OTL logfile created on: 2014-02-08 19:45:24 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = I:\ Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 69,50% Memory free 7,18 Gb Paging File | 6,29 Gb Available in Paging File | 87,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 112,16 Gb Free Space | 48,16% Space Free | Partition Type: NTFS Drive D: | 221,16 Gb Total Space | 46,95 Gb Free Space | 21,23% Space Free | Partition Type: NTFS Drive I: | 465,76 Gb Total Space | 402,51 Gb Free Space | 86,42% Space Free | Partition Type: NTFS Computer Name: KAFI-PC | User Name: Kafi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-02-08 18:49:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- I:\OTL.exe PRC - [2014-02-08 11:30:21 | 000,246,112 | ---- | M] () -- C:\ProgramData\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe PRC - [2014-01-06 14:23:42 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2014-01-06 14:23:42 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2013-05-10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-12-29 09:26:22 | 000,873,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012-12-07 16:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2012-06-01 02:59:04 | 000,099,840 | ---- | M] (PostgreSQL Global Development Group) -- D:\any\pgsql\bin\pg_ctl.exe PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DataCardService\HWDeviceService.exe PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DataCardService\DCSHelper.exe PRC - [2011-01-10 13:49:52 | 000,014,848 | ---- | M] () -- C:\Program Files\Dokan\DokanLibrary\mounter.exe PRC - [2010-03-18 21:25:55 | 000,126,976 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe PRC - [2010-01-22 21:13:24 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe PRC - [2010-01-22 21:13:02 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-07 18:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe PRC - [2009-03-30 05:06:15 | 000,424,864 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe PRC - [2009-03-21 04:37:18 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe PRC - [2008-12-23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe PRC - [2008-10-01 07:02:48 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe PRC - [2008-09-30 23:17:32 | 000,237,568 | ---- | M] (AlcorMicro Co., Ltd.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe PRC - [2008-09-29 12:44:48 | 000,274,432 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe PRC - [2008-08-18 19:27:32 | 000,117,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe PRC - [2008-08-18 18:56:22 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe PRC - [2008-08-14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2008-08-14 04:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2008-08-14 00:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007-08-08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2005-07-06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-12-03 09:31:16 | 019,336,120 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll MOD - [2009-11-22 10:58:18 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2007-11-12 23:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-02-08 11:30:21 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Internet w Cyfrowym Polsacie\UpdateDog\ouc.exe -- (Internet w Cyfrowym Polsacie. RunOuc) SRV - [2014-02-05 18:55:15 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-01-06 14:23:42 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2013-10-18 22:36:28 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Auto | Stopped] -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services) SRV - [2013-05-10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-02-17 12:18:06 | 000,137,336 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2013-01-29 20:05:44 | 000,087,368 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\htc2\HSMServiceEntry.exe -- (HTCMonitorService) SRV - [2012-12-07 16:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2012-06-01 02:59:04 | 000,099,840 | ---- | M] (PostgreSQL Global Development Group) [Auto | Start_Pending] -- D:\any\pgsql\bin\pg_ctl.exe -- (WorkshopDbService) SRV - [2012-01-05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv) SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DataCardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2011-01-10 13:49:52 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Dokan\DokanLibrary\mounter.exe -- (DokanMounter) SRV - [2010-03-18 21:25:55 | 000,126,976 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\System32\Crypserv.exe -- (CrypKey License) SRV - [2010-01-22 21:13:24 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service) SRV - [2010-01-22 21:13:02 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010-01-22 21:12:46 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- D:\VM\vmware-authd.exe -- (VMAuthdService) SRV - [2010-01-22 20:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009-10-12 13:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- D:\VM\vmware-ufad.exe -- (ufad-ws60) SRV - [2009-04-07 18:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service) SRV - [2008-08-14 04:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-08-08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007-05-31 15:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 15:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\VHIDMini.sys -- (VHidMinidrv) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm) DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX) DRV - File not found [File_System | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys -- (cpuz136) DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\vbtenum.sys -- (BTHidEnum) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio) DRV - [2014-02-08 11:30:27 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2014-02-08 11:30:27 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2014-02-08 11:30:27 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2014-02-08 11:30:27 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2014-02-08 11:30:27 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2014-01-06 14:23:48 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2014-01-06 14:23:48 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2014-01-06 14:23:48 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2014-01-06 14:23:48 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2014-01-06 14:23:47 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2014-01-06 14:23:47 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2013-12-03 09:31:18 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013-04-30 10:58:40 | 000,046,624 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SaiBus.sys -- (SaiNtBus) DRV - [2013-04-30 10:58:40 | 000,023,200 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SaiMini.sys -- (SaiMini) DRV - [2013-03-15 07:30:27 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA) DRV - [2012-12-29 11:26:54 | 008,904,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012-12-07 17:27:50 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2012-11-10 20:45:18 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012-07-30 10:24:30 | 000,132,608 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2plx86) DRV - [2012-06-05 15:33:00 | 000,158,552 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2012-06-05 15:33:00 | 000,116,056 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2012-06-05 15:33:00 | 000,104,792 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2012-06-05 15:33:00 | 000,091,992 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2011-09-08 15:40:24 | 000,363,112 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2011-01-27 19:18:32 | 000,058,496 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabser.sys -- (silabser) DRV - [2011-01-27 19:18:32 | 000,047,176 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabenm.sys -- (silabenm) DRV - [2011-01-10 13:49:54 | 000,095,744 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\System32\drivers\dokan.sys -- (Dokan) DRV - [2010-08-24 13:32:00 | 000,073,032 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2010-08-24 13:32:00 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2010-08-10 09:40:26 | 000,138,760 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiK0CCB.sys -- (SaiK0CCB) DRV - [2010-08-10 09:40:26 | 000,035,336 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiU0CCB.sys -- (SaiU0CCB) DRV - [2010-03-19 00:11:11 | 000,023,360 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\Ckldrv.sys -- (NetworkX) DRV - [2010-02-05 04:16:10 | 000,028,048 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp) DRV - [2010-01-22 21:14:16 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2010-01-22 21:14:14 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd) DRV - [2010-01-22 21:14:12 | 000,854,192 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86) DRV - [2010-01-22 21:14:12 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci) DRV - [2010-01-22 20:00:42 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon) DRV - [2010-01-22 16:13:00 | 000,036,400 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge) DRV - [2010-01-22 16:13:00 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV - [2010-01-03 18:44:27 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-01-03 08:05:13 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-10-12 13:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- D:\VM\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2009-09-05 13:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009-06-10 14:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009-04-01 22:12:48 | 000,233,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service) DRV - [2008-11-03 08:03:27 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008-10-22 15:06:44 | 000,106,496 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiKF620.sys -- (SaiKF620) DRV - [2008-10-21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm) DRV - [2008-10-21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic) DRV - [2008-10-21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt) DRV - [2008-10-21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex) DRV - [2008-10-21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus) DRV - [2008-10-21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5) DRV - [2008-10-21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl) DRV - [2008-09-11 09:18:14 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50) DRV - [2008-09-11 09:18:14 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50) DRV - [2008-08-11 03:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) DRV - [2008-05-16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) DRV - [2008-05-16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) DRV - [2008-05-16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008-05-16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008-05-16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) DRV - [2008-05-16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008-05-16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) DRV - [2008-04-07 07:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER) DRV - [2008-02-18 15:21:33 | 000,104,960 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiK0728.sys -- (SaiK0728) DRV - [2008-01-09 10:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2007-12-10 06:22:22 | 000,110,120 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017unic.sys -- (s3017unic) DRV - [2007-12-10 06:22:22 | 000,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017obex.sys -- (s3017obex) DRV - [2007-12-10 06:22:20 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mgmt.sys -- (s3017mgmt) DRV - [2007-12-10 06:22:20 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017nd5.sys -- (s3017nd5) DRV - [2007-12-10 06:22:18 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mdm.sys -- (s3017mdm) DRV - [2007-12-10 06:22:18 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mdfl.sys -- (s3017mdfl) DRV - [2007-12-10 06:22:14 | 000,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017bus.sys -- (s3017bus) DRV - [2007-11-14 18:08:52 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6) DRV - [2007-07-24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2006-12-14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006-11-02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2006-09-13 12:31:50 | 000,192,000 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiH0762.sys -- (SaiH0762) DRV - [2000-01-01 01:00:00 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32) DRV - [2000-01-01 01:00:00 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2000-01-01 01:00:00 | 000,013,824 | ---- | M] ((Standard mouse types)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2000-01-01 01:00:00 | 000,008,704 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10011&barid={2808C8AC-4A8A-11E2-821A-EFE263E40EA5} IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.just-browse.info/?l=1&q={searchTerms} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={2808C8AC-4A8A-11E2-821A-EFE263E40EA5} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/webhp?sourceid=toolbar-instant&hl=pl&ion=1&qscrl=1&nord=1&rlz=1T4ASUS_plPL349PL349 IE - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7AURU_pl IE - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found [2012-12-20 10:45:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kafi\AppData\Roaming\mozilla\Firefox\Profiles\extensions [2012-11-29 15:47:10 | 000,197,580 | ---- | M] () (No name found) -- C:\Users\Kafi\AppData\Roaming\mozilla\firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi [2013-06-05 08:26:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.delta-search.com/?affID=119357&tt=gc_&babsrc=HP_ss&mntrId=1E9B0025D3647A59 CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlghgifgkapabijdmenlghpcjhaojnp\5.7_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj\6.3_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli\1.0_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli\1.6_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjallejegaedjjopnbmljhphfmmbabm\3.8_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.1.0.1_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlghgifgkapabijdmenlghpcjhaojnp\5.7_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj\6.3_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli\1.0_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli\1.6_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjallejegaedjjopnbmljhphfmmbabm\3.8_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.1.0.1_0\ CHR - Extension: No name found = C:\Users\Kafi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Kafi\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK) O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [DBAgent] C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC) O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000..\Run: [Mobile Partner] C:\Program Files\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe () O4 - HKU\S-1-5-21-2697945115-3049162741-1134155747-1000..\Run: [Uploader] C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\VM\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\VM\vsocklib.dll (VMware, Inc.) O13 - gopher Prefix: missing O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class) O16 - DPF: {5D2CF9D0-113A-476B-986F-288B54571614} http://www.devalvr.com/instalacion/plugin/devalvrplugin.php (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/pi/components/bph/SignActivX.cab (SignActivX Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.2.96.53 212.2.96.54 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{710845B2-B10C-48AB-922A-FE5B94AE7A5D}: DhcpNameServer = 192.168.0.1 O20 - AppInit_DLLs: (c:\progra~1\mocaflix\sprote~1.dll) - c:\Program Files\MocaFlix\sprotector.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Kafi\AppData\Roaming\Microsoft\Windows Photo Gallery\t110e4_1680x1050_eng.jpg O24 - Desktop BackupWallPaper: C:\Users\Kafi\AppData\Roaming\Microsoft\Windows Photo Gallery\t110e4_1680x1050_eng.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2014-01-06 14:31:59 | 001,954,507 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2013-09-28 13:20:30 | 000,000,000 | ---D | M] - D:\AutoCom -- [ NTFS ] O33 - MountPoints2\{00992b03-8356-11e2-b0ca-cd5bef4fe097}\Shell - "" = AutoRun O33 - MountPoints2\{00992b03-8356-11e2-b0ca-cd5bef4fe097}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{00992b08-8356-11e2-b0ca-e78cda79b366}\Shell - "" = AutoRun O33 - MountPoints2\{00992b08-8356-11e2-b0ca-e78cda79b366}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{00992b0e-8356-11e2-b0ca-92ef60a92a8c}\Shell - "" = AutoRun O33 - MountPoints2\{00992b0e-8356-11e2-b0ca-92ef60a92a8c}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{00992b11-8356-11e2-b0ca-b842e7ad5eb6}\Shell - "" = AutoRun O33 - MountPoints2\{00992b11-8356-11e2-b0ca-b842e7ad5eb6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{0268c3c7-8fb8-11e1-b6b1-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{0268c3c7-8fb8-11e1-b6b1-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{058a0911-3ab3-11e0-b69b-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{058a0911-3ab3-11e0-b69b-00158315a310}\Shell\AutoRun\command - "" = I:\MicroLauncher.exe O33 - MountPoints2\{069a3d47-f835-11de-9bd5-002618a17ac0}\Shell - "" = AutoRun O33 - MountPoints2\{069a3d47-f835-11de-9bd5-002618a17ac0}\Shell\AutoRun\command - "" = F:\Setup.exe O33 - MountPoints2\{07524d08-2253-11e2-9406-945cd35d63a7}\Shell - "" = AutoRun O33 - MountPoints2\{07524d08-2253-11e2-9406-945cd35d63a7}\Shell\AutoRun\command - "" = H:\cdstart.exe O33 - MountPoints2\{0794c4c0-ed7d-11e0-8e7f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{0794c4c0-ed7d-11e0-8e7f-806e6f6e6963}\Shell\AutoRun\command - "" = G:\cdstart.exe O33 - MountPoints2\{10ef9805-8e5f-11e1-afa3-9da654dc3dea}\Shell - "" = AutoRun O33 - MountPoints2\{10ef9805-8e5f-11e1-afa3-9da654dc3dea}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{17cf6bf4-0799-11df-9a68-002618a17ac0}\Shell - "" = AutoRun O33 - MountPoints2\{17cf6bf4-0799-11df-9a68-002618a17ac0}\Shell\AutoRun\command - "" = I:\MicroLauncher.exe O33 - MountPoints2\{27a3eef7-95da-11e2-9b68-d502f9e5598a}\Shell - "" = AutoRun O33 - MountPoints2\{27a3eef7-95da-11e2-9b68-d502f9e5598a}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{27a3ef07-95da-11e2-9b68-ff2f442ea868}\Shell - "" = AutoRun O33 - MountPoints2\{27a3ef07-95da-11e2-9b68-ff2f442ea868}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{285b9f2b-3d91-11e0-ac5b-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{285b9f2b-3d91-11e0-ac5b-00158315a310}\Shell\AutoRun\command - "" = I:\AutoRunCardDetector.exe O33 - MountPoints2\{30c3f896-5917-11e0-9575-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{30c3f896-5917-11e0-9575-00158315a310}\Shell\AutoRun\command - "" = I:\AutoRunCardDetector.exe O33 - MountPoints2\{38a56b75-8360-11e2-ba01-fc09e223d4ac}\Shell - "" = AutoRun O33 - MountPoints2\{38a56b75-8360-11e2-ba01-fc09e223d4ac}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{38a56b7a-8360-11e2-ba01-96c2008944b6}\Shell - "" = AutoRun O33 - MountPoints2\{38a56b7a-8360-11e2-ba01-96c2008944b6}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{38a56b7e-8360-11e2-ba01-ecfcf413bda3}\Shell - "" = AutoRun O33 - MountPoints2\{38a56b7e-8360-11e2-ba01-ecfcf413bda3}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{3ea4fbad-955e-11e2-8741-9e3f01fc8b24}\Shell - "" = AutoRun O33 - MountPoints2\{3ea4fbad-955e-11e2-8741-9e3f01fc8b24}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{4bf308a5-ad0b-11e2-b632-f80901a79cf0}\Shell - "" = AutoRun O33 - MountPoints2\{4bf308a5-ad0b-11e2-b632-f80901a79cf0}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{629cd586-9cf2-11e2-b368-cd68f4b8bc30}\Shell - "" = AutoRun O33 - MountPoints2\{629cd586-9cf2-11e2-b368-cd68f4b8bc30}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{629cd5aa-9cf2-11e2-b368-8f2efb8cac7f}\Shell - "" = AutoRun O33 - MountPoints2\{629cd5aa-9cf2-11e2-b368-8f2efb8cac7f}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{629cd5b5-9cf2-11e2-b368-b46792e862df}\Shell - "" = AutoRun O33 - MountPoints2\{629cd5b5-9cf2-11e2-b368-b46792e862df}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{63372ac9-21de-11df-a925-002618a17ac0}\Shell - "" = AutoRun O33 - MountPoints2\{63372ac9-21de-11df-a925-002618a17ac0}\Shell\AutoRun\command - "" = I:\MicroLauncher.exe O33 - MountPoints2\{6e0511fe-a1af-11e1-8032-88912078928f}\Shell - "" = AutoRun O33 - MountPoints2\{6e0511fe-a1af-11e1-8032-88912078928f}\Shell\AutoRun\command - "" = G:\cdstart.exe O33 - MountPoints2\{70e6f377-9cea-11e2-83e1-a37eba186159}\Shell - "" = AutoRun O33 - MountPoints2\{70e6f377-9cea-11e2-83e1-a37eba186159}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{737b6f6e-70b4-11e3-ac4a-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{737b6f6e-70b4-11e3-ac4a-806e6f6e6963}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe O33 - MountPoints2\{747208e0-3b66-11e0-900e-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{747208e0-3b66-11e0-900e-00158315a310}\Shell\AutoRun\command - "" = I:\MicroLauncher.exe O33 - MountPoints2\{7736c213-2af4-11e2-ba74-d8e88f7e163b}\Shell - "" = AutoRun O33 - MountPoints2\{7736c213-2af4-11e2-ba74-d8e88f7e163b}\Shell\AutoRun\command - "" = H:\Install.cmd O33 - MountPoints2\{8565658a-f78d-11e2-92c7-b01f85d54634}\Shell - "" = AutoRun O33 - MountPoints2\{8565658a-f78d-11e2-92c7-b01f85d54634}\Shell\AutoRun\command - "" = J:\HTC_Sync_Manager_PC.exe O33 - MountPoints2\{886da830-e9b7-11e1-a99f-9b9f5d7aa87b}\Shell - "" = AutoRun O33 - MountPoints2\{886da830-e9b7-11e1-a99f-9b9f5d7aa87b}\Shell\AutoRun\command - "" = I:\cdstart.exe O33 - MountPoints2\{886da837-e9b7-11e1-a99f-9b9f5d7aa87b}\Shell - "" = AutoRun O33 - MountPoints2\{886da837-e9b7-11e1-a99f-9b9f5d7aa87b}\Shell\AutoRun\command - "" = J:\cdstart.exe O33 - MountPoints2\{92e1157e-7250-11e1-8262-9443dbe9859b}\Shell - "" = AutoRun O33 - MountPoints2\{92e1157e-7250-11e1-8262-9443dbe9859b}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{96559b9e-82ff-11e2-b1bb-a7fe7bb6c928}\Shell - "" = AutoRun O33 - MountPoints2\{96559b9e-82ff-11e2-b1bb-a7fe7bb6c928}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{96559ba7-82ff-11e2-b1bb-de5b32d6bf28}\Shell - "" = AutoRun O33 - MountPoints2\{96559ba7-82ff-11e2-b1bb-de5b32d6bf28}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{96559baa-82ff-11e2-b1bb-923af4de09a8}\Shell - "" = AutoRun O33 - MountPoints2\{96559baa-82ff-11e2-b1bb-923af4de09a8}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a5355a07-2495-11e2-85c7-acc59e1dbd62}\Shell - "" = AutoRun O33 - MountPoints2\{a5355a07-2495-11e2-85c7-acc59e1dbd62}\Shell\AutoRun\command - "" = I:\cdstart.exe O33 - MountPoints2\{a5355a0d-2495-11e2-85c7-acc59e1dbd62}\Shell - "" = AutoRun O33 - MountPoints2\{a5355a0d-2495-11e2-85c7-acc59e1dbd62}\Shell\AutoRun\command - "" = J:\cdstart.exe O33 - MountPoints2\{a5d56e16-3aa7-11e0-bc34-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{a5d56e16-3aa7-11e0-bc34-00158315a310}\Shell\AutoRun\command - "" = I:\MicroLauncher.exe O33 - MountPoints2\{a5d56e37-3aa7-11e0-bc34-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{a5d56e37-3aa7-11e0-bc34-00158315a310}\Shell\AutoRun\command - "" = I:\MicroLauncher.exe O33 - MountPoints2\{a7e15087-8f42-11e1-afc1-d6a4bc30de92}\Shell - "" = AutoRun O33 - MountPoints2\{a7e15087-8f42-11e1-afc1-d6a4bc30de92}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a8e924f2-9187-11e2-a4ed-f89b9b2d5a22}\Shell - "" = AutoRun O33 - MountPoints2\{a8e924f2-9187-11e2-a4ed-f89b9b2d5a22}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a9b8be43-3aae-11e0-b1e3-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a9b8be43-3aae-11e0-b1e3-806e6f6e6963}\Shell\AutoRun\command - "" = G:\MicroLauncher.exe O33 - MountPoints2\{ac952729-90a8-11e3-b6cc-ef9df95e69be}\Shell - "" = AutoRun O33 - MountPoints2\{ac952729-90a8-11e3-b6cc-ef9df95e69be}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ac95272d-90a8-11e3-b6cc-ef9df95e69be}\Shell - "" = AutoRun O33 - MountPoints2\{ac95272d-90a8-11e3-b6cc-ef9df95e69be}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ac952748-90a8-11e3-b6cc-ef9df95e69be}\Shell - "" = AutoRun O33 - MountPoints2\{ac952748-90a8-11e3-b6cc-ef9df95e69be}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c609a2f9-7183-11e1-ba4b-b3d71d7d0bb8}\Shell - "" = AutoRun O33 - MountPoints2\{c609a2f9-7183-11e1-ba4b-b3d71d7d0bb8}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c609a2fe-7183-11e1-ba4b-d28f4a40bff0}\Shell - "" = AutoRun O33 - MountPoints2\{c609a2fe-7183-11e1-ba4b-d28f4a40bff0}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c609a308-7183-11e1-ba4b-f9eb371b55d7}\Shell - "" = AutoRun O33 - MountPoints2\{c609a308-7183-11e1-ba4b-f9eb371b55d7}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c609a312-7183-11e1-ba4b-d23f1de09dff}\Shell - "" = AutoRun O33 - MountPoints2\{c609a312-7183-11e1-ba4b-d23f1de09dff}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c6963841-3b2c-11e0-b4dc-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{c6963841-3b2c-11e0-b4dc-00158315a310}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe O33 - MountPoints2\{c696385b-3b2c-11e0-b4dc-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{c696385b-3b2c-11e0-b4dc-00158315a310}\Shell\AutoRun\command - "" = I:\AutoRunCardDetector.exe O33 - MountPoints2\{cdd84794-cd35-11e2-98cb-b621e79525b4}\Shell - "" = AutoRun O33 - MountPoints2\{cdd84794-cd35-11e2-98cb-b621e79525b4}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{cdd8479e-cd35-11e2-98cb-9e0a9f78715e}\Shell - "" = AutoRun O33 - MountPoints2\{cdd8479e-cd35-11e2-98cb-9e0a9f78715e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d44fd941-cda0-11e2-9241-f0a334afd393}\Shell - "" = AutoRun O33 - MountPoints2\{d44fd941-cda0-11e2-9241-f0a334afd393}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe O33 - MountPoints2\{e39454fe-a3f5-11e2-b201-efdfb9f306f9}\Shell - "" = AutoRun O33 - MountPoints2\{e39454fe-a3f5-11e2-b201-efdfb9f306f9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e3945509-a3f5-11e2-b201-dc6aa7393c79}\Shell - "" = AutoRun O33 - MountPoints2\{e3945509-a3f5-11e2-b201-dc6aa7393c79}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{e8f9ed04-9cdb-11e2-bff2-9ccfb87d4771}\Shell - "" = AutoRun O33 - MountPoints2\{e8f9ed04-9cdb-11e2-bff2-9ccfb87d4771}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{fb06cc0c-9607-11e2-a5f3-fadc24a99978}\Shell - "" = AutoRun O33 - MountPoints2\{fb06cc0c-9607-11e2-a5f3-fadc24a99978}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{fddf046e-5947-11e0-bde7-00158315a310}\Shell - "" = AutoRun O33 - MountPoints2\{fddf046e-5947-11e0-bde7-00158315a310}\Shell\AutoRun\command - "" = H:\AutoRunCardDetector.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRunCardDetector.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-02-08 19:40:09 | 000,000,000 | ---D | C] -- C:\FRST [2014-02-08 11:32:56 | 000,000,000 | ---D | C] -- C:\Users\Kafi\AppData\Roaming\RedApp [2014-02-08 11:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\RedApp [2014-02-08 11:31:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet w Cyfrowym Polsacie [2014-02-08 11:31:05 | 000,235,392 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys [2014-02-08 11:31:05 | 000,194,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2014-02-08 11:31:05 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [2014-02-08 11:31:05 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [2014-02-08 11:31:05 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [2014-02-08 11:31:05 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [2014-02-08 11:31:05 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [2014-02-08 11:31:05 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys [2014-02-08 11:31:05 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys [2014-02-08 11:31:05 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-02-08 11:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Internet w Cyfrowym Polsacie [2014-01-29 20:51:05 | 000,926,624 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\ChilkatCrypt2.dll [2014-01-29 20:51:05 | 000,856,992 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\ChilkatCert.dll [2014-01-29 20:51:05 | 000,660,384 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\ChilkatUtil.dll [2014-01-29 20:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodata [2014-01-29 20:48:23 | 000,000,000 | ---D | C] -- C:\Users\Kafi\Documents\Autodata [2014-01-29 20:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\Autodata [2014-01-23 21:42:25 | 000,000,000 | ---D | C] -- C:\Users\Kafi\Desktop\POL [2014-01-23 21:31:16 | 000,000,000 | ---D | C] -- C:\ADCDA2 [2014-01-23 21:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [2014-01-23 21:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft [2014-01-20 07:46:05 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2014-01-20 07:45:50 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2014-01-20 07:45:50 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2014-01-20 07:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2014-01-20 07:45:49 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2014-01-18 16:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0 [2014-01-18 16:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate [2014-01-18 16:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate [2014-01-18 16:48:27 | 000,000,000 | ---D | C] -- C:\Users\Kafi\AppData\Roaming\Seagate [2014-01-18 16:45:53 | 000,000,000 | ---D | C] -- C:\Users\Kafi\AppData\Roaming\Leadertech [2014-01-17 11:37:56 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-01-17 11:37:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-01-17 11:37:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-01-17 11:37:53 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-01-17 11:37:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-01-17 11:37:51 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-01-17 11:37:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2014-01-17 11:37:48 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-01-16 22:49:38 | 000,000,000 | -HSD | C] -- C:\found.000 [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Kafi\*.tmp files -> C:\Users\Kafi\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-02-08 19:28:43 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2014-02-08 19:28:43 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2014-02-08 19:28:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-02-08 19:28:28 | 3757,293,568 | -HS- | M] () -- C:\hiberfil.sys [2014-02-08 14:49:51 | 001,027,580 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-02-08 14:49:51 | 000,766,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-02-08 14:49:51 | 000,268,796 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-02-08 14:49:51 | 000,231,572 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-02-08 11:31:28 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Internet w Cyfrowym Polsacie.lnk [2014-02-08 11:30:27 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll [2014-02-08 11:30:27 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll [2014-02-08 11:30:27 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys [2014-02-08 11:30:27 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2014-02-08 11:30:27 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [2014-02-08 11:30:27 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [2014-02-08 11:30:27 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [2014-02-08 11:30:27 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [2014-02-08 11:30:27 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [2014-02-08 11:30:27 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys [2014-02-08 11:30:27 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys [2014-02-08 11:30:27 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-02-08 11:30:16 | 000,012,997 | ---- | M] () -- C:\Windows\System32\drivers\mod7700.inf [2014-02-08 11:20:54 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2014-02-07 17:55:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-02-07 17:16:00 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\DSite.job [2014-02-07 17:14:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-02-07 07:28:57 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-02-05 18:55:14 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-02-05 18:55:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-01-31 16:26:46 | 000,163,840 | ---- | M] () -- C:\Users\Kafi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-01-29 21:02:00 | 000,005,058 | ---- | M] () -- C:\ProgramData\ogqnaqsv.zyj [2014-01-29 20:51:05 | 000,000,752 | ---- | M] () -- C:\Users\Kafi\Desktop\Autodata CDA-3.lnk [2014-01-27 14:00:39 | 000,332,734 | ---- | M] () -- C:\Users\Kafi\Documents\Wszystko 01-2014.m3u [2014-01-23 21:28:53 | 000,000,241 | ---- | M] () -- C:\Users\Kafi\Documents\ax_files.xml [2014-01-22 10:17:38 | 000,102,580 | ---- | M] () -- C:\Users\Kafi\Desktop\Toyota Corolla nr8112B.pdf [2014-01-17 13:43:18 | 000,053,332 | ---- | M] () -- C:\Users\Kafi\Documents\cc_20140117_134312.reg [2014-01-17 11:54:27 | 000,438,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Kafi\*.tmp files -> C:\Users\Kafi\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-02-08 11:31:28 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Internet w Cyfrowym Polsacie.lnk [2014-02-08 11:31:05 | 000,012,997 | ---- | C] () -- C:\Windows\System32\drivers\mod7700.inf [2014-01-29 21:02:00 | 000,005,058 | ---- | C] () -- C:\ProgramData\ogqnaqsv.zyj [2014-01-29 20:51:05 | 000,000,752 | ---- | C] () -- C:\Users\Kafi\Desktop\Autodata CDA-3.lnk [2014-01-27 13:51:12 | 000,332,734 | ---- | C] () -- C:\Users\Kafi\Documents\Wszystko 01-2014.m3u [2014-01-23 21:10:53 | 000,000,241 | ---- | C] () -- C:\Users\Kafi\Documents\ax_files.xml [2014-01-22 10:17:37 | 000,102,580 | ---- | C] () -- C:\Users\Kafi\Desktop\Toyota Corolla nr8112B.pdf [2014-01-17 13:43:16 | 000,053,332 | ---- | C] () -- C:\Users\Kafi\Documents\cc_20140117_134312.reg [2013-12-27 11:40:12 | 000,001,306 | ---- | C] () -- C:\Users\Kafi\.recently-used.xbel [2013-11-05 10:12:36 | 000,138,752 | ---- | C] () -- C:\Windows\System32\ZipDLL.dll [2013-11-05 10:12:36 | 000,122,368 | ---- | C] () -- C:\Windows\System32\UNZDLL.dll [2013-11-05 10:12:36 | 000,040,448 | ---- | C] () -- C:\Windows\System32\ZipSFX.bin.old [2013-11-05 10:12:36 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dzsfxnl.bin [2013-11-05 10:12:36 | 000,036,352 | ---- | C] () -- C:\Windows\System32\dzsfxus.bin [2013-11-05 10:12:36 | 000,036,352 | ---- | C] () -- C:\Windows\System32\dzsfxit.bin [2013-11-05 10:12:36 | 000,036,352 | ---- | C] () -- C:\Windows\System32\dzsfxes.bin [2013-11-05 10:12:36 | 000,036,352 | ---- | C] () -- C:\Windows\System32\dzsfxde.bin [2013-11-05 10:12:36 | 000,036,352 | ---- | C] () -- C:\Windows\System32\dzsfxcat.bin [2013-10-02 15:53:12 | 000,000,092 | ---- | C] () -- C:\Users\Kafi\AppData\Local\fusioncache.dat [2013-09-28 14:53:03 | 000,000,023 | ---- | C] () -- C:\Windows\Crypkey.ini [2013-09-28 14:52:36 | 000,023,360 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys [2013-09-28 14:52:36 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe [2013-09-28 14:21:38 | 000,000,295 | ---- | C] () -- C:\Windows\Atris_STG.INI [2013-09-28 14:08:50 | 000,000,295 | ---- | C] () -- C:\Windows\Atris_St.INI [2013-07-12 11:52:58 | 000,000,398 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2013-06-16 06:16:28 | 000,000,005 | ---- | C] () -- C:\Users\Kafi\AppData\Roaming\WBPU-TTL.DAT [2013-04-04 06:37:03 | 000,000,069 | ---- | C] () -- C:\Windows\wininit.ini [2013-03-19 07:01:59 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys [2013-03-19 07:01:58 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013-03-08 14:40:20 | 000,000,140 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin [2013-03-08 13:51:08 | 000,000,014 | ---- | C] () -- C:\Windows\System32\SysInfo_6_6_p.dll [2013-03-08 13:39:54 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll [2013-03-02 12:59:59 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2013-01-29 08:54:52 | 000,365,568 | ---- | C] () -- C:\Windows\System32\ZSHP1020.EXE [2013-01-29 08:54:52 | 000,169,472 | ---- | C] () -- C:\Windows\System32\ZLhp1020.DLL [2013-01-29 08:53:10 | 000,245,248 | ---- | C] () -- C:\Windows\System32\zshp1020s.dll [2012-12-29 16:01:17 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012-11-21 09:34:38 | 000,000,042 | ---- | C] () -- C:\Users\Kafi\AppData\Local\DiegoG3.INI [2012-11-21 09:16:27 | 000,000,042 | ---- | C] () -- C:\Users\Kafi\AppData\Local\DiegoG3-3.0.4.3.INI [2012-11-19 16:57:36 | 000,000,042 | ---- | C] () -- C:\Users\Kafi\AppData\Local\Sirocco-3.0.1.3.INI [2012-09-15 00:51:36 | 000,049,557 | ---- | C] () -- C:\Program Files\AutoMapa EU.md5 [2012-03-30 17:38:41 | 000,000,345 | ---- | C] () -- C:\Windows\ODBC.INI [2012-03-30 17:38:40 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011-07-20 06:49:34 | 000,000,016 | ---- | C] () -- C:\Users\Kafi\persistent_state [2010-07-19 10:05:21 | 000,024,206 | ---- | C] () -- C:\Users\Kafi\AppData\Roaming\UserTile.png [2010-04-17 12:37:46 | 000,001,356 | ---- | C] () -- C:\Users\Kafi\AppData\Local\d3d9caps.dat [2010-04-15 06:25:30 | 000,000,000 | ---- | C] () -- C:\Users\Kafi\AppData\Local\TemprQ4240.html [2010-04-15 06:25:30 | 000,000,000 | ---- | C] () -- C:\Users\Kafi\AppData\Local\Tempog4240.html [2010-04-15 06:19:35 | 000,002,432 | ---- | C] () -- C:\Users\Kafi\AppData\Local\TempTR2232.html [2010-04-15 06:19:35 | 000,002,089 | ---- | C] () -- C:\Users\Kafi\AppData\Local\Temphm2232.html [2010-04-15 05:41:56 | 000,000,000 | ---- | C] () -- C:\Users\Kafi\AppData\Local\TempPY3640.html [2010-04-15 05:41:56 | 000,000,000 | ---- | C] () -- C:\Users\Kafi\AppData\Local\TempiZ3640.html [2010-01-01 17:38:26 | 000,001,024 | ---- | C] () -- C:\Users\Kafi\.rnd [2009-10-21 20:30:57 | 000,022,328 | ---- | C] () -- C:\Users\Kafi\AppData\Roaming\PnkBstrK.sys [2009-10-21 06:20:37 | 000,163,840 | ---- | C] () -- C:\Users\Kafi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-11-05 10:11:37 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\AcGasSynchro II [2013-09-28 13:04:41 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Autocom [2013-12-03 09:41:04 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\AVAST Software [2013-06-05 08:19:05 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Babylon [2014-02-08 08:45:29 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\DAEMON Tools Lite [2013-06-05 08:16:39 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\DSite [2013-12-27 11:39:23 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\enchant [2012-11-15 08:17:17 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\EPSON [2012-01-20 17:02:53 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\EurekaLog [2010-04-15 05:51:07 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Gadu-Gadu 10 [2012-08-14 07:40:32 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\GanymedeNet [2013-07-28 15:20:08 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\HTC [2013-07-28 15:20:03 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\HTC Sync [2010-09-13 06:34:13 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Jeyo [2014-01-18 16:45:53 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Leadertech [2011-02-25 07:27:46 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Nowe Gadu-Gadu [2010-07-19 10:05:21 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\PeerNetworking [2014-02-08 11:32:57 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\RedApp [2012-02-15 16:43:51 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\RST [2014-01-18 16:48:27 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Seagate [2012-12-20 09:50:51 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\SendSpace [2014-01-17 13:42:22 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\TS3Client [2011-02-19 11:58:33 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Uniblue [2013-02-15 17:50:09 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\uTorrent [2013-12-27 11:39:07 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Virtaal [2013-08-22 07:56:28 | 000,000,000 | ---D | M] -- C:\Users\Kafi\AppData\Roaming\Wargaming.net [2013-09-28 13:19:11 | 000,000,000 | -HSD | M] -- C:\Users\Kafi\AppData\Roaming\wyUpdate AU [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 943 bytes -> C:\ProgramData\Temp:24721E3C < End of report >