40 | 000,192,784 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2009-07-28 02:59:34 | 000,150,288 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-06-03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2015-08-10 15:56:05 | 000,178,384 | ---- | M] (360????) [Kernel | System | Running] -- C:\Windows\System32\drivers\360SelfProtection.sys -- (360SelfProtection)
DRV - [2015-08-10 15:56:05 | 000,065,872 | ---- | M] (360????) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hookport.sys -- (HookPort)
DRV - [2015-08-10 15:56:04 | 000,203,856 | ---- | M] (360.cn) [File_System | System | Running] -- C:\Windows\System32\drivers\360Box.sys -- (360Box)
DRV - [2015-08-10 15:56:04 | 000,121,936 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\360AntiHacker.sys -- (360AntiHacker)
DRV - [2015-08-10 15:56:04 | 000,053,960 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\qutmipc.sys -- (qutmipc)
DRV - [2015-08-10 15:56:04 | 000,034,888 | ---- | M] (360.cn) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\360Camera.sys -- (360Camera)
DRV - [2015-08-10 15:56:03 | 000,292,560 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\qutmdrv.sys -- (qutmdserv)
DRV - [2015-08-10 15:56:03 | 000,174,672 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\BAPIDRV.SYS -- (BAPIDRV)
DRV - [2015-08-10 15:56:03 | 000,066,128 | ---- | M] (360.cn) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\360AvFlt.sys -- (360AvFlt)
DRV - [2015-08-10 15:56:03 | 000,024,296 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\System32\drivers\efimon.sys -- (EfiMon)
DRV - [2015-01-12 03:22:27 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2015-01-12 03:22:27 | 000,026,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2015-01-12 03:17:22 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2015-01-12 03:17:22 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-29 15:30:28 | 000,051,408 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009-07-29 15:30:20 | 000,012,960 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\Windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009-07-29 15:30:18 | 000,012,528 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\Windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009-07-29 15:30:16 | 000,109,216 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009-07-29 13:00:52 | 000,482,176 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-07-08 13:48:38 | 000,025,656 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2009-07-08 13:48:22 | 000,033,848 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2009-05-22 03:52:38 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-04-29 07:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009-04-20 08:38:54 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-PL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 62 E1 00 AA D7 DD D0 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: " PL "
FF - prefs.js..browser.search.region: " PL "
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\WebProtection@360safe.com: C:\Program Files\360\Total Security\safemon\webprotection_firefox [2015-08-23 21:08:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2015-09-08 01:55:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arek\AppData\Roaming\mozilla\Extensions
[2015-09-08 02:05:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arek\AppData\Roaming\mozilla\Firefox\Profiles\jamnxtpj.default\extensions
[2015-09-08 01:54:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015-09-08 01:54:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QHSafeTray] C:\Program Files\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 37.8.214.2 31.11.202.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B03C1DA-69FA-4F56-A987-C58647804F08}: DhcpNameServer = 37.8.214.2 31.11.202.254
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Program Files\HEWLET~1\IAM\bin\APSHook.dll) - C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Program Files\HEWLET~1\IAM\bin\APSHook.dll) - C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Program Files\HEWLET~1\IAM\bin\APSHook.dll) - C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Program Files\HEWLET~1\IAM\bin\APSHook.dll) - C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-04-12 08:13:17 | 000,000,043 | ---- | M] () - G:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015-09-20 20:16:56 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Arek\Desktop\HijackThis_2.0.4.exe
[2015-09-20 20:16:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Arek\Desktop\OTL.exe
[2015-09-08 01:54:58 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Mozilla
[2015-09-08 01:54:58 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Mozilla
[2015-09-08 01:54:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2015-09-08 01:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015-09-08 01:29:52 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Diagnostics
[2015-08-23 22:30:04 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\HD Tune Pro
[2015-08-23 22:29:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
[2015-08-23 22:29:06 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro
[2015-08-23 21:52:01 | 000,778,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015-08-23 21:52:01 | 000,142,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015-08-23 21:51:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2015-08-23 21:51:26 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Adobe
[2015-08-23 21:37:20 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Opera Software
[2015-08-23 21:37:20 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Opera Software
[2015-08-23 21:36:23 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2015-08-23 21:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2015-08-23 21:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2015-08-23 21:21:13 | 000,000,000 | ---D | C] -- C:\Users\Arek\Tracing
[2015-08-23 21:19:57 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Skype
[2015-08-23 21:19:54 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Skype
[2015-08-23 21:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015-08-23 21:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2015-08-23 21:19:36 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2015-08-23 21:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2015-08-23 21:13:23 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\uTorrent
[2015-08-23 21:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\360Quarant
[2015-08-23 21:10:36 | 000,000,000 | ---D | C] -- C:\Windows\tasks\360Disabled
[2015-08-23 21:10:29 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\360safe
[2015-08-23 21:09:08 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\360TotalSecurity
[2015-08-23 21:09:04 | 000,000,000 | ---D | C] -- C:\ProgramData\360TotalSecurity
[2015-08-23 21:09:00 | 000,053,960 | ---- | C] (360.cn) -- C:\Windows\System32\drivers\qutmipc.sys
[2015-08-23 21:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\360safe
[2015-08-23 21:08:59 | 000,178,384 | ---- | C] (360????) -- C:\Windows\System32\drivers\360SelfProtection.sys
[2015-08-23 21:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
[2015-08-23 21:08:56 | 000,203,856 | ---- | C] (360.cn) -- C:\Windows\System32\drivers\360Box.sys
[2015-08-23 21:08:56 | 000,034,888 | ---- | C] (360.cn) -- C:\Windows\System32\drivers\360Camera.sys
[2015-08-23 21:08:56 | 000,000,000 | RHSD | C] -- C:\360SANDBOX
[2015-08-23 21:08:55 | 000,121,936 | ---- | C] (360.cn) -- C:\Windows\System32\drivers\360AntiHacker.sys
[2015-08-23 21:08:48 | 000,292,560 | ---- | C] (360.cn) -- C:\Windows\System32\drivers\qutmdrv.sys
[2015-08-23 21:08:48 | 000,174,672 | ---- | C] (360.cn) -- C:\Windows\System32\drivers\BAPIDRV.SYS
[2015-08-23 21:08:47 | 000,065,872 | ---- | C] (360????) -- C:\Windows\System32\drivers\hookport.sys
[2015-08-23 21:08:40 | 000,066,128 | ---- | C] (360.cn) -- C:\Windows\System32\drivers\360AvFlt.sys
[2015-08-23 21:08:40 | 000,024,296 | ---- | C] (360.cn) -- C:\Windows\System32\drivers\efimon.sys
[2015-08-23 21:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015-08-23 21:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\360
[2015-08-23 21:05:04 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2015-08-23 21:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2015-08-23 21:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2015-08-23 21:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2015-08-23 21:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2015-08-23 21:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2015-08-23 21:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2015-08-23 21:00:43 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2015-08-23 21:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2015-08-23 20:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2015-08-23 20:58:48 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Microsoft Help
[2015-08-23 20:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2015-08-23 20:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2015-08-23 20:57:50 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2015-08-23 20:37:14 | 000,000,000 | -HSD | C] -- C:\Users\Arek\AppData\Local\EmieUserList
[2015-08-23 20:37:14 | 000,000,000 | -HSD | C] -- C:\Users\Arek\AppData\Local\EmieSiteList
[2015-08-23 20:37:14 | 000,000,000 | -HSD | C] -- C:\Users\Arek\AppData\Local\EmieBrowserModeList
[2015-08-23 20:33:28 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2015-08-23 20:33:14 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Sensor
[2015-08-23 20:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\HPQ
[2015-08-23 20:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ActivIdentity
[2015-08-23 20:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\ActivIdentity
[2015-08-23 20:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\hpqLog
[2015-08-23 20:26:05 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\hpqLog
[2015-08-23 20:25:28 | 001,885,488 | R--- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmn.dll
[2015-08-23 20:25:28 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wdfcoinstaller01005.dll
[2015-08-23 20:25:28 | 000,015,872 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys
[2015-08-23 20:25:28 | 000,009,344 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\CPQBttn.sys
[2015-08-23 20:25:27 | 001,885,488 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmns.dll
[2015-08-23 20:25:27 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2015-08-23 20:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2015-08-23 20:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2015-08-23 20:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2015-08-23 20:19:59 | 000,000,000 | ---D | C] -- C:\SwSetup
[2015-08-23 18:01:33 | 000,000,000 | -HSD | C] -- C:\Boot
[2015-08-23 17:10:41 | 000,000,000 | R--D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015-08-23 17:10:41 | 000,000,000 | R--D | C] -- C:\Users\Arek\Searches
[2015-08-23 17:10:41 | 000,000,000 | R--D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015-08-23 17:10:31 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Identities
[2015-08-23 17:10:29 | 000,000,000 | R--D | C] -- C:\Users\Arek\Contacts
[2015-08-23 17:10:11 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Adobe
[2015-08-23 17:10:05 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\VirtualStore
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Ustawienia lokalne
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\AppData\Local\Temporary Internet Files
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Szablony
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\SendTo
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Recent
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\PrintHood
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\NetHood
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Documents\Moje wideo
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Documents\Moje obrazy
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Moje dokumenty
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Documents\Moja muzyka
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Menu Start
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\AppData\Local\Historia
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Dane aplikacji
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\AppData\Local\Dane aplikacji
[2015-08-23 17:10:02 | 000,000,000 | -HSD | C] -- C:\Users\Arek\Cookies
[2015-08-23 17:10:01 | 000,000,000 | --SD | C] -- C:\Users\Arek\AppData\Roaming\Microsoft
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Videos
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Saved Games
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Pictures
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Music
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Links
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Favorites
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Downloads
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Documents
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\Desktop
[2015-08-23 17:10:01 | 000,000,000 | R--D | C] -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015-08-23 17:10:01 | 000,000,000 | -H-D | C] -- C:\Users\Arek\AppData
[2015-08-23 17:10:01 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Temp
[2015-08-23 17:10:01 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Local\Microsoft
[2015-08-23 17:10:01 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Media Center Programs
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2015-08-23 17:09:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2015-08-23 17:06:32 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015-08-23 17:04:16 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2015-08-23 17:03:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015-09-20 20:22:00 | 000,739,932 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2015-09-20 20:22:00 | 000,653,724 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015-09-20 20:22:00 | 000,155,474 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2015-09-20 20:22:00 | 000,121,596 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015-09-20 20:16:59 | 000,031,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015-09-20 20:16:59 | 000,031,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015-09-20 20:10:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-09-20 20:10:49 | 1509,400,576 | -HS- | M] () -- C:\hiberfil.sys
[2015-09-20 18:40:57 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Arek\Desktop\HijackThis_2.0.4.exe
[2015-09-20 18:37:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Arek\Desktop\OTL.exe
[2015-09-20 18:32:47 | 000,186,279 | ---- | M] () -- C:\Users\Arek\Desktop\hd_tune.jpg
[2015-09-08 01:54:38 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015-08-23 21:58:47 | 000,007,635 | ---- | M] () -- C:\Users\Arek\AppData\Local\Resmon.ResmonCfg
[2015-08-23 21:54:15 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2015-08-23 21:52:01 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015-08-23 21:52:01 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015-08-23 21:30:22 | 000,361,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015-08-23 20:53:58 | 000,449,619 | RHS- | M] () -- C:\JTAVH
[2015-08-23 20:33:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ATSwpWDF_01005.Wdf
[2015-08-23 20:22:42 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2015-08-23 18:01:35 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2015-08-23 17:07:19 | 000,185,589 | ---- | M] () -- C:\Windows\System32\license.rtf
[2015-08-23 17:06:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015-09-20 18:32:46 | 000,186,279 | ---- | C] () -- C:\Users\Arek\Desktop\hd_tune.jpg
[2015-09-08 01:54:38 | 000,001,129 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015-09-08 01:54:38 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015-08-23 21:52:02 | 000,000,992 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2015-08-23 21:47:16 | 000,007,635 | ---- | C] () -- C:\Users\Arek\AppData\Local\Resmon.ResmonCfg
[2015-08-23 21:37:00 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2015-08-23 21:30:06 | 000,361,776 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2015-08-23 20:53:58 | 000,449,619 | RHS- | C] () -- C:\JTAVH
[2015-08-23 20:33:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ATSwpWDF_01005.Wdf
[2015-08-23 20:32:53 | 000,001,256 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP ProtectTools Security Manager for Administrators.lnk
[2015-08-23 20:32:53 | 000,001,251 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP ProtectTools Security Manager.lnk
[2015-08-23 20:22:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2015-08-23 18:01:35 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2015-08-23 18:01:33 | 000,391,640 | RHS- | C] () -- C:\bootmgr
[2015-08-23 17:10:11 | 000,001,441 | ---- | C] () -- C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015-08-23 17:06:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2015-08-23 17:03:26 | 1509,400,576 | -HS- | C] () -- C:\hiberfil.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shell32.dll -- [2015-03-11 02:28:21 | 012,875,264 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Both

& lt; End of report & gt;


Download file - link to post
  Search 5 million + Products