OTL logfile created on: 1/2/2011 1:57:19 PM - Run 2 OTL by OldTimer - Version 3.2.20.0 Folder = C:\Users\Maciej\Downloads Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free Paging file location(s): g:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 40.00 Gb Total Space | 23.07 Gb Free Space | 57.66% Space Free | Partition Type: NTFS Drive D: | 20.00 Gb Total Space | 19.87 Gb Free Space | 99.33% Space Free | Partition Type: NTFS Drive E: | 98.01 Gb Total Space | 77.07 Gb Free Space | 78.63% Space Free | Partition Type: NTFS Drive F: | 60.00 Gb Total Space | 59.91 Gb Free Space | 99.85% Space Free | Partition Type: NTFS Drive G: | 4.85 Gb Total Space | 2.81 Gb Free Space | 57.86% Space Free | Partition Type: NTFS Computer Name: MACIEJ-KOMPUTER | User Name: Maciej | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/01/02 11:26:08 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Maciej\Downloads\OTL.exe PRC - [2010/12/09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\Maciej\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010/11/16 11:07:32 | 000,422,912 | ---- | M] (Sony Ericsson) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe PRC - [2010/10/21 20:53:59 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\Maciej\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe PRC - [2010/10/04 11:35:40 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\TMonitor.exe PRC - [2010/09/22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010/09/15 04:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe PRC - [2010/01/18 08:42:35 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2009/12/30 00:28:14 | 000,104,960 | ---- | M] () -- C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe PRC - [2009/12/24 11:25:04 | 001,736,704 | ---- | M] () -- C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe PRC - [2009/11/19 23:05:42 | 000,284,160 | ---- | M] (ASUSTek) -- C:\Program Files\ASUS\LivCam\LivCam.exe PRC - [2009/11/17 22:47:40 | 000,414,384 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/10/26 23:30:00 | 000,413,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe PRC - [2009/10/17 06:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe PRC - [2009/09/29 11:28:44 | 007,744,032 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2009/09/15 02:05:56 | 000,044,312 | ---- | M] () -- C:\Program Files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe PRC - [2009/09/11 20:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe PRC - [2009/08/28 00:38:28 | 000,803,304 | ---- | M] () -- C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe PRC - [2009/08/19 02:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe PRC - [2009/08/03 01:05:24 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2009/08/03 01:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe PRC - [2009/07/20 10:47:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/01/02 11:26:08 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Maciej\Downloads\OTL.exe MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/10/26 16:05:24 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2010/09/22 23:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/09/22 15:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010/09/22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/09/15 02:05:56 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService) SRV - [2009/08/19 02:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2009/08/03 01:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV) SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\WPRO_40_1340.sys -- (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340) DRV - [2010/12/09 22:57:18 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010/12/09 22:57:18 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2010/10/25 04:10:06 | 004,807,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2010/09/22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2010/04/17 00:12:48 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009/11/13 08:47:50 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2009/10/05 18:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/09/29 11:16:02 | 002,776,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/07/20 10:48:32 | 000,213,552 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2009/07/20 10:29:00 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\rdpbus.sys -- (rdpbus) DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt) DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\appid.sys -- (AppID) DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009/07/06 03:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO) DRV - [2009/07/01 05:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt) DRV - [2009/07/01 05:46:14 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2009/07/01 05:46:12 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2009/07/01 05:46:04 | 000,018,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2009/06/05 03:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2009/04/07 08:32:50 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ASUS WebStorage] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe () O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\aprp.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKLM..\Run: [EeeSplendidAgent] C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe () O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LivCam] C:\Program Files\ASUS\LivCam\LivCam.exe (ASUSTek) O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3521551021-1966395288-1005186300-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll () O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\windows\System32\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\windows\System32\livessp.dll (Microsoft Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{8b0b9bf8-c3ca-11df-b59a-485b39282d88}\Shell - "" = AutoRun O33 - MountPoints2\{8b0b9bf8-c3ca-11df-b59a-485b39282d88}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/01/02 13:50:52 | 000,000,000 | ---D | C] -- C:\_OTL [2011/01/01 18:39:06 | 000,000,000 | -H-D | C] -- C:\Users\Maciej\Desktop\.picasaoriginals [2010/12/22 23:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon [2010/12/22 04:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials [2010/12/21 01:08:07 | 000,000,000 | ---D | C] -- D:\Dragonica [2010/12/21 01:06:47 | 000,000,000 | ---D | C] -- C:\Users\Maciej\AppData\Roaming\DragonicaSCB [2010/12/15 21:14:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll [2010/12/15 21:14:02 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2010/12/15 21:13:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2010/12/15 21:13:56 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2010/12/15 21:13:56 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2010/12/15 21:13:56 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2010/12/15 21:13:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2010/12/15 21:13:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2010/12/15 21:13:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2010/12/15 21:13:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2010/12/15 21:13:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2010/12/15 21:13:55 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2010/12/15 21:13:40 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskschd.dll [2010/12/15 21:13:39 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmicmiplugin.dll [2010/12/15 21:13:39 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskcomp.dll [2010/12/15 21:13:39 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schtasks.exe [2010/12/15 21:13:15 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2010/12/15 21:13:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2010/12/15 21:13:07 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll [2010/12/15 21:13:04 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe [2010/12/15 21:08:03 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2010/12/09 22:57:18 | 000,025,512 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\windows\System32\drivers\ggsemc.sys [2010/12/09 22:57:18 | 000,013,224 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\windows\System32\drivers\ggflt.sys [2010/12/09 22:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson [2010/12/09 22:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson [2010/12/09 22:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson [2010/12/09 20:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\vShare [2010/12/06 18:53:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2010/12/06 18:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2009/11/04 14:06:04 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/01/02 14:00:37 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/02 14:00:37 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/02 13:59:41 | 001,549,696 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2011/01/02 13:59:41 | 000,697,912 | ---- | M] () -- C:\windows\System32\perfh015.dat [2011/01/02 13:59:41 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/01/02 13:59:41 | 000,134,990 | ---- | M] () -- C:\windows\System32\perfc015.dat [2011/01/02 13:59:41 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/01/02 13:59:00 | 000,001,062 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3521551021-1966395288-1005186300-1001UA.job [2011/01/02 13:55:20 | 002,097,152 | -HS- | M] () -- C:\Users\Maciej\NTUSER.DAT [2011/01/02 13:53:12 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2011/01/02 13:53:03 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/01/02 13:52:58 | 1602,887,680 | -HS- | M] () -- C:\hiberfil.sys [2011/01/02 10:49:38 | 014,551,927 | -H-- | M] () -- C:\Users\Maciej\AppData\Local\IconCache.db [2011/01/01 21:59:00 | 000,001,010 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3521551021-1966395288-1005186300-1001Core.job [2011/01/01 18:42:01 | 001,650,718 | ---- | M] () -- C:\Users\Maciej\Desktop\_MG_0973.CR2.jpg [2010/12/23 16:51:46 | 000,037,033 | ---- | M] () -- C:\Users\Maciej\Desktop\C 16130 POZNAN 16 12 2010 GODZ 17 00 GR 2 A SERAFINSKA.docx [2010/12/22 21:20:06 | 000,134,727 | ---- | M] () -- C:\Users\Maciej\Desktop\0099653169.pdf [2010/12/22 04:26:42 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk [2010/12/22 00:43:36 | 000,017,508 | ---- | M] () -- D:\Orkiestra we Włocławku.docx [2010/12/17 12:53:42 | 000,078,864 | ---- | M] () -- D:\Bóg się rodzi Contrabass.pdf [2010/12/17 12:53:35 | 000,078,006 | ---- | M] () -- D:\Bóg się rodzi Violoncello.pdf [2010/12/17 12:53:28 | 000,075,678 | ---- | M] () -- D:\Bóg się rodzi Viola.pdf [2010/12/17 12:53:21 | 000,077,352 | ---- | M] () -- D:\Bóg się rodzi Violin II.pdf [2010/12/17 12:53:13 | 000,077,156 | ---- | M] () -- D:\Bóg się rodzi Violin I.pdf [2010/12/17 12:53:05 | 000,091,359 | ---- | M] () -- D:\Bóg się rodzi.pdf [2010/12/17 12:51:56 | 000,076,558 | ---- | M] () -- D:\Anioł pasterzom Double Bass.pdf [2010/12/17 12:51:48 | 000,074,754 | ---- | M] () -- D:\Anioł pasterzom Violoncello.pdf [2010/12/17 12:51:38 | 000,074,282 | ---- | M] () -- D:\Anioł pasterzom Viola.pdf [2010/12/17 12:51:25 | 000,070,383 | ---- | M] () -- D:\Anioł pasterzom Violin II.pdf [2010/12/17 12:50:56 | 000,070,497 | ---- | M] () -- D:\Anioł pasterzom Violin I.pdf [2010/12/17 12:50:44 | 000,083,310 | ---- | M] () -- D:\Anioł pasterzom.pdf [2010/12/16 13:52:51 | 000,436,824 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2010/12/14 22:45:24 | 000,002,180 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk [2010/12/10 00:16:03 | 000,000,915 | ---- | M] () -- C:\Users\Maciej\Desktop\NapiProjekt.lnk [2010/12/09 23:19:56 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf [2010/12/09 23:19:56 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf [2010/12/09 22:57:18 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\windows\System32\drivers\ggsemc.sys [2010/12/09 22:57:18 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\windows\System32\drivers\ggflt.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/01/01 18:42:01 | 001,650,718 | ---- | C] () -- C:\Users\Maciej\Desktop\_MG_0973.CR2.jpg [2010/12/23 18:26:42 | 000,037,033 | ---- | C] () -- C:\Users\Maciej\Desktop\C 16130 POZNAN 16 12 2010 GODZ 17 00 GR 2 A SERAFINSKA.docx [2010/12/22 21:20:03 | 000,134,727 | ---- | C] () -- C:\Users\Maciej\Desktop\0099653169.pdf [2010/12/22 04:26:42 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk [2010/12/17 12:53:40 | 000,078,864 | ---- | C] () -- D:\Bóg się rodzi Contrabass.pdf [2010/12/17 12:53:33 | 000,078,006 | ---- | C] () -- D:\Bóg się rodzi Violoncello.pdf [2010/12/17 12:53:27 | 000,075,678 | ---- | C] () -- D:\Bóg się rodzi Viola.pdf [2010/12/17 12:53:19 | 000,077,352 | ---- | C] () -- D:\Bóg się rodzi Violin II.pdf [2010/12/17 12:53:12 | 000,077,156 | ---- | C] () -- D:\Bóg się rodzi Violin I.pdf [2010/12/17 12:53:03 | 000,091,359 | ---- | C] () -- D:\Bóg się rodzi.pdf [2010/12/17 12:51:55 | 000,076,558 | ---- | C] () -- D:\Anioł pasterzom Double Bass.pdf [2010/12/17 12:51:46 | 000,074,754 | ---- | C] () -- D:\Anioł pasterzom Violoncello.pdf [2010/12/17 12:51:36 | 000,074,282 | ---- | C] () -- D:\Anioł pasterzom Viola.pdf [2010/12/17 12:51:23 | 000,070,383 | ---- | C] () -- D:\Anioł pasterzom Violin II.pdf [2010/12/17 12:50:54 | 000,070,497 | ---- | C] () -- D:\Anioł pasterzom Violin I.pdf [2010/12/17 12:50:42 | 000,083,310 | ---- | C] () -- D:\Anioł pasterzom.pdf [2010/12/10 00:16:02 | 000,000,915 | ---- | C] () -- C:\Users\Maciej\Desktop\NapiProjekt.lnk [2010/12/09 23:19:56 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf [2010/12/09 23:19:56 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf [2010/12/09 22:31:37 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk [2010/11/27 20:58:17 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll [2010/11/27 20:58:16 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini [2010/11/27 20:58:13 | 000,790,528 | ---- | C] () -- C:\windows\System32\xvidcore.dll [2010/11/27 20:58:13 | 000,134,144 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2010/11/27 20:58:13 | 000,108,032 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2010/11/27 20:58:13 | 000,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest [2010/09/12 22:30:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/09/04 20:18:40 | 000,006,656 | ---- | C] () -- C:\Users\Maciej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/30 10:24:14 | 000,007,605 | ---- | C] () -- C:\Users\Maciej\AppData\Local\Resmon.ResmonCfg [2010/04/17 09:41:52 | 000,000,604 | -H-- | C] () -- C:\Program Files\STLL Notifier [2010/04/17 09:38:37 | 000,000,452 | ---- | C] () -- C:\windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini [2010/04/17 04:05:14 | 014,551,927 | -H-- | C] () -- C:\Users\Maciej\AppData\Local\IconCache.db [2010/04/17 04:05:14 | 000,124,928 | ---- | C] () -- C:\Users\Maciej\AppData\Local\GDIPFONTCACHEV1.DAT [2010/04/17 00:12:48 | 000,691,696 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys [2010/04/16 22:23:50 | 000,000,000 | ---- | C] () -- C:\Users\Maciej\AppData\Roaming\wklnhst.dat [2010/04/16 20:14:43 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS [2010/01/18 08:34:21 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010/01/18 08:30:26 | 000,011,448 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys [2010/01/18 08:30:19 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini [2010/01/18 08:10:53 | 000,021,864 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini [2009/07/25 08:50:01 | 001,549,696 | ---- | C] () -- C:\windows\System32\PerfStringBackup.INI [2009/07/14 05:41:57 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2009/07/14 03:04:57 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini [2009/07/14 03:04:23 | 000,000,387 | ---- | C] () -- C:\windows\win.ini [2009/07/14 03:04:23 | 000,000,219 | ---- | C] () -- C:\windows\system.ini [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/07/13 22:40:44 | 000,027,097 | ---- | C] () -- C:\windows\System32\country.sys [2009/07/13 22:40:43 | 000,042,809 | ---- | C] () -- C:\windows\System32\KEY01.SYS [2009/07/13 22:40:43 | 000,042,537 | ---- | C] () -- C:\windows\System32\KEYBOARD.SYS [2009/07/13 22:40:41 | 000,009,029 | ---- | C] () -- C:\windows\System32\ANSI.SYS [2009/07/13 22:40:40 | 000,004,768 | ---- | C] () -- C:\windows\System32\HIMEM.SYS [2009/07/13 22:40:39 | 000,029,274 | ---- | C] () -- C:\windows\System32\NTDOS412.SYS [2009/07/13 22:40:35 | 000,029,370 | ---- | C] () -- C:\windows\System32\NTDOS411.SYS [2009/07/13 22:40:31 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS404.SYS [2009/07/13 22:40:27 | 000,029,146 | ---- | C] () -- C:\windows\System32\NTDOS804.SYS [2009/07/13 22:40:23 | 000,027,866 | ---- | C] () -- C:\windows\System32\NTDOS.SYS [2009/07/13 22:40:19 | 000,035,536 | ---- | C] () -- C:\windows\System32\NTIO412.SYS [2009/07/13 22:40:17 | 000,035,776 | ---- | C] () -- C:\windows\System32\NTIO411.SYS [2009/07/13 22:40:15 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO404.SYS [2009/07/13 22:40:13 | 000,034,672 | ---- | C] () -- C:\windows\System32\NTIO804.SYS [2009/07/13 22:40:11 | 000,033,952 | ---- | C] () -- C:\windows\System32\NTIO.SYS [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\System32\msjetoledb40.dll [2009/07/13 21:29:46 | 000,013,312 | ---- | C] () -- C:\windows\System32\win87em.dll [2009/06/10 22:39:59 | 000,060,124 | ---- | C] () -- C:\windows\System32\tcpmon.ini [color=#E56717]========== LOP Check ==========[/color] [2010/01/18 09:32:21 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage [2010/01/18 09:32:21 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage [2010/04/22 23:17:34 | 000,000,000 | -HSD | M] -- C:\Users\Maciej\AppData\Roaming\.# [2010/04/17 12:17:21 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\Acronis [2010/05/01 14:30:11 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\Asus [2010/01/18 09:32:21 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\ASUS WebStorage [2010/10/04 10:44:15 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\Azureus [2010/10/22 09:55:20 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\BESTplayer [2010/04/17 09:20:33 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\DAEMON Tools Lite [2010/12/21 01:06:47 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\DragonicaSCB [2010/04/16 20:18:59 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\EeeStorageUploader [2010/07/12 10:01:23 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\ESET [2010/04/21 14:19:57 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\Gadu-Gadu 10 [2010/04/22 23:12:03 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\GameConsole [2010/04/16 22:47:41 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\Opera [2010/09/28 07:44:35 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\Softland [2010/04/24 09:30:37 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\temp [2010/04/19 20:01:50 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\Template [2010/11/27 00:03:50 | 000,000,000 | ---D | M] -- C:\Users\Maciej\AppData\Roaming\Zylom [2010/12/14 22:39:22 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:C8B8CEBD < End of report >