droxien utworzono 28 marca 2009 utworzono 28 marca 2009 (edytowane) Witam. Od jakiegoś czasu nęka mnie jakiś robak/wirus, który rozłącza mi często internet. Do tego wszystko strasznie muli. Chciałbym uniknąć formata, dlatego zwracam się do Was. Logi z Combofix: ComboFix 09-03-27.02 - Kaczaza 2009-03-28 22:12:10.4 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.2038.1331 [GMT 1:00] Uruchomiony z: c:\programy\ComboFix.exe * Utworzono nowy punkt przywracania * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_PCIDump ((((((((((((((((((((((((( Pliki utworzone od 2009-02-28 do 2009-03-28 ))))))))))))))))))))))))))))))) . 2009-03-24 18:53 . 2009-03-24 18:53 <DIR> d-------- c:\program files\ESET 2009-03-24 18:53 . 2009-03-24 18:53 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\ESET 2009-03-23 21:52 . 2009-03-23 21:52 38 --a------ c:\windows\avisplitter.INI 2009-03-15 18:56 . 2009-03-15 19:55 <DIR> d-------- C:\Pojutrze DVD 2009-03-14 20:11 . 2009-03-14 20:12 <DIR> d-------- C:\Nowe Gadu Gadu 2009-03-14 12:20 . 2009-03-14 12:20 <DIR> d-------- c:\program files\XnView 2009-03-14 12:20 . 2009-03-14 12:32 <DIR> d-------- c:\documents and settings\Kaczaza\Dane aplikacji\XnView 2009-03-14 12:08 . 2009-03-14 12:08 <DIR> d-------- c:\program files\AtomInterSoft 2009-03-14 12:08 . 2000-12-08 22:59 122,880 --a------ c:\windows\UnGins.exe 2009-03-10 00:26 . 2009-03-10 00:26 <DIR> d-------- c:\documents and settings\Kaczaza\Dane aplikacji\IrfanView 2009-03-04 20:16 . 2008-04-14 18:20 159,232 --a------ c:\windows\system32\ptpusd.dll 2009-03-04 20:16 . 2001-10-26 17:29 5,632 --a------ c:\windows\system32\ptpusb.dll 2009-03-03 13:08 . 2009-03-03 13:08 <DIR> d-------- C:\Gwiezdny Zaprzęg . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-28 19:32 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\uTorrent 2009-03-28 18:04 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\Skype 2009-03-28 17:27 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\skypePM 2009-03-23 21:00 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2009-03-23 20:58 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\avg8 2009-03-21 13:12 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\Vso 2009-03-16 19:21 --------- d-----w c:\program files\FastStone Image Viewer 2009-03-10 18:54 --------- d-----w c:\program files\uTorrent 2009-03-06 21:16 --------- d-----w c:\program files\Lx_cats 2009-03-06 21:13 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\Lexmark Productivity Studio 2009-03-03 16:02 --------- d-----w c:\program files\Lexmark 2500 Series 2009-02-22 12:23 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\FastStone 2009-02-14 08:34 --------- d-----w c:\program files\WhereIsIt 2009-02-14 08:33 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\WhereIsIt 2009-02-09 17:29 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\Nowe Gadu-Gadu 2009-02-06 20:27 --------- d-----w c:\program files\FlashFXP 2009-02-06 20:27 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\FlashFXP 2009-02-06 13:24 93,336 ----a-w c:\windows\system32\drivers\epfwtdir.sys 2009-02-06 13:23 106,208 ----a-w c:\windows\system32\drivers\ehdrv.sys 2009-02-06 13:19 113,448 ----a-w c:\windows\system32\drivers\eamon.sys 2009-02-06 10:37 --------- d-----w c:\program files\PhotoFiltre Studio 2008-12-31 19:30 73,216 ----a-w c:\windows\ST6UNST.EXE 2008-12-31 19:30 286,720 ------w c:\windows\Setup1.exe 2008-07-12 16:01 32,768 --sha-w c:\windows\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Feeds Cache\index.dat 2008-11-06 07:23 32,768 --sha-w c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008110620081107\index.dat . ((((((((((((((((((((((((((((( snapshot@2008-12-01_ 0.06.58.04 ))))))))))))))))))))))))))))))))))))))))) . + 2008-10-03 09:50:54 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll + 2007-11-30 12:40:46 19,320 ----a-w c:\windows\$hf_mig$\KB954600\spmsg.dll + 2007-11-30 12:40:46 234,360 ----a-w c:\windows\$hf_mig$\KB954600\spuninst.exe + 2007-11-30 12:40:46 26,488 ----a-w c:\windows\$hf_mig$\KB954600\update\spcustom.dll + 2007-11-30 12:40:47 763,256 ----a-w c:\windows\$hf_mig$\KB954600\update\update.exe + 2007-11-30 12:40:47 398,200 ----a-w c:\windows\$hf_mig$\KB954600\update\updspapi.dll + 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe + 2007-11-30 12:40:46 19,320 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll + 2007-11-30 12:40:46 234,360 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe + 2007-11-30 12:40:46 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll + 2007-11-30 12:40:47 763,256 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe + 2007-11-30 12:40:47 398,200 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll + 2008-10-23 12:45:12 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll + 2008-07-08 13:20:04 19,320 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll + 2008-07-08 13:20:05 234,360 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe + 2008-07-08 13:20:04 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll + 2008-07-09 07:57:15 763,256 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe + 2008-07-09 07:57:23 398,200 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll + 2008-10-16 19:49:06 124,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\advpack.dll + 2008-10-16 19:49:06 347,136 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtmsft.dll + 2008-10-16 19:49:06 214,528 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtrans.dll + 2008-10-16 19:49:06 132,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\extmgr.dll + 2008-10-16 19:49:06 63,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\icardie.dll + 2008-10-16 12:46:08 70,656 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe + 2008-10-16 19:49:06 153,088 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakeng.dll + 2008-10-16 19:49:07 230,400 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieaksie.dll + 2008-10-15 06:33:26 161,792 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakui.dll + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dat + 2008-10-16 19:49:07 380,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dll + 2008-10-16 19:49:08 388,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll + 2008-10-16 19:49:12 6,068,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll + 2008-10-16 19:49:12 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iernonce.dll + 2008-10-16 19:49:13 267,776 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll + 2008-10-16 12:46:08 13,824 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe + 2008-10-15 06:34:58 633,632 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe + 2008-10-16 19:49:14 27,648 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\jsproxy.dll + 2008-10-16 19:49:15 459,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeeds.dll + 2008-10-16 19:49:15 52,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeedsbs.dll + 2008-10-16 19:49:22 3,595,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll + 2008-10-16 19:49:23 477,696 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtmled.dll + 2008-10-16 19:49:23 193,024 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll + 2008-10-16 19:49:24 671,232 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mstime.dll + 2008-10-16 19:49:24 102,912 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\occache.dll + 2008-10-16 19:49:24 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\pngfilt.dll + 2008-10-16 19:49:24 105,984 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\url.dll + 2008-10-16 19:49:25 1,163,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\urlmon.dll + 2008-10-16 19:49:26 233,472 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\webcheck.dll + 2008-10-16 19:49:27 827,904 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll + 2007-03-06 03:28:33 16,096 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spmsg.dll + 2007-03-06 03:28:39 216,288 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spuninst.exe + 2007-03-06 03:28:31 22,752 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\spcustom.dll + 2007-03-06 03:28:58 723,680 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\update.exe + 2007-03-06 03:29:50 386,784 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\updspapi.dll + 2008-12-11 12:33:59 333,952 ----a-w c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys + 2007-11-30 12:40:46 19,320 ----a-w c:\windows\$hf_mig$\KB958687\spmsg.dll + 2007-11-30 12:40:46 234,360 ----a-w c:\windows\$hf_mig$\KB958687\spuninst.exe + 2007-11-30 12:40:46 26,488 ----a-w c:\windows\$hf_mig$\KB958687\update\spcustom.dll + 2007-11-30 12:40:47 763,256 ----a-w c:\windows\$hf_mig$\KB958687\update\update.exe + 2007-11-30 12:40:47 398,200 ----a-w c:\windows\$hf_mig$\KB958687\update\updspapi.dll + 2008-12-13 06:28:15 3,594,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll + 2007-03-06 03:28:33 16,096 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spmsg.dll + 2007-03-06 03:28:39 216,288 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spuninst.exe + 2007-03-06 03:28:31 22,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\spcustom.dll + 2007-03-06 03:28:57 723,680 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\update.exe + 2007-03-06 03:29:49 386,784 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\updspapi.dll + 2008-07-09 07:57:12 19,320 ----a-w c:\windows\$hf_mig$\KB960715\spmsg.dll + 2008-07-09 07:57:13 234,360 ----a-w c:\windows\$hf_mig$\KB960715\spuninst.exe + 2008-07-09 07:57:12 26,488 ----a-w c:\windows\$hf_mig$\KB960715\update\spcustom.dll + 2008-11-15 17:19:17 763,256 ----a-w c:\windows\$hf_mig$\KB960715\update\update.exe + 2008-07-09 07:57:23 398,200 ----a-w c:\windows\$hf_mig$\KB960715\update\updspapi.dll + 2008-12-20 23:48:45 124,928 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\advpack.dll + 2008-12-20 23:48:45 347,136 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\dxtmsft.dll + 2008-12-20 23:48:45 214,528 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\dxtrans.dll + 2008-12-20 23:48:45 132,608 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\extmgr.dll + 2008-12-20 23:48:45 63,488 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\icardie.dll + 2008-12-19 09:41:51 70,656 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ie4uinit.exe + 2008-12-20 23:48:45 153,088 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieakeng.dll + 2008-12-20 23:48:46 230,400 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieaksie.dll + 2008-12-19 05:24:02 161,792 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieakui.dll + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieapfltr.dat + 2008-12-20 23:48:46 380,928 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieapfltr.dll + 2008-12-20 23:48:46 388,608 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iedkcs32.dll + 2008-12-20 23:48:48 6,068,736 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieframe.dll + 2008-12-20 23:48:48 44,544 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iernonce.dll + 2008-12-20 23:48:48 267,776 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iertutil.dll + 2008-12-19 09:41:52 13,824 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieudinit.exe + 2008-12-19 05:25:30 634,024 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe + 2008-12-20 23:48:49 27,648 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\jsproxy.dll + 2008-12-20 23:48:49 459,264 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msfeeds.dll + 2008-12-20 23:48:49 52,224 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msfeedsbs.dll + 2009-01-16 16:21:42 3,596,288 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll + 2008-12-20 23:48:52 477,696 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtmled.dll + 2008-12-20 23:48:52 193,024 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msrating.dll + 2008-12-20 23:48:53 671,232 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mstime.dll + 2008-12-20 23:48:53 102,912 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\occache.dll + 2008-12-20 23:48:53 44,544 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\pngfilt.dll + 2008-12-20 23:48:53 105,984 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\url.dll + 2008-12-20 23:48:54 1,163,264 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\urlmon.dll + 2008-12-20 23:48:54 233,472 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\webcheck.dll + 2008-12-20 23:48:54 827,904 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll + 2007-03-06 03:28:35 16,096 ----a-w c:\windows\$hf_mig$\KB961260-IE7\spmsg.dll + 2007-03-06 03:28:40 216,288 ----a-w c:\windows\$hf_mig$\KB961260-IE7\spuninst.exe + 2007-03-06 03:28:33 22,752 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\spcustom.dll + 2007-03-06 03:28:58 723,680 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\update.exe + 2007-03-06 03:29:50 386,784 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\updspapi.dll + 2008-06-17 19:04:53 8,490,496 ----a-w c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll + 2008-07-09 07:57:12 19,320 ----a-w c:\windows\$hf_mig$\KB967715\spmsg.dll + 2008-07-09 07:57:13 234,360 ----a-w c:\windows\$hf_mig$\KB967715\spuninst.exe + 2008-07-09 07:57:12 26,488 ----a-w c:\windows\$hf_mig$\KB967715\update\spcustom.dll + 2008-07-09 07:57:15 763,256 ----a-w c:\windows\$hf_mig$\KB967715\update\update.exe + 2008-07-09 07:57:23 398,200 ----a-w c:\windows\$hf_mig$\KB967715\update\updspapi.dll + 2005-01-28 11:44:28 96,768 -c----w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe + 2007-07-27 06:36:18 234,360 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe + 2007-07-27 08:41:48 382,840 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll + 2005-01-28 11:44:28 1,027,072 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll + 2006-12-07 05:29:34 2,374,472 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll + 2007-11-30 12:40:46 234,360 -c----w c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe + 2007-11-30 12:40:47 398,200 -c----w c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll + 2008-04-14 17:20:56 246,814 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll + 2007-11-30 12:40:46 234,360 -c----w c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe + 2007-11-30 12:40:47 398,200 -c----w c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll + 2008-04-14 17:21:45 60,416 -c----w c:\windows\$NtUninstallKB955839$\tzchange.exe + 2008-04-14 17:20:31 285,184 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll + 2008-07-08 13:20:05 234,360 -c----w c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe + 2008-07-09 07:57:23 398,200 -c----w c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll + 2007-11-30 12:40:46 234,360 -c----w c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe + 2007-11-30 12:40:47 398,200 -c----w c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll + 2008-09-08 10:41:42 333,824 -c----w c:\windows\$NtUninstallKB958687$\srv.sys + 2008-07-09 07:57:13 234,360 -c----w c:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe + 2008-07-09 07:57:23 398,200 -c----w c:\windows\$NtUninstallKB960715$\spuninst\updspapi.dll + 2008-04-14 17:20:47 8,489,984 -c----w c:\windows\$NtUninstallKB967715$\shell32.dll + 2008-07-09 07:57:13 234,360 -c----w c:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe + 2008-07-09 07:57:23 398,200 -c----w c:\windows\$NtUninstallKB967715$\spuninst\updspapi.dll + 2008-08-26 08:26:55 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll + 2008-08-26 08:26:55 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll + 2008-08-26 08:26:55 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll + 2008-08-26 08:26:55 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll + 2008-08-26 08:26:55 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll + 2008-08-25 08:42:17 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe + 2008-08-26 08:26:55 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll + 2008-08-26 08:26:56 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll + 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll + 2008-08-26 08:26:56 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll + 2008-08-26 08:26:56 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll + 2008-10-03 17:26:30 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll + 2008-08-26 08:26:58 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll + 2008-08-26 08:26:58 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll + 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe + 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe + 2008-08-26 08:26:58 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll + 2008-08-26 08:26:59 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll + 2008-08-26 08:26:59 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll + 2008-08-27 09:27:02 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll + 2008-08-26 08:27:00 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll + 2008-08-26 08:27:00 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll + 2008-08-26 08:27:00 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll + 2008-08-26 08:27:00 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll + 2008-08-26 08:27:00 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll + 2007-03-06 03:28:39 216,288 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe + 2007-03-06 03:29:50 386,784 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll + 2008-08-26 08:27:01 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll + 2008-08-26 08:27:01 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll + 2008-08-26 08:27:01 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll + 2008-08-26 08:27:02 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll + 2008-10-17 01:03:34 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll + 2007-03-06 03:28:39 216,288 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe + 2007-03-06 03:29:49 386,784 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll + 2008-10-16 20:33:23 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll + 2008-10-16 20:33:23 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll + 2008-10-16 20:33:24 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll + 2008-10-16 20:33:24 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll + 2008-10-16 20:33:24 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll + 2008-10-16 13:15:01 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe + 2008-10-16 20:33:24 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll + 2008-10-16 20:33:24 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll + 2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll + 2008-10-16 20:33:24 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll + 2008-10-16 20:33:25 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll + 2008-10-16 20:33:27 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll + 2008-10-16 20:33:27 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll + 2008-10-16 20:33:28 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll + 2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe + 2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe + 2008-10-16 20:33:29 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll + 2008-10-16 20:33:29 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll + 2008-10-16 20:33:29 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll + 2008-12-13 06:39:17 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll + 2008-10-16 20:33:33 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll + 2008-10-16 20:33:33 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll + 2008-10-16 20:33:33 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll + 2008-10-16 20:33:33 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll + 2008-10-16 20:33:33 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll + 2007-03-06 03:28:40 216,288 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe + 2007-03-06 03:29:50 386,784 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll + 2008-10-16 20:33:33 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll + 2008-10-16 20:33:34 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll + 2008-10-16 20:33:34 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll + 2008-10-16 20:33:34 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll + 2009-03-24 17:54:55 10,134 ----a-r c:\windows\Installer\{09C85E5A-3E10-4268-904C-BACEF16ECEF0}\callmsi.exe + 2009-03-24 17:54:55 101,480 ----a-r c:\windows\Installer\{09C85E5A-3E10-4268-904C-BACEF16ECEF0}\egui.exe - 2008-09-21 15:18:28 53,248 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\ARPPRODUCTICON.exe + 2009-01-01 12:47:27 53,248 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\ARPPRODUCTICON.exe - 2008-09-21 15:18:28 53,248 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\tvsu.exe2_8675339C128C44DD83BF0A5D6ABD8297.exe + 2009-01-01 12:47:27 53,248 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\tvsu.exe2_8675339C128C44DD83BF0A5D6ABD8297.exe - 2008-09-21 15:18:28 49,152 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\tvsu.exe3_8675339C128C44DD83BF0A5D6ABD8297.exe + 2009-01-01 12:47:27 49,152 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\tvsu.exe3_8675339C128C44DD83BF0A5D6ABD8297.exe - 2008-11-12 23:17:28 135,168 ----a-r c:\windows\Installer\{90850415-6000-11D3-8CFE-0150048383C9}\misc.exe + 2008-12-12 11:31:48 135,168 ----a-r c:\windows\Installer\{90850415-6000-11D3-8CFE-0150048383C9}\misc.exe - 2008-11-12 23:17:28 40,960 ----a-r c:\windows\Installer\{90850415-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe + 2008-12-12 11:31:48 40,960 ----a-r c:\windows\Installer\{90850415-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe + 2008-12-17 19:13:39 32,768 ----a-r c:\windows\Installer\{90AF0415-6000-11D3-8CFE-0150048383C9}\ppvwicon.exe - 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe + 2000-08-31 07:00:00 29,696 ----a-w c:\windows\NIRCMD.exe - 2008-08-26 08:26:55 124,928 ----a-w c:\windows\system32\advpack.dll + 2008-12-20 23:03:39 124,928 ----a-w c:\windows\system32\advpack.dll - 2008-08-26 08:26:55 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll + 2008-12-20 23:03:39 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll + 2008-04-13 18:45:14 60,160 ----a-w c:\windows\system32\dllcache\drmk.sys - 2008-08-26 08:26:55 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll + 2008-12-20 23:03:39 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll - 2008-08-26 08:26:55 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll + 2008-12-20 23:03:39 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll - 2008-08-26 08:26:55 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll + 2008-12-20 23:03:39 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll + 2008-10-23 12:42:41 286,720 ------w c:\windows\system32\dllcache\gdi32.dll - 2008-08-26 08:26:55 63,488 ------w c:\windows\system32\dllcache\icardie.dll + 2008-12-20 23:03:40 63,488 ------w c:\windows\system32\dllcache\icardie.dll - 2008-08-25 08:42:17 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe + 2008-12-19 09:13:43 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe - 2008-08-26 08:26:55 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll + 2008-12-20 23:03:40 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll - 2008-08-26 08:26:56 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll + 2008-12-20 23:03:40 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll - 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll + 2008-12-19 05:23:56 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll - 2008-08-26 08:26:56 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll + 2008-12-20 23:03:41 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll - 2008-08-26 08:26:56 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll + 2008-12-20 23:03:41 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll - 2008-10-03 17:26:30 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll + 2008-12-20 23:03:44 6,066,688 ------w c:\windows\system32\dllcache\ieframe.dll - 2008-08-26 08:26:58 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll + 2008-12-20 23:03:45 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll - 2008-08-26 08:26:58 267,776 ------w c:\windows\system32\dllcache\iertutil.dll + 2008-12-20 23:03:45 267,776 ------w c:\windows\system32\dllcache\iertutil.dll - 2008-08-25 08:38:00 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe + 2008-12-19 09:10:15 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe - 2008-08-23 05:56:15 635,848 ----a-w c:\windows\system32\dllcache\iexplore.exe + 2008-12-19 05:25:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe - 2008-08-26 08:26:58 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll + 2008-12-20 23:03:47 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll + 2008-04-13 19:16:36 141,056 ----a-w c:\windows\system32\dllcache\ks.sys - 2005-01-28 11:44:28 96,768 ----a-w c:\windows\system32\dllcache\logagent.exe + 2008-06-10 04:52:04 96,768 ----a-w c:\windows\system32\dllcache\logagent.exe - 2008-08-26 08:26:59 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll + 2008-12-20 23:03:47 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll - 2008-08-26 08:26:59 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll + 2008-12-20 23:03:47 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll - 2008-08-27 09:27:02 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll + 2009-01-16 20:30:38 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll - 2008-08-26 08:27:00 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll + 2008-12-20 23:03:51 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll - 2008-08-26 08:27:00 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll + 2008-12-20 23:03:51 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll - 2008-08-26 08:27:00 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll + 2008-12-20 23:03:51 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll - 2008-08-26 08:27:00 102,912 ----a-w c:\windows\system32\dllcache\occache.dll + 2008-12-20 23:03:51 102,912 ----a-w c:\windows\system32\dllcache\occache.dll - 2008-08-26 08:27:00 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll + 2008-12-20 23:03:51 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll + 2008-04-13 19:19:42 146,048 ----a-w c:\windows\system32\dllcache\portcls.sys + 2008-12-05 06:57:24 144,896 ------w c:\windows\system32\dllcache\schannel.dll + 2008-06-17 19:03:15 8,489,984 ------w c:\windows\system32\dllcache\shell32.dll - 2008-09-08 10:41:42 333,824 ------w c:\windows\system32\dllcache\srv.sys + 2008-12-11 10:57:09 333,952 ------w c:\windows\system32\dllcache\srv.sys + 2008-04-13 18:45:16 49,408 ----a-w c:\windows\system32\dllcache\stream.sys - 2008-04-14 17:20:56 246,814 ------w c:\windows\system32\dllcache\strmdll.dll + 2008-10-03 10:04:40 247,326 ------w c:\windows\system32\dllcache\strmdll.dll - 2008-08-26 08:27:01 105,984 ----a-w c:\windows\system32\dllcache\url.dll + 2008-12-20 23:03:51 105,984 ----a-w c:\windows\system32\dllcache\url.dll - 2008-08-26 08:27:01 1,159,680 ----a-w c:\windows\system32\dllcache\urlmon.dll + 2008-12-20 23:03:52 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll - 2008-08-26 08:27:01 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll + 2008-12-20 23:03:52 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll - 2008-09-15 15:27:56 1,846,656 ------w c:\windows\system32\dllcache\win32k.sys + 2009-02-09 14:07:49 1,847,040 ------w c:\windows\system32\dllcache\win32k.sys - 2008-08-26 08:27:02 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll + 2008-12-20 23:03:53 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll - 2005-01-28 11:44:28 1,027,072 ----a-w c:\windows\system32\dllcache\wmnetmgr.dll + 2008-06-10 05:28:36 1,028,096 ----a-w c:\windows\system32\dllcache\WMNetmgr.dll - 2006-12-07 05:29:34 2,374,472 ----a-w c:\windows\system32\dllcache\wmvcore.dll + 2008-06-10 06:07:24 2,376,760 ----a-w c:\windows\system32\dllcache\WMVCore.dll - 2004-10-19 08:07:22 9,728 ------w c:\windows\system32\drivers\PfModNT.sys + 2005-08-29 10:58:12 9,216 ----a-r c:\windows\system32\drivers\pfmodnt.sys - 2008-04-13 19:19:41 146,048 ----a-w c:\windows\system32\drivers\portcls.sys + 2008-04-13 19:19:42 146,048 ----a-w c:\windows\system32\drivers\portcls.sys - 2008-09-08 10:41:42 333,824 ----a-w c:\windows\system32\drivers\srv.sys + 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys - 2008-04-13 18:45:15 49,408 ----a-w c:\windows\system32\drivers\stream.sys + 2008-04-13 18:45:16 49,408 ----a-w c:\windows\system32\drivers\stream.sys - 2008-08-26 08:26:55 347,136 ----a-w c:\windows\system32\dxtmsft.dll + 2008-12-20 23:03:39 347,136 ----a-w c:\windows\system32\dxtmsft.dll - 2008-08-26 08:26:55 214,528 ----a-w c:\windows\system32\dxtrans.dll + 2008-12-20 23:03:39 214,528 ----a-w c:\windows\system32\dxtrans.dll - 2008-08-26 08:26:55 133,120 ----a-w c:\windows\system32\extmgr.dll + 2008-12-20 23:03:39 133,120 ----a-w c:\windows\system32\extmgr.dll - 2008-11-06 07:22:34 95,072 ----a-w c:\windows\system32\FNTCACHE.DAT + 2009-03-12 07:39:16 95,072 ----a-w c:\windows\system32\FNTCACHE.DAT - 2008-04-14 17:20:31 285,184 ----a-w c:\windows\system32\gdi32.dll + 2008-10-23 12:42:41 286,720 ----a-w c:\windows\system32\gdi32.dll - 2008-08-26 08:26:55 63,488 ----a-w c:\windows\system32\icardie.dll + 2008-12-20 23:03:40 63,488 ----a-w c:\windows\system32\icardie.dll - 2008-08-25 08:42:17 70,656 ----a-w c:\windows\system32\ie4uinit.exe + 2008-12-19 09:13:43 70,656 ----a-w c:\windows\system32\ie4uinit.exe - 2008-08-26 08:26:55 153,088 ----a-w c:\windows\system32\ieakeng.dll + 2008-12-20 23:03:40 153,088 ----a-w c:\windows\system32\ieakeng.dll - 2008-08-26 08:26:56 230,400 ----a-w c:\windows\system32\ieaksie.dll + 2008-12-20 23:03:40 230,400 ----a-w c:\windows\system32\ieaksie.dll - 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll + 2008-12-19 05:23:56 161,792 ----a-w c:\windows\system32\ieakui.dll - 2008-08-26 08:26:56 383,488 ----a-w c:\windows\system32\ieapfltr.dll + 2008-12-20 23:03:41 383,488 ----a-w c:\windows\system32\ieapfltr.dll - 2008-08-26 08:26:56 384,512 ----a-w c:\windows\system32\iedkcs32.dll + 2008-12-20 23:03:41 384,512 ----a-w c:\windows\system32\iedkcs32.dll - 2008-10-03 17:26:30 6,066,176 ----a-w c:\windows\system32\ieframe.dll + 2008-12-20 23:03:44 6,066,688 ----a-w c:\windows\system32\ieframe.dll - 2008-08-26 08:26:58 44,544 ----a-w c:\windows\system32\iernonce.dll + 2008-12-20 23:03:45 44,544 ----a-w c:\windows\system32\iernonce.dll - 2008-08-26 08:26:58 267,776 ----a-w c:\windows\system32\iertutil.dll + 2008-12-20 23:03:45 267,776 ----a-w c:\windows\system32\iertutil.dll - 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe + 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe - 2008-08-26 08:26:58 27,648 ----a-w c:\windows\system32\jsproxy.dll + 2008-12-20 23:03:47 27,648 ----a-w c:\windows\system32\jsproxy.dll - 2005-01-28 11:44:28 96,768 ----a-w c:\windows\system32\logagent.exe + 2008-06-10 04:52:04 96,768 ----a-w c:\windows\system32\logagent.exe - 2007-03-16 01:36:54 77,906 ----a-w c:\windows\system32\lxddcfg.dll + 2007-03-16 02:36:54 77,906 ----a-w c:\windows\system32\lxddcfg.dll - 2007-05-25 07:41:36 394,160 ----a-w c:\windows\system32\lxddcfg.exe + 2007-05-25 08:41:36 394,160 ----a-w c:\windows\system32\lxddcfg.exe - 2007-05-17 12:07:02 684,032 ----a-w c:\windows\system32\lxddcomc.dll + 2007-05-17 13:07:02 684,032 ----a-w c:\windows\system32\lxddcomc.dll - 2007-05-17 12:11:48 425,984 ----a-w c:\windows\system32\lxddcomm.dll + 2007-05-17 13:11:48 425,984 ----a-w c:\windows\system32\lxddcomm.dll - 2007-05-25 07:41:38 537,520 ----a-w c:\windows\system32\lxddcoms.exe + 2007-05-25 08:41:38 537,520 ----a-w c:\windows\system32\lxddcoms.exe - 2007-05-24 02:09:12 77,824 ----a-w c:\windows\system32\lxddcu.dll + 2007-05-24 03:09:12 77,824 ----a-w c:\windows\system32\lxddcu.dll - 2007-05-24 02:11:40 86,016 ----a-w c:\windows\system32\lxddcub.dll + 2007-05-24 03:11:40 86,016 ----a-w c:\windows\system32\lxddcub.dll - 2007-04-16 08:05:02 983,107 ----a-w c:\windows\system32\lxddgf.dll + 2007-04-16 09:05:02 983,107 ----a-w c:\windows\system32\lxddgf.dll - 2007-05-24 02:04:56 208,896 ----a-w c:\windows\system32\lxddgrd.dll + 2007-05-24 05:45:42 208,896 ----a-w c:\windows\system32\lxddgrd.dll - 2007-05-17 11:53:20 700,416 ----a-w c:\windows\system32\lxddhbn3.dll + 2007-05-17 12:53:20 700,416 ----a-w c:\windows\system32\lxddhbn3.dll - 2007-05-17 11:54:18 323,584 ----a-w c:\windows\system32\LXDDhcp.dll + 2007-05-17 12:54:18 323,584 ----a-w c:\windows\system32\LXDDhcp.dll - 2007-05-17 12:08:44 397,312 ----a-w c:\windows\system32\lxddiesc.dll + 2007-05-17 13:08:44 397,312 ----a-w c:\windows\system32\lxddiesc.dll - 2007-05-25 07:41:40 385,968 ----a-w c:\windows\system32\lxddih.exe + 2007-05-25 08:41:40 385,968 ----a-w c:\windows\system32\lxddih.exe - 2007-05-17 11:59:50 413,696 ----a-w c:\windows\system32\lxddinpa.dll + 2007-05-17 12:59:50 413,696 ----a-w c:\windows\system32\lxddinpa.dll - 2007-05-24 02:09:08 176,128 ----a-w c:\windows\system32\lxddins.dll + 2007-05-24 03:09:08 176,128 ----a-w c:\windows\system32\lxddins.dll - 2007-05-24 02:11:48 200,704 ----a-w c:\windows\system32\lxddinsb.dll + 2007-05-24 03:11:48 200,704 ----a-w c:\windows\system32\lxddinsb.dll - 2007-05-17 12:09:14 286,720 ----a-w c:\windows\system32\LXDDinst.dll + 2007-05-17 13:09:14 286,720 ----a-w c:\windows\system32\LXDDinst.dll - 2007-05-17 12:10:16 585,728 ----a-w c:\windows\system32\lxddlmpm.dll + 2007-05-17 13:10:16 585,728 ----a-w c:\windows\system32\lxddlmpm.dll - 2007-05-17 12:19:58 643,072 ----a-w c:\windows\system32\lxddpmui.dll + 2007-05-17 13:19:58 643,072 ----a-w c:\windows\system32\lxddpmui.dll - 2007-05-17 12:07:52 94,208 ----a-w c:\windows\system32\lxddpplc.dll + 2007-05-17 13:07:52 94,208 ----a-w c:\windows\system32\lxddpplc.dll - 2007-05-17 12:06:32 163,840 ----a-w c:\windows\system32\lxddprox.dll + 2007-05-17 13:06:32 163,840 ----a-w c:\windows\system32\lxddprox.dll - 2007-05-17 12:17:22 1,232,896 ----a-w c:\windows\system32\lxddserv.dll + 2007-05-17 13:17:22 1,232,896 ----a-w c:\windows\system32\lxddserv.dll - 2007-05-17 11:58:46 999,424 ----a-w c:\windows\system32\lxddusb1.dll + 2007-05-17 12:58:46 999,424 ----a-w c:\windows\system32\lxddusb1.dll - 2007-05-24 02:05:54 507,904 ----a-w c:\windows\system32\lxddutil.dll + 2007-05-24 03:05:54 507,904 ----a-w c:\windows\system32\lxddutil.dll - 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe + 2009-02-25 20:54:59 24,768,960 ----a-w c:\windows\system32\MRT.exe - 2008-08-26 08:26:59 459,264 ----a-w c:\windows\system32\msfeeds.dll + 2008-12-20 23:03:47 459,264 ----a-w c:\windows\system32\msfeeds.dll - 2008-08-26 08:26:59 52,224 ----a-w c:\windows\system32\msfeedsbs.dll + 2008-12-20 23:03:47 52,224 ----a-w c:\windows\system32\msfeedsbs.dll - 2008-08-27 09:27:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll + 2009-01-16 20:30:38 3,594,752 ----a-w c:\windows\system32\mshtml.dll - 2008-08-26 08:27:00 477,696 ----a-w c:\windows\system32\mshtmled.dll + 2008-12-20 23:03:51 477,696 ----a-w c:\windows\system32\mshtmled.dll - 2008-08-26 08:27:00 193,024 ----a-w c:\windows\system32\msrating.dll + 2008-12-20 23:03:51 193,024 ----a-w c:\windows\system32\msrating.dll - 2008-08-26 08:27:00 671,232 ----a-w c:\windows\system32\mstime.dll + 2008-12-20 23:03:51 671,232 ----a-w c:\windows\system32\mstime.dll - 2008-08-26 08:27:00 102,912 ----a-w c:\windows\system32\occache.dll + 2008-12-20 23:03:51 102,912 ----a-w c:\windows\system32\occache.dll - 2008-08-26 08:27:00 44,544 ----a-w c:\windows\system32\pngfilt.dll + 2008-12-20 23:03:51 44,544 ----a-w c:\windows\system32\pngfilt.dll + 2005-08-29 10:56:58 33,792 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\a3d.dll + 2005-08-29 10:48:34 87,040 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\commonfx.dll + 2005-08-29 10:48:36 536,576 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\ctaudfx.dll + 2005-08-29 10:46:10 71,168 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\ctdproxy.dll + 2005-08-29 10:48:50 157,696 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\cteapsfx.dll + 2005-08-29 10:49:14 106,496 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\ctemupia.dll + 2005-08-29 10:48:56 548,352 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\ctsblfx.dll + 2005-08-29 10:45:52 73,728 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\piaproxy.dll + 2005-08-29 10:45:58 21,504 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\sfman32.dll + 2008-04-13 18:45:14 60,160 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\drmk.sys + 2008-04-13 19:16:36 141,056 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\ks.sys + 2008-04-14 17:20:34 4,096 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\ksuser.dll + 2008-04-13 19:19:41 146,048 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\portcls.sys + 2008-04-13 18:45:15 49,408 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\stream.sys + 2008-04-14 17:21:56 23,552 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\wdmaud.drv + 2005-08-29 10:45:46 140,643 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctbas2w.dat + 2005-08-29 10:43:40 53,932 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctdaught.dat + 2005-08-29 10:49:48 293,747 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctdlang.dat + 2005-08-29 10:44:04 265,066 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctsbas2w.dat + 2005-08-29 10:43:40 313,207 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctstatic.dat + 2005-08-29 10:45:52 501,760 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctac32k.sys + 2005-08-29 10:46:14 438,784 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctaud2k.sys + 2005-08-29 10:59:46 81,920 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctcoinst.dll + 2005-08-18 10:55:50 340,768 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctdvda2k.sys + 2005-08-29 10:59:48 146,432 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctdvinst.dll + 2005-08-29 07:59:44 1,365,888 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctmmfilt.sys + 2005-08-29 10:46:00 114,688 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctoss2k.sys + 2005-08-29 10:46:14 7,168 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctprxy2k.sys + 2005-08-29 10:45:56 142,336 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctsfm2k.sys + 2005-08-29 10:45:54 77,824 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\emupia2k.sys + 2005-08-29 10:46:02 752,128 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ha10kx2k.sys + 2005-08-29 10:46:04 153,088 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\haP16v2k.sys + 2005-08-29 10:46:04 179,200 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\haP17v2k.sys + 2005-08-29 10:58:12 9,216 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\pfmodnt.sys - 2008-04-14 17:20:45 144,384 ----a-w c:\windows\system32\schannel.dll + 2008-12-05 06:57:24 144,896 ----a-w c:\windows\system32\schannel.dll - 2008-04-14 17:20:47 8,489,984 ----a-w c:\windows\system32\shell32.dll + 2008-06-17 19:03:15 8,489,984 ----a-w c:\windows\system32\shell32.dll - 2008-07-08 13:20:04 19,320 ------w c:\windows\system32\spmsg.dll + 2007-11-30 11:21:28 19,320 ------w c:\windows\system32\spmsg.dll - 2008-04-14 17:20:56 246,814 ----a-w c:\windows\system32\strmdll.dll + 2008-10-03 10:04:40 247,326 ----a-w c:\windows\system32\strmdll.dll - 2008-04-14 17:21:45 60,416 ----a-w c:\windows\system32\tzchange.exe + 2008-10-23 10:06:59 62,976 ----a-w c:\windows\system32\tzchange.exe - 2008-08-26 08:27:01 105,984 ----a-w c:\windows\system32\url.dll + 2008-12-20 23:03:51 105,984 ----a-w c:\windows\system32\url.dll - 2008-08-26 08:27:01 1,159,680 ----a-w c:\windows\system32\urlmon.dll + 2008-12-20 23:03:52 1,160,192 ----a-w c:\windows\system32\urlmon.dll + 1998-06-17 23:00:00 102,912 ----a-w c:\windows\system32\VB6STKIT.DLL - 2008-08-26 08:27:01 233,472 ----a-w c:\windows\system32\webcheck.dll + 2008-12-20 23:03:52 233,472 ----a-w c:\windows\system32\webcheck.dll - 2008-09-15 15:27:56 1,846,656 ----a-w c:\windows\system32\win32k.sys + 2009-02-09 14:07:49 1,847,040 ----a-w c:\windows\system32\win32k.sys - 2008-08-26 08:27:02 826,368 ----a-w c:\windows\system32\wininet.dll + 2008-12-20 23:03:53 826,368 ----a-w c:\windows\system32\wininet.dll - 2005-01-28 11:44:28 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll + 2008-06-10 05:28:36 1,028,096 ----a-w c:\windows\system32\WMNetmgr.dll - 2006-12-07 05:29:34 2,374,472 ----a-w c:\windows\system32\wmvcore.dll + 2008-06-10 06:07:24 2,376,760 ----a-w c:\windows\system32\WMVCore.dll + 2009-03-28 21:17:32 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_400.dat + 2006-12-01 21:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2006-12-01 21:54:32 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2006-12-01 21:54:34 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 21:54:32 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-01 23:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 23:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 23:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 23:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 23:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 23:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 23:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 23:46:44 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2008-04-15 17:51:49 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll . -- Migawka wyzerowana -- . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2005-03-31 790528] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2008-06-09 2645528] "Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 110592] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 512000] "PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2007-06-17 200704] "BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2007-06-17 208896] "TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2007-04-09 58416] "TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2007-03-09 66176] "EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2007-03-28 243248] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-04-09 1015808] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-16 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-16 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-16 138008] "TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 86960] "AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688] "LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2007-04-26 120368] "DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 196696] "cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-01-30 2618944] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-06-09 35328] "SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-06-11 291760] "lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-04-30 20480] "CTSysVol"="c:\program files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe" [2005-09-15 57344] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "CTPCMCIASBUtility"="c:\program files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe" [2005-09-05 147456] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400] "TpShocks"="TpShocks.exe" [2007-03-29 c:\windows\system32\TpShocks.exe] "CTHelper"="CTHELPER.EXE" [2005-08-29 c:\windows\CTHELPER.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ BTTray.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2007-02-27 561213] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-07-12 50688] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2] 2006-09-06 08:37 34344 c:\program files\Lenovo\HOTKEY\notifyf2.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey] 2006-12-14 03:06 28672 c:\program files\Lenovo\HOTKEY\tphklock.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify] 2007-05-17 10:41 32768 c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli ACGina [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\Radio Toolbox\\rtb.exe"= "c:\\WINDOWS\\system32\\lxddcfg.exe"= "c:\\WINDOWS\\system32\\lxddcoms.exe"= "c:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"= "c:\\Program Files\\Lexmark 2500 Series\\app4r.exe"= "c:\\totalcmd\\TOTALCMD.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\FlashFXP\\FlashFXP.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddwbgw.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddjswx.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"= "c:\\Program Files\\Java\\jre1.6.0_06\\launch4j-tmp\\JDownloader.exe"= "c:\\WINDOWS\\system32\\java.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"= R0 Shockprf;Shockprf;c:\windows\system32\drivers\ApsX86.sys [2007-03-02 100656] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-03-02 19760] R1 ANC;ANC;c:\windows\system32\drivers\ANC.sys [2008-07-12 11520] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-02-06 106208] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-02-06 93336] R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.sys [2008-07-12 4224] R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [2008-07-12 4442] R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [2008-12-02 1386008] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720] R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-07-12 554352] R2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-02-08 569344] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2006-09-13 35264] S2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [2008-09-21 99248] S3 alcan5ln;SpeedTouch USB ADSL RFC1483 Networking Driver (NDIS);c:\windows\system32\drivers\alcan5ln.sys [2008-07-13 36256] S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [2008-11-25 83208] S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [2008-11-25 15112] S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [2008-11-25 108552] S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [2008-11-25 100360] S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [2008-11-25 23176] S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [2008-11-25 98568] S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [2008-11-25 98952] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-11-24 356920] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30dde838-f9e7-11dd-9bb1-000ae4c99994}] \Shell\AutoRun\command - uxdeiect.com \Shell\explore\Command - uxdeiect.com \Shell\open\Command - uxdeiect.com . Zawartość folderu 'Zaplanowane zadania' 2009-03-28 c:\windows\Tasks\PMTask.job - c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2007-06-17 17:16] 2009-03-28 c:\windows\Tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . - - - - USUNIĘTO PUSTE WPISY - - - - HKCU-Run-InternetCalls - c:\program files\internetcalls.com\internetcalls\internetcalls.exe . ------- Skan uzupełniający ------- . uStart Page = hxxp://pl.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official uSearchURL,(Default) = hxxp://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Wyślij do urządzenia &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm TCP: {0B64B717-4944-4D2D-9034-F13BEA8D1AF3} = 213.241.79.37,213.241.79.38 FF - ProfilePath - c:\documents and settings\Kaczaza\Dane aplikacji\Mozilla\Firefox\Profiles\goq5t4jj.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://pl.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npOggX.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\nppdf32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPSWF32.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-28 22:19:55 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** Binary file raw_enum.dat matches . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(1444) c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll c:\program files\Lenovo\HOTKEY\tphklock.dll - - - - - - - > 'lsass.exe'(1500) c:\program files\ThinkPad\ConnectUtilities\ACGina.dll c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll c:\program files\ThinkPad\ConnectUtilities\ACON.dll c:\program files\ThinkPad\ConnectUtilities\AcPrfMgr.dll c:\program files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll c:\program files\ThinkPad\ConnectUtilities\ACTurinSupport.dll c:\program files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll c:\program files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\ibmpmsvc.exe c:\program files\ThinkPad\Bluetooth Software\bin\btwdins.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\IPSSVC.EXE c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe c:\windows\system32\CTSVCCDA.EXE c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe c:\windows\system32\lxddcoms.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe c:\windows\system32\TPHDEXLG.exe c:\program files\Lenovo\Client Security Solution\tvttcsd.exe c:\program files\Lenovo\Rescue and Recovery\rrservice.exe c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe c:\program files\Lenovo\Rescue and Recovery\ADM\IUService.exe c:\windows\system32\wdfmgr.exe c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe c:\program files\Lenovo\System Update\SUService.exe c:\program files\Common Files\Lenovo\Logger\logmon.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe c:\windows\system32\rundll32.exe c:\windows\system32\igfxsrvc.exe c:\program files\Lenovo\HOTKEY\TPONSCR.exe c:\program files\Lenovo\ZOOM\TpScrex.exe c:\program files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTAPR.exe c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe c:\windows\system32\wscntfy.exe c:\progra~1\Symantec\LIVEUP~1\LUCOMS~1.EXE . ************************************************************************** . Czas ukończenia: 2009-03-28 22:22:49 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2009-03-28 21:22:45 ComboFix2.txt 2008-12-02 20:34:28 ComboFix3.txt 2008-11-30 23:07:35 ComboFix4.txt 2008-11-23 14:15:10 ComboFix5.txt 2009-03-28 21:11:26 Przed: 11 602 100 224 bajtów wolnych Po: 11,778,256,896 bajtów wolnych Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 757 --- E O F --- 2009-03-16 17:52:53 Hijackthis: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 22:09:48, on 2009-03-28 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\DU Meter\DUMeterSvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\lxddcoms.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Lenovo\System Update\SUService.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\WINDOWS\system32\TpShocks.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\CTHELPER.EXE C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Lexmark 2500 Series\lxddmon.exe C:\Program Files\Lexmark 2500 Series\lxddamon.exe C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTAPR.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.start.mozilla.com/firefox?client...lla:pl:official R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: [bLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe" O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe" O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [CTPCMCIASBUtility] C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [internetCalls] "C:\program files\internetcalls.com\internetcalls\internetcalls.exe" -nosplash -minimized O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{0B64B717-4944-4D2D-9034-F13BEA8D1AF3}: NameServer = 213.241.79.37,213.241.79.38 O17 - HKLM\System\CS1\Services\Tcpip\..\{0B64B717-4944-4D2D-9034-F13BEA8D1AF3}: NameServer = 213.241.79.37,213.241.79.38 O17 - HKLM\System\CS2\Services\Tcpip\..\{0B64B717-4944-4D2D-9034-F13BEA8D1AF3}: NameServer = 213.241.79.37,213.241.79.38 O17 - HKLM\System\CS4\Services\Tcpip\..\{0B64B717-4944-4D2D-9034-F13BEA8D1AF3}: NameServer = 213.241.79.37,213.241.79.38 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Intel? PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe O23 - Service: Intel? PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel? PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 15943 bytes Liczę na pomoc. Pozdrawiam.
Mateusz J. komentarz 29 marca 2009 komentarz 29 marca 2009 (edytowane) Do notatnika wklej: Windows Registry Editor Version 5.00[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] Plik ==> Zapisz jako ==> Zmień rozszerzenie na Wszystkie pliki ==> Zapisz pod nazwą FIX.REG Uruchom utworzony plik FIX.REG i potwierdź dodanie do Rejestru i zresetuj komputer. Proszę wykonać: http://www.forumpc.pl/index.php?showtopic=17478 (bez oszukiwania na koniec dowiem się czy wykonałeś). Następnie wyłącz na chwilę przywracanie systemu (w google znajdziesz jak to zrobić) Użyj programu FixWareOut(google, raport na forum) Następnie nowy log z ComboFix.
Kaczaza komentarz 29 marca 2009 komentarz 29 marca 2009 Widze że głucho. Bez odpowiedzi. Szkoda bo jestem u kresów wytrzymałości.
Kaczaza komentarz 29 marca 2009 komentarz 29 marca 2009 Napisałem to kilka sekund po poście kolegi. Juz działam według instrukcji.
Gość komentarz 30 marca 2009 komentarz 30 marca 2009 Ola Boga, taki Autostart. Do Notatnika wklej: Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"MSMSGS"=-"DU Meter"=-"Creative Detector"=-[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPLpr"=-"SynTPEnh"=-"PWRMGRTR"=-"BLOG"=-"TPFNF7"=-"TPHOTKEY"=-"EZEJMNAP"=-"SoundMAXPnP"=-"IgfxTray"=-"HotKeysCmds"=-"Persistence"=-"TVT Scheduler Proxy"=-"SunJavaUpdateSched"=-"ISUSScheduler"=-"AwaySch"=-"LPManager"=-"DiskeeperSystray"=-"cssauth"=-"WinampAgent"=-"SpeedTouch USB Diagnostics"=-"NeroFilterCheck"=-"Symantec PIF AlertEng"=-"Adobe Reader Speed Launcher"=-"CTSysVol"=-"LogitechQuickCamRibbon"=-"LogitechCommunicationsManager"=-"UnlockerAssistant"=-"CTPCMCIASBUtility"=-"TpShocks"=-"CTHelper"=- Z menu Notatnika >>> Plik >>> Zapisz jako >>> Ustaw rozszerzenie na: "Wszystkie pliki" >>> Zapisz jako FIX.REG>>> plik uruchom (dwuklik i OK- zgódź się na dodanie do Rejestru). Zrestartuj komputer. 1. Usuń ręcznie folder C:\Qoobox. 2. Z folderu "System Volume Information" usuniesz poprzez chwilowe wyłączenie "Przywracania Systemu": >Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka). 3. Wykonaj optymalizację systemu 4.Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.