OTL logfile created on: 2012-09-06 20:18:50 - Run 1
OTL by OldTimer - Version 3.2.61.0     Folder = C:\Users\Renata2\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,50 Gb Total Physical Memory | 0,47 Gb Available Physical Memory | 31,61% Memory free
3,25 Gb Paging File | 1,97 Gb Available in Paging File | 60,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 9,56 Gb Free Space | 19,13% Space Free | Partition Type: NTFS
Drive D: | 97,04 Gb Total Space | 66,60 Gb Free Space | 68,63% Space Free | Partition Type: NTFS
 
Computer Name: RENATA | User Name: Renata2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-09-06 20:13:58 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Renata2\Desktop\OTL.exe
PRC - [2012-09-01 21:28:49 | 000,690,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-12-18 13:21:16 | 000,341,264 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008-09-30 23:49:16 | 000,327,680 | ---- | M] (Inventec Corp.) -- C:\Program Files\FSC\Wireless Utility\Wireless Selector.exe
PRC - [2008-08-12 16:21:12 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008-01-21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012-09-01 22:25:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008-12-18 13:21:16 | 000,341,264 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008-01-21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-08-12 13:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010-08-12 13:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2009-09-05 15:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-09-01 08:19:18 | 009,825,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008-08-25 04:22:52 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008-08-18 19:58:42 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008-08-18 19:58:16 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008-07-16 02:00:04 | 000,016,384 | ---- | M] (Inventec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FSCSLII.sys -- (FSCSLII)
DRV - [2008-01-21 04:32:47 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.fujitsu-siemens.com/index2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{DC3B1A03-C24E-45D1-A69F-AD99E364F4CD}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.fujitsu-siemens.com/index2
IE - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
IE - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\..\SearchScopes,DefaultScope = {DC3B1A03-C24E-45D1-A69F-AD99E364F4CD}
IE - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\..\SearchScopes\{DC3B1A03-C24E-45D1-A69F-AD99E364F4CD}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
IE - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\..\SearchScopes\{E0834B3D-0C72-4568-9162-1096C316D4A0}: "URL" = http://findgala.com/?&uid=2121&q={searchTerms}
IE - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25531
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1"
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1203
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..keyword.URL: "http://www.scanquery.com/?tmp=nemo_results_removelink&prt=ScnqryPB&keywords="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-25 22:18:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-24 22:05:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-12 17:17:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-29 20:32:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-22 07:32:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-24 22:05:39 | 000,000,000 | ---D | M]
 
[2011-02-24 18:35:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Renata2\AppData\Roaming\mozilla\Extensions
[2012-09-06 20:14:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Renata2\AppData\Roaming\mozilla\Firefox\Profiles\e7fm0c78.default\extensions
[2011-02-25 20:56:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Renata2\AppData\Roaming\mozilla\Firefox\Profiles\e7fm0c78.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-07-11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Renata2\AppData\Roaming\mozilla\firefox\profiles\e7fm0c78.default\searchplugins\startsear.xml
[2011-07-06 20:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-02-25 20:43:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-07-06 19:58:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-05-03 13:14:44 | 000,000,000 | ---D | M] (ScanQuery) -- C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
[2012-04-25 22:18:06 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012-02-12 17:17:01 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011-03-24 22:05:39 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-02-29 20:32:50 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-29 20:32:50 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-29 20:32:50 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-29 20:32:50 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-29 20:32:50 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-29 20:32:50 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2011-02-28 19:05:19 | 000,001,973 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 64.34.212.70 google.com 
O1 - Hosts: 64.34.212.70 google.com.au 
O1 - Hosts: 64.34.212.70 www.google.com.au
O1 - Hosts: 64.34.212.70 google.be 
O1 - Hosts: 64.34.212.70 www.google.be
O1 - Hosts: 64.34.212.70 google.com.br 
O1 - Hosts: 64.34.212.70 www.google.com.br
O1 - Hosts: 64.34.212.70 google.ca 
O1 - Hosts: 64.34.212.70 www.google.ca
O1 - Hosts: 64.34.212.70 google.ch 
O1 - Hosts: 64.34.212.70 www.google.ch
O1 - Hosts: 64.34.212.70 google.de 
O1 - Hosts: 64.34.212.70 www.google.de
O1 - Hosts: 64.34.212.70 google.dk 
O1 - Hosts: 64.34.212.70 www.google.dk
O1 - Hosts: 64.34.212.70 google.fr 
O1 - Hosts: 64.34.212.70 www.google.fr
O1 - Hosts: 64.34.212.70 google.ie 
O1 - Hosts: 64.34.212.70 www.google.ie
O1 - Hosts: 64.34.212.70 google.it 
O1 - Hosts: 64.34.212.70 www.google.it
O1 - Hosts: 64.34.212.70 google.co.jp 
O1 - Hosts: 64.34.212.70 www.google.co.jp
O1 - Hosts: 23 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\..\Toolbar\WebBrowser: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Wireless_Selector] C:\Program Files\FSC\Wireless Utility\Wireless Selector.exe (Inventec Corp.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1839465252-593943468-3182760953-1001..\Run: [cacaoweb] C:\Users\Renata2\AppData\Roaming\cacaoweb\cacaoweb.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O7 - HKU\S-1-5-21-1839465252-593943468-3182760953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A7DFCA5-A5A0-486B-8B88-873D6A012FE0}: NameServer = 194.204.159.1,194.204.152.34
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Renata2\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Renata2\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O27 - HKLM IFEO\OLT.exe: Debugger - C:\Windows\System32\svchost.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-09-06 20:16:33 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\Renata2\Desktop\OTL.exe
[2012-09-06 17:58:02 | 000,000,000 | ---D | C] -- C:\Users\Renata2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012-09-05 20:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF981B01D03D0051C06B2F3B707C
[2012-09-01 21:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-09-01 21:28:49 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-08-25 14:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-08-25 14:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012-08-15 22:20:58 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-08-15 22:20:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-08-15 22:20:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-08-15 22:20:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-08-15 22:20:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-08-15 22:20:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-08-15 22:20:53 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-08-15 22:20:33 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2 C:\Users\Renata2\Desktop\*.tmp files -> C:\Users\Renata2\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-09-06 20:22:15 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-09-06 20:18:00 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-06 20:18:00 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-06 20:17:48 | 000,854,156 | ---- | M] () -- C:\Users\Renata2\Desktop\SecurityCheck.exe
[2012-09-06 20:15:41 | 000,302,592 | ---- | M] () -- C:\Users\Renata2\Desktop\u2mi99j0.exe
[2012-09-06 20:13:58 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Renata2\Desktop\OTL.exe
[2012-09-06 20:01:48 | 000,048,317 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012-09-06 20:01:41 | 000,048,317 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012-09-06 20:01:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-09-01 22:25:17 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-09-01 22:25:17 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-08-16 08:59:32 | 000,379,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-08-15 19:22:51 | 000,672,140 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-08-15 19:22:51 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-08-15 19:22:51 | 000,130,516 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-08-15 19:22:51 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-08-14 17:44:11 | 161,328,011 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2 C:\Users\Renata2\Desktop\*.tmp files -> C:\Users\Renata2\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-09-06 20:17:47 | 000,854,156 | ---- | C] () -- C:\Users\Renata2\Desktop\SecurityCheck.exe
[2012-09-06 20:16:33 | 000,302,592 | ---- | C] () -- C:\Users\Renata2\Desktop\u2mi99j0.exe
[2012-09-06 20:16:33 | 000,135,422 | ---- | C] () -- C:\Users\Renata2\Desktop\twoja f@ktura.pdf
[2012-09-01 21:28:50 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-01-03 19:01:24 | 001,253,376 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2012-01-03 19:01:24 | 001,032,192 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2012-01-03 19:01:24 | 000,102,400 | ---- | C] () -- C:\Windows\System32\vorbisfile.dll
[2012-01-03 19:01:23 | 000,061,440 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2011-03-24 21:45:20 | 000,209,613 | ---- | C] () -- C:\Windows\hpoins46.dat
[2011-03-13 11:34:40 | 000,000,014 | ---- | C] () -- C:\Windows\System32\SysInfo.dll
[2011-03-09 20:58:42 | 000,015,360 | ---- | C] () -- C:\Users\Renata2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-25 19:31:02 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009-05-11 17:31:39 | 000,048,317 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009-05-11 17:21:10 | 000,048,317 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-03-13 22:50:54 | 000,000,000 | ---D | M] -- C:\Users\Renata2\AppData\Roaming\cacaoweb
[2012-03-23 21:41:49 | 000,000,000 | ---D | M] -- C:\Users\Renata2\AppData\Roaming\Gadu-Gadu 10
[2012-01-31 22:14:52 | 000,000,000 | ---D | M] -- C:\Users\Renata2\AppData\Roaming\Moyea
[2011-03-01 22:54:13 | 000,000,000 | ---D | M] -- C:\Users\Renata2\AppData\Roaming\OpenFM
[2012-04-18 17:36:26 | 000,000,000 | ---D | M] -- C:\Users\Renata2\AppData\Roaming\Picajet.com
[2011-10-02 15:48:31 | 000,000,000 | ---D | M] -- C:\Users\Renata2\AppData\Roaming\Teleca
[2012-09-06 19:23:20 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >