lucyfer29 utworzono 19 listopada 2010 utworzono 19 listopada 2010 Czesc wszystkim, problem mam nastepujacy mam internet przenosny T-mobile dongle i po zainstalowaniu na moim laptopie zuzywa mi 50% procesora, ten plik w windows task manager nazywa sie bmop.exe i nie da sie go tam wylaczyc, jest to chyba Bytemobile optymization client, mialem ten sam internet na moim starym laptopie ktory byl duzo gorszy i bylo wszystko ok, nie wiem czy ma to cos wspulnego, ale na starym mialem xp a na tym jest windows7, po rozlaczeniu internetu wszystko wraca do normy i jest ok... czy da sie to jakos wylaczyc?? prubowalem w windows task manager ale tam sie tego wylaczyc nie da
Tomek01 komentarz 19 listopada 2010 komentarz 19 listopada 2010 Wrzuć logi OTL i RSIT. Info poniżej. Wstaw je w odpowiednim formacie
lucyfer29 komentarz 19 listopada 2010 Autor komentarz 19 listopada 2010 [log]Run by LUCEK at 2010-11-19 19:00:30 Microsoft Windows 7 Ultimate System drive C: has 38 GB (72%) free of 53 GB Total RAM: 2038 MB (40% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:02:27, on 19/11/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Budzik\budzik.exe C:\Program Files\T-Mobile Mobile Broadband Manager\UIMain.exe C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\T-Mobile Mobile Broadband Manager\CMUpdater.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Gadu-Gadu 10\gg.exe C:\Program Files\Winamp\winamp.exe C:\Users\LUCEK\Desktop\OTL.exe C:\Users\LUCEK\Desktop\RSIT.exe C:\Program Files\trend micro\LUCEK.exe C:\Program Files\T-Mobile Mobile Broadband Manager\bmctl.exe C:\Program Files\T-Mobile Mobile Broadband Manager\bmop.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [UIExec] "C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9098C3E4-955C-4686-ABCF-41BAB4E5A6CC}: NameServer = 149.254.230.7 149.254.199.126 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe -- End of file - 4790 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-03 396144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL [2009-11-17 79224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-03 396144] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592] "Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-10-25 212992] "UIExec"=C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe [2009-07-16 132608] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016] C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Budzik.lnk - C:\Program Files\Budzik\budzik.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2009-09-23 218112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-11-19 19:00:34 ----D---- C:\Program Files\trend micro 2010-11-19 19:00:30 ----D---- C:\rsit 2010-11-19 00:01:48 ----D---- C:\Users\LUCEK\AppData\Roaming\Gadu-Gadu 10 2010-11-19 00:01:27 ----D---- C:\ProgramData\Gadu-Gadu 10 2010-11-19 00:00:45 ----D---- C:\Program Files\Gadu-Gadu 10 2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbser6k.sys 2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbnmea.sys 2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbmdm6k.sys 2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\massfilter.sys 2010-11-18 22:07:12 ----D---- C:\Program Files\T-Mobile Mobile Broadband Manager 2010-11-18 21:50:34 ----D---- C:\Users\LUCEK\AppData\Roaming\IObit 2010-11-14 18:34:44 ----D---- C:\Program Files\Budzik 2010-11-14 18:30:48 ----D---- C:\Program Files\Mystery Case Files Return to Ravenhearst 2010-11-14 18:30:21 ----D---- C:\Program Files\Mystery Case Files - Return to Ravenhearst 2010-11-14 18:29:06 ----D---- C:\Program Files\Games 2010-11-14 18:27:25 ----D---- C:\Users\LUCEK\AppData\Roaming\HdO Adventure 2010-11-14 18:26:12 ----D---- C:\Program Files\Treasure Island The Golden Bug 2010-11-14 18:23:49 ----D---- C:\Program Files\Angela Young 2 - Escape the Dreamscape 2010-11-13 00:24:57 ----D---- C:\Users\LUCEK\AppData\Roaming\Games 2010-11-13 00:23:52 ----D---- C:\Program Files\Department 42 - The Mystery of Nine 2010-11-13 00:23:28 ----D---- C:\Program Files\Department 42 - The Mystery of the Nine 2010-11-12 21:25:20 ----D---- C:\Users\LUCEK\AppData\Roaming\Mozilla 2010-11-12 21:24:48 ----D---- C:\Program Files\Mozilla Firefox 2010-11-12 02:29:00 ----D---- C:\Windows\Panther 2010-11-11 22:24:06 ----D---- C:\Users\LUCEK\AppData\Roaming\Program Files 2010-11-11 22:23:58 ----A---- C:\Windows\system32\sporder.dll 2010-11-11 22:23:58 ----A---- C:\Windows\system32\drivers\tcpipBM.sys 2010-11-11 22:23:58 ----A---- C:\Windows\system32\drivers\BMLoad.sys 2010-11-11 22:23:58 ----A---- C:\Windows\system32\bmutil.dll 2010-11-11 22:23:58 ----A---- C:\Windows\system32\bmnet.dll 2010-11-11 22:23:58 ----A---- C:\Windows\system32\bminstall.dll 2010-11-11 22:23:52 ----D---- C:\Windows\system32\SupportAppCB 2010-11-11 22:23:50 ----HD---- C:\Program Files\InstallShield Installation Information 2010-11-11 21:07:14 ----D---- C:\Windows\pss 2010-11-11 20:28:12 ----D---- C:\Users\LUCEK\AppData\Roaming\WinRAR 2010-11-11 20:26:58 ----RA---- C:\Windows\system32\GEARAspi.dll 2010-11-11 20:26:58 ----RA---- C:\Windows\system32\drivers\GEARAspiWDM.sys 2010-11-11 20:26:58 ----DC---- C:\Windows\system32\DRVSTORE 2010-11-11 20:26:56 ----A---- C:\Windows\system32\drivers\SYMEVENT.SYS 2010-11-11 20:26:55 ----D---- C:\Program Files\Symantec 2010-11-11 20:26:55 ----D---- C:\Program Files\Common Files\Symantec Shared 2010-11-11 20:26:53 ----D---- C:\ProgramData\Symantec 2010-11-11 20:26:17 ----D---- C:\Windows\system32\drivers\N360 2010-11-11 20:26:13 ----D---- C:\Program Files\Norton 360 2010-11-11 20:26:12 ----D---- C:\ProgramData\Norton 2010-11-11 20:25:26 ----A---- C:\Windows\system32\D3DX9_42.dll 2010-11-11 20:25:25 ----A---- C:\Windows\system32\d3dx9_31.dll 2010-11-11 20:24:53 ----D---- C:\Program Files\Winamp Detect 2010-11-11 20:24:47 ----D---- C:\Program Files\Common Files\PX Storage Engine 2010-11-11 20:24:45 ----D---- C:\Users\LUCEK\AppData\Roaming\Winamp 2010-11-11 20:24:45 ----D---- C:\Program Files\Winamp 2010-11-11 20:24:23 ----D---- C:\ProgramData\NortonInstaller 2010-11-11 20:24:23 ----D---- C:\Program Files\NortonInstaller 2010-11-11 20:24:15 ----D---- C:\Program Files\WinRAR 2010-11-11 20:23:08 ----D---- C:\Program Files\UltraISO 2010-11-11 20:23:08 ----D---- C:\Program Files\Common Files\EZB Systems 2010-11-11 20:20:29 ----A---- C:\Windows\system32\mdimon.dll 2010-11-11 20:20:01 ----A---- C:\Windows\system32\msonpmon.dll 2010-11-11 20:16:03 ----D---- C:\Program Files\Microsoft Works 2010-11-11 20:15:24 ----D---- C:\Program Files\Microsoft Visual Studio 2010-11-11 20:15:23 ----D---- C:\Program Files\Common Files\DESIGNER 2010-11-11 20:14:45 ----D---- C:\Windows\PCHEALTH 2010-11-11 20:14:45 ----D---- C:\Program Files\Microsoft.NET 2010-11-11 20:11:45 ----D---- C:\Program Files\Microsoft Visual Studio 8 2010-11-11 20:09:45 ----D---- C:\Program Files\Microsoft Office 2010-11-11 20:09:43 ----D---- C:\ProgramData\Microsoft Help 2010-11-11 20:09:29 ----SHD---- C:\Windows\Installer 2010-11-11 20:08:48 ----RHD---- C:\MSOCache 2010-11-11 20:04:53 ----D---- C:\Windows\system32\Lang 2010-11-11 20:04:53 ----A---- C:\Windows\system32\TVWizudlg.exe 2010-11-11 20:04:53 ----A---- C:\Windows\system32\igfxtvcx.dll 2010-11-11 20:04:52 ----D---- C:\Program Files\Intel 2010-11-11 19:59:59 ----A---- C:\Windows\system32\msv1_0.dll 2010-11-11 19:58:26 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-11-11 19:58:26 ----A---- C:\Windows\system32\PresentationHost.exe 2010-11-11 19:58:26 ----A---- C:\Windows\system32\netfxperf.dll 2010-11-11 19:58:26 ----A---- C:\Windows\system32\mscoree.dll 2010-11-11 19:58:26 ----A---- C:\Windows\system32\dfshim.dll 2010-11-11 19:55:47 ----A---- C:\Windows\system32\MRT.exe 2010-11-11 19:55:13 ----D---- C:\Program Files\Apoint2K 2010-11-11 19:53:54 ----D---- C:\Windows\system32\x64 2010-11-11 19:53:54 ----A---- C:\Windows\system32\igxpun.exe 2010-11-11 19:53:19 ----N---- C:\Windows\system32\MpSigStub.exe 2010-11-11 19:53:03 ----D---- C:\Program Files\CONEXANT 2010-11-11 19:52:26 ----A---- C:\Windows\system32\tzres.dll 2010-11-11 19:52:23 ----A---- C:\Windows\system32\shell32.dll 2010-11-11 19:52:23 ----A---- C:\Windows\system32\lsasrv.dll 2010-11-11 19:52:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2010-11-11 19:52:21 ----A---- C:\Windows\system32\rtutils.dll 2010-11-11 19:52:18 ----A---- C:\Windows\system32\winresume.exe 2010-11-11 19:52:18 ----A---- C:\Windows\system32\winload.exe 2010-11-11 19:52:18 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2010-11-11 19:52:18 ----A---- C:\Windows\system32\CertEnroll.dll 2010-11-11 19:52:12 ----A---- C:\Windows\system32\ole32.dll 2010-11-11 19:52:11 ----A---- C:\Windows\system32\mshtml.dll 2010-11-11 19:52:10 ----A---- C:\Windows\system32\ieframe.dll 2010-11-11 19:52:09 ----A---- C:\Windows\system32\urlmon.dll 2010-11-11 19:52:09 ----A---- C:\Windows\system32\mstime.dll 2010-11-11 19:52:09 ----A---- C:\Windows\system32\msfeeds.dll 2010-11-11 19:52:09 ----A---- C:\Windows\system32\iertutil.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\wininet.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\mshtmled.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\msfeedssync.exe 2010-11-11 19:52:08 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\licmgr10.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\jsproxy.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\ieui.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\iepeers.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\iedkcs32.dll 2010-11-11 19:52:07 ----A---- C:\Windows\system32\mfc40u.dll 2010-11-11 19:52:07 ----A---- C:\Windows\system32\mfc40.dll 2010-11-11 19:52:06 ----A---- C:\Windows\system32\msasn1.dll 2010-11-11 19:52:05 ----A---- C:\Windows\system32\wmp.dll 2010-11-11 19:52:04 ----A---- C:\Windows\system32\wmploc.DLL 2010-11-11 19:52:03 ----A---- C:\Windows\system32\winlogon.exe 2010-11-11 19:52:03 ----A---- C:\Windows\system32\spoolsv.exe 2010-11-11 19:52:03 ----A---- C:\Windows\explorer.exe 2010-11-11 19:52:02 ----A---- C:\Windows\system32\wmpmde.dll 2010-11-11 19:52:00 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-11-11 19:52:00 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-11-11 19:51:59 ----A---- C:\Windows\system32\srvsvc.dll 2010-11-11 19:51:59 ----A---- C:\Windows\system32\kernel32.dll 2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srvnet.sys 2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srv.sys 2010-11-11 19:51:58 ----A---- C:\Windows\system32\apphelp.dll 2010-11-11 19:51:57 ----A---- C:\Windows\system32\inetcomm.dll 2010-11-11 19:51:57 ----A---- C:\Windows\system32\drivers\tcpip.sys 2010-11-11 19:51:56 ----A---- C:\Windows\system32\quartz.dll 2010-11-11 19:51:56 ----A---- C:\Windows\system32\msvidc32.dll 2010-11-11 19:51:56 ----A---- C:\Windows\system32\mciavi32.dll 2010-11-11 19:51:56 ----A---- C:\Windows\system32\avifil32.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\win32k.sys 2010-11-11 19:51:55 ----A---- C:\Windows\system32\tsbyuv.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\schannel.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\msyuv.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\msrle32.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\iyuv_32.dll 2010-11-11 19:51:54 ----A---- C:\Windows\system32\jscript.dll 2010-11-11 19:51:54 ----A---- C:\Windows\system32\comctl32.dll 2010-11-11 19:51:53 ----A---- C:\Windows\system32\msxml3.dll 2010-11-11 19:51:53 ----A---- C:\Windows\system32\ir32_32.dll 2010-11-11 19:51:53 ----A---- C:\Windows\system32\iccvid.dll 2010-11-11 19:51:52 ----A---- C:\Windows\system32\t2embed.dll 2010-11-11 19:51:52 ----A---- C:\Windows\system32\asycfilt.dll 2010-11-11 19:51:51 ----A---- C:\Windows\system32\StructuredQuery.dll 2010-11-11 19:51:50 ----A---- C:\Windows\system32\vbscript.dll 2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2010-11-11 19:51:08 ----A---- C:\Windows\system32\wintrust.dll 2010-11-11 19:48:53 ----A---- C:\Windows\system32\fontsub.dll 2010-11-11 19:48:53 ----A---- C:\Windows\system32\atmlib.dll 2010-11-11 19:48:53 ----A---- C:\Windows\system32\atmfd.dll 2010-11-11 19:48:33 ----A---- C:\Windows\system32\cabview.dll 2010-11-11 18:45:58 ----D---- C:\Users\LUCEK\AppData\Roaming\Macromedia 2010-11-11 18:45:58 ----D---- C:\Users\LUCEK\AppData\Roaming\Adobe 2010-11-11 18:45:56 ----D---- C:\Windows\system32\Macromed 2010-11-11 18:43:02 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-11 18:39:12 ----D---- C:\Users\LUCEK\AppData\Roaming\Identities 2010-11-11 18:37:40 ----SD---- C:\Users\LUCEK\AppData\Roaming\Microsoft 2010-11-11 18:37:40 ----D---- C:\Users\LUCEK\AppData\Roaming\Media Center Programs 2010-11-11 18:37:06 ----SHD---- C:\Recovery 2010-11-11 18:33:03 ----D---- C:\Windows\SoftwareDistribution 2010-11-11 18:30:46 ----D---- C:\Windows\Prefetch 2010-11-11 18:30:00 ----ASH---- C:\pagefile.sys 2010-11-11 18:29:57 ----SHD---- C:\System Volume Information 2010-11-11 18:29:57 ----ASH---- C:\hiberfil.sys ======List of files/folders modified in the last 1 months====== 2010-11-19 19:00:34 ----RD---- C:\Program Files 2010-11-19 19:00:22 ----D---- C:\Windows\Temp 2010-11-19 17:43:40 ----D---- C:\Windows\system32\config 2010-11-19 17:43:36 ----D---- C:\Windows\system32\wdi 2010-11-19 00:01:27 ----HD---- C:\ProgramData 2010-11-19 00:01:18 ----D---- C:\Windows\winsxs 2010-11-18 22:11:33 ----D---- C:\Windows\System32 2010-11-18 22:11:33 ----D---- C:\Windows\inf 2010-11-18 22:07:39 ----D---- C:\Windows\system32\DriverStore 2010-11-18 22:07:32 ----D---- C:\Windows\system32\drivers 2010-11-17 23:05:43 ----D---- C:\Windows\system32\Tasks 2010-11-14 13:01:46 ----D---- C:\Windows\rescache 2010-11-14 12:58:44 ----D---- C:\Windows\Logs 2010-11-12 23:02:03 ----D---- C:\Windows\Microsoft.NET 2010-11-12 23:01:49 ----RSD---- C:\Windows\assembly 2010-11-12 21:25:23 ----D---- C:\Windows 2010-11-11 22:39:04 ----D---- C:\Windows\ModemLogs 2010-11-11 22:24:22 ----D---- C:\Windows\system32\catroot 2010-11-11 21:08:36 ----D---- C:\Windows\system32\catroot2 2010-11-11 20:26:55 ----D---- C:\Program Files\Common Files 2010-11-11 20:24:42 ----D---- C:\Program Files\Common Files\microsoft shared 2010-11-11 20:20:47 ----SD---- C:\ProgramData\Microsoft 2010-11-11 20:15:45 ----D---- C:\Program Files\MSBuild 2010-11-11 20:15:19 ----D---- C:\Windows\ShellNew 2010-11-11 20:14:56 ----RSD---- C:\Windows\Fonts 2010-11-11 20:10:48 ----A---- C:\Windows\win.ini 2010-11-11 20:10:40 ----D---- C:\Program Files\Common Files\System 2010-11-11 20:03:02 ----D---- C:\Windows\system32\migration 2010-11-11 20:03:02 ----D---- C:\Program Files\Internet Explorer 2010-11-11 20:03:01 ----D---- C:\Windows\system32\en-US 2010-11-11 20:03:01 ----D---- C:\Windows\system32\Boot 2010-11-11 20:03:01 ----D---- C:\Windows\ehome 2010-11-11 20:03:01 ----D---- C:\Program Files\Windows Mail 2010-11-11 20:03:00 ----D---- C:\Program Files\Windows Media Player 2010-11-11 20:00:24 ----D---- C:\Windows\twain_32 2010-11-11 19:55:48 ----D---- C:\Windows\debug 2010-11-11 19:52:34 ----D---- C:\Windows\system32\restore 2010-11-11 19:47:59 ----D---- C:\Windows\system32\CodeIntegrity 2010-11-11 18:45:58 ----D---- C:\Windows\Downloaded Program Files 2010-11-11 18:42:29 ----D---- C:\Windows\system32\wbem 2010-11-11 18:40:49 ----D---- C:\Windows\system32\drivers\UMDF 2010-11-11 18:39:10 ----SHD---- C:\$Recycle.Bin 2010-11-11 18:37:40 ----RD---- C:\Users 2010-11-11 18:32:28 ----D---- C:\Windows\system32\sysprep 2010-11-11 18:30:43 ----D---- C:\Windows\CSC ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104] R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys [2010-11-04 691248] R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-11-11 371248] R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101118.005\IDSvix86.sys [2010-10-19 353840] R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2007-04-13 68096] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS [2010-04-22 43696] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784] R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-17 12672] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-10-29 162088] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-02-26 201728] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-11 102448] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-02-12 980992] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-02-12 207360] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192] R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.002\NAVENG.SYS [2010-11-11 86064] R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.002\NAVEX15.SYS [2010-11-11 1371184] R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2008-07-22 51200] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1810856] R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS [2010-04-22 325680] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-11-11 124976] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-02-12 661504] R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-05-22 104960] R3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2009-05-22 105344] R3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2009-05-22 104960] S0 BMLoad;Bytemobile Boot Time Load Driver; C:\Windows\system32\drivers\BMLoad.sys [2009-05-22 22528] S1 tcpipBM;Bytemobile Kernel Network Provider; C:\Windows\system32\drivers\tcpipBM.sys [2009-05-22 18816] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-05-22 9728] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392] R2 UI Assistant Service;UI Assistant Service; C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe [2009-07-16 241664] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] -----------------EOF----------------- OTL Extras logfile created on: 19/11/2010 18:56:57 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\LUCEK\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 51.29 Gb Total Space | 36.83 Gb Free Space | 71.80% Space Free | Partition Type: NTFS Drive E: | 35.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Drive G: | 97.65 Gb Total Space | 77.82 Gb Free Space | 79.69% Space Free | Partition Type: NTFS Computer Name: LUCEK-PC | User Name: LUCEK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver "{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile Mobile Broadband Manager "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Angela Young 2 - Escape the DreamscapeJust For Fun Games" = Angela Young 2 - Escape the DreamscapeJust For Fun Games "Budzik_is1" = Budzik 1.04 "Build-a-lot 3 - Passport to Europe 1.00" = Build-a-lot 3 - Passport to Europe 1.00 "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP "Department 42 - The Mystery of NineJust For Fun Games" = Department 42 - The Mystery of NineJust For Fun Games "ENTERPRISE" = Microsoft Office Enterprise 2007 "Gadu-Gadu 10" = Gadu-Gadu 10 "HDMI" = Intel(R) Graphics Media Accelerator Driver "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "Mystery Case Files Return to RavenhearstJust For Fun Games" = Mystery Case Files Return to RavenhearstJust For Fun Games "N360" = Norton 360 "Treasure Island The Golden Bug % CompanyName%" = Treasure Island The Golden Bug % CompanyName% "TVWiz" = Intel(R) TV Wizard "UltraISO_is1" = UltraISO Premium V8.63 "Winamp" = Winamp "WinRAR archiver" = WinRAR archiver [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Detector Plug-in [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 11/11/2010 16:07:44 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = Error - 11/11/2010 18:23:28 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = Error - 17/11/2010 18:56:06 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = Error - 17/11/2010 19:04:54 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = Error - 18/11/2010 17:51:02 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = [ System Events ] Error - 16/11/2010 09:03:37 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: tcpipBM Error - 16/11/2010 18:52:45 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12 Description = The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error - 17/11/2010 18:59:07 | Computer Name = LUCEK-PC | Source = DCOM | ID = 10005 Description = Error - 17/11/2010 18:59:06 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7038 Description = The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: %%1352 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 17/11/2010 18:59:06 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7000 Description = The UPnP Device Host service failed to start due to the following error: %%1069 Error - 17/11/2010 19:13:24 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12 Description = The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error - 18/11/2010 18:07:40 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7030 Description = The UI Assistant Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 18/11/2010 18:09:45 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: tcpipBM Error - 18/11/2010 20:09:34 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12 Description = The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error - 19/11/2010 13:45:33 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: tcpipBM < End of report > OTL Extras logfile created on: 19/11/2010 18:56:57 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\LUCEK\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 51.29 Gb Total Space | 36.83 Gb Free Space | 71.80% Space Free | Partition Type: NTFS Drive E: | 35.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Drive G: | 97.65 Gb Total Space | 77.82 Gb Free Space | 79.69% Space Free | Partition Type: NTFS Computer Name: LUCEK-PC | User Name: LUCEK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver "{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile Mobile Broadband Manager "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Angela Young 2 - Escape the DreamscapeJust For Fun Games" = Angela Young 2 - Escape the DreamscapeJust For Fun Games "Budzik_is1" = Budzik 1.04 "Build-a-lot 3 - Passport to Europe 1.00" = Build-a-lot 3 - Passport to Europe 1.00 "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP "Department 42 - The Mystery of NineJust For Fun Games" = Department 42 - The Mystery of NineJust For Fun Games "ENTERPRISE" = Microsoft Office Enterprise 2007 "Gadu-Gadu 10" = Gadu-Gadu 10 "HDMI" = Intel(R) Graphics Media Accelerator Driver "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "Mystery Case Files Return to RavenhearstJust For Fun Games" = Mystery Case Files Return to RavenhearstJust For Fun Games "N360" = Norton 360 "Treasure Island The Golden Bug % CompanyName%" = Treasure Island The Golden Bug % CompanyName% "TVWiz" = Intel(R) TV Wizard "UltraISO_is1" = UltraISO Premium V8.63 "Winamp" = Winamp "WinRAR archiver" = WinRAR archiver [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Detector Plug-in [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 11/11/2010 16:07:44 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = Error - 11/11/2010 18:23:28 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = Error - 17/11/2010 18:56:06 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = Error - 17/11/2010 19:04:54 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = Error - 18/11/2010 17:51:02 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194 Description = [ System Events ] Error - 16/11/2010 09:03:37 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: tcpipBM Error - 16/11/2010 18:52:45 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12 Description = The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error - 17/11/2010 18:59:07 | Computer Name = LUCEK-PC | Source = DCOM | ID = 10005 Description = Error - 17/11/2010 18:59:06 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7038 Description = The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: %%1352 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 17/11/2010 18:59:06 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7000 Description = The UPnP Device Host service failed to start due to the following error: %%1069 Error - 17/11/2010 19:13:24 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12 Description = The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error - 18/11/2010 18:07:40 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7030 Description = The UI Assistant Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 18/11/2010 18:09:45 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: tcpipBM Error - 18/11/2010 20:09:34 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12 Description = The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error - 19/11/2010 13:45:33 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: tcpipBM < End of report > [/log] mam nadzieje ze to o to chodzi....?? [color="#FF0000"]//Logi wstawiamy w tagi ! //Zmieniam. //Tom[/color]
Tomek01 komentarz 19 listopada 2010 komentarz 19 listopada 2010 [quote name='Tomek01' date='19 listopad 2010 - 20:53' timestamp='1290192945' post='1125053'] Wstaw je w odpowiednim formacie [/quote] Otl generuje dwa pliki. Pokaż ten drugi, jest ważniejszy: OTL.txt
lucyfer29 komentarz 21 listopada 2010 Autor komentarz 21 listopada 2010 ten? kurcze sorki ze ja taki lewy troch[color="#FF0000"]ę[/color]... [color="#FF0000"]//W tagi !!! //http://www.forumpc.pl/index.php?showtopic=104338 //Tom01[/color] jest tam napisane jak zrobi[color="#FF0000"]ć[/color] ale nie jak wstawi[color="#FF0000"]ć[/color] [log]OTL logfile created on: 21/11/2010 09:51:07 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\LUCEK\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free 4.00 Gb Paging File | 2.00 Gb Available in Paging File | 62.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 51.29 Gb Total Space | 36.43 Gb Free Space | 71.03% Space Free | Partition Type: NTFS Drive E: | 35.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Drive G: | 97.65 Gb Total Space | 77.82 Gb Free Space | 79.69% Space Free | Partition Type: NTFS Computer Name: LUCEK-PC | User Name: LUCEK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/11/19 18:54:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\LUCEK\Desktop\OTL.exe PRC - [2010/10/07 08:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010/07/12 16:33:54 | 001,592,672 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe PRC - [2010/02/26 00:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe PRC - [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/07/16 14:52:06 | 000,691,200 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\UIMain.exe PRC - [2009/07/16 14:47:34 | 000,559,104 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\CMUpdater.exe PRC - [2009/07/16 14:43:04 | 000,241,664 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe PRC - [2009/07/16 14:42:20 | 000,132,608 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe PRC - [2009/07/14 01:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/14 01:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009/05/22 09:08:38 | 000,724,992 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\T-Mobile Mobile Broadband Manager\bmop.exe PRC - [2009/05/22 09:08:38 | 000,380,928 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\T-Mobile Mobile Broadband Manager\bmctl.exe PRC - [2004/10/31 17:23:48 | 000,024,084 | ---- | M] (BLITZ-ART) -- C:\Program Files\Budzik\budzik.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/11/19 18:54:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\LUCEK\Desktop\OTL.exe MOD - [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009/07/14 01:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 01:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 01:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 01:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009/07/14 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 01:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/02/26 00:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360) SRV - [2009/07/16 14:43:04 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe -- (UI Assistant Service) SRV - [2009/07/14 01:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 01:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 01:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 01:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 01:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 01:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 01:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 01:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/14 01:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 01:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/07/14 01:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 01:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 01:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 01:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV) SRV - [2009/07/14 01:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 01:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009/04/29 03:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/11/11 20:36:17 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101120.002\NAVEX15.SYS -- (NAVEX15) DRV - [2010/11/11 20:36:17 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2010/11/11 20:36:17 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010/11/11 20:36:17 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101120.002\NAVENG.SYS -- (NAVENG) DRV - [2010/11/11 20:26:55 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2010/11/04 15:02:36 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010/10/19 20:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSvix86.sys -- (IDSVix86) DRV - [2010/05/06 04:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv) DRV - [2010/04/29 05:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON) DRV - [2010/04/22 03:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA) DRV - [2010/04/22 02:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP) DRV - [2010/04/22 02:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2010/02/26 00:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP) DRV - [2009/12/11 07:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009/10/15 03:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS) DRV - [2009/09/23 19:18:14 | 004,808,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2009/07/14 01:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009/07/14 01:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009/07/14 01:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009/07/14 01:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009/07/14 01:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009/07/14 01:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009/07/14 01:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009/07/14 01:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009/07/14 01:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009/07/14 01:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009/07/14 01:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009/07/14 01:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009/07/14 01:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009/07/14 01:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009/07/14 01:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009/07/14 01:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009/07/14 01:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009/07/14 01:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009/07/14 01:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009/07/14 01:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009/07/14 01:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009/07/14 01:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009/07/14 01:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009/07/14 01:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009/07/14 01:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009/07/14 01:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009/07/14 01:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009/07/14 01:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009/07/14 01:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009/07/14 01:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/14 01:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009/07/14 01:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009/07/14 01:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009/07/14 01:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009/07/14 01:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009/07/14 01:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009/07/14 01:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009/07/14 01:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009/07/14 01:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009/07/14 00:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009/07/14 00:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009/07/14 00:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009/07/13 23:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009/07/13 23:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009/07/13 23:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009/07/13 23:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt) DRV - [2009/07/13 23:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009/07/13 23:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009/07/13 23:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009/07/13 23:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009/07/13 23:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009/07/13 23:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009/07/13 23:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009/07/13 23:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009/07/13 23:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009/07/13 23:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009/07/13 23:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009/07/13 23:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009/07/13 23:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009/07/13 22:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 22:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009/07/13 22:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009/07/13 22:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009/07/13 22:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009/07/13 22:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009/07/13 22:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92) DRV - [2009/07/13 22:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac) DRV - [2009/07/13 22:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA) DRV - [2009/07/13 22:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009/07/13 22:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009/07/13 22:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009/07/13 22:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/05/22 09:08:38 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2009/05/22 09:04:04 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009/05/22 09:04:04 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009/05/22 09:04:04 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009/05/22 09:04:04 | 000,009,728 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2009/04/29 03:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio) DRV - [2009/04/20 14:38:54 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2009/02/12 14:00:22 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2009/02/12 13:58:16 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2009/02/12 13:57:28 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2008/10/09 03:32:46 | 001,810,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008/02/26 15:26:04 | 000,201,728 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2007/10/29 10:38:38 | 000,162,088 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007/04/13 17:42:16 | 000,068,096 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/11/14 09:42:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/11/11 20:27:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile Mobile Broadband Manager\addon [2010/11/18 22:07:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/12 21:25:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/12 21:24:51 | 000,000,000 | ---D | M] [2010/11/12 21:25:35 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Mozilla\Extensions [2010/11/12 21:25:35 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Mozilla\Firefox\Profiles\gfwlpxcc.default\extensions [2010/11/12 21:24:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/10/27 05:24:34 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2010/10/27 05:24:34 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2010/10/27 05:24:34 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010/10/27 05:24:34 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2009/06/10 21:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [UIExec] C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe () O4 - Startup: C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Budzik.lnk = C:\Program Files\Budzik\budzik.exe (BLITZ-ART) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{87d4543f-ede1-11df-80c2-001b38c47024}\Shell - "" = AutoRun O33 - MountPoints2\{87d4543f-ede1-11df-80c2-001b38c47024}\Shell\AutoRun\command - "" = F:\Install.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation) MsConfig - StartUpReg: [b]GrooveMonitor[/b] - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) MsConfig - State: "bootini" - 2 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootMin: Primary disk - Driver Group SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/11/19 19:28:21 | 000,000,000 | ---D | C] -- C:\rsit [2010/11/19 19:00:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010/11/19 18:54:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\LUCEK\Desktop\OTL.exe [2010/11/19 00:01:48 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Gadu-Gadu 10 [2010/11/19 00:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2010/11/19 00:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2010/11/18 22:07:32 | 000,105,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbnmea.sys [2010/11/18 22:07:32 | 000,104,960 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbser6k.sys [2010/11/18 22:07:32 | 000,104,960 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys [2010/11/18 22:07:32 | 000,009,728 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\massfilter.sys [2010/11/18 22:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile Mobile Broadband Manager [2010/11/18 22:05:09 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\Documents\unistaler [2010/11/18 21:50:34 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\IObit [2010/11/14 18:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\Budzik [2010/11/14 18:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mystery Case Files Return to Ravenhearst [2010/11/14 18:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mystery Case Files - Return to Ravenhearst [2010/11/14 18:29:06 | 000,000,000 | ---D | C] -- C:\Program Files\Games [2010/11/14 18:27:25 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\HdO Adventure [2010/11/14 18:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\Treasure Island The Golden Bug [2010/11/14 18:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\Angela Young 2 - Escape the Dreamscape [2010/11/14 09:43:30 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symtdiv.sys [2010/11/14 09:43:29 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symds.sys [2010/11/14 09:43:29 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.sys [2010/11/14 09:43:29 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symefa.sys [2010/11/14 09:43:29 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\ironx86.sys [2010/11/14 09:43:29 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.sys [2010/11/14 09:43:28 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.sys [2010/11/14 09:42:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0403000.005 [2010/11/13 00:24:57 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Games [2010/11/13 00:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\Department 42 - The Mystery of Nine [2010/11/13 00:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Department 42 - The Mystery of the Nine [2010/11/12 21:25:20 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Mozilla [2010/11/12 21:25:20 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\Mozilla [2010/11/12 21:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010/11/12 02:29:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010/11/11 22:24:06 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Program Files [2010/11/11 22:23:58 | 000,471,040 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll [2010/11/11 22:23:58 | 000,294,912 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll [2010/11/11 22:23:58 | 000,126,976 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin [2010/11/11 22:23:58 | 000,022,528 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys [2010/11/11 22:23:58 | 000,018,816 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys [2010/11/11 22:23:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\SupportAppCB [2010/11/11 22:23:50 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2010/11/11 21:07:14 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010/11/11 20:28:12 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\WinRAR [2010/11/11 20:26:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2010/11/11 20:26:56 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS [2010/11/11 20:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2010/11/11 20:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2010/11/11 20:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2010/11/11 20:26:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360 [2010/11/11 20:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360 [2010/11/11 20:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2010/11/11 20:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010/11/11 20:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2010/11/11 20:24:45 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Winamp [2010/11/11 20:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010/11/11 20:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2010/11/11 20:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2010/11/11 20:24:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010/11/11 20:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO [2010/11/11 20:23:08 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\Documents\My ISO Files [2010/11/11 20:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems [2010/11/11 20:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010/11/11 20:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2010/11/11 20:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010/11/11 20:14:45 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010/11/11 20:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010/11/11 20:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2010/11/11 20:09:55 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\Microsoft Help [2010/11/11 20:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010/11/11 20:09:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2010/11/11 20:09:29 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010/11/11 20:08:48 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010/11/11 20:04:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang [2010/11/11 20:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2010/11/11 19:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint2K [2010/11/11 19:53:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64 [2010/11/11 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT [2010/11/11 18:45:58 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Macromedia [2010/11/11 18:45:58 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Adobe [2010/11/11 18:45:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010/11/11 18:39:22 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Searches [2010/11/11 18:39:21 | 000,000,000 | -H-D | C] -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2010/11/11 18:39:12 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Identities [2010/11/11 18:39:10 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Contacts [2010/11/11 18:38:59 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\VirtualStore [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\AppData\Local\Temporary Internet Files [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Templates [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Start Menu [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\SendTo [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Recent [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\PrintHood [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\NetHood [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Documents\My Videos [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Documents\My Pictures [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Documents\My Music [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\My Documents [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Local Settings [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\AppData\Local\History [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Cookies [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Application Data [2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\AppData\Local\Application Data [2010/11/11 18:37:40 | 000,000,000 | --SD | C] -- C:\Users\LUCEK\AppData\Roaming\Microsoft [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Videos [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Saved Games [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Pictures [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Music [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Links [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Favorites [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Downloads [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\My Documents [2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Desktop [2010/11/11 18:37:40 | 000,000,000 | -H-D | C] -- C:\Users\LUCEK\AppData [2010/11/11 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\Temp [2010/11/11 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\Microsoft [2010/11/11 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Media Center Programs [2010/11/11 18:37:06 | 000,000,000 | -HSD | C] -- C:\Recovery [2010/11/11 18:33:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010/11/11 18:30:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010/11/11 18:29:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2008/10/09 03:28:56 | 000,195,112 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/11/21 09:27:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/11/21 00:30:53 | 000,935,724 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB [2010/11/19 18:54:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\LUCEK\Desktop\OTL.exe [2010/11/19 17:52:40 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/11/19 17:52:40 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/11/19 17:45:12 | 1602,764,800 | -HS- | M] () -- C:\hiberfil.sys [2010/11/19 17:43:24 | 000,002,432 | ---- | M] () -- C:\Users\LUCEK\AppData\Local\TempSk5252.html [2010/11/19 17:43:24 | 000,002,089 | ---- | M] () -- C:\Users\LUCEK\AppData\Local\TempCL5252.html [2010/11/18 22:11:33 | 000,619,642 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/11/18 22:11:33 | 000,107,792 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/11/18 22:11:08 | 000,007,070 | ---- | M] () -- C:\NetworkCfg.xml [2010/11/18 22:07:20 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\T-Mobile Mobile Broadband Manager.lnk [2010/11/14 18:34:46 | 000,001,783 | ---- | M] () -- C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Budzik.lnk [2010/11/14 18:34:46 | 000,000,913 | ---- | M] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Budzik.lnk [2010/11/12 21:25:23 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2010/11/12 21:24:57 | 000,001,909 | ---- | M] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/11/11 20:40:53 | 000,412,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/11/11 20:26:55 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS [2010/11/11 20:26:55 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT [2010/11/11 20:26:55 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF [2010/11/11 20:25:27 | 000,000,961 | ---- | M] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk [2010/11/11 19:55:17 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf [2010/11/11 18:45:18 | 000,001,407 | ---- | M] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/11/11 18:40:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010/11/11 18:33:17 | 000,043,144 | ---- | M] () -- C:\Windows\System32\license.rtf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/11/19 00:03:59 | 000,002,432 | ---- | C] () -- C:\Users\LUCEK\AppData\Local\TempSk5252.html [2010/11/19 00:03:59 | 000,002,089 | ---- | C] () -- C:\Users\LUCEK\AppData\Local\TempCL5252.html [2010/11/18 22:07:13 | 000,001,844 | ---- | C] () -- C:\Users\Public\Desktop\T-Mobile Mobile Broadband Manager.lnk [2010/11/14 18:41:24 | 000,935,724 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB [2010/11/14 18:34:46 | 000,001,783 | ---- | C] () -- C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Budzik.lnk [2010/11/14 18:34:45 | 000,000,913 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Budzik.lnk [2010/11/14 18:24:17 | 000,000,356 | ---- | C] () -- C:\ProgramData\aygda_save.log [2010/11/14 09:43:30 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.cat [2010/11/14 09:43:30 | 000,001,473 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.inf [2010/11/14 09:43:29 | 000,007,873 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.cat [2010/11/14 09:43:29 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.cat [2010/11/14 09:43:29 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.cat [2010/11/14 09:43:29 | 000,007,425 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.cat [2010/11/14 09:43:29 | 000,007,368 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.cat [2010/11/14 09:43:29 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.inf [2010/11/14 09:43:29 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.inf [2010/11/14 09:43:29 | 000,001,445 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.inf [2010/11/14 09:43:29 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.inf [2010/11/14 09:43:29 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.inf [2010/11/14 09:43:29 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.inf [2010/11/14 09:43:28 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.cat [2010/11/14 09:43:28 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.cat [2010/11/14 09:43:28 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.inf [2010/11/14 09:42:59 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\isolate.ini [2010/11/12 21:25:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010/11/12 21:24:57 | 000,001,909 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/11/11 23:57:42 | 000,007,070 | ---- | C] () -- C:\NetworkCfg.xml [2010/11/11 20:26:56 | 000,007,443 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT [2010/11/11 20:26:56 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF [2010/11/11 20:25:27 | 000,000,961 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk [2010/11/11 20:04:53 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2010/11/11 20:04:53 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp [2010/11/11 19:55:17 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf [2010/11/11 18:45:18 | 000,001,407 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/11/11 18:40:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010/11/11 18:37:41 | 000,000,290 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2010/11/11 18:37:41 | 000,000,272 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2010/11/11 18:29:57 | 1602,764,800 | -HS- | C] () -- C:\hiberfil.sys [2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2008/10/09 03:32:46 | 001,810,856 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2008/10/09 03:31:10 | 000,034,856 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2006/05/19 18:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [color=#E56717]========== LOP Check ==========[/color] [2010/11/19 17:43:24 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Gadu-Gadu 10 [2010/11/13 00:24:57 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Games [2010/11/14 18:27:25 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\HdO Adventure [2010/11/18 21:50:34 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\IObit [2010/11/11 22:24:06 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Program Files [2009/07/14 04:53:46 | 000,005,076 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/06/10 21:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2010/11/19 17:45:12 | 1602,764,800 | -HS- | M] () -- C:\hiberfil.sys [2010/11/18 22:11:08 | 000,007,070 | ---- | M] () -- C:\NetworkCfg.xml [2010/11/19 17:45:21 | 2137,022,464 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/13 23:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009/07/13 23:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009/07/13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009/07/13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009/07/13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/07/14 01:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009/07/14 01:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/10/28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009/10/28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 05:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009/07/14 01:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#A23BEC]< >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< >[/color] < End of report > [/log]
Tomek01 komentarz 21 listopada 2010 komentarz 21 listopada 2010 Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.
lucyfer29 komentarz 21 listopada 2010 Autor komentarz 21 listopada 2010 [attachment=13378:mbam-log-2010-11-21 (23-19-45).txt]
Tomek01 komentarz 22 listopada 2010 komentarz 22 listopada 2010 Czy mówisz o tym: C:\Program Files\T-Mobile Mobile Broadband Manager ? W takim razie w OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL PRC - [2009/07/16 14:52:06 | 000,691,200 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\UIMain.exe PRC - [2009/07/16 14:47:34 | 000,559,104 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\CMUpdater.exe PRC - [2009/07/16 14:43:04 | 000,241,664 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe PRC - [2009/07/16 14:42:20 | 000,132,608 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exePRC - [2009/05/22 09:08:38 | 000,724,992 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\T-Mobile Mobile Broadband Manager\bmop.exe PRC - [2009/05/22 09:08:38 | 000,380,928 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\T-Mobile Mobile Broadband Manager\bmctl.exe SRV - [2009/07/16 14:43:04 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe -- (UI Assistant Service) FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile Mobile Broadband Manager\addon [2010/11/18 22:07:16 | 000,000,000 | ---D | M] [2010/10/27 05:24:34 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2010/10/27 05:24:34 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2010/10/27 05:24:34 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2010/10/27 05:24:34 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml :Files C:\Users\LUCEK\AppData\Local\Temp*.html bmop.exe\alldrivers :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT. Podczas edycji postu, masz zakładkę Dodatki i tam możesz wstawić te logi.
lucyfer29 komentarz 22 listopada 2010 Autor komentarz 22 listopada 2010 [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== No active process named UIMain.exe was found! No active process named CMUpdater.exe was found! Process AssistantServices.exe killed successfully! No active process named bmop.exe was found! No active process named bmctl.exe was found! Service UI Assistant Service stopped successfully! Service UI Assistant Service deleted successfully! C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com deleted successfully. C:\Program Files\T-Mobile Mobile Broadband Manager\addon\components folder moved successfully. C:\Program Files\T-Mobile Mobile Broadband Manager\addon\chrome\content folder moved successfully. C:\Program Files\T-Mobile Mobile Broadband Manager\addon\chrome folder moved successfully. C:\Program Files\T-Mobile Mobile Broadband Manager\addon folder moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml moved successfully. ========== FILES ========== C:\Users\LUCEK\AppData\Local\TempCL5252.html moved successfully. C:\Users\LUCEK\AppData\Local\TempSk5252.html moved successfully. File\Folder bmop.exe\alldrivers not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LUCEK ->Temp folder emptied: 13527229 bytes ->Temporary Internet Files folder emptied: 59988702 bytes ->FireFox cache emptied: 36611180 bytes ->Flash cache emptied: 10485 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 5920661 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 111.00 mb OTL by OldTimer - Version 3.2.17.3 log created on 11222010_215052 Files\Folders moved on Reboot...[/log]tak to t-mobile[log] Run by LUCEK at 2010-11-22 22:07:43 Microsoft Windows 7 Ultimate System drive C: has 38 GB (72%) free of 53 GB Total RAM: 2038 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:09:11, on 22/11/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Budzik\budzik.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\T-Mobile Mobile Broadband Manager\UIMain.exe C:\Program Files\T-Mobile Mobile Broadband Manager\CMUpdater.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\LUCEK\Desktop\RSIT.exe C:\Program Files\trend micro\LUCEK.exe C:\Program Files\T-Mobile Mobile Broadband Manager\bmctl.exe C:\Program Files\T-Mobile Mobile Broadband Manager\bmop.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [UIExec] "C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9098C3E4-955C-4686-ABCF-41BAB4E5A6CC}: NameServer = 149.254.230.7 149.254.199.126 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- End of file - 4556 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-03 396144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL [2009-11-17 79224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-03 396144] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592] "Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-10-25 212992] "UIExec"=C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe [2009-07-16 132608] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016] C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Budzik.lnk - C:\Program Files\Budzik\budzik.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2009-09-23 218112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-11-22 21:50:52 ----D---- C:\_OTL 2010-11-21 22:35:56 ----D---- C:\Users\LUCEK\AppData\Roaming\Malwarebytes 2010-11-21 22:35:42 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-11-21 22:35:40 ----D---- C:\ProgramData\Malwarebytes 2010-11-21 22:35:40 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-11-21 22:35:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-11-19 19:28:21 ----D---- C:\rsit 2010-11-19 19:00:34 ----D---- C:\Program Files\trend micro 2010-11-19 00:01:48 ----D---- C:\Users\LUCEK\AppData\Roaming\Gadu-Gadu 10 2010-11-19 00:01:27 ----D---- C:\ProgramData\Gadu-Gadu 10 2010-11-19 00:00:45 ----D---- C:\Program Files\Gadu-Gadu 10 2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbser6k.sys 2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbnmea.sys 2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbmdm6k.sys 2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\massfilter.sys 2010-11-18 22:07:12 ----D---- C:\Program Files\T-Mobile Mobile Broadband Manager 2010-11-18 21:50:34 ----D---- C:\Users\LUCEK\AppData\Roaming\IObit 2010-11-14 18:34:44 ----D---- C:\Program Files\Budzik 2010-11-14 18:30:48 ----D---- C:\Program Files\Mystery Case Files Return to Ravenhearst 2010-11-14 18:30:21 ----D---- C:\Program Files\Mystery Case Files - Return to Ravenhearst 2010-11-14 18:29:06 ----D---- C:\Program Files\Games 2010-11-14 18:27:25 ----D---- C:\Users\LUCEK\AppData\Roaming\HdO Adventure 2010-11-14 18:26:12 ----D---- C:\Program Files\Treasure Island The Golden Bug 2010-11-14 18:23:49 ----D---- C:\Program Files\Angela Young 2 - Escape the Dreamscape 2010-11-13 00:24:57 ----D---- C:\Users\LUCEK\AppData\Roaming\Games 2010-11-13 00:23:52 ----D---- C:\Program Files\Department 42 - The Mystery of Nine 2010-11-13 00:23:28 ----D---- C:\Program Files\Department 42 - The Mystery of the Nine 2010-11-12 21:25:20 ----D---- C:\Users\LUCEK\AppData\Roaming\Mozilla 2010-11-12 21:24:48 ----D---- C:\Program Files\Mozilla Firefox 2010-11-12 02:29:00 ----D---- C:\Windows\Panther 2010-11-11 22:24:06 ----D---- C:\Users\LUCEK\AppData\Roaming\Program Files 2010-11-11 22:23:58 ----A---- C:\Windows\system32\sporder.dll 2010-11-11 22:23:58 ----A---- C:\Windows\system32\drivers\tcpipBM.sys 2010-11-11 22:23:58 ----A---- C:\Windows\system32\drivers\BMLoad.sys 2010-11-11 22:23:58 ----A---- C:\Windows\system32\bmutil.dll 2010-11-11 22:23:58 ----A---- C:\Windows\system32\bmnet.dll 2010-11-11 22:23:58 ----A---- C:\Windows\system32\bminstall.dll 2010-11-11 22:23:52 ----D---- C:\Windows\system32\SupportAppCB 2010-11-11 22:23:50 ----HD---- C:\Program Files\InstallShield Installation Information 2010-11-11 21:07:14 ----D---- C:\Windows\pss 2010-11-11 20:28:12 ----D---- C:\Users\LUCEK\AppData\Roaming\WinRAR 2010-11-11 20:26:58 ----RA---- C:\Windows\system32\GEARAspi.dll 2010-11-11 20:26:58 ----RA---- C:\Windows\system32\drivers\GEARAspiWDM.sys 2010-11-11 20:26:58 ----DC---- C:\Windows\system32\DRVSTORE 2010-11-11 20:26:56 ----A---- C:\Windows\system32\drivers\SYMEVENT.SYS 2010-11-11 20:26:55 ----D---- C:\Program Files\Symantec 2010-11-11 20:26:55 ----D---- C:\Program Files\Common Files\Symantec Shared 2010-11-11 20:26:53 ----D---- C:\ProgramData\Symantec 2010-11-11 20:26:17 ----D---- C:\Windows\system32\drivers\N360 2010-11-11 20:26:13 ----D---- C:\Program Files\Norton 360 2010-11-11 20:26:12 ----D---- C:\ProgramData\Norton 2010-11-11 20:25:26 ----A---- C:\Windows\system32\D3DX9_42.dll 2010-11-11 20:25:25 ----A---- C:\Windows\system32\d3dx9_31.dll 2010-11-11 20:24:53 ----D---- C:\Program Files\Winamp Detect 2010-11-11 20:24:47 ----D---- C:\Program Files\Common Files\PX Storage Engine 2010-11-11 20:24:45 ----D---- C:\Users\LUCEK\AppData\Roaming\Winamp 2010-11-11 20:24:45 ----D---- C:\Program Files\Winamp 2010-11-11 20:24:23 ----D---- C:\ProgramData\NortonInstaller 2010-11-11 20:24:23 ----D---- C:\Program Files\NortonInstaller 2010-11-11 20:24:15 ----D---- C:\Program Files\WinRAR 2010-11-11 20:23:08 ----D---- C:\Program Files\UltraISO 2010-11-11 20:23:08 ----D---- C:\Program Files\Common Files\EZB Systems 2010-11-11 20:20:29 ----A---- C:\Windows\system32\mdimon.dll 2010-11-11 20:20:01 ----A---- C:\Windows\system32\msonpmon.dll 2010-11-11 20:16:03 ----D---- C:\Program Files\Microsoft Works 2010-11-11 20:15:24 ----D---- C:\Program Files\Microsoft Visual Studio 2010-11-11 20:15:23 ----D---- C:\Program Files\Common Files\DESIGNER 2010-11-11 20:14:45 ----D---- C:\Windows\PCHEALTH 2010-11-11 20:14:45 ----D---- C:\Program Files\Microsoft.NET 2010-11-11 20:11:45 ----D---- C:\Program Files\Microsoft Visual Studio 8 2010-11-11 20:09:45 ----D---- C:\Program Files\Microsoft Office 2010-11-11 20:09:43 ----D---- C:\ProgramData\Microsoft Help 2010-11-11 20:09:29 ----SHD---- C:\Windows\Installer 2010-11-11 20:08:48 ----RHD---- C:\MSOCache 2010-11-11 20:04:53 ----D---- C:\Windows\system32\Lang 2010-11-11 20:04:53 ----A---- C:\Windows\system32\TVWizudlg.exe 2010-11-11 20:04:53 ----A---- C:\Windows\system32\igfxtvcx.dll 2010-11-11 20:04:52 ----D---- C:\Program Files\Intel 2010-11-11 19:59:59 ----A---- C:\Windows\system32\msv1_0.dll 2010-11-11 19:58:26 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-11-11 19:58:26 ----A---- C:\Windows\system32\PresentationHost.exe 2010-11-11 19:58:26 ----A---- C:\Windows\system32\netfxperf.dll 2010-11-11 19:58:26 ----A---- C:\Windows\system32\mscoree.dll 2010-11-11 19:58:26 ----A---- C:\Windows\system32\dfshim.dll 2010-11-11 19:55:47 ----A---- C:\Windows\system32\MRT.exe 2010-11-11 19:55:13 ----D---- C:\Program Files\Apoint2K 2010-11-11 19:53:54 ----D---- C:\Windows\system32\x64 2010-11-11 19:53:54 ----A---- C:\Windows\system32\igxpun.exe 2010-11-11 19:53:19 ----N---- C:\Windows\system32\MpSigStub.exe 2010-11-11 19:53:03 ----D---- C:\Program Files\CONEXANT 2010-11-11 19:52:26 ----A---- C:\Windows\system32\tzres.dll 2010-11-11 19:52:23 ----A---- C:\Windows\system32\shell32.dll 2010-11-11 19:52:23 ----A---- C:\Windows\system32\lsasrv.dll 2010-11-11 19:52:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2010-11-11 19:52:21 ----A---- C:\Windows\system32\rtutils.dll 2010-11-11 19:52:18 ----A---- C:\Windows\system32\winresume.exe 2010-11-11 19:52:18 ----A---- C:\Windows\system32\winload.exe 2010-11-11 19:52:18 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2010-11-11 19:52:18 ----A---- C:\Windows\system32\CertEnroll.dll 2010-11-11 19:52:12 ----A---- C:\Windows\system32\ole32.dll 2010-11-11 19:52:11 ----A---- C:\Windows\system32\mshtml.dll 2010-11-11 19:52:10 ----A---- C:\Windows\system32\ieframe.dll 2010-11-11 19:52:09 ----A---- C:\Windows\system32\urlmon.dll 2010-11-11 19:52:09 ----A---- C:\Windows\system32\mstime.dll 2010-11-11 19:52:09 ----A---- C:\Windows\system32\msfeeds.dll 2010-11-11 19:52:09 ----A---- C:\Windows\system32\iertutil.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\wininet.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\mshtmled.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\msfeedssync.exe 2010-11-11 19:52:08 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\licmgr10.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\jsproxy.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\ieui.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\iepeers.dll 2010-11-11 19:52:08 ----A---- C:\Windows\system32\iedkcs32.dll 2010-11-11 19:52:07 ----A---- C:\Windows\system32\mfc40u.dll 2010-11-11 19:52:07 ----A---- C:\Windows\system32\mfc40.dll 2010-11-11 19:52:06 ----A---- C:\Windows\system32\msasn1.dll 2010-11-11 19:52:05 ----A---- C:\Windows\system32\wmp.dll 2010-11-11 19:52:04 ----A---- C:\Windows\system32\wmploc.DLL 2010-11-11 19:52:03 ----A---- C:\Windows\system32\winlogon.exe 2010-11-11 19:52:03 ----A---- C:\Windows\system32\spoolsv.exe 2010-11-11 19:52:03 ----A---- C:\Windows\explorer.exe 2010-11-11 19:52:02 ----A---- C:\Windows\system32\wmpmde.dll 2010-11-11 19:52:00 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-11-11 19:52:00 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-11-11 19:51:59 ----A---- C:\Windows\system32\srvsvc.dll 2010-11-11 19:51:59 ----A---- C:\Windows\system32\kernel32.dll 2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srvnet.sys 2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srv.sys 2010-11-11 19:51:58 ----A---- C:\Windows\system32\apphelp.dll 2010-11-11 19:51:57 ----A---- C:\Windows\system32\inetcomm.dll 2010-11-11 19:51:57 ----A---- C:\Windows\system32\drivers\tcpip.sys 2010-11-11 19:51:56 ----A---- C:\Windows\system32\quartz.dll 2010-11-11 19:51:56 ----A---- C:\Windows\system32\msvidc32.dll 2010-11-11 19:51:56 ----A---- C:\Windows\system32\mciavi32.dll 2010-11-11 19:51:56 ----A---- C:\Windows\system32\avifil32.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\win32k.sys 2010-11-11 19:51:55 ----A---- C:\Windows\system32\tsbyuv.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\schannel.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\msyuv.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\msrle32.dll 2010-11-11 19:51:55 ----A---- C:\Windows\system32\iyuv_32.dll 2010-11-11 19:51:54 ----A---- C:\Windows\system32\jscript.dll 2010-11-11 19:51:54 ----A---- C:\Windows\system32\comctl32.dll 2010-11-11 19:51:53 ----A---- C:\Windows\system32\msxml3.dll 2010-11-11 19:51:53 ----A---- C:\Windows\system32\ir32_32.dll 2010-11-11 19:51:53 ----A---- C:\Windows\system32\iccvid.dll 2010-11-11 19:51:52 ----A---- C:\Windows\system32\t2embed.dll 2010-11-11 19:51:52 ----A---- C:\Windows\system32\asycfilt.dll 2010-11-11 19:51:51 ----A---- C:\Windows\system32\StructuredQuery.dll 2010-11-11 19:51:50 ----A---- C:\Windows\system32\vbscript.dll 2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2010-11-11 19:51:08 ----A---- C:\Windows\system32\wintrust.dll 2010-11-11 19:48:53 ----A---- C:\Windows\system32\fontsub.dll 2010-11-11 19:48:53 ----A---- C:\Windows\system32\atmlib.dll 2010-11-11 19:48:53 ----A---- C:\Windows\system32\atmfd.dll 2010-11-11 19:48:33 ----A---- C:\Windows\system32\cabview.dll 2010-11-11 18:45:58 ----D---- C:\Users\LUCEK\AppData\Roaming\Macromedia 2010-11-11 18:45:58 ----D---- C:\Users\LUCEK\AppData\Roaming\Adobe 2010-11-11 18:45:56 ----D---- C:\Windows\system32\Macromed 2010-11-11 18:43:02 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-11 18:39:12 ----D---- C:\Users\LUCEK\AppData\Roaming\Identities 2010-11-11 18:37:40 ----SD---- C:\Users\LUCEK\AppData\Roaming\Microsoft 2010-11-11 18:37:40 ----D---- C:\Users\LUCEK\AppData\Roaming\Media Center Programs 2010-11-11 18:37:06 ----SHD---- C:\Recovery 2010-11-11 18:33:03 ----D---- C:\Windows\SoftwareDistribution 2010-11-11 18:30:46 ----D---- C:\Windows\Prefetch 2010-11-11 18:30:00 ----ASH---- C:\pagefile.sys 2010-11-11 18:29:57 ----SHD---- C:\System Volume Information 2010-11-11 18:29:57 ----ASH---- C:\hiberfil.sys ======List of files/folders modified in the last 1 months====== 2010-11-22 22:07:41 ----D---- C:\Windows\Temp 2010-11-22 22:06:38 ----D---- C:\Windows\system32\config 2010-11-21 22:35:42 ----D---- C:\Windows\system32\drivers 2010-11-21 22:35:40 ----HD---- C:\ProgramData 2010-11-21 22:35:39 ----RD---- C:\Program Files 2010-11-19 17:43:36 ----D---- C:\Windows\system32\wdi 2010-11-19 00:01:18 ----D---- C:\Windows\winsxs 2010-11-18 22:11:33 ----D---- C:\Windows\System32 2010-11-18 22:11:33 ----D---- C:\Windows\inf 2010-11-18 22:07:39 ----D---- C:\Windows\system32\DriverStore 2010-11-17 23:05:43 ----D---- C:\Windows\system32\Tasks 2010-11-14 13:01:46 ----D---- C:\Windows\rescache 2010-11-14 12:58:44 ----D---- C:\Windows\Logs 2010-11-12 23:02:03 ----D---- C:\Windows\Microsoft.NET 2010-11-12 23:01:49 ----RSD---- C:\Windows\assembly 2010-11-12 21:25:23 ----D---- C:\Windows 2010-11-11 22:39:04 ----D---- C:\Windows\ModemLogs 2010-11-11 22:24:22 ----D---- C:\Windows\system32\catroot 2010-11-11 21:08:36 ----D---- C:\Windows\system32\catroot2 2010-11-11 20:26:55 ----D---- C:\Program Files\Common Files 2010-11-11 20:24:42 ----D---- C:\Program Files\Common Files\microsoft shared 2010-11-11 20:20:47 ----SD---- C:\ProgramData\Microsoft 2010-11-11 20:15:45 ----D---- C:\Program Files\MSBuild 2010-11-11 20:15:19 ----D---- C:\Windows\ShellNew 2010-11-11 20:14:56 ----RSD---- C:\Windows\Fonts 2010-11-11 20:10:48 ----A---- C:\Windows\win.ini 2010-11-11 20:10:40 ----D---- C:\Program Files\Common Files\System 2010-11-11 20:03:02 ----D---- C:\Windows\system32\migration 2010-11-11 20:03:02 ----D---- C:\Program Files\Internet Explorer 2010-11-11 20:03:01 ----D---- C:\Windows\system32\en-US 2010-11-11 20:03:01 ----D---- C:\Windows\system32\Boot 2010-11-11 20:03:01 ----D---- C:\Windows\ehome 2010-11-11 20:03:01 ----D---- C:\Program Files\Windows Mail 2010-11-11 20:03:00 ----D---- C:\Program Files\Windows Media Player 2010-11-11 20:00:24 ----D---- C:\Windows\twain_32 2010-11-11 19:55:48 ----D---- C:\Windows\debug 2010-11-11 19:52:34 ----D---- C:\Windows\system32\restore 2010-11-11 19:47:59 ----D---- C:\Windows\system32\CodeIntegrity 2010-11-11 18:45:58 ----D---- C:\Windows\Downloaded Program Files 2010-11-11 18:42:29 ----D---- C:\Windows\system32\wbem 2010-11-11 18:40:49 ----D---- C:\Windows\system32\drivers\UMDF 2010-11-11 18:39:10 ----SHD---- C:\$Recycle.Bin 2010-11-11 18:37:40 ----RD---- C:\Users 2010-11-11 18:32:28 ----D---- C:\Windows\system32\sysprep 2010-11-11 18:30:43 ----D---- C:\Windows\CSC ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104] R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys [2010-11-04 691248] R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-11-11 371248] R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSvix86.sys [2010-10-19 353840] R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2007-04-13 68096] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS [2010-04-22 43696] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784] R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-17 12672] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-10-29 162088] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-02-26 201728] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-11 102448] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-02-12 980992] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-02-12 207360] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192] R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101122.002\NAVENG.SYS [2010-11-11 86064] R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101122.002\NAVEX15.SYS [2010-11-11 1371184] R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2008-07-22 51200] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1810856] R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS [2010-04-22 325680] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-11-11 124976] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-02-12 661504] R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-05-22 104960] R3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2009-05-22 105344] R3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2009-05-22 104960] S0 BMLoad;Bytemobile Boot Time Load Driver; C:\Windows\system32\drivers\BMLoad.sys [2009-05-22 22528] S1 tcpipBM;Bytemobile Kernel Network Provider; C:\Windows\system32\drivers\tcpipBM.sys [2009-05-22 18816] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-05-22 9728] S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] -----------------EOF----------------- [/log]ale procesor szaleje dalej jak uruchomie internet t-mobile w menadzerze jest to plik bmop.exe - optimization proxy i to on tak szaleje zabiera 50% zuzycia procesora i jest to zwiazane z tym internetem
Tomek01 komentarz 23 listopada 2010 komentarz 23 listopada 2010 Pobierz [b][url=http://www.instalki.pl/programy/download/antyspyware/get.php?file=avenger]Avenger[/url][/b] W polu input script here wklej taki tekst : [code]Files to delete: C:\Windows\system32\drivers\BMLoad.sys C:\Windows\system32\drivers\tcpipBM.sys Drivers to delete: BMLoad tcpipBM[/code] Klikasz execute, komputer uruchamia się ponownie i generuje raport, który pokaż na forum Powiedz czy jest poprawa ?
lucyfer29 komentarz 23 listopada 2010 Autor komentarz 23 listopada 2010 [log]Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows Vista ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File "C:\Windows\system32\drivers\BMLoad.sys" deleted successfully. File "C:\Windows\system32\drivers\tcpipBM.sys" deleted successfully. Driver "BMLoad" deleted successfully. Driver "tcpipBM" deleted successfully. Completed script processing. ******************* Finished! Terminate. [/log]no wszystko jest teraz ok, wielkie dzieki mozesz mi powiedziec co to bylo?? i jeszcze raz dziekuje, bo juz mialem dosyc tego wiatraczka od procesora...
Tomek01 komentarz 23 listopada 2010 komentarz 23 listopada 2010 Po prostu zostały usługi uruchamiające sterowniki i wpisy w rejestrze. Trzeba je było usunąć
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.