OTL logfile created on: 2012-07-20 17:11:43 - Run 1
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Michal\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,25 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 77,44% Memory free
6,50 Gb Paging File | 5,85 Gb Available in Paging File | 90,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 49,80 Gb Total Space | 27,84 Gb Free Space | 55,90% Space Free | Partition Type: NTFS
Drive D: | 183,05 Gb Total Space | 76,74 Gb Free Space | 41,93% Space Free | Partition Type: NTFS
Drive H: | 1,83 Gb Total Space | 1,83 Gb Free Space | 100,00% Space Free | Partition Type: FAT
 
Computer Name: MICHAL-KOMPUTER | User Name: Michal | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-20 15:49:47 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe
PRC - [2012-07-08 16:25:16 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011-05-11 17:49:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-07-08 16:25:16 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-04-22 17:17:17 | 001,875,968 | ---- | M] () -- C:\Program Files\Mozilla Firefox\extensions\{6a2b6e20-a2c6-3df6-56d0-9c8b69a58d36}\components\108e1389.dll
MOD - [2012-02-17 18:00:43 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2012-01-09 20:44:20 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011-07-18 23:04:08 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2010-01-30 03:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012-07-08 16:25:16 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010-03-25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-06-26 15:48:16 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2007-02-05 11:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007-02-05 11:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2006-12-14 03:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006-12-14 03:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006-12-14 02:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2012-02-06 16:45:31 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-11-20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010-11-20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-11-20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-06-26 16:23:46 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-06-26 16:23:46 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2009-06-26 15:04:16 | 000,106,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009-05-06 07:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-07-31 03:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=2cbaaced-8c8e-11e1-8fb2-90e6ba126621
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=2cbaaced-8c8e-11e1-8fb2-90e6ba126621&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112059&tt=010712_4&babsrc=HP_ss&mntrId=02aa3df30000000000000025d36d4f12
IE - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112059&tt=010712_4&babsrc=SP_ss&mntrId=02aa3df30000000000000025d36d4f12
IE - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000\..\SearchScopes\{893F1E43-4BE6-42AC-BB5C-5174B7512F96}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=02aa3df30000000000000025d36d4f12
IE - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-19 19:52:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-08 16:25:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-14 15:08:02 | 000,000,000 | ---D | M]
 
[2012-02-03 22:52:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michal\AppData\Roaming\mozilla\Extensions
[2012-07-09 16:18:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\pfe9v4cp.default\extensions
[2012-03-30 00:19:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\pfe9v4cp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-07-08 00:33:38 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\pfe9v4cp.default\extensions\bbrs_002@blabbers.com
[2012-04-22 17:17:08 | 000,000,792 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\pfe9v4cp.default\searchplugins\startsear.xml
[2012-07-08 16:25:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-22 17:17:17 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{6a2b6e20-a2c6-3df6-56d0-9c8b69a58d36}
[2012-02-19 19:52:09 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012-02-19 20:00:30 | 000,550,833 | ---- | M] () (No name found) -- C:\USERS\MICHAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PFE9V4CP.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
[2012-07-08 16:25:17 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-02-26 21:32:01 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-07-08 16:25:13 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-07-08 00:33:42 | 000,002,351 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-07-08 16:25:13 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-07-08 16:25:13 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-07-08 16:25:13 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-19 19:51:44 | 000,000,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search the web.src
[2012-07-08 16:25:13 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-07-08 16:25:13 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://startsear.ch/?aff=1&cf=2cbaaced-8c8e-11e1-8fb2-90e6ba126621
CHR - Extension: YouTube = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Szukaj w Google = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Chatvibes Browser Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Chatvibes Browser Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Michal\AppData\Roaming\toolplugin\toolbar.dll ()
O4 - HKLM..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-2198364406-2641788824-2654918034-1000..\Run: [xqjttgrehoqsoae] C:\ProgramData\xqjttgre.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC79743E-05D7-4094-A01E-A9E6D01A80A3}: DhcpNameServer = 62.179.1.62 62.179.1.63
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{53b7642c-50d1-11e1-b006-90e6ba126621}\Shell - "" = AutoRun
O33 - MountPoints2\{53b7642c-50d1-11e1-b006-90e6ba126621}\Shell\AutoRun\command - "" = F:\_AUTORUN\AUTORUN.EXE
O33 - MountPoints2\{e5ca85a8-c84f-11e1-94e2-90e6ba126621}\Shell - "" = AutoRun
O33 - MountPoints2\{e5ca85a8-c84f-11e1-94e2-90e6ba126621}\Shell\AutoRun\command - "" = G:\_AUTORUN\AUTORUN.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-20 16:11:49 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\InstallShield
[2012-07-20 15:52:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-07-19 23:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\sddbbtzihjfrvwd
[2012-07-17 22:16:53 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\LogMeIn Hamachi
[2012-07-17 22:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012-07-17 22:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012-07-15 22:42:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Dev-Cpp
[2012-07-15 22:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
[2012-07-15 22:42:11 | 000,000,000 | ---D | C] -- C:\Dev-Cpp
[2012-07-09 15:54:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012-07-08 16:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-07-08 16:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-07-08 00:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.1
[2012-07-08 00:34:40 | 000,000,000 | ---D | C] -- C:\Python31
[2012-07-08 00:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\BrowserCompanion
[2012-07-07 19:25:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[3 C:\Users\Michal\Desktop\*.tmp files -> C:\Users\Michal\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-20 17:12:48 | 004,194,304 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT
[2012-07-20 17:08:29 | 000,108,824 | ---- | M] () -- C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-07-20 16:20:52 | 000,407,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-07-20 16:19:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-20 16:19:33 | 2616,549,376 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-20 16:17:37 | 000,000,020 | -HS- | M] () -- C:\Users\Michal\ntuser.ini
[2012-07-20 16:17:37 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-07-20 15:24:50 | 006,513,770 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-07-20 15:24:50 | 002,659,426 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-07-20 15:24:50 | 002,164,248 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-07-20 15:24:50 | 002,067,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-07-20 15:24:50 | 000,004,568 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-07-19 23:59:26 | 000,000,051 | ---- | M] () -- C:\ProgramData\vvvwuyxnzaosuxl
[2012-07-19 23:59:22 | 000,053,248 | ---- | M] () -- C:\ProgramData\xqjttgre.exe
[2012-07-19 22:53:43 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-19 22:53:43 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-17 22:16:44 | 000,000,900 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012-07-08 00:33:47 | 000,000,486 | ---- | M] () -- C:\user.js
[3 C:\Users\Michal\Desktop\*.tmp files -> C:\Users\Michal\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-20 16:17:37 | 000,000,020 | -HS- | C] () -- C:\Users\Michal\ntuser.ini
[2012-07-19 23:59:26 | 000,053,248 | ---- | C] () -- C:\ProgramData\xqjttgre.exe
[2012-07-19 23:59:22 | 000,000,051 | ---- | C] () -- C:\ProgramData\vvvwuyxnzaosuxl
[2012-07-17 22:16:44 | 000,000,900 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012-05-31 11:41:54 | 000,524,288 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{d17dffdf-ab04-11e1-88e2-90e6ba126621}.TMContainer00000000000000000002.regtrans-ms
[2012-05-31 11:41:54 | 000,524,288 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{d17dffdf-ab04-11e1-88e2-90e6ba126621}.TMContainer00000000000000000001.regtrans-ms
[2012-05-31 11:41:54 | 000,065,536 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{d17dffdf-ab04-11e1-88e2-90e6ba126621}.TM.blf
[2012-04-22 17:17:18 | 000,075,045 | ---- | C] () -- C:\Windows\System32\ec87fd6f.exe
[2012-02-17 18:22:48 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-02-17 18:22:48 | 000,000,481 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012-02-15 16:24:15 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2012-02-14 21:38:04 | 000,000,247 | ---- | C] () -- C:\Windows\cake40.ini
[2012-02-14 21:38:04 | 000,000,223 | ---- | C] () -- C:\Windows\shell40.ini
[2012-02-14 21:38:04 | 000,000,045 | ---- | C] () -- C:\Windows\dk.ini
[2012-02-14 21:38:04 | 000,000,036 | ---- | C] () -- C:\Windows\neuronix.ini
[2012-02-14 21:37:57 | 000,906,784 | ---- | C] () -- C:\Windows\System32\OWL52F.DLL
[2012-02-14 21:37:57 | 000,188,448 | ---- | C] () -- C:\Windows\System32\BOCOF.DLL
[2012-02-14 21:37:56 | 000,000,140 | ---- | C] () -- C:\Windows\odbc.ini
[2012-02-04 03:09:51 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2012-02-03 23:11:53 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012-02-03 23:11:52 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012-02-03 23:11:52 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-02-03 23:11:47 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012-02-03 23:08:43 | 000,007,599 | ---- | C] () -- C:\Users\Michal\AppData\Local\Resmon.ResmonCfg
[2012-02-03 21:03:09 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe
[2012-02-03 21:02:59 | 000,108,824 | ---- | C] () -- C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-02-03 20:45:50 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-02-03 20:27:49 | 004,194,304 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT
[2012-02-03 20:24:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-02-01 21:37:01 | 006,513,770 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2011-02-01 21:37:01 | 002,164,248 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2011-02-01 21:37:01 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2011-02-01 21:37:01 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-11-20 23:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010-11-20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010-11-20 23:29:20 | 000,053,600 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2010-11-20 23:01:02 | 000,004,568 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-07-13 14:45:08 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\AIMP3
[2012-02-23 08:19:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\AnvSoft
[2012-02-04 19:38:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Babylon
[2012-06-20 00:56:17 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BESTplayer
[2012-02-21 07:07:11 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2012-07-15 22:42:26 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Dev-Cpp
[2012-02-26 21:24:17 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Foxit Software
[2012-06-01 13:53:34 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Gadu-Gadu 10
[2012-04-22 14:35:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\GHISLER
[2012-02-03 23:10:16 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\IrfanView
[2012-02-13 02:08:11 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\NapiProjekt
[2012-04-22 22:46:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Notepad++
[2012-02-04 18:06:21 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\OpenFM
[2012-05-20 02:18:28 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Sports Interactive
[2012-05-17 00:06:37 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\SQL Developer
[2012-02-19 19:16:02 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\toolplugin
[2012-06-22 21:20:19 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >