OTL logfile created on: 2012-07-06 15:25:41 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Bogdan\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,99 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 75,21% Memory free
6,18 Gb Paging File | 5,69 Gb Available in Paging File | 92,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,09 Gb Total Space | 18,06 Gb Free Space | 24,38% Space Free | Partition Type: NTFS
Drive D: | 211,00 Gb Total Space | 110,41 Gb Free Space | 52,33% Space Free | Partition Type: NTFS
 
Computer Name: BOGDAN-LT | User Name: Bogdan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-06 15:25:23 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bogdan\Downloads\OTL.exe
PRC - [2012-06-21 18:57:10 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-10-18 15:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2011-10-18 15:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011-09-16 18:38:10 | 001,318,552 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011-01-27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-06-21 18:57:09 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-11-24 22:35:50 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- D:\APM\MySql\bin\mysqld -- (MySQL51)
SRV - File not found [On_Demand | Stopped] -- D:/FoxServ/mysql/bin/mysqld-nt.exe -- (MySql)
SRV - File not found [On_Demand | Stopped] -- D:\APM\Apache\bin\httpd.exe -- (Apache2.2)
SRV - File not found [On_Demand | Stopped] -- D:\FoxServ\Apache\bin\Apache.exe -- (Apache)
SRV - [2012-06-21 18:57:09 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-06-05 18:11:17 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-10-18 15:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2011-10-18 15:28:34 | 000,160,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011-10-18 15:28:18 | 000,166,288 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011-06-23 15:22:58 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011-01-27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011-01-27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011-01-27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011-01-27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011-01-27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011-01-27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011-01-27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010-04-13 21:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-10-08 19:48:35 | 060,059,648 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- d:\oracle\product\10.2.0\db_2\bin\ORACLE.EXE -- (OracleServiceORCL10G)
SRV - [2009-05-15 23:23:58 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009-03-26 23:04:42 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009-03-26 23:04:22 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2009-03-26 23:04:16 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2009-03-05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\Rezip.exe -- (Rezip)
SRV - [2009-01-30 11:07:00 | 000,282,624 | ---- | M] (Marvell) [Auto | Stopped] -- C:\Windows\System32\ykx32mpcoinst.dll -- (yksvc)
SRV - [2008-12-01 11:49:02 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2008-03-18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008-01-16 05:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2006-11-16 17:41:46 | 000,102,400 | ---- | M] () [Disabled | Stopped] -- d:\oracle\product\10.2.0\db_2\Bin\extjob.exe -- (OracleJobSchedulerORCL10G)
SRV - [2006-11-14 07:22:54 | 000,024,064 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- D:\oracle\product\10.2.0\db_2\bin\nmesrvc.exe -- (OracleDBConsoleorcl10g)
SRV - [2006-10-12 01:35:06 | 000,053,248 | ---- | M] (Oracle) [On_Demand | Stopped] -- D:\oracle\product\10.2.0\db_2\bin\isqlplussvc.exe -- (OracleOraDb10g_home1iSQL*Plus)
SRV - [2006-10-10 06:03:22 | 000,208,896 | ---- | M] () [Auto | Stopped] -- D:\oracle\product\10.2.0\db_2\BIN\TNSLSNR.exe -- (OracleOraDb10g_home1TNSListener)
SRV - [2002-10-18 20:04:10 | 000,101,136 | ---- | M] () [On_Demand | Stopped] -- D:\orant6i\BIN\ONRSD80.EXE -- (OracleClientCache80)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2011-10-15 14:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011-10-15 14:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011-10-15 14:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011-10-15 14:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011-10-15 14:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011-10-15 14:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011-10-15 14:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011-10-15 14:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011-10-15 14:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011-06-23 19:32:46 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010-06-21 05:26:36 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010-06-21 05:26:36 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010-06-21 05:26:36 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010-06-21 05:26:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010-05-12 12:14:58 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2010-04-13 21:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Stopped] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009-11-09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-09-16 11:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009-09-16 11:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009-05-16 00:01:24 | 004,933,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009-03-26 23:05:36 | 000,054,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2009-03-26 23:05:36 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2009-03-26 23:05:34 | 000,857,520 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2009-03-26 23:05:34 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2009-03-26 23:05:32 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2009-03-26 17:31:12 | 000,031,280 | R--- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2009-03-26 17:31:12 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2008-12-01 11:47:08 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2008-11-21 03:22:24 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326)
DRV - [2008-11-04 06:13:32 | 000,952,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-09-26 19:04:10 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008-08-12 04:03:20 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2008-03-21 05:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008-01-21 04:23:21 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\loop.sys -- (msloop)
DRV - [2008-01-21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006-11-02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
IE - HKLM\..\SearchScopes,DefaultScope = {CC6A2837-067A-4D7B-B25F-77A94D4E5CF1}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CC6A2837-067A-4D7B-B25F-77A94D4E5CF1}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.onet.pl/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D6 87 97 15 8F 94 57 4A 8E DD DB B4 2B 0C FE 8A  [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{37327672-1BAB-4F96-8D82-A70EF72E30E4}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_plPL347PL347
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{81034623-BD9B-4CF5-91D1-9FDBBC347ACF}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{CC6A2837-067A-4D7B-B25F-77A94D4E5CF1}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_pl___PL347
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012-07-06 14:52:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012-06-14 03:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-21 18:57:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-28 00:18:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-21 18:57:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-28 00:18:25 | 000,000,000 | ---D | M]
 
[2009-09-30 19:17:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bogdan\AppData\Roaming\mozilla\Extensions
[2012-05-02 19:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bogdan\AppData\Roaming\mozilla\Firefox\Profiles\fedlvr7t.default\extensions
[2010-04-28 08:48:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bogdan\AppData\Roaming\mozilla\Firefox\Profiles\fedlvr7t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-03-15 07:48:41 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Bogdan\AppData\Roaming\mozilla\Firefox\Profiles\fedlvr7t.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2011-06-24 18:22:33 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Bogdan\AppData\Roaming\mozilla\Firefox\Profiles\fedlvr7t.default\extensions\DTToolbar@toolbarnet.com
[2011-07-11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\fedlvr7t.default\searchplugins\startsear.xml
[2012-03-12 18:36:07 | 000,003,915 | ---- | M] () -- C:\Users\Bogdan\AppData\Roaming\Mozilla\Firefox\Profiles\fedlvr7t.default\searchplugins\sweetim.xml
[2012-05-02 21:54:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-12-02 13:47:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-06-21 18:57:11 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-04-14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012-04-25 22:02:08 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-06-09 13:41:48 | 000,081,920 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012-06-07 03:47:31 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-06-07 03:47:31 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-09-26 21:56:58 | 000,002,034 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012-06-07 03:47:31 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-07 03:47:31 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-07 03:47:31 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-07 03:47:31 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009-11-07 00:45:56 | 000,000,795 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 10.10.10.10	BOGDAN-LT	BOGDAN-LT
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111111113710.dll (McAfee, Inc.)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gadu-Gadu 10] D:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [xwizard] C:\Users\Bogdan\AppData\Local\Microsoft\Windows\2100\xwizard.exe ()
F3 - HKCU WinNT: Load - (D:\YDPDict\watch.exe) - D:\YDPDICT\WATCH.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: nazwa.pl ([www.sof-com] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1259582189145 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D2C364E-51A8-4BAE-BA41-E05EF6332C49}: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0059655-8E78-4D2F-81CD-CA702B57B5B1}: DhcpNameServer = 62.179.1.62 62.179.1.63
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\fdeploy32.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{003af872-7136-11e0-ab66-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{003af872-7136-11e0-ab66-005056c00008}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3bea057c-9a8f-11e0-9da5-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{3bea057c-9a8f-11e0-9da5-005056c00008}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{54e87aec-3142-11df-a1e6-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{54e87aec-3142-11df-a1e6-005056c00008}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{54e87aed-3142-11df-a1e6-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{54e87aed-3142-11df-a1e6-005056c00008}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{71958e8b-adfc-11de-bfd0-0024540552bf}\Shell\AutoRun\command - "" = J:\WDSetup.exe
O33 - MountPoints2\{c1efeb78-35ec-11df-9169-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{c1efeb78-35ec-11df-9169-005056c00008}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c1efeb7c-35ec-11df-9169-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{c1efeb7c-35ec-11df-9169-005056c00008}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d0d8bad4-3722-11df-b8a1-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{d0d8bad4-3722-11df-b8a1-005056c00008}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\WDSetup.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\WDSetup.exe
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-07 00:57:40 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2012-07-07 00:57:39 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
[2012-07-07 00:57:38 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmProv.dll
[2012-07-07 00:57:38 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmCl.dll
[2012-07-07 00:57:35 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012-07-07 00:57:34 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2012-07-07 00:57:33 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2012-07-07 00:57:32 | 000,278,528 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.dll
[2012-07-06 15:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012-07-06 14:50:06 | 000,000,000 | ---D | C] -- C:\Users\Bogdan\AppData\Roaming\hellomoto
[2012-06-21 13:08:15 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012-06-21 13:08:15 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012-06-21 13:07:34 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012-06-21 13:07:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012-06-14 03:02:03 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-06-14 03:02:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-06-14 03:02:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-06-14 03:02:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-06-14 03:02:00 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-06-14 03:02:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-06-14 03:01:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-06-13 11:16:28 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009-11-04 17:42:18 | 000,073,728 | ---- | C] (Macrovision Corporation) -- C:\Users\Bogdan\SetupNI.dll
[1 C:\Users\Bogdan\Desktop\*.tmp files -> C:\Users\Bogdan\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-06 15:32:24 | 000,001,356 | ---- | M] () -- C:\Users\Bogdan\AppData\Local\d3d9caps.dat
[2012-07-06 15:18:44 | 000,375,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-07-06 15:18:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-06 15:08:34 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-06 15:08:08 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-06 15:08:08 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-06 15:03:01 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-06 14:55:34 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2012-06-14 03:30:54 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-06-14 03:12:06 | 000,721,782 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-06-14 03:12:06 | 000,645,638 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-06-14 03:12:06 | 000,149,498 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-06-14 03:12:06 | 000,123,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-06-07 01:00:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\nmesrvc_core_2012_6_7_1_0_57.dmp
[1 C:\Users\Bogdan\Desktop\*.tmp files -> C:\Users\Bogdan\Desktop\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-06 14:55:34 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2012-06-07 01:00:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nmesrvc_core_2012_6_7_1_0_57.dmp
[2011-09-20 18:13:20 | 000,033,021 | ---- | C] () -- C:\Windows\scunin.dat
[2010-04-20 19:38:25 | 000,001,356 | ---- | C] () -- C:\Users\Bogdan\AppData\Local\d3d9caps.dat
[2009-12-23 14:00:15 | 000,000,600 | ---- | C] () -- C:\Users\Bogdan\AppData\Roaming\winscp.rnd
[2009-12-23 13:42:46 | 000,000,600 | ---- | C] () -- C:\Users\Bogdan\PUTTY.RND
[2009-10-03 17:19:52 | 000,201,216 | ---- | C] () -- C:\Users\Bogdan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-30 22:44:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:2C595FF3

< End of report >