x-kom hosting

Prośba o sprawdzenie logów

droxien
utworzono
utworzono (edytowane)

Witam.

Od jakiegoś czasu nęka mnie jakiś robak/wirus, który rozłącza mi często internet. Do tego wszystko strasznie muli.

Chciałbym uniknąć formata, dlatego zwracam się do Was.

Logi z Combofix:

ComboFix 09-03-27.02 - Kaczaza 2009-03-28 22:12:10.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.2038.1331 [GMT 1:00]

Uruchomiony z: c:\programy\ComboFix.exe

* Utworzono nowy punkt przywracania

* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_PCIDump

((((((((((((((((((((((((( Pliki utworzone od 2009-02-28 do 2009-03-28 )))))))))))))))))))))))))))))))

.

2009-03-24 18:53 . 2009-03-24 18:53 <DIR> d-------- c:\program files\ESET

2009-03-24 18:53 . 2009-03-24 18:53 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\ESET

2009-03-23 21:52 . 2009-03-23 21:52 38 --a------ c:\windows\avisplitter.INI

2009-03-15 18:56 . 2009-03-15 19:55 <DIR> d-------- C:\Pojutrze DVD

2009-03-14 20:11 . 2009-03-14 20:12 <DIR> d-------- C:\Nowe Gadu Gadu

2009-03-14 12:20 . 2009-03-14 12:20 <DIR> d-------- c:\program files\XnView

2009-03-14 12:20 . 2009-03-14 12:32 <DIR> d-------- c:\documents and settings\Kaczaza\Dane aplikacji\XnView

2009-03-14 12:08 . 2009-03-14 12:08 <DIR> d-------- c:\program files\AtomInterSoft

2009-03-14 12:08 . 2000-12-08 22:59 122,880 --a------ c:\windows\UnGins.exe

2009-03-10 00:26 . 2009-03-10 00:26 <DIR> d-------- c:\documents and settings\Kaczaza\Dane aplikacji\IrfanView

2009-03-04 20:16 . 2008-04-14 18:20 159,232 --a------ c:\windows\system32\ptpusd.dll

2009-03-04 20:16 . 2001-10-26 17:29 5,632 --a------ c:\windows\system32\ptpusb.dll

2009-03-03 13:08 . 2009-03-03 13:08 <DIR> d-------- C:\Gwiezdny Zaprzęg

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-28 19:32 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\uTorrent

2009-03-28 18:04 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\Skype

2009-03-28 17:27 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\skypePM

2009-03-23 21:00 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files

2009-03-23 20:58 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\avg8

2009-03-21 13:12 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\Vso

2009-03-16 19:21 --------- d-----w c:\program files\FastStone Image Viewer

2009-03-10 18:54 --------- d-----w c:\program files\uTorrent

2009-03-06 21:16 --------- d-----w c:\program files\Lx_cats

2009-03-06 21:13 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\Lexmark Productivity Studio

2009-03-03 16:02 --------- d-----w c:\program files\Lexmark 2500 Series

2009-02-22 12:23 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\FastStone

2009-02-14 08:34 --------- d-----w c:\program files\WhereIsIt

2009-02-14 08:33 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\WhereIsIt

2009-02-09 17:29 --------- d-----w c:\documents and settings\Kaczaza\Dane aplikacji\Nowe Gadu-Gadu

2009-02-06 20:27 --------- d-----w c:\program files\FlashFXP

2009-02-06 20:27 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\FlashFXP

2009-02-06 13:24 93,336 ----a-w c:\windows\system32\drivers\epfwtdir.sys

2009-02-06 13:23 106,208 ----a-w c:\windows\system32\drivers\ehdrv.sys

2009-02-06 13:19 113,448 ----a-w c:\windows\system32\drivers\eamon.sys

2009-02-06 10:37 --------- d-----w c:\program files\PhotoFiltre Studio

2008-12-31 19:30 73,216 ----a-w c:\windows\ST6UNST.EXE

2008-12-31 19:30 286,720 ------w c:\windows\Setup1.exe

2008-07-12 16:01 32,768 --sha-w c:\windows\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Feeds Cache\index.dat

2008-11-06 07:23 32,768 --sha-w c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008110620081107\index.dat

.

((((((((((((((((((((((((((((( snapshot@2008-12-01_ 0.06.58.04 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-10-03 09:50:54 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll

+ 2007-11-30 12:40:46 19,320 ----a-w c:\windows\$hf_mig$\KB954600\spmsg.dll

+ 2007-11-30 12:40:46 234,360 ----a-w c:\windows\$hf_mig$\KB954600\spuninst.exe

+ 2007-11-30 12:40:46 26,488 ----a-w c:\windows\$hf_mig$\KB954600\update\spcustom.dll

+ 2007-11-30 12:40:47 763,256 ----a-w c:\windows\$hf_mig$\KB954600\update\update.exe

+ 2007-11-30 12:40:47 398,200 ----a-w c:\windows\$hf_mig$\KB954600\update\updspapi.dll

+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe

+ 2007-11-30 12:40:46 19,320 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll

+ 2007-11-30 12:40:46 234,360 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe

+ 2007-11-30 12:40:46 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll

+ 2007-11-30 12:40:47 763,256 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe

+ 2007-11-30 12:40:47 398,200 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll

+ 2008-10-23 12:45:12 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll

+ 2008-07-08 13:20:04 19,320 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll

+ 2008-07-08 13:20:05 234,360 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe

+ 2008-07-08 13:20:04 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll

+ 2008-07-09 07:57:15 763,256 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe

+ 2008-07-09 07:57:23 398,200 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll

+ 2008-10-16 19:49:06 124,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\advpack.dll

+ 2008-10-16 19:49:06 347,136 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtmsft.dll

+ 2008-10-16 19:49:06 214,528 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtrans.dll

+ 2008-10-16 19:49:06 132,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\extmgr.dll

+ 2008-10-16 19:49:06 63,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\icardie.dll

+ 2008-10-16 12:46:08 70,656 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe

+ 2008-10-16 19:49:06 153,088 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakeng.dll

+ 2008-10-16 19:49:07 230,400 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieaksie.dll

+ 2008-10-15 06:33:26 161,792 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakui.dll

+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dat

+ 2008-10-16 19:49:07 380,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dll

+ 2008-10-16 19:49:08 388,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll

+ 2008-10-16 19:49:12 6,068,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll

+ 2008-10-16 19:49:12 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iernonce.dll

+ 2008-10-16 19:49:13 267,776 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll

+ 2008-10-16 12:46:08 13,824 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe

+ 2008-10-15 06:34:58 633,632 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe

+ 2008-10-16 19:49:14 27,648 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\jsproxy.dll

+ 2008-10-16 19:49:15 459,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeeds.dll

+ 2008-10-16 19:49:15 52,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeedsbs.dll

+ 2008-10-16 19:49:22 3,595,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll

+ 2008-10-16 19:49:23 477,696 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtmled.dll

+ 2008-10-16 19:49:23 193,024 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll

+ 2008-10-16 19:49:24 671,232 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mstime.dll

+ 2008-10-16 19:49:24 102,912 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\occache.dll

+ 2008-10-16 19:49:24 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\pngfilt.dll

+ 2008-10-16 19:49:24 105,984 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\url.dll

+ 2008-10-16 19:49:25 1,163,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\urlmon.dll

+ 2008-10-16 19:49:26 233,472 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\webcheck.dll

+ 2008-10-16 19:49:27 827,904 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll

+ 2007-03-06 03:28:33 16,096 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spmsg.dll

+ 2007-03-06 03:28:39 216,288 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spuninst.exe

+ 2007-03-06 03:28:31 22,752 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\spcustom.dll

+ 2007-03-06 03:28:58 723,680 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\update.exe

+ 2007-03-06 03:29:50 386,784 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\updspapi.dll

+ 2008-12-11 12:33:59 333,952 ----a-w c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys

+ 2007-11-30 12:40:46 19,320 ----a-w c:\windows\$hf_mig$\KB958687\spmsg.dll

+ 2007-11-30 12:40:46 234,360 ----a-w c:\windows\$hf_mig$\KB958687\spuninst.exe

+ 2007-11-30 12:40:46 26,488 ----a-w c:\windows\$hf_mig$\KB958687\update\spcustom.dll

+ 2007-11-30 12:40:47 763,256 ----a-w c:\windows\$hf_mig$\KB958687\update\update.exe

+ 2007-11-30 12:40:47 398,200 ----a-w c:\windows\$hf_mig$\KB958687\update\updspapi.dll

+ 2008-12-13 06:28:15 3,594,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll

+ 2007-03-06 03:28:33 16,096 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spmsg.dll

+ 2007-03-06 03:28:39 216,288 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spuninst.exe

+ 2007-03-06 03:28:31 22,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\spcustom.dll

+ 2007-03-06 03:28:57 723,680 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\update.exe

+ 2007-03-06 03:29:49 386,784 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\updspapi.dll

+ 2008-07-09 07:57:12 19,320 ----a-w c:\windows\$hf_mig$\KB960715\spmsg.dll

+ 2008-07-09 07:57:13 234,360 ----a-w c:\windows\$hf_mig$\KB960715\spuninst.exe

+ 2008-07-09 07:57:12 26,488 ----a-w c:\windows\$hf_mig$\KB960715\update\spcustom.dll

+ 2008-11-15 17:19:17 763,256 ----a-w c:\windows\$hf_mig$\KB960715\update\update.exe

+ 2008-07-09 07:57:23 398,200 ----a-w c:\windows\$hf_mig$\KB960715\update\updspapi.dll

+ 2008-12-20 23:48:45 124,928 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\advpack.dll

+ 2008-12-20 23:48:45 347,136 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\dxtmsft.dll

+ 2008-12-20 23:48:45 214,528 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\dxtrans.dll

+ 2008-12-20 23:48:45 132,608 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\extmgr.dll

+ 2008-12-20 23:48:45 63,488 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\icardie.dll

+ 2008-12-19 09:41:51 70,656 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ie4uinit.exe

+ 2008-12-20 23:48:45 153,088 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieakeng.dll

+ 2008-12-20 23:48:46 230,400 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieaksie.dll

+ 2008-12-19 05:24:02 161,792 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieakui.dll

+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieapfltr.dat

+ 2008-12-20 23:48:46 380,928 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieapfltr.dll

+ 2008-12-20 23:48:46 388,608 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iedkcs32.dll

+ 2008-12-20 23:48:48 6,068,736 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieframe.dll

+ 2008-12-20 23:48:48 44,544 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iernonce.dll

+ 2008-12-20 23:48:48 267,776 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iertutil.dll

+ 2008-12-19 09:41:52 13,824 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\ieudinit.exe

+ 2008-12-19 05:25:30 634,024 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe

+ 2008-12-20 23:48:49 27,648 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\jsproxy.dll

+ 2008-12-20 23:48:49 459,264 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msfeeds.dll

+ 2008-12-20 23:48:49 52,224 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msfeedsbs.dll

+ 2009-01-16 16:21:42 3,596,288 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll

+ 2008-12-20 23:48:52 477,696 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtmled.dll

+ 2008-12-20 23:48:52 193,024 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\msrating.dll

+ 2008-12-20 23:48:53 671,232 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mstime.dll

+ 2008-12-20 23:48:53 102,912 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\occache.dll

+ 2008-12-20 23:48:53 44,544 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\pngfilt.dll

+ 2008-12-20 23:48:53 105,984 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\url.dll

+ 2008-12-20 23:48:54 1,163,264 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\urlmon.dll

+ 2008-12-20 23:48:54 233,472 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\webcheck.dll

+ 2008-12-20 23:48:54 827,904 ----a-w c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll

+ 2007-03-06 03:28:35 16,096 ----a-w c:\windows\$hf_mig$\KB961260-IE7\spmsg.dll

+ 2007-03-06 03:28:40 216,288 ----a-w c:\windows\$hf_mig$\KB961260-IE7\spuninst.exe

+ 2007-03-06 03:28:33 22,752 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\spcustom.dll

+ 2007-03-06 03:28:58 723,680 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\update.exe

+ 2007-03-06 03:29:50 386,784 ----a-w c:\windows\$hf_mig$\KB961260-IE7\update\updspapi.dll

+ 2008-06-17 19:04:53 8,490,496 ----a-w c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll

+ 2008-07-09 07:57:12 19,320 ----a-w c:\windows\$hf_mig$\KB967715\spmsg.dll

+ 2008-07-09 07:57:13 234,360 ----a-w c:\windows\$hf_mig$\KB967715\spuninst.exe

+ 2008-07-09 07:57:12 26,488 ----a-w c:\windows\$hf_mig$\KB967715\update\spcustom.dll

+ 2008-07-09 07:57:15 763,256 ----a-w c:\windows\$hf_mig$\KB967715\update\update.exe

+ 2008-07-09 07:57:23 398,200 ----a-w c:\windows\$hf_mig$\KB967715\update\updspapi.dll

+ 2005-01-28 11:44:28 96,768 -c----w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe

+ 2007-07-27 06:36:18 234,360 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe

+ 2007-07-27 08:41:48 382,840 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll

+ 2005-01-28 11:44:28 1,027,072 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll

+ 2006-12-07 05:29:34 2,374,472 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll

+ 2007-11-30 12:40:46 234,360 -c----w c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe

+ 2007-11-30 12:40:47 398,200 -c----w c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll

+ 2008-04-14 17:20:56 246,814 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll

+ 2007-11-30 12:40:46 234,360 -c----w c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe

+ 2007-11-30 12:40:47 398,200 -c----w c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll

+ 2008-04-14 17:21:45 60,416 -c----w c:\windows\$NtUninstallKB955839$\tzchange.exe

+ 2008-04-14 17:20:31 285,184 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll

+ 2008-07-08 13:20:05 234,360 -c----w c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe

+ 2008-07-09 07:57:23 398,200 -c----w c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll

+ 2007-11-30 12:40:46 234,360 -c----w c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe

+ 2007-11-30 12:40:47 398,200 -c----w c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll

+ 2008-09-08 10:41:42 333,824 -c----w c:\windows\$NtUninstallKB958687$\srv.sys

+ 2008-07-09 07:57:13 234,360 -c----w c:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe

+ 2008-07-09 07:57:23 398,200 -c----w c:\windows\$NtUninstallKB960715$\spuninst\updspapi.dll

+ 2008-04-14 17:20:47 8,489,984 -c----w c:\windows\$NtUninstallKB967715$\shell32.dll

+ 2008-07-09 07:57:13 234,360 -c----w c:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe

+ 2008-07-09 07:57:23 398,200 -c----w c:\windows\$NtUninstallKB967715$\spuninst\updspapi.dll

+ 2008-08-26 08:26:55 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll

+ 2008-08-26 08:26:55 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll

+ 2008-08-26 08:26:55 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll

+ 2008-08-26 08:26:55 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll

+ 2008-08-26 08:26:55 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll

+ 2008-08-25 08:42:17 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe

+ 2008-08-26 08:26:55 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll

+ 2008-08-26 08:26:56 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll

+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll

+ 2008-08-26 08:26:56 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll

+ 2008-08-26 08:26:56 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll

+ 2008-10-03 17:26:30 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll

+ 2008-08-26 08:26:58 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll

+ 2008-08-26 08:26:58 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll

+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe

+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe

+ 2008-08-26 08:26:58 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll

+ 2008-08-26 08:26:59 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll

+ 2008-08-26 08:26:59 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll

+ 2008-08-27 09:27:02 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll

+ 2008-08-26 08:27:00 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll

+ 2008-08-26 08:27:00 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll

+ 2008-08-26 08:27:00 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll

+ 2008-08-26 08:27:00 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll

+ 2008-08-26 08:27:00 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll

+ 2007-03-06 03:28:39 216,288 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe

+ 2007-03-06 03:29:50 386,784 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll

+ 2008-08-26 08:27:01 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll

+ 2008-08-26 08:27:01 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll

+ 2008-08-26 08:27:01 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll

+ 2008-08-26 08:27:02 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll

+ 2008-10-17 01:03:34 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll

+ 2007-03-06 03:28:39 216,288 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe

+ 2007-03-06 03:29:49 386,784 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll

+ 2008-10-16 20:33:23 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll

+ 2008-10-16 20:33:23 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll

+ 2008-10-16 20:33:24 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll

+ 2008-10-16 20:33:24 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll

+ 2008-10-16 20:33:24 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll

+ 2008-10-16 13:15:01 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe

+ 2008-10-16 20:33:24 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll

+ 2008-10-16 20:33:24 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll

+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll

+ 2008-10-16 20:33:24 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll

+ 2008-10-16 20:33:25 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll

+ 2008-10-16 20:33:27 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll

+ 2008-10-16 20:33:27 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll

+ 2008-10-16 20:33:28 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll

+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe

+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe

+ 2008-10-16 20:33:29 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll

+ 2008-10-16 20:33:29 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll

+ 2008-10-16 20:33:29 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll

+ 2008-12-13 06:39:17 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll

+ 2008-10-16 20:33:33 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll

+ 2008-10-16 20:33:33 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll

+ 2008-10-16 20:33:33 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll

+ 2008-10-16 20:33:33 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll

+ 2008-10-16 20:33:33 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll

+ 2007-03-06 03:28:40 216,288 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe

+ 2007-03-06 03:29:50 386,784 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll

+ 2008-10-16 20:33:33 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll

+ 2008-10-16 20:33:34 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll

+ 2008-10-16 20:33:34 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll

+ 2008-10-16 20:33:34 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll

+ 2009-03-24 17:54:55 10,134 ----a-r c:\windows\Installer\{09C85E5A-3E10-4268-904C-BACEF16ECEF0}\callmsi.exe

+ 2009-03-24 17:54:55 101,480 ----a-r c:\windows\Installer\{09C85E5A-3E10-4268-904C-BACEF16ECEF0}\egui.exe

- 2008-09-21 15:18:28 53,248 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\ARPPRODUCTICON.exe

+ 2009-01-01 12:47:27 53,248 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\ARPPRODUCTICON.exe

- 2008-09-21 15:18:28 53,248 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\tvsu.exe2_8675339C128C44DD83BF0A5D6ABD8297.exe

+ 2009-01-01 12:47:27 53,248 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\tvsu.exe2_8675339C128C44DD83BF0A5D6ABD8297.exe

- 2008-09-21 15:18:28 49,152 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\tvsu.exe3_8675339C128C44DD83BF0A5D6ABD8297.exe

+ 2009-01-01 12:47:27 49,152 ----a-r c:\windows\Installer\{8675339C-128C-44DD-83BF-0A5D6ABD8297}\tvsu.exe3_8675339C128C44DD83BF0A5D6ABD8297.exe

- 2008-11-12 23:17:28 135,168 ----a-r c:\windows\Installer\{90850415-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2008-12-12 11:31:48 135,168 ----a-r c:\windows\Installer\{90850415-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2008-11-12 23:17:28 40,960 ----a-r c:\windows\Installer\{90850415-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe

+ 2008-12-12 11:31:48 40,960 ----a-r c:\windows\Installer\{90850415-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe

+ 2008-12-17 19:13:39 32,768 ----a-r c:\windows\Installer\{90AF0415-6000-11D3-8CFE-0150048383C9}\ppvwicon.exe

- 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe

+ 2000-08-31 07:00:00 29,696 ----a-w c:\windows\NIRCMD.exe

- 2008-08-26 08:26:55 124,928 ----a-w c:\windows\system32\advpack.dll

+ 2008-12-20 23:03:39 124,928 ----a-w c:\windows\system32\advpack.dll

- 2008-08-26 08:26:55 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll

+ 2008-12-20 23:03:39 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll

+ 2008-04-13 18:45:14 60,160 ----a-w c:\windows\system32\dllcache\drmk.sys

- 2008-08-26 08:26:55 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll

+ 2008-12-20 23:03:39 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll

- 2008-08-26 08:26:55 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll

+ 2008-12-20 23:03:39 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll

- 2008-08-26 08:26:55 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll

+ 2008-12-20 23:03:39 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll

+ 2008-10-23 12:42:41 286,720 ------w c:\windows\system32\dllcache\gdi32.dll

- 2008-08-26 08:26:55 63,488 ------w c:\windows\system32\dllcache\icardie.dll

+ 2008-12-20 23:03:40 63,488 ------w c:\windows\system32\dllcache\icardie.dll

- 2008-08-25 08:42:17 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe

+ 2008-12-19 09:13:43 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe

- 2008-08-26 08:26:55 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll

+ 2008-12-20 23:03:40 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll

- 2008-08-26 08:26:56 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll

+ 2008-12-20 23:03:40 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll

- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll

+ 2008-12-19 05:23:56 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll

- 2008-08-26 08:26:56 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll

+ 2008-12-20 23:03:41 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll

- 2008-08-26 08:26:56 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll

+ 2008-12-20 23:03:41 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll

- 2008-10-03 17:26:30 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll

+ 2008-12-20 23:03:44 6,066,688 ------w c:\windows\system32\dllcache\ieframe.dll

- 2008-08-26 08:26:58 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll

+ 2008-12-20 23:03:45 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll

- 2008-08-26 08:26:58 267,776 ------w c:\windows\system32\dllcache\iertutil.dll

+ 2008-12-20 23:03:45 267,776 ------w c:\windows\system32\dllcache\iertutil.dll

- 2008-08-25 08:38:00 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe

+ 2008-12-19 09:10:15 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe

- 2008-08-23 05:56:15 635,848 ----a-w c:\windows\system32\dllcache\iexplore.exe

+ 2008-12-19 05:25:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe

- 2008-08-26 08:26:58 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll

+ 2008-12-20 23:03:47 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll

+ 2008-04-13 19:16:36 141,056 ----a-w c:\windows\system32\dllcache\ks.sys

- 2005-01-28 11:44:28 96,768 ----a-w c:\windows\system32\dllcache\logagent.exe

+ 2008-06-10 04:52:04 96,768 ----a-w c:\windows\system32\dllcache\logagent.exe

- 2008-08-26 08:26:59 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll

+ 2008-12-20 23:03:47 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll

- 2008-08-26 08:26:59 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll

+ 2008-12-20 23:03:47 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll

- 2008-08-27 09:27:02 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll

+ 2009-01-16 20:30:38 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll

- 2008-08-26 08:27:00 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll

+ 2008-12-20 23:03:51 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll

- 2008-08-26 08:27:00 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll

+ 2008-12-20 23:03:51 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll

- 2008-08-26 08:27:00 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll

+ 2008-12-20 23:03:51 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll

- 2008-08-26 08:27:00 102,912 ----a-w c:\windows\system32\dllcache\occache.dll

+ 2008-12-20 23:03:51 102,912 ----a-w c:\windows\system32\dllcache\occache.dll

- 2008-08-26 08:27:00 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll

+ 2008-12-20 23:03:51 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll

+ 2008-04-13 19:19:42 146,048 ----a-w c:\windows\system32\dllcache\portcls.sys

+ 2008-12-05 06:57:24 144,896 ------w c:\windows\system32\dllcache\schannel.dll

+ 2008-06-17 19:03:15 8,489,984 ------w c:\windows\system32\dllcache\shell32.dll

- 2008-09-08 10:41:42 333,824 ------w c:\windows\system32\dllcache\srv.sys

+ 2008-12-11 10:57:09 333,952 ------w c:\windows\system32\dllcache\srv.sys

+ 2008-04-13 18:45:16 49,408 ----a-w c:\windows\system32\dllcache\stream.sys

- 2008-04-14 17:20:56 246,814 ------w c:\windows\system32\dllcache\strmdll.dll

+ 2008-10-03 10:04:40 247,326 ------w c:\windows\system32\dllcache\strmdll.dll

- 2008-08-26 08:27:01 105,984 ----a-w c:\windows\system32\dllcache\url.dll

+ 2008-12-20 23:03:51 105,984 ----a-w c:\windows\system32\dllcache\url.dll

- 2008-08-26 08:27:01 1,159,680 ----a-w c:\windows\system32\dllcache\urlmon.dll

+ 2008-12-20 23:03:52 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll

- 2008-08-26 08:27:01 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll

+ 2008-12-20 23:03:52 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll

- 2008-09-15 15:27:56 1,846,656 ------w c:\windows\system32\dllcache\win32k.sys

+ 2009-02-09 14:07:49 1,847,040 ------w c:\windows\system32\dllcache\win32k.sys

- 2008-08-26 08:27:02 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll

+ 2008-12-20 23:03:53 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll

- 2005-01-28 11:44:28 1,027,072 ----a-w c:\windows\system32\dllcache\wmnetmgr.dll

+ 2008-06-10 05:28:36 1,028,096 ----a-w c:\windows\system32\dllcache\WMNetmgr.dll

- 2006-12-07 05:29:34 2,374,472 ----a-w c:\windows\system32\dllcache\wmvcore.dll

+ 2008-06-10 06:07:24 2,376,760 ----a-w c:\windows\system32\dllcache\WMVCore.dll

- 2004-10-19 08:07:22 9,728 ------w c:\windows\system32\drivers\PfModNT.sys

+ 2005-08-29 10:58:12 9,216 ----a-r c:\windows\system32\drivers\pfmodnt.sys

- 2008-04-13 19:19:41 146,048 ----a-w c:\windows\system32\drivers\portcls.sys

+ 2008-04-13 19:19:42 146,048 ----a-w c:\windows\system32\drivers\portcls.sys

- 2008-09-08 10:41:42 333,824 ----a-w c:\windows\system32\drivers\srv.sys

+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys

- 2008-04-13 18:45:15 49,408 ----a-w c:\windows\system32\drivers\stream.sys

+ 2008-04-13 18:45:16 49,408 ----a-w c:\windows\system32\drivers\stream.sys

- 2008-08-26 08:26:55 347,136 ----a-w c:\windows\system32\dxtmsft.dll

+ 2008-12-20 23:03:39 347,136 ----a-w c:\windows\system32\dxtmsft.dll

- 2008-08-26 08:26:55 214,528 ----a-w c:\windows\system32\dxtrans.dll

+ 2008-12-20 23:03:39 214,528 ----a-w c:\windows\system32\dxtrans.dll

- 2008-08-26 08:26:55 133,120 ----a-w c:\windows\system32\extmgr.dll

+ 2008-12-20 23:03:39 133,120 ----a-w c:\windows\system32\extmgr.dll

- 2008-11-06 07:22:34 95,072 ----a-w c:\windows\system32\FNTCACHE.DAT

+ 2009-03-12 07:39:16 95,072 ----a-w c:\windows\system32\FNTCACHE.DAT

- 2008-04-14 17:20:31 285,184 ----a-w c:\windows\system32\gdi32.dll

+ 2008-10-23 12:42:41 286,720 ----a-w c:\windows\system32\gdi32.dll

- 2008-08-26 08:26:55 63,488 ----a-w c:\windows\system32\icardie.dll

+ 2008-12-20 23:03:40 63,488 ----a-w c:\windows\system32\icardie.dll

- 2008-08-25 08:42:17 70,656 ----a-w c:\windows\system32\ie4uinit.exe

+ 2008-12-19 09:13:43 70,656 ----a-w c:\windows\system32\ie4uinit.exe

- 2008-08-26 08:26:55 153,088 ----a-w c:\windows\system32\ieakeng.dll

+ 2008-12-20 23:03:40 153,088 ----a-w c:\windows\system32\ieakeng.dll

- 2008-08-26 08:26:56 230,400 ----a-w c:\windows\system32\ieaksie.dll

+ 2008-12-20 23:03:40 230,400 ----a-w c:\windows\system32\ieaksie.dll

- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll

+ 2008-12-19 05:23:56 161,792 ----a-w c:\windows\system32\ieakui.dll

- 2008-08-26 08:26:56 383,488 ----a-w c:\windows\system32\ieapfltr.dll

+ 2008-12-20 23:03:41 383,488 ----a-w c:\windows\system32\ieapfltr.dll

- 2008-08-26 08:26:56 384,512 ----a-w c:\windows\system32\iedkcs32.dll

+ 2008-12-20 23:03:41 384,512 ----a-w c:\windows\system32\iedkcs32.dll

- 2008-10-03 17:26:30 6,066,176 ----a-w c:\windows\system32\ieframe.dll

+ 2008-12-20 23:03:44 6,066,688 ----a-w c:\windows\system32\ieframe.dll

- 2008-08-26 08:26:58 44,544 ----a-w c:\windows\system32\iernonce.dll

+ 2008-12-20 23:03:45 44,544 ----a-w c:\windows\system32\iernonce.dll

- 2008-08-26 08:26:58 267,776 ----a-w c:\windows\system32\iertutil.dll

+ 2008-12-20 23:03:45 267,776 ----a-w c:\windows\system32\iertutil.dll

- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe

+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe

- 2008-08-26 08:26:58 27,648 ----a-w c:\windows\system32\jsproxy.dll

+ 2008-12-20 23:03:47 27,648 ----a-w c:\windows\system32\jsproxy.dll

- 2005-01-28 11:44:28 96,768 ----a-w c:\windows\system32\logagent.exe

+ 2008-06-10 04:52:04 96,768 ----a-w c:\windows\system32\logagent.exe

- 2007-03-16 01:36:54 77,906 ----a-w c:\windows\system32\lxddcfg.dll

+ 2007-03-16 02:36:54 77,906 ----a-w c:\windows\system32\lxddcfg.dll

- 2007-05-25 07:41:36 394,160 ----a-w c:\windows\system32\lxddcfg.exe

+ 2007-05-25 08:41:36 394,160 ----a-w c:\windows\system32\lxddcfg.exe

- 2007-05-17 12:07:02 684,032 ----a-w c:\windows\system32\lxddcomc.dll

+ 2007-05-17 13:07:02 684,032 ----a-w c:\windows\system32\lxddcomc.dll

- 2007-05-17 12:11:48 425,984 ----a-w c:\windows\system32\lxddcomm.dll

+ 2007-05-17 13:11:48 425,984 ----a-w c:\windows\system32\lxddcomm.dll

- 2007-05-25 07:41:38 537,520 ----a-w c:\windows\system32\lxddcoms.exe

+ 2007-05-25 08:41:38 537,520 ----a-w c:\windows\system32\lxddcoms.exe

- 2007-05-24 02:09:12 77,824 ----a-w c:\windows\system32\lxddcu.dll

+ 2007-05-24 03:09:12 77,824 ----a-w c:\windows\system32\lxddcu.dll

- 2007-05-24 02:11:40 86,016 ----a-w c:\windows\system32\lxddcub.dll

+ 2007-05-24 03:11:40 86,016 ----a-w c:\windows\system32\lxddcub.dll

- 2007-04-16 08:05:02 983,107 ----a-w c:\windows\system32\lxddgf.dll

+ 2007-04-16 09:05:02 983,107 ----a-w c:\windows\system32\lxddgf.dll

- 2007-05-24 02:04:56 208,896 ----a-w c:\windows\system32\lxddgrd.dll

+ 2007-05-24 05:45:42 208,896 ----a-w c:\windows\system32\lxddgrd.dll

- 2007-05-17 11:53:20 700,416 ----a-w c:\windows\system32\lxddhbn3.dll

+ 2007-05-17 12:53:20 700,416 ----a-w c:\windows\system32\lxddhbn3.dll

- 2007-05-17 11:54:18 323,584 ----a-w c:\windows\system32\LXDDhcp.dll

+ 2007-05-17 12:54:18 323,584 ----a-w c:\windows\system32\LXDDhcp.dll

- 2007-05-17 12:08:44 397,312 ----a-w c:\windows\system32\lxddiesc.dll

+ 2007-05-17 13:08:44 397,312 ----a-w c:\windows\system32\lxddiesc.dll

- 2007-05-25 07:41:40 385,968 ----a-w c:\windows\system32\lxddih.exe

+ 2007-05-25 08:41:40 385,968 ----a-w c:\windows\system32\lxddih.exe

- 2007-05-17 11:59:50 413,696 ----a-w c:\windows\system32\lxddinpa.dll

+ 2007-05-17 12:59:50 413,696 ----a-w c:\windows\system32\lxddinpa.dll

- 2007-05-24 02:09:08 176,128 ----a-w c:\windows\system32\lxddins.dll

+ 2007-05-24 03:09:08 176,128 ----a-w c:\windows\system32\lxddins.dll

- 2007-05-24 02:11:48 200,704 ----a-w c:\windows\system32\lxddinsb.dll

+ 2007-05-24 03:11:48 200,704 ----a-w c:\windows\system32\lxddinsb.dll

- 2007-05-17 12:09:14 286,720 ----a-w c:\windows\system32\LXDDinst.dll

+ 2007-05-17 13:09:14 286,720 ----a-w c:\windows\system32\LXDDinst.dll

- 2007-05-17 12:10:16 585,728 ----a-w c:\windows\system32\lxddlmpm.dll

+ 2007-05-17 13:10:16 585,728 ----a-w c:\windows\system32\lxddlmpm.dll

- 2007-05-17 12:19:58 643,072 ----a-w c:\windows\system32\lxddpmui.dll

+ 2007-05-17 13:19:58 643,072 ----a-w c:\windows\system32\lxddpmui.dll

- 2007-05-17 12:07:52 94,208 ----a-w c:\windows\system32\lxddpplc.dll

+ 2007-05-17 13:07:52 94,208 ----a-w c:\windows\system32\lxddpplc.dll

- 2007-05-17 12:06:32 163,840 ----a-w c:\windows\system32\lxddprox.dll

+ 2007-05-17 13:06:32 163,840 ----a-w c:\windows\system32\lxddprox.dll

- 2007-05-17 12:17:22 1,232,896 ----a-w c:\windows\system32\lxddserv.dll

+ 2007-05-17 13:17:22 1,232,896 ----a-w c:\windows\system32\lxddserv.dll

- 2007-05-17 11:58:46 999,424 ----a-w c:\windows\system32\lxddusb1.dll

+ 2007-05-17 12:58:46 999,424 ----a-w c:\windows\system32\lxddusb1.dll

- 2007-05-24 02:05:54 507,904 ----a-w c:\windows\system32\lxddutil.dll

+ 2007-05-24 03:05:54 507,904 ----a-w c:\windows\system32\lxddutil.dll

- 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe

+ 2009-02-25 20:54:59 24,768,960 ----a-w c:\windows\system32\MRT.exe

- 2008-08-26 08:26:59 459,264 ----a-w c:\windows\system32\msfeeds.dll

+ 2008-12-20 23:03:47 459,264 ----a-w c:\windows\system32\msfeeds.dll

- 2008-08-26 08:26:59 52,224 ----a-w c:\windows\system32\msfeedsbs.dll

+ 2008-12-20 23:03:47 52,224 ----a-w c:\windows\system32\msfeedsbs.dll

- 2008-08-27 09:27:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll

+ 2009-01-16 20:30:38 3,594,752 ----a-w c:\windows\system32\mshtml.dll

- 2008-08-26 08:27:00 477,696 ----a-w c:\windows\system32\mshtmled.dll

+ 2008-12-20 23:03:51 477,696 ----a-w c:\windows\system32\mshtmled.dll

- 2008-08-26 08:27:00 193,024 ----a-w c:\windows\system32\msrating.dll

+ 2008-12-20 23:03:51 193,024 ----a-w c:\windows\system32\msrating.dll

- 2008-08-26 08:27:00 671,232 ----a-w c:\windows\system32\mstime.dll

+ 2008-12-20 23:03:51 671,232 ----a-w c:\windows\system32\mstime.dll

- 2008-08-26 08:27:00 102,912 ----a-w c:\windows\system32\occache.dll

+ 2008-12-20 23:03:51 102,912 ----a-w c:\windows\system32\occache.dll

- 2008-08-26 08:27:00 44,544 ----a-w c:\windows\system32\pngfilt.dll

+ 2008-12-20 23:03:51 44,544 ----a-w c:\windows\system32\pngfilt.dll

+ 2005-08-29 10:56:58 33,792 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\a3d.dll

+ 2005-08-29 10:48:34 87,040 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\commonfx.dll

+ 2005-08-29 10:48:36 536,576 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\ctaudfx.dll

+ 2005-08-29 10:46:10 71,168 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\ctdproxy.dll

+ 2005-08-29 10:48:50 157,696 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\cteapsfx.dll

+ 2005-08-29 10:49:14 106,496 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\ctemupia.dll

+ 2005-08-29 10:48:56 548,352 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\ctsblfx.dll

+ 2005-08-29 10:45:52 73,728 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\piaproxy.dll

+ 2005-08-29 10:45:58 21,504 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Common\i386\sfman32.dll

+ 2008-04-13 18:45:14 60,160 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\drmk.sys

+ 2008-04-13 19:16:36 141,056 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\ks.sys

+ 2008-04-14 17:20:34 4,096 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\ksuser.dll

+ 2008-04-13 19:19:41 146,048 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\portcls.sys

+ 2008-04-13 18:45:15 49,408 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\stream.sys

+ 2008-04-14 17:21:56 23,552 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\wdmaud.drv

+ 2005-08-29 10:45:46 140,643 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctbas2w.dat

+ 2005-08-29 10:43:40 53,932 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctdaught.dat

+ 2005-08-29 10:49:48 293,747 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctdlang.dat

+ 2005-08-29 10:44:04 265,066 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctsbas2w.dat

+ 2005-08-29 10:43:40 313,207 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\ctstatic.dat

+ 2005-08-29 10:45:52 501,760 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctac32k.sys

+ 2005-08-29 10:46:14 438,784 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctaud2k.sys

+ 2005-08-29 10:59:46 81,920 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctcoinst.dll

+ 2005-08-18 10:55:50 340,768 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctdvda2k.sys

+ 2005-08-29 10:59:48 146,432 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctdvinst.dll

+ 2005-08-29 07:59:44 1,365,888 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctmmfilt.sys

+ 2005-08-29 10:46:00 114,688 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctoss2k.sys

+ 2005-08-29 10:46:14 7,168 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctprxy2k.sys

+ 2005-08-29 10:45:56 142,336 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ctsfm2k.sys

+ 2005-08-29 10:45:54 77,824 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\emupia2k.sys

+ 2005-08-29 10:46:02 752,128 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\ha10kx2k.sys

+ 2005-08-29 10:46:04 153,088 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\haP16v2k.sys

+ 2005-08-29 10:46:04 179,200 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\haP17v2k.sys

+ 2005-08-29 10:58:12 9,216 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\Win2K_XP\i386\pfmodnt.sys

- 2008-04-14 17:20:45 144,384 ----a-w c:\windows\system32\schannel.dll

+ 2008-12-05 06:57:24 144,896 ----a-w c:\windows\system32\schannel.dll

- 2008-04-14 17:20:47 8,489,984 ----a-w c:\windows\system32\shell32.dll

+ 2008-06-17 19:03:15 8,489,984 ----a-w c:\windows\system32\shell32.dll

- 2008-07-08 13:20:04 19,320 ------w c:\windows\system32\spmsg.dll

+ 2007-11-30 11:21:28 19,320 ------w c:\windows\system32\spmsg.dll

- 2008-04-14 17:20:56 246,814 ----a-w c:\windows\system32\strmdll.dll

+ 2008-10-03 10:04:40 247,326 ----a-w c:\windows\system32\strmdll.dll

- 2008-04-14 17:21:45 60,416 ----a-w c:\windows\system32\tzchange.exe

+ 2008-10-23 10:06:59 62,976 ----a-w c:\windows\system32\tzchange.exe

- 2008-08-26 08:27:01 105,984 ----a-w c:\windows\system32\url.dll

+ 2008-12-20 23:03:51 105,984 ----a-w c:\windows\system32\url.dll

- 2008-08-26 08:27:01 1,159,680 ----a-w c:\windows\system32\urlmon.dll

+ 2008-12-20 23:03:52 1,160,192 ----a-w c:\windows\system32\urlmon.dll

+ 1998-06-17 23:00:00 102,912 ----a-w c:\windows\system32\VB6STKIT.DLL

- 2008-08-26 08:27:01 233,472 ----a-w c:\windows\system32\webcheck.dll

+ 2008-12-20 23:03:52 233,472 ----a-w c:\windows\system32\webcheck.dll

- 2008-09-15 15:27:56 1,846,656 ----a-w c:\windows\system32\win32k.sys

+ 2009-02-09 14:07:49 1,847,040 ----a-w c:\windows\system32\win32k.sys

- 2008-08-26 08:27:02 826,368 ----a-w c:\windows\system32\wininet.dll

+ 2008-12-20 23:03:53 826,368 ----a-w c:\windows\system32\wininet.dll

- 2005-01-28 11:44:28 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll

+ 2008-06-10 05:28:36 1,028,096 ----a-w c:\windows\system32\WMNetmgr.dll

- 2006-12-07 05:29:34 2,374,472 ----a-w c:\windows\system32\wmvcore.dll

+ 2008-06-10 06:07:24 2,376,760 ----a-w c:\windows\system32\WMVCore.dll

+ 2009-03-28 21:17:32 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_400.dat

+ 2006-12-01 21:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll

+ 2006-12-01 21:54:32 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll

+ 2006-12-01 21:54:34 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

+ 2006-12-01 21:54:32 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

+ 2006-12-01 23:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll

+ 2006-12-01 23:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll

+ 2006-12-01 23:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll

+ 2006-12-01 23:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll

+ 2006-12-01 23:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll

+ 2006-12-01 23:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll

+ 2006-12-01 23:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll

+ 2006-12-01 23:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll

+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll

+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll

+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll

+ 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll

+ 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll

+ 2006-12-01 23:46:44 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll

+ 2008-04-15 17:51:49 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll

.

-- Migawka wyzerowana --

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2005-03-31 790528]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2008-06-09 2645528]

"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 110592]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 512000]

"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2007-06-17 200704]

"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2007-06-17 208896]

"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2007-04-09 58416]

"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2007-03-09 66176]

"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2007-03-28 243248]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-04-09 1015808]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-16 138008]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-16 162584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-16 138008]

"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 86960]

"AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]

"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2007-04-26 120368]

"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 196696]

"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-01-30 2618944]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-06-09 35328]

"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]

"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-06-11 291760]

"lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-04-30 20480]

"CTSysVol"="c:\program files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe" [2005-09-15 57344]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]

"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]

"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]

"CTPCMCIASBUtility"="c:\program files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe" [2005-09-05 147456]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]

"TpShocks"="TpShocks.exe" [2007-03-29 c:\windows\system32\TpShocks.exe]

"CTHelper"="CTHELPER.EXE" [2005-08-29 c:\windows\CTHELPER.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\

BTTray.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2007-02-27 561213]

Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-07-12 50688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]

2006-09-06 08:37 34344 c:\program files\Lenovo\HOTKEY\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]

2006-12-14 03:06 28672 c:\program files\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]

2007-05-17 10:41 32768 c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ scecli ACGina

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Gadu-Gadu\\gg.exe"=

"c:\\Program Files\\Radio Toolbox\\rtb.exe"=

"c:\\WINDOWS\\system32\\lxddcfg.exe"=

"c:\\WINDOWS\\system32\\lxddcoms.exe"=

"c:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"=

"c:\\Program Files\\Lexmark 2500 Series\\app4r.exe"=

"c:\\totalcmd\\TOTALCMD.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddwbgw.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddjswx.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"=

"c:\\Program Files\\Java\\jre1.6.0_06\\launch4j-tmp\\JDownloader.exe"=

"c:\\WINDOWS\\system32\\java.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"=

R0 Shockprf;Shockprf;c:\windows\system32\drivers\ApsX86.sys [2007-03-02 100656]

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-03-02 19760]

R1 ANC;ANC;c:\windows\system32\drivers\ANC.sys [2008-07-12 11520]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-02-06 106208]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-02-06 93336]

R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.sys [2008-07-12 4224]

R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [2008-07-12 4442]

R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [2008-12-02 1386008]

R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]

R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-07-12 554352]

R2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?]

R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-02-08 569344]

R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2006-09-13 35264]

S2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [2008-09-21 99248]

S3 alcan5ln;SpeedTouch USB ADSL RFC1483 Networking Driver (NDIS);c:\windows\system32\drivers\alcan5ln.sys [2008-07-13 36256]

S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [2008-11-25 83208]

S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [2008-11-25 15112]

S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [2008-11-25 108552]

S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [2008-11-25 100360]

S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [2008-11-25 23176]

S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [2008-11-25 98568]

S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [2008-11-25 98952]

S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-11-24 356920]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30dde838-f9e7-11dd-9bb1-000ae4c99994}]

\Shell\AutoRun\command - uxdeiect.com

\Shell\explore\Command - uxdeiect.com

\Shell\open\Command - uxdeiect.com

.

Zawartość folderu 'Zaplanowane zadania'

2009-03-28 c:\windows\Tasks\PMTask.job

- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2007-06-17 17:16]

2009-03-28 c:\windows\Tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

.

- - - - USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-InternetCalls - c:\program files\internetcalls.com\internetcalls\internetcalls.exe

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://pl.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official

uSearchURL,(Default) = hxxp://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Wyślij do urządzenia &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

TCP: {0B64B717-4944-4D2D-9034-F13BEA8D1AF3} = 213.241.79.37,213.241.79.38

FF - ProfilePath - c:\documents and settings\Kaczaza\Dane aplikacji\Mozilla\Firefox\Profiles\goq5t4jj.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://pl.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official

FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npOggX.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\nppdf32.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPSWF32.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-28 22:19:55

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

Binary file raw_enum.dat matches

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(1444)

c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll

c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll

c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll

c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll

c:\program files\Lenovo\HOTKEY\tphklock.dll

- - - - - - - > 'lsass.exe'(1500)

c:\program files\ThinkPad\ConnectUtilities\ACGina.dll

c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll

c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll

c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll

c:\program files\ThinkPad\ConnectUtilities\ACON.dll

c:\program files\ThinkPad\ConnectUtilities\AcPrfMgr.dll

c:\program files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll

c:\program files\ThinkPad\ConnectUtilities\ACTurinSupport.dll

c:\program files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll

c:\program files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\system32\ibmpmsvc.exe

c:\program files\ThinkPad\Bluetooth Software\bin\btwdins.exe

c:\program files\Intel\Wireless\Bin\S24EvMon.exe

c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\windows\system32\IPSSVC.EXE

c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

c:\windows\system32\CTSVCCDA.EXE

c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe

c:\program files\Intel\Wireless\Bin\EvtEng.exe

c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

c:\windows\system32\lxddcoms.exe

c:\program files\Intel\Wireless\Bin\RegSrvc.exe

c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

c:\windows\system32\TPHDEXLG.exe

c:\program files\Lenovo\Client Security Solution\tvttcsd.exe

c:\program files\Lenovo\Rescue and Recovery\rrservice.exe

c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe

c:\program files\Lenovo\Rescue and Recovery\ADM\IUService.exe

c:\windows\system32\wdfmgr.exe

c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe

c:\program files\Lenovo\System Update\SUService.exe

c:\program files\Common Files\Lenovo\Logger\logmon.exe

c:\windows\system32\wbem\wmiapsrv.exe

c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\igfxsrvc.exe

c:\program files\Lenovo\HOTKEY\TPONSCR.exe

c:\program files\Lenovo\ZOOM\TpScrex.exe

c:\program files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTAPR.exe

c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe

c:\windows\system32\wscntfy.exe

c:\progra~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

.

**************************************************************************

.

Czas ukończenia: 2009-03-28 22:22:49 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-03-28 21:22:45

ComboFix2.txt 2008-12-02 20:34:28

ComboFix3.txt 2008-11-30 23:07:35

ComboFix4.txt 2008-11-23 14:15:10

ComboFix5.txt 2009-03-28 21:11:26

Przed: 11 602 100 224 bajtów wolnych

Po: 11,778,256,896 bajtów wolnych

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4

757 --- E O F --- 2009-03-16 17:52:53

Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:09:48, on 2009-03-28

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\DU Meter\DUMeterSvc.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\WINDOWS\system32\lxddcoms.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\System32\TPHDEXLG.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program Files\Lenovo\System Update\SUService.exe

C:\Program Files\Common Files\Lenovo\Logger\logmon.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe

C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

C:\WINDOWS\system32\TpShocks.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Lenovo\Zoom\TpScrex.exe

C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe

C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\WINDOWS\CTHELPER.EXE

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Lexmark 2500 Series\lxddmon.exe

C:\Program Files\Lexmark 2500 Series\lxddamon.exe

C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTAPR.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.start.mozilla.com/firefox?client...lla:pl:official

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [bLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog

O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r

O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"

O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [CTPCMCIASBUtility] C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [internetCalls] "C:\program files\internetcalls.com\internetcalls\internetcalls.exe" -nosplash -minimized

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe

O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R

O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{0B64B717-4944-4D2D-9034-F13BEA8D1AF3}: NameServer = 213.241.79.37,213.241.79.38

O17 - HKLM\System\CS1\Services\Tcpip\..\{0B64B717-4944-4D2D-9034-F13BEA8D1AF3}: NameServer = 213.241.79.37,213.241.79.38

O17 - HKLM\System\CS2\Services\Tcpip\..\{0B64B717-4944-4D2D-9034-F13BEA8D1AF3}: NameServer = 213.241.79.37,213.241.79.38

O17 - HKLM\System\CS4\Services\Tcpip\..\{0B64B717-4944-4D2D-9034-F13BEA8D1AF3}: NameServer = 213.241.79.37,213.241.79.38

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Intel? PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe

O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe

O23 - Service: Intel? PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel? PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe

O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe

O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe

O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

--

End of file - 15943 bytes

Liczę na pomoc. Pozdrawiam.

Mateusz J.
komentarz
komentarz (edytowane)

Do notatnika wklej:

Windows Registry Editor Version 5.00[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

Plik ==> Zapisz jako ==> Zmień rozszerzenie na Wszystkie pliki ==> Zapisz pod nazwą FIX.REG

Uruchom utworzony plik FIX.REG i potwierdź dodanie do Rejestru i zresetuj komputer.

Proszę wykonać: http://www.forumpc.pl/index.php?showtopic=17478 (bez oszukiwania na koniec dowiem się czy wykonałeś).

Następnie wyłącz na chwilę przywracanie systemu (w google znajdziesz jak to zrobić)

Użyj programu FixWareOut(google, raport na forum)

Następnie nowy log z ComboFix.

Kaczaza
komentarz
komentarz

Widze że głucho. Bez odpowiedzi. Szkoda bo jestem u kresów wytrzymałości.

Psycholandia
komentarz
komentarz

A wyżej to co?

Kaczaza
komentarz
komentarz

Napisałem to kilka sekund po poście kolegi. Juz działam według instrukcji.

Gość
komentarz
komentarz

Ola Boga, taki Autostart. :o

Do Notatnika wklej:

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"MSMSGS"=-"DU Meter"=-"Creative Detector"=-[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPLpr"=-"SynTPEnh"=-"PWRMGRTR"=-"BLOG"=-"TPFNF7"=-"TPHOTKEY"=-"EZEJMNAP"=-"SoundMAXPnP"=-"IgfxTray"=-"HotKeysCmds"=-"Persistence"=-"TVT Scheduler Proxy"=-"SunJavaUpdateSched"=-"ISUSScheduler"=-"AwaySch"=-"LPManager"=-"DiskeeperSystray"=-"cssauth"=-"WinampAgent"=-"SpeedTouch USB Diagnostics"=-"NeroFilterCheck"=-"Symantec PIF AlertEng"=-"Adobe Reader Speed Launcher"=-"CTSysVol"=-"LogitechQuickCamRibbon"=-"LogitechCommunicationsManager"=-"UnlockerAssistant"=-"CTPCMCIASBUtility"=-"TpShocks"=-"CTHelper"=-

Z menu Notatnika >>> Plik >>> Zapisz jako >>> Ustaw rozszerzenie na: "Wszystkie pliki" >>> Zapisz jako FIX.REG>>>

plik uruchom (dwuklik i OK- zgódź się na dodanie do Rejestru).

Zrestartuj komputer.

1. Usuń ręcznie folder C:\Qoobox.

2. Z folderu "System Volume Information" usuniesz poprzez chwilowe wyłączenie "Przywracania Systemu":

>Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.

Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka).

3. Wykonaj optymalizację systemu

4.Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.