OTL logfile created on: 2014-11-28 13:51:37 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\KOMP\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,65% Memory free
4,00 Gb Paging File | 2,62 Gb Available in Paging File | 65,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68,26 Gb Total Space | 31,14 Gb Free Space | 45,62% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 61,65 Mb Free Space | 61,65% Space Free | Partition Type: NTFS
Drive E: | 97,66 Gb Total Space | 22,30 Gb Free Space | 22,83% Space Free | Partition Type: NTFS
Drive F: | 83,22 Gb Total Space | 9,03 Gb Free Space | 10,85% Space Free | Partition Type: NTFS
Drive G: | 195,31 Gb Total Space | 134,55 Gb Free Space | 68,89% Space Free | Partition Type: NTFS
Drive H: | 19,43 Gb Total Space | 2,18 Gb Free Space | 11,23% Space Free | Partition Type: NTFS
 
Computer Name: KOMP-KOMPUTER | User Name: KOMP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-11-28 13:51:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KOMP\Downloads\OTL.exe
PRC - [2014-11-26 13:30:22 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
PRC - [2014-11-10 18:08:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014-04-20 16:15:58 | 000,233,552 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
PRC - [2014-04-20 16:15:58 | 000,018,816 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\wmi32.exe
PRC - [2014-04-20 16:15:18 | 000,192,160 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
PRC - [2013-11-14 12:57:42 | 014,652,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013-11-14 12:57:21 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-11-11 15:26:53 | 000,932,640 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-11-11 15:26:52 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-11-11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-01-04 03:59:29 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-10-31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-11-26 13:30:21 | 016,841,392 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_15_0_0_239.dll
MOD - [2014-11-10 18:08:11 | 003,649,648 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014-04-20 01:42:04 | 000,468,672 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2014-11-26 13:30:25 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-11-18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-11-10 18:08:11 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-04-20 16:15:58 | 000,233,552 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe -- (AVP15.0.0)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014-02-15 18:33:00 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013-11-14 12:57:42 | 014,652,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013-11-14 12:57:21 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-11-11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SWDUMon.sys -- (SWDUMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\KOMP\AppData\Local\Temp\HWiNFO32.SYS -- (HWiNFO32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (awx8u9ia)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a81o8ve6)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Users\KOMP\AppData\Local\Temp\978C890C.sys -- (519D7259045FA90D)
DRV - [2014-11-27 19:30:47 | 000,644,808 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2014-11-27 19:30:47 | 000,112,136 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klflt.sys -- (klflt)
DRV - [2014-05-17 03:33:08 | 000,039,624 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\hssdrv6.sys -- (HssDRV6)
DRV - [2014-05-17 01:41:54 | 000,037,064 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6)
DRV - [2014-04-10 17:25:32 | 000,034,400 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klhk.sys -- (klhk)
DRV - [2014-03-28 17:51:02 | 000,024,672 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2014-03-26 17:05:26 | 000,145,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2014-03-25 16:26:04 | 000,045,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2014-03-13 11:14:44 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2014-03-06 08:34:53 | 000,038,472 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswTap.sys -- (aswTap)
DRV - [2014-03-05 10:42:52 | 000,324,096 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2014-02-25 13:09:02 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2014-02-20 12:59:02 | 000,135,264 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2013-11-14 12:57:56 | 000,033,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013-11-14 12:57:18 | 010,446,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-08-08 17:10:58 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2013-04-12 15:34:48 | 000,014,432 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klpd.sys -- (klpd)
DRV - [2011-01-10 18:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010-06-09 17:05:38 | 000,039,736 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nm3.sys -- (nm3)
DRV - [2009-12-30 09:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009-09-23 02:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009-09-23 02:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180&d=20140603
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1868939083-3434912627-837075443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1868939083-3434912627-837075443-1000\..\SearchScopes,DefaultScope = {2572BCB9-F51A-4A71-955C-C54FB18D79C1}
IE - HKU\S-1-5-21-1868939083-3434912627-837075443-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1868939083-3434912627-837075443-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1868939083-3434912627-837075443-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\S-1-5-21-1868939083-3434912627-837075443-1003\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1868939083-3434912627-837075443-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1868939083-3434912627-837075443-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: support%40free-hideip.com:1.0
FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:4.0.10.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - prefs.js..network.proxy.backup.ftp: "117.239.0.73"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.socks: "117.239.0.73"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "117.239.0.73"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: " 	50.2.64.206"
FF - prefs.js..network.proxy.ftp_port: 8089
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.http: " 	50.2.64.206"
FF - prefs.js..network.proxy.http_port: 8089
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: " 	50.2.64.206"
FF - prefs.js..network.proxy.socks_port: 8089
FF - prefs.js..network.proxy.ssl: " 	50.2.64.206"
FF - prefs.js..network.proxy.ssl_port: 8089
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-27 19:31:02 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-27 19:31:03 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-27 19:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-27 19:31:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-27 19:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-11-10 18:08:09 | 000,000,000 | ---D | M]
 
[2014-06-02 16:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KOMP\AppData\Roaming\mozilla\Extensions
[2014-11-27 18:27:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KOMP\AppData\Roaming\mozilla\Firefox\Profiles\sbv4dskp.default\extensions
[2014-08-07 18:51:30 | 000,004,548 | ---- | M] () (No name found) -- C:\Users\KOMP\AppData\Roaming\mozilla\firefox\profiles\sbv4dskp.default\extensions\support@free-hideip.com.xpi
[2014-11-10 18:08:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014-11-10 18:08:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-11-10 18:08:09 | 000,000,000 | ---D | M] (Hotspot Shield Extension) -- C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com
[2014-11-27 19:31:02 | 000,000,000 | ---D | M] (Ngăn chặn trang web nguy hiểm) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 15.0.0\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM
[2013-07-15 11:28:04 | 000,121,504 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.gazeta.pl/0,0.html?p=180&d=20140603
CHR - Extension: Mah Jong Connect = C:\Users\KOMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfjdflmdlnffhlfmjdpbcoccaeamikk\245\
CHR - Extension: Dokumenty Google = C:\Users\KOMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Hide Porn Pro - Protect your children for Porn sit = C:\Users\KOMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnekoclofbckijjfldbebkajlclgdcop\216\
CHR - Extension: Google Wallet = C:\Users\KOMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2014-11-28 12:51:00 | 000,000,876 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKU\S-1-5-21-1868939083-3434912627-837075443-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1868939083-3434912627-837075443-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1868939083-3434912627-837075443-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Klawiatura wirtualna - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99FEC47E-3078-416A-89FE-95DB532795E8}: DhcpNameServer = 8.8.8.8 8.8.4.4
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3a11e2c0-a44b-11e3-8e18-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3a11e2c0-a44b-11e3-8e18-806e6f6e6963}\Shell\AutoRun\command - "" = J:\SETUP.EXE
O33 - MountPoints2\{3a11e2c0-a44b-11e3-8e18-806e6f6e6963}\Shell\configure\command - "" = J:\SETUP.EXE
O33 - MountPoints2\{3a11e2c0-a44b-11e3-8e18-806e6f6e6963}\Shell\install\command - "" = J:\SETUP.EXE
O33 - MountPoints2\{75de3740-9659-11e3-b979-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{75de3740-9659-11e3-b979-806e6f6e6963}\Shell\AutoRun\command - "" = N:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-11-28 12:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Doctor Web
[2014-11-28 12:24:44 | 000,000,000 | ---D | C] -- C:\FRST
[2014-11-28 11:51:19 | 000,000,000 | ---D | C] -- C:\Users\KOMP\AppData\Roaming\Eusing
[2014-11-28 11:51:17 | 000,000,000 | ---D | C] -- C:\Users\KOMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[2014-11-28 11:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[2014-11-28 11:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2014-11-28 10:40:03 | 000,000,000 | ---D | C] -- C:\Users\KOMP\AppData\Roaming\9-lab
[2014-11-28 10:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
[2014-11-28 10:39:59 | 000,000,000 | ---D | C] -- C:\ProgramData\9-lab
[2014-11-28 10:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\9-lab
[2014-11-28 08:37:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpchbuspipe.dll
[2014-11-28 08:37:33 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vpchbus.sys
[2014-11-28 08:37:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vpcusb.sys
[2014-11-28 06:27:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2014-11-27 19:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
[2014-11-27 19:01:53 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2014-11-27 19:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014-11-27 19:01:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2014-11-27 19:01:38 | 000,644,808 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2014-11-27 19:01:38 | 000,112,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2014-11-27 19:01:38 | 000,034,400 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klhk.sys
[2014-11-27 18:13:48 | 000,000,000 | ---D | C] -- C:\Users\KOMP\Start Menu
[2014-11-27 18:04:15 | 000,000,000 | ---D | C] -- C:\Users\KOMP\Documents\Network Monitor 3
[2014-11-27 18:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Network Monitor 3.4
[2014-11-27 18:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Network Monitor 3
[2014-11-26 19:00:31 | 000,000,000 | ---D | C] -- C:\d68ea36cf22cedb5411e6cc06b5849
[2014-11-25 09:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\cFosSpeed
[2014-11-25 09:02:48 | 000,000,000 | ---D | C] -- C:\Users\KOMP\AppData\Local\cFos
[2014-11-25 09:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\cFos
[2014-11-17 06:08:10 | 000,000,000 | ---D | C] -- C:\Users\KOMP\Desktop\hh
[2014-11-16 18:14:20 | 000,000,000 | ---D | C] -- C:\Users\KOMP\Desktop\hrv
[2014-11-16 17:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Honda ESM
[2014-11-16 17:21:21 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB5DB.DLL
[2014-11-13 16:32:10 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2014-11-13 16:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014-11-13 16:32:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014-11-10 18:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014-11-10 11:14:21 | 000,000,000 | ---D | C] -- C:\Users\KOMP\parts
[2014-11-10 10:54:46 | 000,000,000 | ---D | C] -- C:\Users\KOMP\Desktop\G-IMG
[2014-11-10 10:41:23 | 000,000,000 | ---D | C] -- C:\Users\KOMP\AppData\Local\Mato_Technologies
[2014-11-09 12:50:19 | 000,000,000 | ---D | C] -- C:\Users\KOMP\AppData\Local\ApplicationHistory
[2014-11-09 12:43:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2014-11-09 12:32:46 | 000,720,896 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002ev.exe
[2014-11-09 12:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Mod Installer
[2014-11-09 12:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\San Andreas Mod Installer
[2014-11-09 11:15:38 | 000,000,000 | ---D | C] -- C:\Users\KOMP\Documents\GTA San Andreas User Files
[2014-11-07 11:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2014-11-07 11:22:59 | 000,073,728 | ---- | C] (Macrovision Corporation) -- C:\Windows\System32\ISUSPM.cpl
[2014-11-07 11:22:42 | 000,000,000 | ---D | C] -- C:\NFSC
[2014-11-07 10:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2014-11-05 12:15:22 | 000,000,000 | ---D | C] -- C:\Users\KOMP\AppData\Local\UrielsChasm
[1 C:\Users\KOMP\AppData\Roaming\*.tmp files -> C:\Users\KOMP\AppData\Roaming\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-11-28 13:48:58 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-11-28 13:48:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-11-28 13:48:50 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2014-11-28 13:47:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-11-28 13:30:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-11-28 12:14:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-11-28 12:14:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-11-28 11:51:17 | 000,000,983 | ---- | M] () -- C:\Users\KOMP\Desktop\Eusing Free Registry Cleaner.lnk
[2014-11-28 10:40:03 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Removal Tool.lnk
[2014-11-28 10:38:56 | 008,509,004 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-11-28 10:38:56 | 003,330,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-11-28 10:38:56 | 002,797,998 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-11-28 10:38:56 | 002,673,910 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-11-28 08:31:36 | 000,000,089 | ---- | M] () -- C:\Windows\System32\MEd.ini
[2014-11-27 19:30:47 | 000,644,808 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2014-11-27 19:30:47 | 000,112,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2014-11-27 19:06:04 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014-11-27 19:02:40 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
[2014-11-27 18:03:36 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
[2014-11-26 19:16:34 | 000,000,282 | ---- | M] () -- C:\Windows\hondaesm.ini
[2014-11-26 13:30:22 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-11-26 13:30:22 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-11-23 15:21:59 | 000,059,904 | ---- | M] () -- C:\Users\KOMP\Desktop\Nowy Dokument programu Microsoft Office Publisher.pub
[2014-11-23 12:43:54 | 000,009,330 | ---- | M] () -- C:\Users\KOMP\Documents\cc_20141123_124349.reg
[2014-11-23 12:03:29 | 000,002,454 | ---- | M] () -- C:\mbam-log-2014-11-23 (12-02-43).xml
[2014-11-10 05:25:02 | 000,000,414 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014-11-09 12:50:19 | 000,000,092 | ---- | M] () -- C:\Users\KOMP\AppData\Local\fusioncache.dat
[2014-11-09 12:32:46 | 000,001,912 | ---- | M] () -- C:\Users\KOMP\Desktop\San Andreas Mod Installer.lnk
[2014-11-09 12:32:41 | 000,720,896 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002ev.exe
[2014-11-08 11:37:39 | 000,081,303 | ---- | M] () -- C:\Users\KOMP\Documents\Bez_nazwy.wma
[2014-11-07 11:31:50 | 000,000,009 | ---- | M] () -- C:\Windows\nfsc_patch.ini
[2014-11-06 18:56:16 | 000,075,321 | ---- | M] () -- C:\Users\KOMP\Desktop\SDC12837.JPG
[2014-11-04 20:46:31 | 000,154,847 | ---- | M] () -- C:\Users\KOMP\Desktop\1796500_213011685562447_2124074714_n.png
[2014-11-04 14:30:58 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Users\KOMP\AppData\Roaming\*.tmp files -> C:\Users\KOMP\AppData\Roaming\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-11-28 11:51:17 | 000,000,983 | ---- | C] () -- C:\Users\KOMP\Desktop\Eusing Free Registry Cleaner.lnk
[2014-11-28 10:40:03 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Removal Tool.lnk
[2014-11-28 08:31:36 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MEd.ini
[2014-11-27 19:02:52 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
[2014-11-27 18:03:36 | 000,000,976 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
[2014-11-23 15:21:59 | 000,059,904 | ---- | C] () -- C:\Users\KOMP\Desktop\Nowy Dokument programu Microsoft Office Publisher.pub
[2014-11-23 12:43:52 | 000,009,330 | ---- | C] () -- C:\Users\KOMP\Documents\cc_20141123_124349.reg
[2014-11-23 12:03:29 | 000,002,454 | ---- | C] () -- C:\mbam-log-2014-11-23 (12-02-43).xml
[2014-11-16 17:21:21 | 000,000,282 | ---- | C] () -- C:\Windows\hondaesm.ini
[2014-11-10 11:14:21 | 004,073,472 | ---- | C] () -- C:\Users\KOMP\elegy.dff
[2014-11-10 11:14:21 | 002,282,032 | ---- | C] () -- C:\Users\KOMP\elegy.txd
[2014-11-10 11:14:21 | 000,136,698 | ---- | C] () -- C:\Users\KOMP\preview.jpg
[2014-11-09 12:50:19 | 000,000,092 | ---- | C] () -- C:\Users\KOMP\AppData\Local\fusioncache.dat
[2014-11-09 12:32:46 | 000,001,912 | ---- | C] () -- C:\Users\KOMP\Desktop\San Andreas Mod Installer.lnk
[2014-11-08 11:37:38 | 000,081,303 | ---- | C] () -- C:\Users\KOMP\Documents\Bez_nazwy.wma
[2014-11-07 11:15:19 | 000,000,009 | ---- | C] () -- C:\Windows\nfsc_patch.ini
[2014-11-06 18:55:23 | 000,075,321 | ---- | C] () -- C:\Users\KOMP\Desktop\SDC12837.JPG
[2014-11-04 20:46:30 | 000,154,847 | ---- | C] () -- C:\Users\KOMP\Desktop\1796500_213011685562447_2124074714_n.png
[2014-10-07 17:46:10 | 000,003,313 | ---- | C] () -- C:\Users\KOMP\.recently-used.xbel
[2014-08-14 10:50:34 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014-08-14 10:50:34 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014-08-09 09:57:12 | 000,719,074 | ---- | C] () -- C:\Windows\Counter Strike 1.6 Reloaded Uninstaller.exe
[2014-06-04 17:12:45 | 000,138,056 | ---- | C] () -- C:\Users\KOMP\AppData\Roaming\PnkBstrK.sys
[2014-03-12 11:44:43 | 000,710,621 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2014-03-12 09:46:04 | 000,000,017 | ---- | C] () -- C:\Users\KOMP\AppData\Local\resmon.resmoncfg
[2014-03-10 23:22:37 | 000,001,081 | ---- | C] () -- C:\Windows\ARCHPR.INI
[2014-03-06 08:11:29 | 000,017,408 | ---- | C] () -- C:\Users\KOMP\AppData\Local\WebpageIcons.db
[2014-02-22 13:12:06 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014-02-15 14:36:02 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2014-02-15 14:36:02 | 000,018,544 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2014-02-15 14:31:16 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013-08-05 07:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2013-08-05 07:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2014-05-15 12:26:57 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\.mono
[2014-11-28 10:40:03 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\9-lab
[2014-06-03 16:00:29 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Audacity
[2014-08-14 11:11:00 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\BANDISOFT
[2014-08-28 14:15:55 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\DAEMON Tools Lite
[2014-03-05 10:39:32 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\DesktopIconGoodgame
[2014-08-07 18:37:43 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Dropbox
[2014-08-07 18:37:42 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\DropboxMaster
[2014-11-28 11:51:19 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Eusing
[2014-03-05 10:42:04 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Fighters
[2014-04-05 13:41:58 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Firefly Studios
[2014-08-07 18:51:20 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\FreeHideIP
[2014-08-21 07:45:16 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\GanymedeNet
[2014-09-29 08:31:05 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\gtk-2.0
[2014-08-26 10:49:31 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Imminent
[2014-05-05 10:13:32 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Leadertech
[2014-02-19 22:43:25 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\LibreOffice
[2014-05-28 11:05:50 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Mael
[2014-03-05 10:43:04 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Opera Software
[2014-11-23 12:43:19 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\TS3Client
[2014-03-07 13:27:04 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Ubisoft
[2014-08-27 12:35:36 | 000,000,000 | ---D | M] -- C:\Users\KOMP\AppData\Roaming\Windows
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >