OTL logfile created on: 2013-08-17 15:27:57 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\dawid karol\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,66% Memory free
4,00 Gb Paging File | 2,67 Gb Available in Paging File | 66,79% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 1,38 Gb Free Space | 7,08% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 12,94 Gb Free Space | 66,24% Space Free | Partition Type: NTFS
Drive E: | 58,59 Gb Total Space | 21,30 Gb Free Space | 36,35% Space Free | Partition Type: NTFS
Drive F: | 55,71 Gb Total Space | 2,47 Gb Free Space | 4,43% Space Free | Partition Type: NTFS
Drive I: | 111,79 Gb Total Space | 38,23 Gb Free Space | 34,20% Space Free | Partition Type: NTFS
 
Computer Name: DOMPC | User Name: dawid karol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-08-17 15:22:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dawid karol\Downloads\OTL.exe
PRC - [2013-08-17 11:43:40 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-07-08 22:59:39 | 004,801,304 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2013-07-08 22:59:06 | 009,044,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cis.exe
PRC - [2013-07-08 22:59:06 | 001,464,536 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
PRC - [2013-06-18 17:15:26 | 001,839,832 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
PRC - [2013-01-18 16:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-01-18 16:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-01-18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-08-29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\dawid karol\Local Settings\Apps\F.lux\flux.exe
PRC - [2005-10-31 11:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-08-17 11:43:32 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-06-27 22:12:40 | 000,093,696 | ---- | M] () -- D:\Programy\FileZilla FTP Client\fzshellext.dll
MOD - [2009-08-29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\dawid karol\Local Settings\Apps\F.lux\flux.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-08-17 11:43:35 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-08-12 09:07:10 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-07-08 22:59:39 | 004,801,304 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2013-06-18 17:15:27 | 000,127,192 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV - [2013-05-27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-01-18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-01-15 19:25:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012-12-29 12:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmci.sys -- (vmci)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\CDriver.sys -- (MSICDSetup)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcombus.sys -- (IvtComBusSrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btcomport.sys -- (BTCOM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - [2013-07-08 22:59:50 | 000,582,936 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2013-06-18 17:16:06 | 000,085,464 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2013-06-18 17:16:05 | 000,043,728 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2013-06-18 17:16:03 | 000,020,072 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2013-05-20 18:25:26 | 000,020,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2013-04-12 12:33:02 | 000,104,720 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2013-02-26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-01-15 18:04:10 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012-12-24 16:45:36 | 000,023,288 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtAudioBusSrv)
DRV - [2012-12-24 16:42:16 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (IvtPanBusSrv)
DRV - [2012-07-03 17:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-08-12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010-01-05 20:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-02-05 10:10:34 | 001,122,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2402094973-2641987610-2025643102-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-2402094973-2641987610-2025643102-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2402094973-2641987610-2025643102-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2402094973-2641987610-2025643102-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.17
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: D:\Programy\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013-08-12 11:08:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013-07-05 20:34:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dawid karol\AppData\Roaming\mozilla\Extensions
[2013-08-12 10:10:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dawid karol\AppData\Roaming\mozilla\Firefox\Profiles\0mwlczti.default\extensions
[2013-07-05 20:36:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\dawid karol\AppData\Roaming\mozilla\Firefox\Profiles\0mwlczti.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013-08-12 10:10:47 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\dawid karol\AppData\Roaming\mozilla\Firefox\Profiles\0mwlczti.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013-08-11 19:12:34 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\dawid karol\AppData\Roaming\mozilla\firefox\profiles\0mwlczti.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-07-05 20:37:55 | 000,765,412 | ---- | M] () (No name found) -- C:\Users\dawid karol\AppData\Roaming\mozilla\firefox\profiles\0mwlczti.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013-08-17 11:42:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-08-17 11:43:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013-06-28 21:57:55 | 000,000,822 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKU\S-1-5-21-2402094973-2641987610-2025643102-1000..\Run: [F.lux] C:\Users\dawid karol\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{772690AC-8E76-4687-BC2E-8696349F108D}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-08-17 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\dawid karol\AppData\Roaming\Systweak
[2013-08-17 11:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-08-16 14:49:43 | 000,000,000 | ---D | C] -- C:\Users\dawid karol\AppData\Local\Temporary Projects
[2013-08-16 11:36:59 | 000,000,000 | ---D | C] -- C:\Users\dawid karol\AppData\Roaming\Tibia
[2013-08-15 23:50:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013-08-15 23:44:42 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013-08-15 23:44:41 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013-08-15 23:44:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013-08-15 23:44:40 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-08-15 23:44:39 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-08-15 23:44:38 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013-08-15 23:44:38 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013-08-15 23:44:38 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013-08-15 23:44:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013-08-15 23:44:38 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013-08-15 14:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia
[2013-08-15 09:24:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013-08-15 09:19:57 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013-08-15 09:19:56 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013-08-15 09:19:03 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013-08-15 09:17:36 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013-08-12 11:08:14 | 000,000,000 | ---D | C] -- C:\Users\dawid karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
[2013-08-12 11:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2013-08-12 11:08:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2013-08-12 10:12:51 | 000,000,000 | ---D | C] -- C:\Users\dawid karol\dwhelper
[2013-08-12 09:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\IVT Corporation
[2013-08-12 09:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013-08-12 09:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013-08-12 09:06:28 | 000,000,000 | ---D | C] -- C:\Users\dawid karol\AppData\Local\Adobe
[2013-08-11 20:20:28 | 000,000,000 | ---D | C] -- C:\Users\dawid karol\AppData\Roaming\Altaron
[2013-08-11 19:14:32 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013-08-11 19:12:42 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013-08-11 19:12:40 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013-07-29 14:53:46 | 000,866,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr110.dll
[2013-07-29 14:53:16 | 000,526,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp110.dll
[2013-07-29 14:52:58 | 004,447,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc110u.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-08-17 15:28:21 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2013-08-17 15:24:46 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-08-17 15:24:46 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-08-17 15:18:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-08-17 15:10:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-08-15 23:47:18 | 000,737,730 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-08-15 23:47:18 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-08-15 23:47:18 | 000,391,798 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2013-08-15 23:47:18 | 000,154,418 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-08-15 23:47:18 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-08-15 23:47:18 | 000,113,816 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2013-08-12 10:05:39 | 000,000,032 | ---- | M] () -- C:\Windows\0
[2013-08-12 09:52:51 | 000,000,000 | ---- | M] () -- C:\Windows\System32\0
[2013-08-12 09:07:10 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013-08-12 09:07:10 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013-08-12 09:04:43 | 000,279,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-08-11 19:58:27 | 001,149,982 | ---- | M] () -- C:\ProgramData\Tibia_dat.bak
[2013-07-29 14:53:46 | 000,866,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr110.dll
[2013-07-29 14:53:16 | 000,526,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp110.dll
[2013-07-29 14:52:58 | 004,447,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc110u.dll
[2013-07-29 14:52:52 | 000,311,032 | ---- | M] () -- C:\Windows\System32\IVTCredentialProvider.dll
[2013-07-29 14:50:38 | 000,273,144 | ---- | M] () -- C:\Windows\System32\Adpush.dll
[2013-07-29 10:03:56 | 000,064,000 | ---- | M] () -- C:\Windows\System32\VMProtectSDK32.dll
[2013-07-26 05:13:37 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013-07-26 05:12:22 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013-07-26 05:12:05 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-07-26 05:12:04 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013-07-26 05:12:00 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-07-26 05:12:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013-07-26 05:12:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013-07-26 05:11:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013-07-26 04:49:14 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013-07-26 03:59:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013-07-25 10:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013-07-19 03:41:01 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-08-12 09:52:51 | 000,000,032 | ---- | C] () -- C:\Windows\0
[2013-08-12 09:52:51 | 000,000,000 | ---- | C] () -- C:\Windows\System32\0
[2013-08-11 19:58:26 | 001,149,982 | ---- | C] () -- C:\ProgramData\Tibia_dat.bak
[2013-07-29 14:52:52 | 000,311,032 | ---- | C] () -- C:\Windows\System32\IVTCredentialProvider.dll
[2013-07-29 14:50:38 | 000,273,144 | ---- | C] () -- C:\Windows\System32\Adpush.dll
[2013-07-29 10:03:56 | 000,064,000 | ---- | C] () -- C:\Windows\System32\VMProtectSDK32.dll
[2013-06-23 21:11:37 | 000,006,967 | ---- | C] () -- C:\Users\dawid karol\AppData\Local\recently-used.xbel
[2013-06-19 14:54:33 | 001,373,127 | ---- | C] () -- C:\Windows\System32\libxml2-2.dll
[2013-06-19 14:54:33 | 000,822,507 | ---- | C] () -- C:\Windows\System32\libiconv-2.dll
[2013-06-19 14:54:33 | 000,401,448 | ---- | C] () -- C:\Windows\System32\libluajitsql_sqlite3.dll
[2013-06-19 14:54:33 | 000,380,928 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2013-06-19 14:54:33 | 000,250,581 | ---- | C] () -- C:\Windows\System32\libluajit.dll
[2013-06-19 14:54:33 | 000,086,016 | ---- | C] () -- C:\Windows\System32\mysql.dll
[2013-06-19 14:54:33 | 000,039,930 | ---- | C] () -- C:\Windows\System32\libluajitsql_mysql.dll
[2013-06-19 14:51:51 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lua5.1.dll
[2013-06-19 14:49:47 | 002,076,672 | ---- | C] () -- C:\Windows\System32\libmysql.dll
[2013-06-19 14:49:47 | 000,967,168 | ---- | C] () -- C:\Windows\System32\libxml2.dll
[2013-06-19 14:49:47 | 000,488,448 | ---- | C] () -- C:\Windows\System32\sqlite.dll
[2013-06-19 14:49:47 | 000,318,976 | ---- | C] () -- C:\Windows\System32\lua51.dll
[2013-06-13 17:17:48 | 000,000,135 | ---- | C] () -- C:\Users\dawid karol\blokada.html
[2013-06-13 17:16:29 | 000,134,699 | ---- | C] () -- C:\Users\dawid karol\imag.png
[2013-06-06 17:31:40 | 000,000,252 | ---- | C] () -- C:\Windows\madagascar.ini
[2013-04-25 14:31:14 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2013-03-05 22:12:14 | 000,001,008 | ---- | C] () -- C:\Windows\CCE.INI
[2013-02-27 23:37:36 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2013-02-27 23:37:33 | 000,391,798 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2013-02-27 23:37:33 | 000,113,816 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2013-02-27 23:37:33 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2013-02-27 21:13:56 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2013-01-27 16:47:53 | 001,867,776 | ---- | C] () -- C:\Windows\System32\python24.dll
[2013-01-24 21:01:50 | 000,000,600 | ---- | C] () -- C:\Users\dawid karol\AppData\Roaming\winscp.rnd
[2013-01-23 15:17:53 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-01-17 00:15:36 | 000,010,240 | ---- | C] () -- C:\Users\dawid karol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-16 21:06:28 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013-01-16 21:04:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013-01-16 15:10:33 | 000,000,600 | ---- | C] () -- C:\Users\dawid karol\AppData\Local\PUTTY.RND
[2013-01-16 01:28:26 | 000,383,282 | ---- | C] () -- C:\Windows\System32\drivers\fvstore.dat
[2013-01-15 19:53:32 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2013-01-15 18:10:26 | 002,953,448 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2013-01-15 17:50:00 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-08-12 13:11:05 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\Altaron
[2013-02-15 11:24:23 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\DisneyInteractiveStudios
[2013-08-16 20:03:46 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\FileZilla
[2013-07-02 21:49:56 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\KeePass
[2013-03-31 15:56:37 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\LucasArts
[2013-01-25 23:17:04 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\Mael
[2013-07-03 00:35:26 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\Notepad++
[2013-08-15 14:33:10 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\Remere's Map Editor
[2013-05-08 12:26:47 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\Subversion
[2013-08-17 15:15:35 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\Systweak
[2013-08-16 15:12:00 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\Tibia
[2013-03-02 19:21:23 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\Warner Bros. Interactive Entertainment
[2013-02-26 10:10:53 | 000,000,000 | ---D | M] -- C:\Users\dawid karol\AppData\Roaming\WB Games
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:6BE50C2B

< End of report >