OTL logfile created on: 2012-04-26 16:07:55 - Run 2
OTL by OldTimer - Version 3.2.42.1     Folder = C:\Documents and Settings\Dom\My Documents\Pobieranie
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
1,44 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 73,50% Memory free
3,29 Gb Paging File | 3,04 Gb Available in Paging File | 92,60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 60,00 Gb Total Space | 9,36 Gb Free Space | 15,61% Space Free | Partition Type: NTFS
Drive D: | 51,78 Gb Total Space | 45,97 Gb Free Space | 88,79% Space Free | Partition Type: NTFS
 
Computer Name: DOM-399BD11551D | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-04-26 14:44:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\My Documents\Pobieranie\OTL.exe
PRC - [2012-03-13 18:17:38 | 000,274,328 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.271\SSScheduler.exe
PRC - [2012-02-28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011-11-17 20:29:26 | 000,901,800 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011-11-15 15:22:52 | 000,746,392 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2009-08-29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Documents and Settings\Dom\Local Settings\Apps\F.lux\flux.exe
PRC - [2004-08-10 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-02-04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010-02-05 20:14:43 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009-08-29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Documents and Settings\Dom\Local Settings\Apps\F.lux\flux.exe
MOD - [2004-08-10 14:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004-08-10 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2012-03-13 18:17:38 | 000,237,272 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.271\McCHSvc.exe -- (McComponentHostService)
SRV - [2012-02-28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-07 21:02:08 | 000,017,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Overwolf\\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2011-11-15 15:22:52 | 000,746,392 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011-08-31 18:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva392.sys -- (XDva392)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\gusxnq.sys -- (vlfux)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Games-Masters.com\CABAL Online (Europe)\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2011-08-31 18:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-04-11 13:52:42 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-07-12 12:49:16 | 000,096,384 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-06-16 23:09:48 | 001,611,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005-11-11 02:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005-06-29 01:43:39 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2004-12-30 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004-11-25 18:36:06 | 000,077,248 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-11-25 18:32:01 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003-09-06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.optimus.pl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.v9.com/opc/opc_1322753487_470636
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {42168F92-DA71-42E6-BC7F-132EAC1F1899}
IE - HKCU\..\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899}: "URL" = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Dom\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-24 19:22:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-03-04 15:54:03 | 000,000,000 | ---D | M]
 
[2012-04-24 19:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dom\Application Data\mozilla\Extensions
[2012-04-24 19:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-18 11:22:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012-03-18 11:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\staged
[2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2010-03-19 08:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
[2011-03-22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012-03-13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-04-11 13:51:55 | 000,000,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\foxsearch.src
[2012-03-13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-03-13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-03-13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-03-13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
Hosts file not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Documents and Settings\Dom\Application Data\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Documents and Settings\Dom\Application Data\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Lexmark X1100 Series] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [F.lux] C:\Documents and Settings\Dom\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.271\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7B9FB24-0840-4CDE-ABA3-F42ED4CF9BA5}: DhcpNameServer = 172.16.70.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Overwolf\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Dom\Local Settings\Application Data\9610a87e\X) - C:\Documents and Settings\Dom\Local Settings\Application Data\9610a87e\X ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Dom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dom\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-03-06 03:45:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1f828560-6431-11e0-b199-001f1f615eee}\Shell - "" = AutoRun
O33 - MountPoints2\{1f828560-6431-11e0-b199-001f1f615eee}\Shell\AutoRun\command - "" = F:\setup\rsrc\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-04-26 15:32:27 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012-04-21 12:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2012-04-20 15:21:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dom\Local Settings\Application Data\9610a87e
[2012-04-20 14:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Desktop\hjqipnfg
[2012-04-15 18:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\My Documents\NFS Carbon
[2012-04-15 18:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NFS Carbon PL
[2012-04-15 18:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Desktop\Need For Speed Carbon spolszczenie
[2012-04-15 18:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Electronic Arts
[2012-04-15 18:08:39 | 000,157,184 | ---- | C] (Fighting For Fun) -- C:\Documents and Settings\Dom\Desktop\fff-ea137.exe
[2012-04-10 15:08:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Local Settings\Application Data\NFS Underground 2
[2012-04-10 15:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2012-04-10 15:08:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Start Menu\Programs\Games
[2012-04-10 15:01:44 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2012-04-04 17:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2012-03-28 18:34:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Dom\Desktop\'
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-04-26 16:00:06 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-26 15:50:01 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012-04-26 15:35:31 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-26 15:34:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2012-04-26 15:34:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-04-26 15:33:27 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Dom\NTUSER.DAT
[2012-04-25 21:49:09 | 001,577,018 | -H-- | M] () -- C:\Documents and Settings\Dom\Local Settings\Application Data\IconCache.db
[2012-04-25 20:46:25 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_log_ad13.cmd
[2012-04-25 18:33:57 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Dom.job
[2012-04-24 19:22:03 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-04-24 19:22:03 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012-04-22 16:27:31 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Dom\ntuser.ini
[2012-04-19 14:05:33 | 002,387,006 | ---- | M] () -- C:\Documents and Settings\Dom\Desktop\42061-turboslimak.gif
[2012-04-17 15:23:15 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-04-15 18:25:21 | 000,000,508 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Need for Speed™ Carbon.lnk
[2012-04-10 15:08:28 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Dom\Desktop\Need for Speed Underground 2.lnk
[2012-04-09 12:05:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-04-01 15:38:58 | 000,501,958 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-04-01 15:38:58 | 000,087,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-04-01 15:38:57 | 000,601,906 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2012-03-31 19:24:33 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\Dom\Desktop\Counter-Strike 1.6 KPS.lnk
[2012-03-31 19:24:33 | 000,000,869 | ---- | M] () -- C:\Documents and Settings\Dom\Desktop\Half-Life KPS.lnk
[2012-03-30 19:50:16 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-04-24 19:22:03 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Dom\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-04-24 19:22:03 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012-04-24 19:22:03 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012-04-20 15:23:46 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\System32\dds_log_ad13.cmd
[2012-04-19 14:05:07 | 002,387,006 | ---- | C] () -- C:\Documents and Settings\Dom\Desktop\42061-turboslimak.gif
[2012-04-15 18:25:21 | 000,000,508 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Need for Speed™ Carbon.lnk
[2012-04-10 15:08:28 | 000,000,921 | ---- | C] () -- C:\Documents and Settings\Dom\Desktop\Need for Speed Underground 2.lnk
[2012-02-25 19:42:00 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2012-02-07 22:15:42 | 000,000,582 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2012-01-07 12:13:19 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dom\Local Settings\Application Data\fusioncache.dat
[2011-11-01 14:19:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011-10-25 17:38:39 | 000,122,884 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2011-10-23 19:25:56 | 000,000,727 | ---- | C] () -- C:\WINDOWS\Gmud.INI
[2011-10-20 15:22:33 | 000,013,752 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011-09-25 19:23:26 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2011-09-25 19:23:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2011-09-25 19:23:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2011-09-25 19:23:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011-09-25 19:23:02 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2011-08-11 15:21:27 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2011-08-11 15:21:26 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-05-23 16:16:54 | 000,000,055 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011-05-13 16:18:55 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2011-04-10 13:34:23 | 000,008,192 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011-03-31 20:13:11 | 000,019,952 | ---- | C] () -- C:\Documents and Settings\Dom\Application Data\GDIPFONTCACHEV1.DAT
[2011-03-28 12:54:55 | 000,020,344 | ---- | C] () -- C:\Documents and Settings\Dom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2011-03-06 12:53:12 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2011-03-06 12:44:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-03-06 12:20:53 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat
[2011-03-06 12:20:53 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2011-03-06 12:20:51 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011-03-06 12:20:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-03-06 04:10:17 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-03-06 04:05:51 | 001,577,018 | -H-- | C] () -- C:\Documents and Settings\Dom\Local Settings\Application Data\IconCache.db
[2011-03-06 03:49:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-03-06 03:45:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2011-03-06 03:44:17 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2011-03-06 03:44:11 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2011-03-06 03:41:31 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-03-06 03:41:21 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2011-03-06 03:41:21 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2011-03-06 03:37:42 | 000,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2011-03-06 03:37:42 | 000,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2011-03-05 20:03:12 | 000,000,418 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-03-05 19:56:58 | 000,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2011-03-05 19:32:27 | 000,601,906 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-03-05 19:32:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-03-05 19:31:23 | 000,121,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-03-05 19:20:12 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Dom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-02-24 12:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012-03-18 11:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2011-04-10 13:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Caphyon
[2012-02-20 13:37:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011-04-11 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011-05-12 17:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2011-03-18 20:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gadu-Gadu 10
[2012-02-05 17:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011-04-20 14:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012-02-24 10:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011-06-04 23:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OpenFM
[2012-01-11 18:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2012-03-30 18:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2012-02-05 17:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011-06-14 14:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2012-02-20 14:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012-03-23 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\.minecraft
[2012-02-20 14:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\AVG
[2012-02-20 13:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\AVG2012
[2012-03-18 11:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Babylon
[2011-04-11 13:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\DAEMON Tools Lite
[2011-05-12 17:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Firefly Studios
[2011-12-05 18:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Gadu-Gadu 10
[2011-03-21 14:33:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\GanymedeNet
[2012-01-07 11:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\GetRightToGo
[2011-12-07 19:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\gtk-2.0
[2011-04-11 13:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Gutscheinmieze
[2011-08-03 11:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\IObit
[2011-05-28 10:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\LolClient
[2011-09-21 15:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Mount&Blade Warband
[2011-05-20 15:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Mount&Blade With Fire and Sword
[2012-03-18 11:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Mumble
[2011-12-01 16:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\OpenCandy
[2011-06-04 23:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\OpenFM
[2012-01-11 18:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\PACE Anti-Piracy
[2011-11-29 21:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Search Settings
[2011-06-25 21:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\SystemRequirementsLab
[2011-07-16 15:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\TS3Client
[2011-07-04 12:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\ts3overlay
[2012-01-11 18:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\Unity
[2012-04-15 17:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\uTorrent
[2012-03-31 22:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Application Data\XnView
[2012-04-26 15:50:01 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 974 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:kNRfvXWOe6ZlRRwRE3dSzlFPNRTpm
@Alternate Data Stream - 970 bytes -> C:\Documents and Settings\Dom\Cookies:IbuGU9GVDG7O0OHixesJ72BO
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 1144 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:lTx8vUo1qhwBy2OylahJ

< End of report >