OTL logfile created on: 6/10/2011 7:09:25 PM - Run 1
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Ewelina\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2.97 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.40% Memory free
5.93 Gb Paging File | 4.86 Gb Available in Paging File | 81.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 225.33 Gb Total Space | 189.17 Gb Free Space | 83.95% Space Free | Partition Type: NTFS
Drive D: | 225.33 Gb Total Space | 180.86 Gb Free Space | 80.26% Space Free | Partition Type: NTFS
 
Computer Name: SAMSUNG | User Name: Ewelina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/06/10 19:06:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ewelina\Desktop\OTL.exe
PRC - [2011/06/02 22:07:24 | 000,048,128 | ---- | M] (OSqliyMM) -- C:\Windows\Temp\rqtf\setup.exe
PRC - [2011/03/17 21:56:22 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/11/04 17:53:34 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/11/04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/11/04 06:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/29 07:54:44 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/20 11:12:58 | 000,013,312 | ---- | M] (DoctorSoft) -- C:\Program Files\AnyPC Client\APLangApp.exe
PRC - [2009/10/07 03:31:56 | 002,246,144 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/10/02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2009/08/13 22:58:10 | 000,044,312 | ---- | M] () -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/06/03 13:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/01/23 03:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/06/10 19:06:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ewelina\Desktop\OTL.exe
MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/01/23 03:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sahook.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/06/02 22:07:24 | 000,048,128 | ---- | M] (OSqliyMM) [Auto | Stopped] -- C:\windows\TEMP\rqtf\setup.exe -- (AMService)
SRV - [2011/02/02 04:01:14 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/11/04 17:53:34 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Paused] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/11/04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/29 07:54:44 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/10/28 12:50:32 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009/08/13 22:58:10 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/01/23 03:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2009/11/06 22:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/11/06 06:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/11/04 17:54:12 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/04 17:54:12 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/04 17:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 17:54:12 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/04 17:53:40 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/27 16:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/04/09 07:23:02 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2789141661-186915839-826018185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-2789141661-186915839-826018185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2789141661-186915839-826018185-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\S-1-5-21-2789141661-186915839-826018185-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/02/01 00:16:24 | 000,000,000 | ---D | M]
 
 
Hosts file not found
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2789141661-186915839-826018185-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4 - HKLM..\Run: [APLangApp] C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\.DEFAULT..\Run: [AMService] C:\Windows\Temp\rqtf\setup.exe (OSqliyMM)
O4 - HKU\.DEFAULT..\Run: [KB819460.exe] C:\windows\System32\config\systemprofile\AppData\Roaming\KB819460.exe ()
O4 - HKU\S-1-5-18..\Run: [AMService] C:\Windows\Temp\rqtf\setup.exe (OSqliyMM)
O4 - HKU\S-1-5-18..\Run: [KB819460.exe] C:\windows\System32\config\systemprofile\AppData\Roaming\KB819460.exe ()
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe ()
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [ares]  File not found
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [engel]  File not found
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [fv6ap3xh7c] C:\Users\Ewelina\fv6ap3xh7c.exe (DataSafe)
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [Gadu-Gadu 10] D:\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [Microsoft3264OSUpdate] C:\Users\Public\E-73473-3674-74335\msnrsmsn.exe ()
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [Pgrqrf] C:\Users\Ewelina\AppData\Roaming\Pgrqrf.exe ()
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [rdxagggq] C:\Users\Ewelina\rdxagggq.exe (Pnmfqyuya Software)
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [Regedit32]  File not found
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [taiti]  File not found
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [Vfrqrl] C:\Users\Ewelina\AppData\Roaming\Vfrqrl.exe ()
O4 - HKU\S-1-5-21-2789141661-186915839-826018185-1000..\Run: [wuaucldt] c:\users\ewelina\wuaucldt.exe (Dfytakx Software)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.4.2 8.8.4.4
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/06/10 19:06:21 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Ewelina\Desktop\OTL.exe
[2011/06/09 23:27:11 | 000,000,000 | ---D | C] -- C:\Users\Ewelina\AppData\Roaming\engel
[2011/06/09 18:55:05 | 000,323,584 | RHS- | C] (xxx) -- C:\Users\Ewelina\peogue.exe
[2011/06/09 17:57:49 | 000,143,360 | ---- | C] (xxx) -- C:\Users\Ewelina\wobfud.exe
[2011/06/08 16:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011/06/08 16:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011/06/01 19:44:59 | 000,000,000 | ---D | C] -- C:\RECYCLER
[2011/06/01 19:44:23 | 000,041,472 | ---- | C] (Dfytakx Software) -- C:\Users\Ewelina\wuaucldt.exe
[2011/06/01 19:44:22 | 000,038,400 | ---- | C] (DataSafe) -- C:\Users\Ewelina\fv6ap3xh7c.exe
[2011/06/01 19:44:22 | 000,032,256 | ---- | C] (Pnmfqyuya Software) -- C:\Users\Ewelina\rdxagggq.exe
[2011/05/25 17:56:04 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys
[2011/05/24 17:20:29 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\poqexec.exe
[2011/05/22 10:35:08 | 000,000,000 | ---D | C] -- C:\Users\Ewelina\Desktop\grzesiek mp3
[104 C:\Users\Ewelina\AppData\Roaming\*.tmp files -> C:\Users\Ewelina\AppData\Roaming\*.tmp -> ]
[1 C:\Users\Ewelina\Desktop\*.tmp files -> C:\Users\Ewelina\Desktop\*.tmp -> ]
[1 C:\Users\Ewelina\AppData\Local\*.tmp files -> C:\Users\Ewelina\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/06/10 19:08:26 | 000,050,477 | ---- | M] () -- C:\Users\Ewelina\Desktop\Defogger.exe
[2011/06/10 19:06:47 | 000,302,592 | ---- | M] () -- C:\Users\Ewelina\Desktop\8nsqdcm1.exe
[2011/06/10 19:06:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ewelina\Desktop\OTL.exe
[2011/06/10 19:05:43 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/10 19:05:43 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/10 18:58:24 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/06/10 18:58:15 | 000,001,032 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/10 18:57:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/06/10 18:57:25 | 2388,074,496 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/09 23:45:32 | 000,012,163 | ---- | M] () -- C:\windows\System32\Config.MPF
[2011/06/09 18:55:06 | 000,323,584 | RHS- | M] (xxx) -- C:\Users\Ewelina\peogue.exe
[2011/06/09 18:55:00 | 000,001,036 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/09 16:36:08 | 000,180,224 | ---- | M] () -- C:\Users\Ewelina\vobfux.exe
[2011/06/09 16:23:19 | 000,143,360 | ---- | M] (xxx) -- C:\Users\Ewelina\wobfud.exe
[2011/06/08 20:33:06 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2011/06/08 20:24:51 | 1901,236,829 | ---- | M] () -- C:\windows\MEMORY.DMP
[2011/06/08 19:25:17 | 000,455,384 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/06/08 15:03:06 | 000,697,912 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2011/06/08 15:03:06 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/06/08 15:03:06 | 000,134,990 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2011/06/08 15:03:06 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/06/08 06:10:06 | 000,143,360 | ---- | M] () -- C:\Users\Ewelina\vopnat.exe
[2011/06/06 05:05:01 | 000,131,072 | ---- | M] () -- C:\Users\Ewelina\zupnat.exe
[2011/06/06 05:05:01 | 000,131,072 | ---- | M] () -- C:\Users\Ewelina\supnat.exe
[2011/06/05 20:32:17 | 000,473,230 | ---- | M] () -- C:\Users\Ewelina\veehn.exe
[2011/06/04 17:20:47 | 000,489,207 | ---- | M] () -- C:\Users\Ewelina\fiasn.exe
[2011/06/04 10:48:53 | 000,126,976 | ---- | M] () -- C:\Users\Ewelina\lophost.exe
[2011/06/04 10:48:53 | 000,126,976 | ---- | M] () -- C:\Users\Ewelina\jochost.exe
[2011/06/04 09:07:33 | 000,408,459 | ---- | M] () -- C:\Users\Ewelina\aciz.exe
[2011/06/03 19:39:04 | 000,257,536 | ---- | M] () -- C:\Users\Ewelina\AppData\Roaming\Pgrqrf.exe
[2011/06/03 17:50:30 | 000,204,288 | ---- | M] () -- C:\Users\Ewelina\AppData\Roaming\FB93.exe
[2011/06/03 17:50:28 | 000,408,459 | ---- | M] () -- C:\Users\Ewelina\euxo.exe
[2011/06/03 06:29:13 | 000,258,048 | ---- | M] () -- C:\Users\Ewelina\fGv77YEw.exe
[2011/06/03 06:18:20 | 000,126,976 | ---- | M] () -- C:\Users\Ewelina\igfsvc.exe
[2011/06/02 22:51:00 | 000,204,288 | ---- | M] () -- C:\Users\Ewelina\AppData\Roaming\85D3.exe
[2011/06/02 19:59:17 | 000,204,288 | ---- | M] () -- C:\Users\Ewelina\AppData\Roaming\4F9F.exe
[2011/06/01 19:44:26 | 000,093,937 | ---- | M] () -- C:\Users\Ewelina\AppData\Roaming\Vfrqrl.exe
[2011/06/01 19:44:23 | 000,041,472 | ---- | M] (Dfytakx Software) -- C:\Users\Ewelina\wuaucldt.exe
[2011/06/01 19:44:22 | 000,038,400 | ---- | M] (DataSafe) -- C:\Users\Ewelina\fv6ap3xh7c.exe
[2011/06/01 19:44:22 | 000,032,256 | ---- | M] (Pnmfqyuya Software) -- C:\Users\Ewelina\rdxagggq.exe
[2011/06/01 16:51:44 | 000,000,348 | ---- | M] () -- C:\windows\tasks\McQcTask.job
[2011/06/01 04:50:51 | 000,151,552 | ---- | M] () -- C:\Users\Ewelina\optable.exe
[2011/05/27 18:58:36 | 000,000,000 | ---- | M] () -- C:\Users\Ewelina\AppData\Local\{7F38418C-C896-43FE-86D9-F2A9CF078A3B}
[2011/05/15 01:00:00 | 000,000,368 | ---- | M] () -- C:\windows\tasks\McDefragTask.job
[104 C:\Users\Ewelina\AppData\Roaming\*.tmp files -> C:\Users\Ewelina\AppData\Roaming\*.tmp -> ]
[1 C:\Users\Ewelina\Desktop\*.tmp files -> C:\Users\Ewelina\Desktop\*.tmp -> ]
[1 C:\Users\Ewelina\AppData\Local\*.tmp files -> C:\Users\Ewelina\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/06/10 19:08:26 | 000,050,477 | ---- | C] () -- C:\Users\Ewelina\Desktop\Defogger.exe
[2011/06/10 19:06:46 | 000,302,592 | ---- | C] () -- C:\Users\Ewelina\Desktop\8nsqdcm1.exe
[2011/06/09 17:57:49 | 000,180,224 | ---- | C] () -- C:\Users\Ewelina\vobfux.exe
[2011/06/08 20:33:06 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2011/06/08 10:55:44 | 000,143,360 | ---- | C] () -- C:\Users\Ewelina\vopnat.exe
[2011/06/07 18:03:56 | 000,131,072 | ---- | C] () -- C:\Users\Ewelina\zupnat.exe
[2011/06/06 17:10:31 | 000,131,072 | ---- | C] () -- C:\Users\Ewelina\supnat.exe
[2011/06/05 20:32:17 | 000,473,230 | ---- | C] () -- C:\Users\Ewelina\veehn.exe
[2011/06/05 10:27:42 | 000,126,976 | ---- | C] () -- C:\Users\Ewelina\lophost.exe
[2011/06/04 17:20:47 | 000,489,207 | ---- | C] () -- C:\Users\Ewelina\fiasn.exe
[2011/06/04 17:07:22 | 000,126,976 | ---- | C] () -- C:\Users\Ewelina\jochost.exe
[2011/06/04 09:07:33 | 000,408,459 | ---- | C] () -- C:\Users\Ewelina\aciz.exe
[2011/06/03 19:39:04 | 000,257,536 | ---- | C] () -- C:\Users\Ewelina\AppData\Roaming\Pgrqrf.exe
[2011/06/03 17:50:30 | 000,204,288 | ---- | C] () -- C:\Users\Ewelina\AppData\Roaming\FB93.exe
[2011/06/03 17:50:28 | 000,408,459 | ---- | C] () -- C:\Users\Ewelina\euxo.exe
[2011/06/03 17:50:28 | 000,258,048 | ---- | C] () -- C:\Users\Ewelina\fGv77YEw.exe
[2011/06/03 17:50:28 | 000,126,976 | ---- | C] () -- C:\Users\Ewelina\igfsvc.exe
[2011/06/02 22:51:00 | 000,204,288 | ---- | C] () -- C:\Users\Ewelina\AppData\Roaming\85D3.exe
[2011/06/02 19:59:17 | 000,204,288 | ---- | C] () -- C:\Users\Ewelina\AppData\Roaming\4F9F.exe
[2011/06/01 19:44:28 | 000,093,937 | ---- | C] () -- C:\Users\Ewelina\AppData\Roaming\Vfrqrl.exe
[2011/06/01 19:44:20 | 000,151,552 | ---- | C] () -- C:\Users\Ewelina\optable.exe
[2011/05/27 18:58:36 | 000,000,000 | ---- | C] () -- C:\Users\Ewelina\AppData\Local\{7F38418C-C896-43FE-86D9-F2A9CF078A3B}
[2011/04/26 21:12:52 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011/04/26 21:12:51 | 000,810,496 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2011/04/26 21:12:51 | 000,183,808 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2011/04/26 21:12:51 | 000,080,896 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2011/04/17 23:39:53 | 000,004,608 | ---- | C] () -- C:\Users\Ewelina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/05 18:03:21 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll
[2010/02/14 19:38:06 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/02/14 19:22:02 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/12/22 03:34:39 | 000,697,912 | ---- | C] () -- C:\windows\System32\perfh015.dat
[2009/12/22 03:34:39 | 000,337,158 | ---- | C] () -- C:\windows\System32\perfi015.dat
[2009/12/22 03:34:39 | 000,134,990 | ---- | C] () -- C:\windows\System32\perfc015.dat
[2009/12/22 03:34:39 | 000,038,710 | ---- | C] () -- C:\windows\System32\perfd015.dat
[2009/12/22 00:34:28 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,455,384 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,008 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,388 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/14 00:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/14 00:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/14 00:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/14 00:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006/11/02 18:10:16 | 000,080,912 | ---- | C] () -- C:\windows\System32\sherlock2.exe
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/02/01 01:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Ewelina\AppData\Roaming\.#
[2011/06/09 23:27:11 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\engel
[2010/02/16 18:41:00 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\Gadu-Gadu
[2011/05/08 18:49:24 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\Gadu-Gadu 10
[2010/02/14 20:20:05 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\GameConsole
[2011/05/29 15:17:01 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\ipla
[2011/03/21 16:20:23 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\OpenCandy
[2010/02/21 12:26:20 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\OpenFM
[2011/03/04 20:10:54 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\OpenOffice.org
[2011/03/17 08:44:58 | 000,000,000 | ---D | M] -- C:\Users\Ewelina\AppData\Roaming\RDRM
[2011/05/15 01:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011/06/01 16:51:44 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011/04/13 07:46:49 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:4CF61E54

< End of report >