OTL logfile created on: 2014-01-02 13:35:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dominik\Downloads
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,24 Gb Total Physical Memory | 0,33 Gb Available Physical Memory | 14,73% Memory free
4,48 Gb Paging File | 2,35 Gb Available in Paging File | 52,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 435,10 Gb Free Space | 93,44% Space Free | Partition Type: NTFS
Drive D: | 143,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: XXX | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-01-02 13:21:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominik\Downloads\OTL.exe
PRC - [2014-01-01 07:57:57 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2014-01-01 07:39:44 | 000,992,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
PRC - [2013-12-17 16:33:27 | 000,063,600 | ---- | M] (CyberGhost S.R.L) -- C:\Program Files\CyberGhost 5\Service.exe
PRC - [2013-12-06 17:49:00 | 000,390,256 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2013-12-05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-11-28 18:54:39 | 001,830,768 | ---- | M] (SurfRight B.V.) -- C:\Program Files\HitmanPro.Alert\hmpalert.exe
PRC - [2013-11-14 19:16:14 | 000,508,144 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2013-11-04 13:42:10 | 001,228,504 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2013-11-04 13:42:08 | 000,565,464 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2013-10-16 02:40:00 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
PRC - [2013-10-11 16:12:16 | 000,069,192 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2013-10-08 14:07:44 | 002,949,480 | ---- | M] (Ashampoo Development GmbH & Co. KG) -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe
PRC - [2013-10-08 14:07:44 | 000,885,096 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
PRC - [2013-09-04 11:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
PRC - [2013-09-04 11:34:12 | 001,372,232 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
PRC - [2013-09-04 11:33:40 | 000,070,728 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-12-16 12:25:20 | 000,545,552 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2012-12-16 12:25:18 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2012-07-25 02:51:06 | 000,655,712 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2012-05-09 14:25:58 | 000,152,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\EMET\EMET_notifier.exe
PRC - [2011-11-02 03:57:46 | 000,397,312 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-11-02 03:57:18 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011-11-01 22:10:10 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-10-03 15:17:40 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011-09-13 13:33:14 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011-07-21 15:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010-10-07 14:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-12-15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-06-19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008-12-22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-01-01 20:08:46 | 018,123,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\3485907c71cb4575a8ae6a9609bfe16c\System.ServiceModel.ni.dll
MOD - [2014-01-01 17:37:35 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c9a881afff5292490d8e22426fd89f8c\WindowsFormsIntegration.ni.dll
MOD - [2014-01-01 17:34:28 | 000,196,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\1c34ecb16386cd9f5e5b7a4188d856d7\UIAutomationTypes.ni.dll
MOD - [2014-01-01 17:34:27 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\08c6c4697818c7c8fb4491469dc5daa1\UIAutomationProvider.ni.dll
MOD - [2014-01-01 17:33:37 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2014-01-01 17:33:37 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\fb5c42d141f09e9baf071ccb84e95efd\Accessibility.ni.dll
MOD - [2014-01-01 17:24:40 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll
MOD - [2014-01-01 17:24:09 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll
MOD - [2014-01-01 17:23:34 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2014-01-01 17:23:33 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll
MOD - [2014-01-01 17:23:32 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll
MOD - [2014-01-01 17:23:29 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll
MOD - [2014-01-01 17:23:25 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll
MOD - [2014-01-01 17:23:21 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2014-01-01 17:23:02 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2014-01-01 12:51:51 | 012,506,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\dedf02593b5d729013873062576b546b\System.Windows.Forms.ni.dll
MOD - [2014-01-01 12:50:16 | 001,588,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eb87d72d778ed2108edbb1717974748f\System.Drawing.ni.dll
MOD - [2014-01-01 12:47:39 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
MOD - [2014-01-01 12:43:21 | 008,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ecb719e9bb68d366a6f77038617e3999\System.ni.dll
MOD - [2014-01-01 07:57:55 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013-12-06 17:48:43 | 000,023,152 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013-12-06 17:48:42 | 000,158,832 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013-12-06 17:48:37 | 003,017,840 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2013-12-05 20:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-09-04 11:19:22 | 000,098,888 | ---- | M] () -- C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll
MOD - [2013-06-17 12:35:10 | 000,478,400 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
MOD - [2012-11-21 06:26:34 | 000,008,704 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Thunderbird\Profiles\gmsr1aoc.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2012-11-21 06:26:34 | 000,008,704 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\trlykwvd.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2011-09-13 13:33:14 | 001,163,264 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\acAuth.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- 㩃停潲牧浡䘠汩獥坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數 [WARNING: ????????????????????????] -- (楗敳潂瑯獁楳瑳湡tĴ")
SRV - [2014-01-01 12:16:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014-01-01 07:57:58 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-12-17 16:33:27 | 000,063,600 | ---- | M] (CyberGhost S.R.L) [Auto | Running] -- C:\Program Files\CyberGhost 5\Service.exe -- (CGVPNCliService)
SRV - [2013-12-05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-11-28 18:54:39 | 001,830,768 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro.Alert\hmpalert.exe -- (hmpalertsvc)
SRV - [2013-11-04 13:42:10 | 001,228,504 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013-11-04 13:42:08 | 000,660,184 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-10-16 02:40:00 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe -- (AVP)
SRV - [2013-10-11 16:12:16 | 000,069,192 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2013-10-08 14:07:44 | 000,885,096 | ---- | M] () [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe -- (WO_LiveService)
SRV - [2013-09-04 11:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013-02-04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012-12-16 12:25:18 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012-07-25 02:51:06 | 000,655,712 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011-11-02 03:57:18 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-11-01 22:10:10 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2009-12-15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-06-15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2014-01-02 08:46:21 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2014-01-01 07:47:44 | 000,574,560 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2014-01-01 07:47:44 | 000,144,992 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2014-01-01 07:47:44 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2013-12-29 11:22:04 | 000,014,376 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hmpalert.sys -- (hmpalert)
DRV - [2013-11-04 13:42:02 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2013-10-28 01:12:14 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2013-10-16 02:39:58 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2013-10-16 02:39:58 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2013-10-16 02:39:58 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2013-09-04 11:23:38 | 000,186,952 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV - [2013-09-04 11:23:38 | 000,051,784 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2013-09-04 11:23:38 | 000,041,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\EUBKMON.sys -- (EUBKMON)
DRV - [2013-09-04 11:23:38 | 000,015,944 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2013-08-22 13:40:22 | 000,035,288 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2013-08-21 05:31:38 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013-08-21 05:31:38 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013-06-08 20:18:38 | 000,094,304 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\klflt.sys -- (klflt)
DRV - [2013-05-31 15:53:18 | 000,209,016 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2013-05-14 17:34:44 | 000,045,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2013-04-12 15:34:48 | 000,014,432 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klpd.sys -- (klpd)
DRV - [2013-04-04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012-12-16 12:25:16 | 000,157,776 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012-04-26 04:02:09 | 000,377,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV - [2012-04-23 02:53:35 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011-12-31 02:20:23 | 000,199,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011-11-02 05:43:50 | 008,599,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-11-02 03:18:22 | 000,257,024 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-10-17 18:40:44 | 000,085,520 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011-10-14 18:04:40 | 000,014,720 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AiCharger.sys -- (AiCharger)
DRV - [2011-10-07 03:53:26 | 002,205,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011-09-07 09:55:02 | 000,014,464 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys -- (ATKWMIACPIIO)
DRV - [2011-08-17 21:44:48 | 000,041,600 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2011-07-15 21:53:52 | 000,168,576 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdxhc.sys -- (amdxhc)
DRV - [2011-07-15 21:53:52 | 000,076,928 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdhub30.sys -- (amdhub30)
DRV - [2011-03-08 05:01:06 | 000,012,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor32.sys -- (LiveTunerPM)
DRV - [2010-07-27 02:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010-03-20 05:06:58 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2010-02-18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-07-14 02:19:10 | 000,175,824 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,040,896 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,028,224 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 00:28:47 | 000,005,632 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-07-02 17:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-272118755-3066965611-1656959378-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-272118755-3066965611-1656959378-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-272118755-3066965611-1656959378-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-272118755-3066965611-1656959378-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledAddons: firefox-menu-icon%40benjamin.smedbergs.us:1.2
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.2.3
FF - prefs.js..extensions.enabledAddons: mintrayr%40tn123.ath.cx:1.1.2
FF - prefs.js..extensions.enabledAddons: movableAppButton%40Merci.chao:1.4
FF - prefs.js..extensions.enabledAddons: trafficlight%40bitdefender.com:0.2.16
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: %7B0538E3E3-7E9B-4d49-8831-A227C80A7AD3%7D:2.2.2
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:14.0.0.4837
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.9
FF - prefs.js..extensions.enabledAddons: %7Bc4d362ec-1cff-4ca0-9031-99a8fad7995a%7D:1.17.2013121401
FF - prefs.js..extensions.enabledAddons: info%40djzig.com:2.1.6
FF - prefs.js..keyword.enabled: false
 
FF - user.js..browser.search.openintab: false
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-01 07:48:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-01 07:48:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-01 07:48:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-01 07:48:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-01 07:48:45 | 000,000,000 | ---D | M]
 
[2013-12-29 13:37:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions
[2014-01-01 08:03:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\trlykwvd.default\extensions
[2013-12-29 17:15:55 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\trlykwvd.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2013-12-29 17:15:55 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\trlykwvd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2013-12-29 17:15:55 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\trlykwvd.default\extensions\foxmarks@kei.com
[2014-01-01 08:03:53 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\trlykwvd.default\extensions\info@djzig.com
[2013-12-29 17:15:55 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\trlykwvd.default\extensions\mintrayr@tn123.ath.cx
[2013-12-03 17:43:32 | 000,301,821 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\compatibility@addons.mozilla.org.xpi
[2013-11-28 16:37:02 | 000,006,267 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\firefox-menu-icon@benjamin.smedbergs.us.xpi
[2013-12-06 16:13:48 | 000,081,967 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
[2013-11-28 16:37:02 | 000,003,323 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\movableAppButton@Merci.chao.xpi
[2013-11-28 18:25:32 | 000,921,410 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\trafficlight@bitdefender.com.xpi
[2013-12-03 17:43:32 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\translator@zoli.bod.xpi
[2014-01-01 08:03:53 | 000,535,253 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014-01-01 08:03:51 | 000,188,851 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a}.xpi
[2013-11-28 14:05:58 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-12-06 16:17:56 | 000,002,492 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\trlykwvd.default\searchplugins\ixquick-https.xml
[2013-12-29 13:31:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-12-29 13:31:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-01-01 07:48:44 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 14.0.0\FFEXT\ANTI_BANNER@KASPERSKY.COM
 
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Ashampoo WinOptimizer Live-Tuner] C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe (Ashampoo Development GmbH & Co. KG)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [EaseUs Tray] C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EaseUs Watch] C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-272118755-3066965611-1656959378-1000..\Run: [CCleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-272118755-3066965611-1656959378-1000..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-272118755-3066965611-1656959378-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-272118755-3066965611-1656959378-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\S-1-5-21-272118755-3066965611-1656959378-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
O9 - Extra Button: &Klawiatura wirtualna - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1454D182-8CC2-40D7-8C46-36CD3963F9C4}: NameServer = 212.2.96.51 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A598149-5E4A-426C-BCCB-21BA86F49612}: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{82d485ff-730a-11e3-8915-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{82d485ff-730a-11e3-8915-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f8ec5f9a-7069-11e3-bec5-5404a6e4bb64}\Shell - "" = AutoRun
O33 - MountPoints2\{f8ec5f9a-7069-11e3-bec5-5404a6e4bb64}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-01-02 13:24:50 | 000,000,000 | ---D | C] -- C:\FRST
[2014-01-02 09:51:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2014-01-02 08:46:21 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014-01-02 08:37:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2014-01-01 21:33:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\%Report%
[2014-01-01 20:40:33 | 000,000,000 | R--D | C] -- C:\Sandbox
[2014-01-01 18:33:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\%DataRoot%
[2014-01-01 17:35:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2014-01-01 17:35:06 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Samsung
[2014-01-01 17:34:59 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Samsung
[2014-01-01 17:34:26 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Documents\samsung
[2014-01-01 17:32:20 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinUSBCoInstaller.dll
[2014-01-01 17:32:19 | 000,182,680 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2014-01-01 17:32:19 | 000,084,248 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2014-01-01 17:31:44 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\System32\DfSdkBt.exe
[2014-01-01 17:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2014-01-01 17:30:37 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2014-01-01 17:29:46 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2014-01-01 17:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2014-01-01 17:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2014-01-01 17:16:21 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Downloaded Installations
[2014-01-01 16:47:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014-01-01 12:53:45 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014-01-01 12:53:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-01-01 12:53:45 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-01-01 12:53:45 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-01-01 12:53:45 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-01-01 12:53:45 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014-01-01 12:53:45 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-01-01 12:53:45 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-01-01 12:53:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014-01-01 12:53:45 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-01-01 12:53:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-01-01 12:53:45 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-01-01 12:53:45 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014-01-01 12:53:45 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014-01-01 12:53:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014-01-01 12:53:45 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2014-01-01 12:53:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014-01-01 12:53:45 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014-01-01 12:53:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014-01-01 12:53:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014-01-01 12:53:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014-01-01 12:53:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-01-01 12:53:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-01-01 12:53:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-01-01 12:53:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014-01-01 12:53:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014-01-01 12:53:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-01-01 12:53:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014-01-01 12:53:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014-01-01 12:53:44 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-01-01 12:53:44 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2014-01-01 12:53:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2014-01-01 12:53:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-01-01 12:53:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014-01-01 12:53:44 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2014-01-01 12:53:44 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014-01-01 12:53:44 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014-01-01 12:50:58 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014-01-01 12:50:58 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014-01-01 12:50:58 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014-01-01 12:50:58 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014-01-01 12:50:58 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014-01-01 12:50:58 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014-01-01 12:50:58 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014-01-01 12:50:58 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014-01-01 12:50:58 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2014-01-01 12:50:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014-01-01 12:50:58 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014-01-01 12:50:58 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014-01-01 12:50:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2014-01-01 12:50:58 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014-01-01 12:47:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2014-01-01 12:16:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2014-01-01 12:08:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014-01-01 08:51:39 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2014-01-01 08:44:06 | 000,186,952 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\EuFdDisk.sys
[2014-01-01 08:44:04 | 000,015,944 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\eudskacs.sys
[2014-01-01 08:44:00 | 000,051,784 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\eubakup.sys
[2014-01-01 08:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Home 6.1
[2014-01-01 08:38:56 | 000,019,528 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\fbnative.exe
[2014-01-01 08:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS
[2014-01-01 08:38:12 | 000,000,000 | ---D | C] -- C:\My Backups
[2014-01-01 08:14:34 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Skype
[2014-01-01 08:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014-01-01 08:13:57 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2014-01-01 08:13:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014-01-01 08:13:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014-01-01 08:03:34 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Macromedia
[2014-01-01 08:01:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2014-01-01 07:57:57 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-01-01 07:57:57 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-01-01 07:57:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014-01-01 07:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014-01-01 07:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2014-01-01 07:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014-01-01 07:48:58 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Macromedia
[2014-01-01 07:48:56 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Adobe
[2014-01-01 07:48:55 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Adobe
[2014-01-01 07:40:12 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014-01-01 07:40:11 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014-01-01 07:39:10 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014-01-01 07:39:10 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014-01-01 07:39:10 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014-01-01 07:38:44 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014-01-01 07:38:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2013-12-30 20:44:30 | 000,000,000 | ---D | C] -- C:\863b02a49232c91d52c232ec46f35f
[2013-12-30 10:40:54 | 000,000,000 | ---D | C] -- C:\797ad5104fd76c9aa392
[2013-12-29 17:36:58 | 002,205,696 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2013-12-29 17:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2013-12-29 17:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup
[2013-12-29 14:30:22 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Mozilla
[2013-12-29 13:37:02 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Mozilla
[2013-12-29 13:37:01 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Thunderbird
[2013-12-29 13:37:01 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Thunderbird
[2013-12-29 13:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013-12-29 13:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013-12-29 13:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013-12-29 13:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-12-29 13:04:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013-12-29 12:30:17 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\QFX Software
[2013-12-29 12:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2013-12-29 12:15:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2013-12-29 12:15:05 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013-12-29 12:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2013-12-29 12:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013-12-29 12:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2013-12-29 12:14:42 | 000,574,560 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2013-12-29 12:14:42 | 000,094,304 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2013-12-29 12:10:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhrozenSoft VirusTotal Uploader
[2013-12-29 12:10:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\PhrozenSoft
[2013-12-29 11:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Mobile Partner
[2013-12-29 11:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
[2013-12-29 11:58:51 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2013-12-29 11:58:51 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2013-12-29 11:58:51 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2013-12-29 11:58:51 | 000,377,856 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2013-12-29 11:58:51 | 000,202,752 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2013-12-29 11:58:51 | 000,199,168 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2013-12-29 11:58:51 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2013-12-29 11:58:51 | 000,095,616 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2013-12-29 11:58:51 | 000,076,544 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2013-12-29 11:58:51 | 000,070,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2013-12-29 11:58:51 | 000,027,520 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2013-12-29 11:58:51 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2013-12-29 11:58:51 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2013-12-29 11:58:51 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013-12-29 11:58:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mobile Partner
[2013-12-29 11:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2013-12-29 11:53:54 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Ashampoo Photo Commander 10
[2013-12-29 11:40:07 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Ashampoo
[2013-12-29 11:39:54 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\ashampoo
[2013-12-29 11:39:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2013-12-29 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Secunia PSI
[2013-12-29 11:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2013-12-29 11:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2013-12-29 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2013-12-29 11:36:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2013-12-29 11:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2013-12-29 11:35:12 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Malwarebytes
[2013-12-29 11:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-12-29 11:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-12-29 11:35:06 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013-12-29 11:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013-12-29 11:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-12-29 11:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-12-29 11:31:17 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\CyberGhost
[2013-12-29 11:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\TAP-Windows
[2013-12-29 11:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
[2013-12-29 11:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\CyberGhost 5
[2013-12-29 11:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2013-12-29 11:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013-12-29 11:29:00 | 000,135,464 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\LnkProtect.dll
[2013-12-29 11:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013-12-29 11:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013-12-29 11:27:28 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013-12-29 11:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013-12-29 11:27:06 | 000,209,016 | ---- | C] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys
[2013-12-29 11:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2013-12-29 11:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
[2013-12-29 11:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\EMET
[2013-12-29 11:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics
[2013-12-29 11:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013-12-29 11:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2013-12-29 11:22:04 | 000,564,312 | ---- | C] (SurfRight) -- C:\Windows\System32\hmpalert.dll
[2013-12-29 11:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro.Alert
[2013-12-29 11:17:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Wise Care 365
[2013-12-29 11:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2013-12-29 11:15:46 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Programs
[2013-12-29 11:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013-12-29 11:14:09 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Canneverbe Limited
[2013-12-29 11:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2013-12-29 11:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013-12-29 11:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2013-12-29 11:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2013-12-29 11:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013-12-29 11:09:04 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013-12-29 11:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2013-12-29 10:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013-12-29 10:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2013-12-29 10:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2013-12-29 10:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013-12-29 10:28:34 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013-12-29 10:27:01 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2013-12-29 10:26:48 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Microsoft Help
[2013-12-29 10:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013-12-29 10:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013-12-29 10:25:46 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013-12-29 10:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\USBChargerPlus
[2013-12-29 10:07:15 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013-12-29 10:07:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\AMD
[2013-12-29 10:07:07 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\ATI
[2013-12-29 10:07:07 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\ATI
[2013-12-29 10:07:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-12-29 10:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2013-12-29 10:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2013-12-29 10:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2013-12-29 10:01:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
[2013-12-29 10:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2013-12-29 09:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2013-12-29 09:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2013-12-29 09:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013-12-29 09:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013-12-29 09:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013-12-29 09:55:05 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2013-12-29 09:54:58 | 000,041,600 | R--- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys
[2013-12-29 09:54:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013-12-29 09:54:56 | 000,168,576 | ---- | C] (Advanced Micro Devices, INC.) -- C:\Windows\System32\drivers\amdxhc.sys
[2013-12-29 09:54:55 | 000,076,928 | ---- | C] (Advanced Micro Devices, INC.) -- C:\Windows\System32\drivers\amdhub30.sys
[2013-12-29 09:54:47 | 000,085,520 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys
[2013-12-29 09:54:24 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2013-12-29 09:54:23 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2013-12-29 09:54:15 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013-12-29 09:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013-12-29 09:51:44 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2013-12-29 09:51:31 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013-12-29 09:51:29 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013-12-29 09:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013-12-29 09:48:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013-12-29 09:47:18 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2013-12-29 09:47:18 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2013-12-29 09:47:18 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2013-12-29 09:43:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013-12-29 09:19:42 | 000,000,000 | R--D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013-12-29 09:19:42 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Searches
[2013-12-29 09:19:42 | 000,000,000 | R--D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013-12-29 09:19:33 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Identities
[2013-12-29 09:19:31 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Contacts
[2013-12-29 09:19:27 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\VirtualStore
[2013-12-29 09:19:24 | 000,000,000 | --SD | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Videos
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Saved Games
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Pictures
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Music
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Links
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Favorites
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Downloads
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Documents
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Desktop
[2013-12-29 09:19:24 | 000,000,000 | R--D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Ustawienia lokalne
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\AppData\Local\Temporary Internet Files
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Szablony
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\SendTo
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Recent
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\PrintHood
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\NetHood
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Documents\Moje wideo
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Documents\Moje obrazy
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Moje dokumenty
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Documents\Moja muzyka
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Menu Start
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\AppData\Local\Historia
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Dane aplikacji
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\AppData\Local\Dane aplikacji
[2013-12-29 09:19:24 | 000,000,000 | -HSD | C] -- C:\Users\Dominik\Cookies
[2013-12-29 09:19:24 | 000,000,000 | -H-D | C] -- C:\Users\Dominik\AppData
[2013-12-29 09:19:24 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Temp
[2013-12-29 09:19:24 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Microsoft
[2013-12-29 09:19:24 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Media Center Programs
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2013-12-29 09:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2013-12-29 09:08:57 | 000,000,000 | -H-D | C] -- C:\Windows\SoftwareDistribution
[2013-12-29 09:06:49 | 000,000,000 | -H-D | C] -- C:\Windows\Prefetch
[2013-12-29 09:05:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013-12-29 09:05:11 | 000,000,000 | -H-D | C] -- C:\Windows\Panther
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-01-02 14:02:10 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-01-02 14:02:10 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-01-02 12:59:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-01-02 08:46:21 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014-01-01 18:29:11 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-01-01 17:58:47 | 000,135,464 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\LnkProtect.dll
[2014-01-01 17:35:06 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2014-01-01 16:34:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2014-01-01 13:50:58 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014-01-01 13:50:58 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014-01-01 13:50:58 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014-01-01 12:53:45 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014-01-01 12:53:45 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-01-01 12:53:45 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-01-01 12:53:45 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-01-01 12:53:45 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-01-01 12:53:45 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014-01-01 12:53:45 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-01-01 12:53:45 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-01-01 12:53:45 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014-01-01 12:53:45 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-01-01 12:53:45 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-01-01 12:53:45 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-01-01 12:53:45 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014-01-01 12:53:45 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014-01-01 12:53:45 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014-01-01 12:53:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-01-01 12:53:45 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2014-01-01 12:53:45 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014-01-01 12:53:45 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014-01-01 12:53:45 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014-01-01 12:53:45 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014-01-01 12:53:45 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014-01-01 12:53:45 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-01-01 12:53:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-01-01 12:53:45 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014-01-01 12:53:45 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-01-01 12:53:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014-01-01 12:53:45 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014-01-01 12:53:45 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-01-01 12:53:45 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014-01-01 12:53:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014-01-01 12:53:44 | 001,806,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-01-01 12:53:44 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2014-01-01 12:53:44 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2014-01-01 12:53:44 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014-01-01 12:53:44 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2014-01-01 12:53:44 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014-01-01 12:53:44 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014-01-01 12:50:58 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014-01-01 12:50:58 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014-01-01 12:50:58 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014-01-01 12:50:58 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014-01-01 12:50:58 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014-01-01 12:50:58 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014-01-01 12:50:58 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014-01-01 12:50:58 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014-01-01 12:50:58 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2014-01-01 12:50:58 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014-01-01 12:50:58 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014-01-01 12:50:58 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014-01-01 12:50:58 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2014-01-01 12:50:58 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014-01-01 12:47:56 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2014-01-01 07:57:57 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-01-01 07:57:57 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-01-01 07:47:44 | 000,574,560 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2014-01-01 07:47:44 | 000,144,992 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kneps.sys
[2014-01-01 07:47:44 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl1.sys
[2014-01-01 07:41:48 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014-01-01 07:41:48 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014-01-01 07:41:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014-01-01 07:41:32 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014-01-01 07:34:03 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat
[2013-12-30 15:26:20 | 000,009,728 | ---- | M] () -- C:\Users\Dominik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-12-30 11:47:44 | 000,001,660 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013-12-29 18:30:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013-12-29 13:31:12 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Firefox.lnk
[2013-12-29 11:58:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013-12-29 11:39:48 | 000,001,064 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013-12-29 11:22:04 | 000,564,312 | ---- | M] (SurfRight) -- C:\Windows\System32\hmpalert.dll
[2013-12-29 11:22:04 | 000,014,376 | ---- | M] () -- C:\Windows\System32\drivers\hmpalert.sys
[2013-12-29 09:58:34 | 000,000,057 | -H-- | M] () -- C:\Windows\System32\mapisvc.inf
[2013-12-29 09:57:26 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013-12-29 09:47:36 | 000,295,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2013-12-29 09:47:36 | 000,099,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2013-12-29 09:47:36 | 000,049,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2013-12-29 09:21:08 | 000,687,828 | -H-- | M] () -- C:\Windows\System32\perfh015.dat
[2013-12-29 09:21:08 | 000,607,190 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2013-12-29 09:21:08 | 000,131,382 | -H-- | M] () -- C:\Windows\System32\perfc015.dat
[2013-12-29 09:21:08 | 000,103,568 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[2013-12-29 09:10:18 | 000,066,898 | -H-- | M] () -- C:\Windows\System32\license.rtf
[2013-12-29 09:08:45 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-01-01 17:35:06 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2014-01-01 15:50:04 | 000,001,421 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014-01-01 12:53:45 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014-01-01 08:43:48 | 000,041,544 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys
[2014-01-01 07:58:04 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-01-01 07:34:03 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat
[2013-12-29 18:30:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013-12-29 13:31:12 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Firefox.lnk
[2013-12-29 11:58:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013-12-29 11:43:39 | 000,009,728 | ---- | C] () -- C:\Users\Dominik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-12-29 11:39:48 | 000,001,064 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013-12-29 11:39:48 | 000,001,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2013-12-29 11:37:03 | 000,001,660 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013-12-29 11:22:04 | 000,014,376 | ---- | C] () -- C:\Windows\System32\drivers\hmpalert.sys
[2013-12-29 11:14:09 | 000,001,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013-12-29 09:57:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013-12-29 09:54:23 | 000,198,664 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2013-12-29 09:54:23 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013-12-29 09:54:17 | 000,035,707 | ---- | C] () -- C:\Windows\atiogl.xml
[2013-12-29 09:08:45 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013-10-30 12:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013-10-30 12:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013-10-30 12:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013-10-30 12:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013-10-30 12:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-12-29 11:40:07 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Ashampoo
[2013-12-29 11:53:54 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Ashampoo Photo Commander 10
[2013-12-29 11:14:09 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Canneverbe Limited
[2013-12-29 12:10:14 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\PhrozenSoft
[2013-12-29 12:30:17 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\QFX Software
[2014-01-01 17:34:59 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Samsung
[2013-12-29 13:37:01 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Thunderbird
[2013-12-30 12:07:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Wise Care 365
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >