OTL logfile created on: 2012-06-09 22:35:12 - Run 19
OTL by OldTimer - Version 3.2.48.0     Folder = E:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
503,37 Mb Total Physical Memory | 253,98 Mb Available Physical Memory | 50,46% Memory free
1,20 Gb Paging File | 1,03 Gb Available in Paging File | 85,51% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34,21 Gb Total Space | 0,51 Gb Free Space | 1,49% Space Free | Partition Type: NTFS
Drive E: | 3,73 Gb Total Space | 1,94 Gb Free Space | 51,98% Space Free | Partition Type: FAT32
 
Computer Name: DB0SCE82 | User Name: X | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-06-09 11:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\529C50A8000432F00009F8EBD151FC84
[2012-01-11 16:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2010-11-21 16:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elcomsoft Password Recovery
[2011-03-11 18:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2011-05-19 20:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ipla
[2010-11-30 22:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2009-07-16 20:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeRecovery
[2008-06-15 12:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2008-11-05 09:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011-03-11 19:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\ArcaVirMicroScan
[2012-01-11 16:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Babylon
[2011-11-07 19:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Broad Intelligence
[2007-01-15 09:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\ContentGuard
[2011-03-11 18:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\f-secure
[2010-09-18 13:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\FreeFileViewer
[2011-08-26 18:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\GrabIt
[2011-05-20 09:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\ipla
[2010-11-30 22:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Juniper Networks
[2006-04-13 21:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Leadertech
[2010-11-15 20:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\OpenOffice.org
[2008-12-09 12:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Opera
[2008-03-09 14:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Publish or Perish
[2012-06-09 18:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\QuickScan
[2011-03-31 21:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\RDRM
[2009-01-07 22:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Snapter Images
[2006-11-02 19:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Tlen.pl
[2012-01-11 16:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Application Data\Toolbar4
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >[/color]
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >[/color]
"" = Microsoft WBEM New Event Subsystem
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >[/color]
"" = MruPidlList
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011-11-01 22:35:20 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009-02-06 13:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008-04-14 05:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008-04-14 05:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2008-04-14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
[2009-02-06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009-02-06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004-08-04 13:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\i386\services.exe
[2004-08-04 13:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >