x-kom hosting

Duże zuzycie procesora

lucyfer29
utworzono
utworzono

Czesc wszystkim, problem mam nastepujacy
mam internet przenosny T-mobile dongle i po zainstalowaniu na moim laptopie zuzywa mi 50% procesora, ten plik w windows task manager nazywa sie bmop.exe i nie da sie go tam wylaczyc, jest to chyba Bytemobile optymization client, mialem ten sam internet na moim starym laptopie ktory byl duzo gorszy i bylo wszystko ok, nie wiem czy ma to cos wspulnego, ale na starym mialem xp a na tym jest windows7, po rozlaczeniu internetu wszystko wraca do normy i jest ok... czy da sie to jakos wylaczyc?? prubowalem w windows task manager ale tam sie tego wylaczyc nie da

Tomek01
komentarz
komentarz

Wrzuć logi OTL i RSIT. Info poniżej. Wstaw je w odpowiednim formacie :)

lucyfer29
komentarz
komentarz

[log]Run by LUCEK at 2010-11-19 19:00:30
Microsoft Windows 7 Ultimate
System drive C: has 38 GB (72%) free of 53 GB
Total RAM: 2038 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:02:27, on 19/11/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Budzik\budzik.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\UIMain.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\CMUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Gadu-Gadu 10\gg.exe
C:\Program Files\Winamp\winamp.exe
C:\Users\LUCEK\Desktop\OTL.exe
C:\Users\LUCEK\Desktop\RSIT.exe
C:\Program Files\trend micro\LUCEK.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\bmctl.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\bmop.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9098C3E4-955C-4686-ABCF-41BAB4E5A6CC}: NameServer = 149.254.230.7 149.254.199.126
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe

--
End of file - 4790 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-03 396144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL [2009-11-17 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-03 396144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-10-25 212992]
"UIExec"=C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe [2009-07-16 132608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Budzik.lnk - C:\Program Files\Budzik\budzik.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-19 19:00:34 ----D---- C:\Program Files\trend micro
2010-11-19 19:00:30 ----D---- C:\rsit
2010-11-19 00:01:48 ----D---- C:\Users\LUCEK\AppData\Roaming\Gadu-Gadu 10
2010-11-19 00:01:27 ----D---- C:\ProgramData\Gadu-Gadu 10
2010-11-19 00:00:45 ----D---- C:\Program Files\Gadu-Gadu 10
2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbser6k.sys
2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbnmea.sys
2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbmdm6k.sys
2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\massfilter.sys
2010-11-18 22:07:12 ----D---- C:\Program Files\T-Mobile Mobile Broadband Manager
2010-11-18 21:50:34 ----D---- C:\Users\LUCEK\AppData\Roaming\IObit
2010-11-14 18:34:44 ----D---- C:\Program Files\Budzik
2010-11-14 18:30:48 ----D---- C:\Program Files\Mystery Case Files Return to Ravenhearst
2010-11-14 18:30:21 ----D---- C:\Program Files\Mystery Case Files - Return to Ravenhearst
2010-11-14 18:29:06 ----D---- C:\Program Files\Games
2010-11-14 18:27:25 ----D---- C:\Users\LUCEK\AppData\Roaming\HdO Adventure
2010-11-14 18:26:12 ----D---- C:\Program Files\Treasure Island The Golden Bug
2010-11-14 18:23:49 ----D---- C:\Program Files\Angela Young 2 - Escape the Dreamscape
2010-11-13 00:24:57 ----D---- C:\Users\LUCEK\AppData\Roaming\Games
2010-11-13 00:23:52 ----D---- C:\Program Files\Department 42 - The Mystery of Nine
2010-11-13 00:23:28 ----D---- C:\Program Files\Department 42 - The Mystery of the Nine
2010-11-12 21:25:20 ----D---- C:\Users\LUCEK\AppData\Roaming\Mozilla
2010-11-12 21:24:48 ----D---- C:\Program Files\Mozilla Firefox
2010-11-12 02:29:00 ----D---- C:\Windows\Panther
2010-11-11 22:24:06 ----D---- C:\Users\LUCEK\AppData\Roaming\Program Files
2010-11-11 22:23:58 ----A---- C:\Windows\system32\sporder.dll
2010-11-11 22:23:58 ----A---- C:\Windows\system32\drivers\tcpipBM.sys
2010-11-11 22:23:58 ----A---- C:\Windows\system32\drivers\BMLoad.sys
2010-11-11 22:23:58 ----A---- C:\Windows\system32\bmutil.dll
2010-11-11 22:23:58 ----A---- C:\Windows\system32\bmnet.dll
2010-11-11 22:23:58 ----A---- C:\Windows\system32\bminstall.dll
2010-11-11 22:23:52 ----D---- C:\Windows\system32\SupportAppCB
2010-11-11 22:23:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-11 21:07:14 ----D---- C:\Windows\pss
2010-11-11 20:28:12 ----D---- C:\Users\LUCEK\AppData\Roaming\WinRAR
2010-11-11 20:26:58 ----RA---- C:\Windows\system32\GEARAspi.dll
2010-11-11 20:26:58 ----RA---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2010-11-11 20:26:58 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-11 20:26:56 ----A---- C:\Windows\system32\drivers\SYMEVENT.SYS
2010-11-11 20:26:55 ----D---- C:\Program Files\Symantec
2010-11-11 20:26:55 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-11-11 20:26:53 ----D---- C:\ProgramData\Symantec
2010-11-11 20:26:17 ----D---- C:\Windows\system32\drivers\N360
2010-11-11 20:26:13 ----D---- C:\Program Files\Norton 360
2010-11-11 20:26:12 ----D---- C:\ProgramData\Norton
2010-11-11 20:25:26 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-11-11 20:25:25 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-11 20:24:53 ----D---- C:\Program Files\Winamp Detect
2010-11-11 20:24:47 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-11-11 20:24:45 ----D---- C:\Users\LUCEK\AppData\Roaming\Winamp
2010-11-11 20:24:45 ----D---- C:\Program Files\Winamp
2010-11-11 20:24:23 ----D---- C:\ProgramData\NortonInstaller
2010-11-11 20:24:23 ----D---- C:\Program Files\NortonInstaller
2010-11-11 20:24:15 ----D---- C:\Program Files\WinRAR
2010-11-11 20:23:08 ----D---- C:\Program Files\UltraISO
2010-11-11 20:23:08 ----D---- C:\Program Files\Common Files\EZB Systems
2010-11-11 20:20:29 ----A---- C:\Windows\system32\mdimon.dll
2010-11-11 20:20:01 ----A---- C:\Windows\system32\msonpmon.dll
2010-11-11 20:16:03 ----D---- C:\Program Files\Microsoft Works
2010-11-11 20:15:24 ----D---- C:\Program Files\Microsoft Visual Studio
2010-11-11 20:15:23 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-11 20:14:45 ----D---- C:\Windows\PCHEALTH
2010-11-11 20:14:45 ----D---- C:\Program Files\Microsoft.NET
2010-11-11 20:11:45 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-11-11 20:09:45 ----D---- C:\Program Files\Microsoft Office
2010-11-11 20:09:43 ----D---- C:\ProgramData\Microsoft Help
2010-11-11 20:09:29 ----SHD---- C:\Windows\Installer
2010-11-11 20:08:48 ----RHD---- C:\MSOCache
2010-11-11 20:04:53 ----D---- C:\Windows\system32\Lang
2010-11-11 20:04:53 ----A---- C:\Windows\system32\TVWizudlg.exe
2010-11-11 20:04:53 ----A---- C:\Windows\system32\igfxtvcx.dll
2010-11-11 20:04:52 ----D---- C:\Program Files\Intel
2010-11-11 19:59:59 ----A---- C:\Windows\system32\msv1_0.dll
2010-11-11 19:58:26 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-11-11 19:58:26 ----A---- C:\Windows\system32\PresentationHost.exe
2010-11-11 19:58:26 ----A---- C:\Windows\system32\netfxperf.dll
2010-11-11 19:58:26 ----A---- C:\Windows\system32\mscoree.dll
2010-11-11 19:58:26 ----A---- C:\Windows\system32\dfshim.dll
2010-11-11 19:55:47 ----A---- C:\Windows\system32\MRT.exe
2010-11-11 19:55:13 ----D---- C:\Program Files\Apoint2K
2010-11-11 19:53:54 ----D---- C:\Windows\system32\x64
2010-11-11 19:53:54 ----A---- C:\Windows\system32\igxpun.exe
2010-11-11 19:53:19 ----N---- C:\Windows\system32\MpSigStub.exe
2010-11-11 19:53:03 ----D---- C:\Program Files\CONEXANT
2010-11-11 19:52:26 ----A---- C:\Windows\system32\tzres.dll
2010-11-11 19:52:23 ----A---- C:\Windows\system32\shell32.dll
2010-11-11 19:52:23 ----A---- C:\Windows\system32\lsasrv.dll
2010-11-11 19:52:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-11-11 19:52:21 ----A---- C:\Windows\system32\rtutils.dll
2010-11-11 19:52:18 ----A---- C:\Windows\system32\winresume.exe
2010-11-11 19:52:18 ----A---- C:\Windows\system32\winload.exe
2010-11-11 19:52:18 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-11-11 19:52:18 ----A---- C:\Windows\system32\CertEnroll.dll
2010-11-11 19:52:12 ----A---- C:\Windows\system32\ole32.dll
2010-11-11 19:52:11 ----A---- C:\Windows\system32\mshtml.dll
2010-11-11 19:52:10 ----A---- C:\Windows\system32\ieframe.dll
2010-11-11 19:52:09 ----A---- C:\Windows\system32\urlmon.dll
2010-11-11 19:52:09 ----A---- C:\Windows\system32\mstime.dll
2010-11-11 19:52:09 ----A---- C:\Windows\system32\msfeeds.dll
2010-11-11 19:52:09 ----A---- C:\Windows\system32\iertutil.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\wininet.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\mshtmled.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\msfeedssync.exe
2010-11-11 19:52:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\licmgr10.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\jsproxy.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\ieui.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\iepeers.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\iedkcs32.dll
2010-11-11 19:52:07 ----A---- C:\Windows\system32\mfc40u.dll
2010-11-11 19:52:07 ----A---- C:\Windows\system32\mfc40.dll
2010-11-11 19:52:06 ----A---- C:\Windows\system32\msasn1.dll
2010-11-11 19:52:05 ----A---- C:\Windows\system32\wmp.dll
2010-11-11 19:52:04 ----A---- C:\Windows\system32\wmploc.DLL
2010-11-11 19:52:03 ----A---- C:\Windows\system32\winlogon.exe
2010-11-11 19:52:03 ----A---- C:\Windows\system32\spoolsv.exe
2010-11-11 19:52:03 ----A---- C:\Windows\explorer.exe
2010-11-11 19:52:02 ----A---- C:\Windows\system32\wmpmde.dll
2010-11-11 19:52:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-11-11 19:52:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-11-11 19:51:59 ----A---- C:\Windows\system32\srvsvc.dll
2010-11-11 19:51:59 ----A---- C:\Windows\system32\kernel32.dll
2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srv.sys
2010-11-11 19:51:58 ----A---- C:\Windows\system32\apphelp.dll
2010-11-11 19:51:57 ----A---- C:\Windows\system32\inetcomm.dll
2010-11-11 19:51:57 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-11-11 19:51:56 ----A---- C:\Windows\system32\quartz.dll
2010-11-11 19:51:56 ----A---- C:\Windows\system32\msvidc32.dll
2010-11-11 19:51:56 ----A---- C:\Windows\system32\mciavi32.dll
2010-11-11 19:51:56 ----A---- C:\Windows\system32\avifil32.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\win32k.sys
2010-11-11 19:51:55 ----A---- C:\Windows\system32\tsbyuv.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\schannel.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\msyuv.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\msrle32.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\iyuv_32.dll
2010-11-11 19:51:54 ----A---- C:\Windows\system32\jscript.dll
2010-11-11 19:51:54 ----A---- C:\Windows\system32\comctl32.dll
2010-11-11 19:51:53 ----A---- C:\Windows\system32\msxml3.dll
2010-11-11 19:51:53 ----A---- C:\Windows\system32\ir32_32.dll
2010-11-11 19:51:53 ----A---- C:\Windows\system32\iccvid.dll
2010-11-11 19:51:52 ----A---- C:\Windows\system32\t2embed.dll
2010-11-11 19:51:52 ----A---- C:\Windows\system32\asycfilt.dll
2010-11-11 19:51:51 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-11-11 19:51:50 ----A---- C:\Windows\system32\vbscript.dll
2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-11-11 19:51:08 ----A---- C:\Windows\system32\wintrust.dll
2010-11-11 19:48:53 ----A---- C:\Windows\system32\fontsub.dll
2010-11-11 19:48:53 ----A---- C:\Windows\system32\atmlib.dll
2010-11-11 19:48:53 ----A---- C:\Windows\system32\atmfd.dll
2010-11-11 19:48:33 ----A---- C:\Windows\system32\cabview.dll
2010-11-11 18:45:58 ----D---- C:\Users\LUCEK\AppData\Roaming\Macromedia
2010-11-11 18:45:58 ----D---- C:\Users\LUCEK\AppData\Roaming\Adobe
2010-11-11 18:45:56 ----D---- C:\Windows\system32\Macromed
2010-11-11 18:43:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-11 18:39:12 ----D---- C:\Users\LUCEK\AppData\Roaming\Identities
2010-11-11 18:37:40 ----SD---- C:\Users\LUCEK\AppData\Roaming\Microsoft
2010-11-11 18:37:40 ----D---- C:\Users\LUCEK\AppData\Roaming\Media Center Programs
2010-11-11 18:37:06 ----SHD---- C:\Recovery
2010-11-11 18:33:03 ----D---- C:\Windows\SoftwareDistribution
2010-11-11 18:30:46 ----D---- C:\Windows\Prefetch
2010-11-11 18:30:00 ----ASH---- C:\pagefile.sys
2010-11-11 18:29:57 ----SHD---- C:\System Volume Information
2010-11-11 18:29:57 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 months======

2010-11-19 19:00:34 ----RD---- C:\Program Files
2010-11-19 19:00:22 ----D---- C:\Windows\Temp
2010-11-19 17:43:40 ----D---- C:\Windows\system32\config
2010-11-19 17:43:36 ----D---- C:\Windows\system32\wdi
2010-11-19 00:01:27 ----HD---- C:\ProgramData
2010-11-19 00:01:18 ----D---- C:\Windows\winsxs
2010-11-18 22:11:33 ----D---- C:\Windows\System32
2010-11-18 22:11:33 ----D---- C:\Windows\inf
2010-11-18 22:07:39 ----D---- C:\Windows\system32\DriverStore
2010-11-18 22:07:32 ----D---- C:\Windows\system32\drivers
2010-11-17 23:05:43 ----D---- C:\Windows\system32\Tasks
2010-11-14 13:01:46 ----D---- C:\Windows\rescache
2010-11-14 12:58:44 ----D---- C:\Windows\Logs
2010-11-12 23:02:03 ----D---- C:\Windows\Microsoft.NET
2010-11-12 23:01:49 ----RSD---- C:\Windows\assembly
2010-11-12 21:25:23 ----D---- C:\Windows
2010-11-11 22:39:04 ----D---- C:\Windows\ModemLogs
2010-11-11 22:24:22 ----D---- C:\Windows\system32\catroot
2010-11-11 21:08:36 ----D---- C:\Windows\system32\catroot2
2010-11-11 20:26:55 ----D---- C:\Program Files\Common Files
2010-11-11 20:24:42 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-11 20:20:47 ----SD---- C:\ProgramData\Microsoft
2010-11-11 20:15:45 ----D---- C:\Program Files\MSBuild
2010-11-11 20:15:19 ----D---- C:\Windows\ShellNew
2010-11-11 20:14:56 ----RSD---- C:\Windows\Fonts
2010-11-11 20:10:48 ----A---- C:\Windows\win.ini
2010-11-11 20:10:40 ----D---- C:\Program Files\Common Files\System
2010-11-11 20:03:02 ----D---- C:\Windows\system32\migration
2010-11-11 20:03:02 ----D---- C:\Program Files\Internet Explorer
2010-11-11 20:03:01 ----D---- C:\Windows\system32\en-US
2010-11-11 20:03:01 ----D---- C:\Windows\system32\Boot
2010-11-11 20:03:01 ----D---- C:\Windows\ehome
2010-11-11 20:03:01 ----D---- C:\Program Files\Windows Mail
2010-11-11 20:03:00 ----D---- C:\Program Files\Windows Media Player
2010-11-11 20:00:24 ----D---- C:\Windows\twain_32
2010-11-11 19:55:48 ----D---- C:\Windows\debug
2010-11-11 19:52:34 ----D---- C:\Windows\system32\restore
2010-11-11 19:47:59 ----D---- C:\Windows\system32\CodeIntegrity
2010-11-11 18:45:58 ----D---- C:\Windows\Downloaded Program Files
2010-11-11 18:42:29 ----D---- C:\Windows\system32\wbem
2010-11-11 18:40:49 ----D---- C:\Windows\system32\drivers\UMDF
2010-11-11 18:39:10 ----SHD---- C:\$Recycle.Bin
2010-11-11 18:37:40 ----RD---- C:\Users
2010-11-11 18:32:28 ----D---- C:\Windows\system32\sysprep
2010-11-11 18:30:43 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys [2010-11-04 691248]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-11-11 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101118.005\IDSvix86.sys [2010-10-19 353840]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2007-04-13 68096]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-17 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-10-29 162088]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-02-26 201728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-11 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-02-12 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-02-12 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.002\NAVENG.SYS [2010-11-11 86064]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.002\NAVEX15.SYS [2010-11-11 1371184]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2008-07-22 51200]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1810856]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS [2010-04-22 325680]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-11-11 124976]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-02-12 661504]
R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-05-22 104960]
R3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2009-05-22 105344]
R3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2009-05-22 104960]
S0 BMLoad;Bytemobile Boot Time Load Driver; C:\Windows\system32\drivers\BMLoad.sys [2009-05-22 22528]
S1 tcpipBM;Bytemobile Kernel Network Provider; C:\Windows\system32\drivers\tcpipBM.sys [2009-05-22 18816]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-05-22 9728]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
R2 UI Assistant Service;UI Assistant Service; C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe [2009-07-16 241664]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

OTL Extras logfile created on: 19/11/2010 18:56:57 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\LUCEK\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.29 Gb Total Space | 36.83 Gb Free Space | 71.80% Space Free | Partition Type: NTFS
Drive E: | 35.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 97.65 Gb Total Space | 77.82 Gb Free Space | 79.69% Space Free | Partition Type: NTFS

Computer Name: LUCEK-PC | User Name: LUCEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile Mobile Broadband Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Angela Young 2 - Escape the DreamscapeJust For Fun Games" = Angela Young 2 - Escape the DreamscapeJust For Fun Games
"Budzik_is1" = Budzik 1.04
"Build-a-lot 3 - Passport to Europe 1.00" = Build-a-lot 3 - Passport to Europe 1.00
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Department 42 - The Mystery of NineJust For Fun Games" = Department 42 - The Mystery of NineJust For Fun Games
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Gadu-Gadu 10" = Gadu-Gadu 10
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mystery Case Files Return to RavenhearstJust For Fun Games" = Mystery Case Files Return to RavenhearstJust For Fun Games
"N360" = Norton 360
"Treasure Island The Golden Bug % CompanyName%" = Treasure Island The Golden Bug % CompanyName%
"TVWiz" = Intel(R) TV Wizard
"UltraISO_is1" = UltraISO Premium V8.63
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 11/11/2010 16:07:44 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

Error - 11/11/2010 18:23:28 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

Error - 17/11/2010 18:56:06 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

Error - 17/11/2010 19:04:54 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

Error - 18/11/2010 17:51:02 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 16/11/2010 09:03:37 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM

Error - 16/11/2010 18:52:45 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.

Error - 17/11/2010 18:59:07 | Computer Name = LUCEK-PC | Source = DCOM | ID = 10005
Description =

Error - 17/11/2010 18:59:06 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7038
Description = The upnphost service was unable to log on as NT AUTHORITY\LocalService
with the currently configured password due to the following error: %%1352 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 17/11/2010 18:59:06 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7000
Description = The UPnP Device Host service failed to start due to the following
error: %%1069

Error - 17/11/2010 19:13:24 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.

Error - 18/11/2010 18:07:40 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7030
Description = The UI Assistant Service service is marked as an interactive service.
However, the system is configured to not allow interactive services. This service
may not function properly.

Error - 18/11/2010 18:09:45 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM

Error - 18/11/2010 20:09:34 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.

Error - 19/11/2010 13:45:33 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM


< End of report >

OTL Extras logfile created on: 19/11/2010 18:56:57 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\LUCEK\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.29 Gb Total Space | 36.83 Gb Free Space | 71.80% Space Free | Partition Type: NTFS
Drive E: | 35.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 97.65 Gb Total Space | 77.82 Gb Free Space | 79.69% Space Free | Partition Type: NTFS

Computer Name: LUCEK-PC | User Name: LUCEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile Mobile Broadband Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Angela Young 2 - Escape the DreamscapeJust For Fun Games" = Angela Young 2 - Escape the DreamscapeJust For Fun Games
"Budzik_is1" = Budzik 1.04
"Build-a-lot 3 - Passport to Europe 1.00" = Build-a-lot 3 - Passport to Europe 1.00
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Department 42 - The Mystery of NineJust For Fun Games" = Department 42 - The Mystery of NineJust For Fun Games
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Gadu-Gadu 10" = Gadu-Gadu 10
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mystery Case Files Return to RavenhearstJust For Fun Games" = Mystery Case Files Return to RavenhearstJust For Fun Games
"N360" = Norton 360
"Treasure Island The Golden Bug % CompanyName%" = Treasure Island The Golden Bug % CompanyName%
"TVWiz" = Intel(R) TV Wizard
"UltraISO_is1" = UltraISO Premium V8.63
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 11/11/2010 16:07:44 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

Error - 11/11/2010 18:23:28 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

Error - 17/11/2010 18:56:06 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

Error - 17/11/2010 19:04:54 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

Error - 18/11/2010 17:51:02 | Computer Name = LUCEK-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 16/11/2010 09:03:37 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM

Error - 16/11/2010 18:52:45 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.

Error - 17/11/2010 18:59:07 | Computer Name = LUCEK-PC | Source = DCOM | ID = 10005
Description =

Error - 17/11/2010 18:59:06 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7038
Description = The upnphost service was unable to log on as NT AUTHORITY\LocalService
with the currently configured password due to the following error: %%1352 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 17/11/2010 18:59:06 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7000
Description = The UPnP Device Host service failed to start due to the following
error: %%1069

Error - 17/11/2010 19:13:24 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.

Error - 18/11/2010 18:07:40 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7030
Description = The UI Assistant Service service is marked as an interactive service.
However, the system is configured to not allow interactive services. This service
may not function properly.

Error - 18/11/2010 18:09:45 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM

Error - 18/11/2010 20:09:34 | Computer Name = LUCEK-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.

Error - 19/11/2010 13:45:33 | Computer Name = LUCEK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM


< End of report >
[/log]

mam nadzieje ze to o to chodzi....??


[color="#FF0000"]//Logi wstawiamy w tagi !
//Zmieniam.
//Tom[/color]

Tomek01
komentarz
komentarz

[quote name='Tomek01' date='19 listopad 2010 - 20:53' timestamp='1290192945' post='1125053']
Wstaw je w odpowiednim formacie
[/quote] ;>

Otl generuje dwa pliki. Pokaż ten drugi, jest ważniejszy: OTL.txt

lucyfer29
komentarz
komentarz

ten?
kurcze sorki ze ja taki lewy troch[color="#FF0000"]ę[/color]... :)

[color="#FF0000"]//W tagi !!!
//http://www.forumpc.pl/index.php?showtopic=104338
//Tom01[/color]

jest tam napisane jak zrobi[color="#FF0000"]ć[/color] ale nie jak wstawi[color="#FF0000"]ć[/color]

[log]OTL logfile created on: 21/11/2010 09:51:07 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\LUCEK\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.29 Gb Total Space | 36.43 Gb Free Space | 71.03% Space Free | Partition Type: NTFS
Drive E: | 35.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 97.65 Gb Total Space | 77.82 Gb Free Space | 79.69% Space Free | Partition Type: NTFS

Computer Name: LUCEK-PC | User Name: LUCEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010/11/19 18:54:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\LUCEK\Desktop\OTL.exe
PRC - [2010/10/07 08:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010/07/12 16:33:54 | 001,592,672 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe
PRC - [2010/02/26 00:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/16 14:52:06 | 000,691,200 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\UIMain.exe
PRC - [2009/07/16 14:47:34 | 000,559,104 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\CMUpdater.exe
PRC - [2009/07/16 14:43:04 | 000,241,664 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe
PRC - [2009/07/16 14:42:20 | 000,132,608 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe
PRC - [2009/07/14 01:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 01:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/05/22 09:08:38 | 000,724,992 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\T-Mobile Mobile Broadband Manager\bmop.exe
PRC - [2009/05/22 09:08:38 | 000,380,928 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\T-Mobile Mobile Broadband Manager\bmctl.exe
PRC - [2004/10/31 17:23:48 | 000,024,084 | ---- | M] (BLITZ-ART) -- C:\Program Files\Budzik\budzik.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010/11/19 18:54:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\LUCEK\Desktop\OTL.exe
MOD - [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/07/14 01:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 01:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 01:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 01:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 01:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 01:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 01:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 01:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 01:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 01:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010/02/26 00:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/07/16 14:43:04 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009/07/14 01:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 01:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 01:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 01:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 01:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 01:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 01:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 01:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 01:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 01:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 01:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 01:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 01:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 01:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 01:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/14 01:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 01:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/04/29 03:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010/11/11 20:36:17 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101120.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/11/11 20:36:17 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/11/11 20:36:17 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/11/11 20:36:17 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101120.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/11 20:26:55 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/11/04 15:02:36 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/10/19 20:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/05/06 04:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/04/29 05:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/22 03:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/22 02:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/22 02:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/26 00:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/12/11 07:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/10/15 03:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/09/23 19:18:14 | 004,808,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/07/14 01:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 01:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 01:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 01:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 01:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 01:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 01:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 01:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 01:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 01:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/14 01:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/14 01:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 01:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 01:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 01:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 01:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 01:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 01:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 01:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 01:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 01:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 01:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 01:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 01:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 01:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 01:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 01:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 01:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 01:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 01:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 01:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 01:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 01:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 01:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 01:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 01:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 01:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 01:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 01:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 00:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 00:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 00:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 23:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 23:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 23:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 23:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 23:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 23:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 23:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 23:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 23:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 23:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 23:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 23:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 23:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 23:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 23:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 23:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 23:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 22:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 22:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 22:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 22:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 22:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 22:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 22:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009/07/13 22:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009/07/13 22:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
DRV - [2009/07/13 22:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 22:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 22:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/07/13 22:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/05/22 09:08:38 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009/05/22 09:04:04 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/05/22 09:04:04 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/05/22 09:04:04 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/05/22 09:04:04 | 000,009,728 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/04/29 03:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2009/04/20 14:38:54 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2009/02/12 14:00:22 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2009/02/12 13:58:16 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2009/02/12 13:57:28 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/10/09 03:32:46 | 001,810,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/02/26 15:26:04 | 000,201,728 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/10/29 10:38:38 | 000,162,088 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/04/13 17:42:16 | 000,068,096 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/11/14 09:42:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/11/11 20:27:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile Mobile Broadband Manager\addon [2010/11/18 22:07:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/12 21:25:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/12 21:24:51 | 000,000,000 | ---D | M]

[2010/11/12 21:25:35 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Mozilla\Extensions
[2010/11/12 21:25:35 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Mozilla\Firefox\Profiles\gfwlpxcc.default\extensions
[2010/11/12 21:24:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/27 05:24:34 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/10/27 05:24:34 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/10/27 05:24:34 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/10/27 05:24:34 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/10 21:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [UIExec] C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe ()
O4 - Startup: C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Budzik.lnk = C:\Program Files\Budzik\budzik.exe (BLITZ-ART)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{87d4543f-ede1-11df-80c2-001b38c47024}\Shell - "" = AutoRun
O33 - MountPoints2\{87d4543f-ede1-11df-80c2-001b38c47024}\Shell\AutoRun\command - "" = F:\Install.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

MsConfig - StartUpReg: [b]GrooveMonitor[/b] - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootMin: Primary disk - Driver Group
SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/11/19 19:28:21 | 000,000,000 | ---D | C] -- C:\rsit
[2010/11/19 19:00:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/11/19 18:54:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\LUCEK\Desktop\OTL.exe
[2010/11/19 00:01:48 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Gadu-Gadu 10
[2010/11/19 00:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2010/11/19 00:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010/11/18 22:07:32 | 000,105,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbnmea.sys
[2010/11/18 22:07:32 | 000,104,960 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbser6k.sys
[2010/11/18 22:07:32 | 000,104,960 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys
[2010/11/18 22:07:32 | 000,009,728 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\massfilter.sys
[2010/11/18 22:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile Mobile Broadband Manager
[2010/11/18 22:05:09 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\Documents\unistaler
[2010/11/18 21:50:34 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\IObit
[2010/11/14 18:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\Budzik
[2010/11/14 18:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mystery Case Files Return to Ravenhearst
[2010/11/14 18:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mystery Case Files - Return to Ravenhearst
[2010/11/14 18:29:06 | 000,000,000 | ---D | C] -- C:\Program Files\Games
[2010/11/14 18:27:25 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\HdO Adventure
[2010/11/14 18:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\Treasure Island The Golden Bug
[2010/11/14 18:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\Angela Young 2 - Escape the Dreamscape
[2010/11/14 09:43:30 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symtdiv.sys
[2010/11/14 09:43:29 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symds.sys
[2010/11/14 09:43:29 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.sys
[2010/11/14 09:43:29 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symefa.sys
[2010/11/14 09:43:29 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\ironx86.sys
[2010/11/14 09:43:29 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.sys
[2010/11/14 09:43:28 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.sys
[2010/11/14 09:42:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0403000.005
[2010/11/13 00:24:57 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Games
[2010/11/13 00:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\Department 42 - The Mystery of Nine
[2010/11/13 00:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Department 42 - The Mystery of the Nine
[2010/11/12 21:25:20 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Mozilla
[2010/11/12 21:25:20 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\Mozilla
[2010/11/12 21:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/11/12 02:29:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/11/11 22:24:06 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Program Files
[2010/11/11 22:23:58 | 000,471,040 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll
[2010/11/11 22:23:58 | 000,294,912 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll
[2010/11/11 22:23:58 | 000,126,976 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin
[2010/11/11 22:23:58 | 000,022,528 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys
[2010/11/11 22:23:58 | 000,018,816 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys
[2010/11/11 22:23:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\SupportAppCB
[2010/11/11 22:23:50 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/11/11 21:07:14 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/11/11 20:28:12 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\WinRAR
[2010/11/11 20:26:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/11/11 20:26:56 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/11/11 20:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/11/11 20:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/11/11 20:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/11/11 20:26:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2010/11/11 20:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2010/11/11 20:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010/11/11 20:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010/11/11 20:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/11/11 20:24:45 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Winamp
[2010/11/11 20:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010/11/11 20:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010/11/11 20:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/11/11 20:24:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/11/11 20:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2010/11/11 20:23:08 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\Documents\My ISO Files
[2010/11/11 20:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2010/11/11 20:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/11/11 20:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/11/11 20:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/11/11 20:14:45 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/11/11 20:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/11/11 20:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/11/11 20:09:55 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\Microsoft Help
[2010/11/11 20:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/11/11 20:09:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/11/11 20:09:29 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/11/11 20:08:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/11/11 20:04:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/11/11 20:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/11/11 19:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint2K
[2010/11/11 19:53:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2010/11/11 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/11/11 18:45:58 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Macromedia
[2010/11/11 18:45:58 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Adobe
[2010/11/11 18:45:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/11/11 18:39:22 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Searches
[2010/11/11 18:39:21 | 000,000,000 | -H-D | C] -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/11/11 18:39:12 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Identities
[2010/11/11 18:39:10 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Contacts
[2010/11/11 18:38:59 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\VirtualStore
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\AppData\Local\Temporary Internet Files
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Templates
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Start Menu
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\SendTo
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Recent
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\PrintHood
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\NetHood
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Documents\My Videos
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Documents\My Pictures
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Documents\My Music
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\My Documents
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Local Settings
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\AppData\Local\History
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Cookies
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\Application Data
[2010/11/11 18:37:41 | 000,000,000 | -HSD | C] -- C:\Users\LUCEK\AppData\Local\Application Data
[2010/11/11 18:37:40 | 000,000,000 | --SD | C] -- C:\Users\LUCEK\AppData\Roaming\Microsoft
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Videos
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Saved Games
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Pictures
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Music
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Links
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Favorites
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Downloads
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\My Documents
[2010/11/11 18:37:40 | 000,000,000 | R--D | C] -- C:\Users\LUCEK\Desktop
[2010/11/11 18:37:40 | 000,000,000 | -H-D | C] -- C:\Users\LUCEK\AppData
[2010/11/11 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\Temp
[2010/11/11 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Local\Microsoft
[2010/11/11 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\LUCEK\AppData\Roaming\Media Center Programs
[2010/11/11 18:37:06 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010/11/11 18:33:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/11/11 18:30:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/11/11 18:29:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2008/10/09 03:28:56 | 000,195,112 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010/11/21 09:27:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/21 00:30:53 | 000,935,724 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
[2010/11/19 18:54:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\LUCEK\Desktop\OTL.exe
[2010/11/19 17:52:40 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/19 17:52:40 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/19 17:45:12 | 1602,764,800 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/19 17:43:24 | 000,002,432 | ---- | M] () -- C:\Users\LUCEK\AppData\Local\TempSk5252.html
[2010/11/19 17:43:24 | 000,002,089 | ---- | M] () -- C:\Users\LUCEK\AppData\Local\TempCL5252.html
[2010/11/18 22:11:33 | 000,619,642 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/18 22:11:33 | 000,107,792 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/18 22:11:08 | 000,007,070 | ---- | M] () -- C:\NetworkCfg.xml
[2010/11/18 22:07:20 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\T-Mobile Mobile Broadband Manager.lnk
[2010/11/14 18:34:46 | 000,001,783 | ---- | M] () -- C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Budzik.lnk
[2010/11/14 18:34:46 | 000,000,913 | ---- | M] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Budzik.lnk
[2010/11/12 21:25:23 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/11/12 21:24:57 | 000,001,909 | ---- | M] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/11 20:40:53 | 000,412,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/11/11 20:26:55 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/11/11 20:26:55 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/11/11 20:26:55 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/11/11 20:25:27 | 000,000,961 | ---- | M] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2010/11/11 19:55:17 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/11/11 18:45:18 | 000,001,407 | ---- | M] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/11 18:40:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/11/11 18:33:17 | 000,043,144 | ---- | M] () -- C:\Windows\System32\license.rtf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010/11/19 00:03:59 | 000,002,432 | ---- | C] () -- C:\Users\LUCEK\AppData\Local\TempSk5252.html
[2010/11/19 00:03:59 | 000,002,089 | ---- | C] () -- C:\Users\LUCEK\AppData\Local\TempCL5252.html
[2010/11/18 22:07:13 | 000,001,844 | ---- | C] () -- C:\Users\Public\Desktop\T-Mobile Mobile Broadband Manager.lnk
[2010/11/14 18:41:24 | 000,935,724 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
[2010/11/14 18:34:46 | 000,001,783 | ---- | C] () -- C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Budzik.lnk
[2010/11/14 18:34:45 | 000,000,913 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Budzik.lnk
[2010/11/14 18:24:17 | 000,000,356 | ---- | C] () -- C:\ProgramData\aygda_save.log
[2010/11/14 09:43:30 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.cat
[2010/11/14 09:43:30 | 000,001,473 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.inf
[2010/11/14 09:43:29 | 000,007,873 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.cat
[2010/11/14 09:43:29 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.cat
[2010/11/14 09:43:29 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.cat
[2010/11/14 09:43:29 | 000,007,425 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.cat
[2010/11/14 09:43:29 | 000,007,368 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.cat
[2010/11/14 09:43:29 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.inf
[2010/11/14 09:43:29 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.inf
[2010/11/14 09:43:29 | 000,001,445 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.inf
[2010/11/14 09:43:29 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.inf
[2010/11/14 09:43:29 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.inf
[2010/11/14 09:43:29 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.inf
[2010/11/14 09:43:28 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.cat
[2010/11/14 09:43:28 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.cat
[2010/11/14 09:43:28 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.inf
[2010/11/14 09:42:59 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\isolate.ini
[2010/11/12 21:25:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/11/12 21:24:57 | 000,001,909 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/11 23:57:42 | 000,007,070 | ---- | C] () -- C:\NetworkCfg.xml
[2010/11/11 20:26:56 | 000,007,443 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/11/11 20:26:56 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/11/11 20:25:27 | 000,000,961 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2010/11/11 20:04:53 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/11/11 20:04:53 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp
[2010/11/11 19:55:17 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/11/11 18:45:18 | 000,001,407 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/11 18:40:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/11/11 18:37:41 | 000,000,290 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/11/11 18:37:41 | 000,000,272 | ---- | C] () -- C:\Users\LUCEK\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/11/11 18:29:57 | 1602,764,800 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008/10/09 03:32:46 | 001,810,856 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/10/09 03:31:10 | 000,034,856 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006/05/19 18:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

[color=#E56717]========== LOP Check ==========[/color]

[2010/11/19 17:43:24 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Gadu-Gadu 10
[2010/11/13 00:24:57 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Games
[2010/11/14 18:27:25 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\HdO Adventure
[2010/11/18 21:50:34 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\IObit
[2010/11/11 22:24:06 | 000,000,000 | ---D | M] -- C:\Users\LUCEK\AppData\Roaming\Program Files
[2009/07/14 04:53:46 | 000,005,076 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009/06/10 21:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/06/10 21:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/11/19 17:45:12 | 1602,764,800 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/18 22:11:08 | 000,007,070 | ---- | M] () -- C:\NetworkCfg.xml
[2010/11/19 17:45:21 | 2137,022,464 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/13 23:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009/07/13 23:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009/07/13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/07/14 01:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009/07/14 01:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/10/28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 05:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 01:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

< End of report >
[/log]

Tomek01
komentarz
komentarz

Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.

lucyfer29
komentarz
komentarz

[attachment=13378:mbam-log-2010-11-21 (23-19-45).txt]

Tomek01
komentarz
komentarz

Czy mówisz o tym: C:\Program Files\T-Mobile Mobile Broadband Manager ?

W takim razie w OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
PRC - [2009/07/16 14:52:06 | 000,691,200 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\UIMain.exe
PRC - [2009/07/16 14:47:34 | 000,559,104 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\CMUpdater.exe
PRC - [2009/07/16 14:43:04 | 000,241,664 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe
PRC - [2009/07/16 14:42:20 | 000,132,608 | ---- | M] () -- C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exePRC - [2009/05/22 09:08:38 | 000,724,992 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\T-Mobile Mobile Broadband Manager\bmop.exe
PRC - [2009/05/22 09:08:38 | 000,380,928 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\T-Mobile Mobile Broadband Manager\bmctl.exe
SRV - [2009/07/16 14:43:04 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe -- (UI Assistant Service)
FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile Mobile Broadband Manager\addon [2010/11/18 22:07:16 | 000,000,000 | ---D | M]
[2010/10/27 05:24:34 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/10/27 05:24:34 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/10/27 05:24:34 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/10/27 05:24:34 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

:Files
C:\Users\LUCEK\AppData\Local\Temp*.html
bmop.exe\alldrivers

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT.

Podczas edycji postu, masz zakładkę Dodatki i tam możesz wstawić te logi.

lucyfer29
komentarz
komentarz

[log]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
No active process named UIMain.exe was found!
No active process named CMUpdater.exe was found!
Process AssistantServices.exe killed successfully!
No active process named bmop.exe was found!
No active process named bmctl.exe was found!
Service UI Assistant Service stopped successfully!
Service UI Assistant Service deleted successfully!
C:\Program Files\T-Mobile Mobile Broadband Manager\AssistantServices.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com deleted successfully.
C:\Program Files\T-Mobile Mobile Broadband Manager\addon\components folder moved successfully.
C:\Program Files\T-Mobile Mobile Broadband Manager\addon\chrome\content folder moved successfully.
C:\Program Files\T-Mobile Mobile Broadband Manager\addon\chrome folder moved successfully.
C:\Program Files\T-Mobile Mobile Broadband Manager\addon folder moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml moved successfully.
========== FILES ==========
C:\Users\LUCEK\AppData\Local\TempCL5252.html moved successfully.
C:\Users\LUCEK\AppData\Local\TempSk5252.html moved successfully.
File\Folder bmop.exe\alldrivers not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LUCEK
->Temp folder emptied: 13527229 bytes
->Temporary Internet Files folder emptied: 59988702 bytes
->FireFox cache emptied: 36611180 bytes
->Flash cache emptied: 10485 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5920661 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 111.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11222010_215052

Files\Folders moved on Reboot...[/log]

tak to t-mobile

[log]
Run by LUCEK at 2010-11-22 22:07:43
Microsoft Windows 7 Ultimate
System drive C: has 38 GB (72%) free of 53 GB
Total RAM: 2038 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:09:11, on 22/11/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Budzik\budzik.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\UIMain.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\CMUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\LUCEK\Desktop\RSIT.exe
C:\Program Files\trend micro\LUCEK.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\bmctl.exe
C:\Program Files\T-Mobile Mobile Broadband Manager\bmop.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9098C3E4-955C-4686-ABCF-41BAB4E5A6CC}: NameServer = 149.254.230.7 149.254.199.126
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe

--
End of file - 4556 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-03 396144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL [2009-11-17 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-03 396144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-10-25 212992]
"UIExec"=C:\Program Files\T-Mobile Mobile Broadband Manager\UIExec.exe [2009-07-16 132608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

C:\Users\LUCEK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Budzik.lnk - C:\Program Files\Budzik\budzik.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-22 21:50:52 ----D---- C:\_OTL
2010-11-21 22:35:56 ----D---- C:\Users\LUCEK\AppData\Roaming\Malwarebytes
2010-11-21 22:35:42 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-11-21 22:35:40 ----D---- C:\ProgramData\Malwarebytes
2010-11-21 22:35:40 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-11-21 22:35:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-19 19:28:21 ----D---- C:\rsit
2010-11-19 19:00:34 ----D---- C:\Program Files\trend micro
2010-11-19 00:01:48 ----D---- C:\Users\LUCEK\AppData\Roaming\Gadu-Gadu 10
2010-11-19 00:01:27 ----D---- C:\ProgramData\Gadu-Gadu 10
2010-11-19 00:00:45 ----D---- C:\Program Files\Gadu-Gadu 10
2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbser6k.sys
2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbnmea.sys
2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\ZTEusbmdm6k.sys
2010-11-18 22:07:32 ----A---- C:\Windows\system32\drivers\massfilter.sys
2010-11-18 22:07:12 ----D---- C:\Program Files\T-Mobile Mobile Broadband Manager
2010-11-18 21:50:34 ----D---- C:\Users\LUCEK\AppData\Roaming\IObit
2010-11-14 18:34:44 ----D---- C:\Program Files\Budzik
2010-11-14 18:30:48 ----D---- C:\Program Files\Mystery Case Files Return to Ravenhearst
2010-11-14 18:30:21 ----D---- C:\Program Files\Mystery Case Files - Return to Ravenhearst
2010-11-14 18:29:06 ----D---- C:\Program Files\Games
2010-11-14 18:27:25 ----D---- C:\Users\LUCEK\AppData\Roaming\HdO Adventure
2010-11-14 18:26:12 ----D---- C:\Program Files\Treasure Island The Golden Bug
2010-11-14 18:23:49 ----D---- C:\Program Files\Angela Young 2 - Escape the Dreamscape
2010-11-13 00:24:57 ----D---- C:\Users\LUCEK\AppData\Roaming\Games
2010-11-13 00:23:52 ----D---- C:\Program Files\Department 42 - The Mystery of Nine
2010-11-13 00:23:28 ----D---- C:\Program Files\Department 42 - The Mystery of the Nine
2010-11-12 21:25:20 ----D---- C:\Users\LUCEK\AppData\Roaming\Mozilla
2010-11-12 21:24:48 ----D---- C:\Program Files\Mozilla Firefox
2010-11-12 02:29:00 ----D---- C:\Windows\Panther
2010-11-11 22:24:06 ----D---- C:\Users\LUCEK\AppData\Roaming\Program Files
2010-11-11 22:23:58 ----A---- C:\Windows\system32\sporder.dll
2010-11-11 22:23:58 ----A---- C:\Windows\system32\drivers\tcpipBM.sys
2010-11-11 22:23:58 ----A---- C:\Windows\system32\drivers\BMLoad.sys
2010-11-11 22:23:58 ----A---- C:\Windows\system32\bmutil.dll
2010-11-11 22:23:58 ----A---- C:\Windows\system32\bmnet.dll
2010-11-11 22:23:58 ----A---- C:\Windows\system32\bminstall.dll
2010-11-11 22:23:52 ----D---- C:\Windows\system32\SupportAppCB
2010-11-11 22:23:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-11 21:07:14 ----D---- C:\Windows\pss
2010-11-11 20:28:12 ----D---- C:\Users\LUCEK\AppData\Roaming\WinRAR
2010-11-11 20:26:58 ----RA---- C:\Windows\system32\GEARAspi.dll
2010-11-11 20:26:58 ----RA---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2010-11-11 20:26:58 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-11 20:26:56 ----A---- C:\Windows\system32\drivers\SYMEVENT.SYS
2010-11-11 20:26:55 ----D---- C:\Program Files\Symantec
2010-11-11 20:26:55 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-11-11 20:26:53 ----D---- C:\ProgramData\Symantec
2010-11-11 20:26:17 ----D---- C:\Windows\system32\drivers\N360
2010-11-11 20:26:13 ----D---- C:\Program Files\Norton 360
2010-11-11 20:26:12 ----D---- C:\ProgramData\Norton
2010-11-11 20:25:26 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-11-11 20:25:25 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-11 20:24:53 ----D---- C:\Program Files\Winamp Detect
2010-11-11 20:24:47 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-11-11 20:24:45 ----D---- C:\Users\LUCEK\AppData\Roaming\Winamp
2010-11-11 20:24:45 ----D---- C:\Program Files\Winamp
2010-11-11 20:24:23 ----D---- C:\ProgramData\NortonInstaller
2010-11-11 20:24:23 ----D---- C:\Program Files\NortonInstaller
2010-11-11 20:24:15 ----D---- C:\Program Files\WinRAR
2010-11-11 20:23:08 ----D---- C:\Program Files\UltraISO
2010-11-11 20:23:08 ----D---- C:\Program Files\Common Files\EZB Systems
2010-11-11 20:20:29 ----A---- C:\Windows\system32\mdimon.dll
2010-11-11 20:20:01 ----A---- C:\Windows\system32\msonpmon.dll
2010-11-11 20:16:03 ----D---- C:\Program Files\Microsoft Works
2010-11-11 20:15:24 ----D---- C:\Program Files\Microsoft Visual Studio
2010-11-11 20:15:23 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-11 20:14:45 ----D---- C:\Windows\PCHEALTH
2010-11-11 20:14:45 ----D---- C:\Program Files\Microsoft.NET
2010-11-11 20:11:45 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-11-11 20:09:45 ----D---- C:\Program Files\Microsoft Office
2010-11-11 20:09:43 ----D---- C:\ProgramData\Microsoft Help
2010-11-11 20:09:29 ----SHD---- C:\Windows\Installer
2010-11-11 20:08:48 ----RHD---- C:\MSOCache
2010-11-11 20:04:53 ----D---- C:\Windows\system32\Lang
2010-11-11 20:04:53 ----A---- C:\Windows\system32\TVWizudlg.exe
2010-11-11 20:04:53 ----A---- C:\Windows\system32\igfxtvcx.dll
2010-11-11 20:04:52 ----D---- C:\Program Files\Intel
2010-11-11 19:59:59 ----A---- C:\Windows\system32\msv1_0.dll
2010-11-11 19:58:26 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-11-11 19:58:26 ----A---- C:\Windows\system32\PresentationHost.exe
2010-11-11 19:58:26 ----A---- C:\Windows\system32\netfxperf.dll
2010-11-11 19:58:26 ----A---- C:\Windows\system32\mscoree.dll
2010-11-11 19:58:26 ----A---- C:\Windows\system32\dfshim.dll
2010-11-11 19:55:47 ----A---- C:\Windows\system32\MRT.exe
2010-11-11 19:55:13 ----D---- C:\Program Files\Apoint2K
2010-11-11 19:53:54 ----D---- C:\Windows\system32\x64
2010-11-11 19:53:54 ----A---- C:\Windows\system32\igxpun.exe
2010-11-11 19:53:19 ----N---- C:\Windows\system32\MpSigStub.exe
2010-11-11 19:53:03 ----D---- C:\Program Files\CONEXANT
2010-11-11 19:52:26 ----A---- C:\Windows\system32\tzres.dll
2010-11-11 19:52:23 ----A---- C:\Windows\system32\shell32.dll
2010-11-11 19:52:23 ----A---- C:\Windows\system32\lsasrv.dll
2010-11-11 19:52:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-11-11 19:52:21 ----A---- C:\Windows\system32\rtutils.dll
2010-11-11 19:52:18 ----A---- C:\Windows\system32\winresume.exe
2010-11-11 19:52:18 ----A---- C:\Windows\system32\winload.exe
2010-11-11 19:52:18 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-11-11 19:52:18 ----A---- C:\Windows\system32\CertEnroll.dll
2010-11-11 19:52:12 ----A---- C:\Windows\system32\ole32.dll
2010-11-11 19:52:11 ----A---- C:\Windows\system32\mshtml.dll
2010-11-11 19:52:10 ----A---- C:\Windows\system32\ieframe.dll
2010-11-11 19:52:09 ----A---- C:\Windows\system32\urlmon.dll
2010-11-11 19:52:09 ----A---- C:\Windows\system32\mstime.dll
2010-11-11 19:52:09 ----A---- C:\Windows\system32\msfeeds.dll
2010-11-11 19:52:09 ----A---- C:\Windows\system32\iertutil.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\wininet.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\mshtmled.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\msfeedssync.exe
2010-11-11 19:52:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\licmgr10.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\jsproxy.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\ieui.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\iepeers.dll
2010-11-11 19:52:08 ----A---- C:\Windows\system32\iedkcs32.dll
2010-11-11 19:52:07 ----A---- C:\Windows\system32\mfc40u.dll
2010-11-11 19:52:07 ----A---- C:\Windows\system32\mfc40.dll
2010-11-11 19:52:06 ----A---- C:\Windows\system32\msasn1.dll
2010-11-11 19:52:05 ----A---- C:\Windows\system32\wmp.dll
2010-11-11 19:52:04 ----A---- C:\Windows\system32\wmploc.DLL
2010-11-11 19:52:03 ----A---- C:\Windows\system32\winlogon.exe
2010-11-11 19:52:03 ----A---- C:\Windows\system32\spoolsv.exe
2010-11-11 19:52:03 ----A---- C:\Windows\explorer.exe
2010-11-11 19:52:02 ----A---- C:\Windows\system32\wmpmde.dll
2010-11-11 19:52:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-11-11 19:52:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-11-11 19:51:59 ----A---- C:\Windows\system32\srvsvc.dll
2010-11-11 19:51:59 ----A---- C:\Windows\system32\kernel32.dll
2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-11-11 19:51:59 ----A---- C:\Windows\system32\drivers\srv.sys
2010-11-11 19:51:58 ----A---- C:\Windows\system32\apphelp.dll
2010-11-11 19:51:57 ----A---- C:\Windows\system32\inetcomm.dll
2010-11-11 19:51:57 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-11-11 19:51:56 ----A---- C:\Windows\system32\quartz.dll
2010-11-11 19:51:56 ----A---- C:\Windows\system32\msvidc32.dll
2010-11-11 19:51:56 ----A---- C:\Windows\system32\mciavi32.dll
2010-11-11 19:51:56 ----A---- C:\Windows\system32\avifil32.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\win32k.sys
2010-11-11 19:51:55 ----A---- C:\Windows\system32\tsbyuv.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\schannel.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\msyuv.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\msrle32.dll
2010-11-11 19:51:55 ----A---- C:\Windows\system32\iyuv_32.dll
2010-11-11 19:51:54 ----A---- C:\Windows\system32\jscript.dll
2010-11-11 19:51:54 ----A---- C:\Windows\system32\comctl32.dll
2010-11-11 19:51:53 ----A---- C:\Windows\system32\msxml3.dll
2010-11-11 19:51:53 ----A---- C:\Windows\system32\ir32_32.dll
2010-11-11 19:51:53 ----A---- C:\Windows\system32\iccvid.dll
2010-11-11 19:51:52 ----A---- C:\Windows\system32\t2embed.dll
2010-11-11 19:51:52 ----A---- C:\Windows\system32\asycfilt.dll
2010-11-11 19:51:51 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-11-11 19:51:50 ----A---- C:\Windows\system32\vbscript.dll
2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-11-11 19:51:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-11-11 19:51:08 ----A---- C:\Windows\system32\wintrust.dll
2010-11-11 19:48:53 ----A---- C:\Windows\system32\fontsub.dll
2010-11-11 19:48:53 ----A---- C:\Windows\system32\atmlib.dll
2010-11-11 19:48:53 ----A---- C:\Windows\system32\atmfd.dll
2010-11-11 19:48:33 ----A---- C:\Windows\system32\cabview.dll
2010-11-11 18:45:58 ----D---- C:\Users\LUCEK\AppData\Roaming\Macromedia
2010-11-11 18:45:58 ----D---- C:\Users\LUCEK\AppData\Roaming\Adobe
2010-11-11 18:45:56 ----D---- C:\Windows\system32\Macromed
2010-11-11 18:43:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-11 18:39:12 ----D---- C:\Users\LUCEK\AppData\Roaming\Identities
2010-11-11 18:37:40 ----SD---- C:\Users\LUCEK\AppData\Roaming\Microsoft
2010-11-11 18:37:40 ----D---- C:\Users\LUCEK\AppData\Roaming\Media Center Programs
2010-11-11 18:37:06 ----SHD---- C:\Recovery
2010-11-11 18:33:03 ----D---- C:\Windows\SoftwareDistribution
2010-11-11 18:30:46 ----D---- C:\Windows\Prefetch
2010-11-11 18:30:00 ----ASH---- C:\pagefile.sys
2010-11-11 18:29:57 ----SHD---- C:\System Volume Information
2010-11-11 18:29:57 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 months======

2010-11-22 22:07:41 ----D---- C:\Windows\Temp
2010-11-22 22:06:38 ----D---- C:\Windows\system32\config
2010-11-21 22:35:42 ----D---- C:\Windows\system32\drivers
2010-11-21 22:35:40 ----HD---- C:\ProgramData
2010-11-21 22:35:39 ----RD---- C:\Program Files
2010-11-19 17:43:36 ----D---- C:\Windows\system32\wdi
2010-11-19 00:01:18 ----D---- C:\Windows\winsxs
2010-11-18 22:11:33 ----D---- C:\Windows\System32
2010-11-18 22:11:33 ----D---- C:\Windows\inf
2010-11-18 22:07:39 ----D---- C:\Windows\system32\DriverStore
2010-11-17 23:05:43 ----D---- C:\Windows\system32\Tasks
2010-11-14 13:01:46 ----D---- C:\Windows\rescache
2010-11-14 12:58:44 ----D---- C:\Windows\Logs
2010-11-12 23:02:03 ----D---- C:\Windows\Microsoft.NET
2010-11-12 23:01:49 ----RSD---- C:\Windows\assembly
2010-11-12 21:25:23 ----D---- C:\Windows
2010-11-11 22:39:04 ----D---- C:\Windows\ModemLogs
2010-11-11 22:24:22 ----D---- C:\Windows\system32\catroot
2010-11-11 21:08:36 ----D---- C:\Windows\system32\catroot2
2010-11-11 20:26:55 ----D---- C:\Program Files\Common Files
2010-11-11 20:24:42 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-11 20:20:47 ----SD---- C:\ProgramData\Microsoft
2010-11-11 20:15:45 ----D---- C:\Program Files\MSBuild
2010-11-11 20:15:19 ----D---- C:\Windows\ShellNew
2010-11-11 20:14:56 ----RSD---- C:\Windows\Fonts
2010-11-11 20:10:48 ----A---- C:\Windows\win.ini
2010-11-11 20:10:40 ----D---- C:\Program Files\Common Files\System
2010-11-11 20:03:02 ----D---- C:\Windows\system32\migration
2010-11-11 20:03:02 ----D---- C:\Program Files\Internet Explorer
2010-11-11 20:03:01 ----D---- C:\Windows\system32\en-US
2010-11-11 20:03:01 ----D---- C:\Windows\system32\Boot
2010-11-11 20:03:01 ----D---- C:\Windows\ehome
2010-11-11 20:03:01 ----D---- C:\Program Files\Windows Mail
2010-11-11 20:03:00 ----D---- C:\Program Files\Windows Media Player
2010-11-11 20:00:24 ----D---- C:\Windows\twain_32
2010-11-11 19:55:48 ----D---- C:\Windows\debug
2010-11-11 19:52:34 ----D---- C:\Windows\system32\restore
2010-11-11 19:47:59 ----D---- C:\Windows\system32\CodeIntegrity
2010-11-11 18:45:58 ----D---- C:\Windows\Downloaded Program Files
2010-11-11 18:42:29 ----D---- C:\Windows\system32\wbem
2010-11-11 18:40:49 ----D---- C:\Windows\system32\drivers\UMDF
2010-11-11 18:39:10 ----SHD---- C:\$Recycle.Bin
2010-11-11 18:37:40 ----RD---- C:\Users
2010-11-11 18:32:28 ----D---- C:\Windows\system32\sysprep
2010-11-11 18:30:43 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys [2010-11-04 691248]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-11-11 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSvix86.sys [2010-10-19 353840]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2007-04-13 68096]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-17 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-10-29 162088]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-02-26 201728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-11 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-02-12 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-02-12 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101122.002\NAVENG.SYS [2010-11-11 86064]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101122.002\NAVEX15.SYS [2010-11-11 1371184]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2008-07-22 51200]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1810856]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS [2010-04-22 325680]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-11-11 124976]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-02-12 661504]
R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-05-22 104960]
R3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2009-05-22 105344]
R3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2009-05-22 104960]
S0 BMLoad;Bytemobile Boot Time Load Driver; C:\Windows\system32\drivers\BMLoad.sys [2009-05-22 22528]
S1 tcpipBM;Bytemobile Kernel Network Provider; C:\Windows\system32\drivers\tcpipBM.sys [2009-05-22 18816]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-05-22 9728]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------
[/log]

ale procesor szaleje dalej jak uruchomie internet t-mobile
w menadzerze jest to plik bmop.exe - optimization proxy i to on tak szaleje zabiera 50% zuzycia procesora i jest to zwiazane z tym internetem

Tomek01
komentarz
komentarz

Pobierz [b][url=http://www.instalki.pl/programy/download/antyspyware/get.php?file=avenger]Avenger[/url][/b]
W polu input script here wklej taki tekst :


[code]Files to delete:
C:\Windows\system32\drivers\BMLoad.sys
C:\Windows\system32\drivers\tcpipBM.sys

Drivers to delete:
BMLoad
tcpipBM[/code]

Klikasz execute, komputer uruchamia się ponownie i generuje raport, który pokaż na forum

Powiedz czy jest poprawa ?

lucyfer29
komentarz
komentarz

[log]Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\Windows\system32\drivers\BMLoad.sys" deleted successfully.
File "C:\Windows\system32\drivers\tcpipBM.sys" deleted successfully.
Driver "BMLoad" deleted successfully.
Driver "tcpipBM" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
[/log]

no wszystko jest teraz ok, wielkie dzieki :)

mozesz mi powiedziec co to bylo?? i jeszcze raz dziekuje, bo juz mialem dosyc tego wiatraczka od procesora...

Tomek01
komentarz
komentarz

Po prostu zostały usługi uruchamiające sterowniki i wpisy w rejestrze. Trzeba je było usunąć ;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.