log do sprawdzenia Opcje

[Malotnik]

witam, mam problem z kompem, a mianowicie jest strasznie zmulony(np. programy typu winamp i opera dlugo sie uruchamiaja, moj komputer szuka dyskow przez kilkanascie sekund po wejsciu itp). podejrzewam ze jest to zwiazane z wirusami przenoszonymi na pendrive a w szczegolosci na pliku autorun, bo ostatnimi czasy troche mialem w swoim kompie tych penów, a avast wykrywal wiry na nich. oto log do sprawdzenia.


ComboFix 10-01-29.09 - Mariusz 2010-02-08 22:53:03.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1014.652 [GMT 1:00]
Uruchomiony z: d:\documents and settings\Mariusz\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100208-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
- TRYB ZREDUKOWANEJ FUNKCJONALNOŚCI -
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\recycler\S-1-5-21-0331858016-5528639552-778090655-9091
d:\recycler\S-1-5-21-1271531098-3645002277-542589139-6670
d:\recycler\S-1-5-21-1271531098-3645002277-542589139-6670\Desktop.ini
d:\recycler\S-1-5-21-1997090356-5148076288-635092182-8006
d:\recycler\S-1-5-21-3209659748-9325937967-865664850-6458
d:\recycler\S-1-5-21-3209659748-9325937967-865664850-6458\Desktop.ini
d:\recycler\S-1-5-21-3772323443-1968264959-600308749-1269
d:\recycler\S-1-5-21-3772323443-1968264959-600308749-1269\Desktop.ini
d:\recycler\S-1-5-21-4580142467-6008375409-020041866-4350
d:\recycler\S-1-5-21-4580142467-6008375409-020041866-4350\Desktop.ini
d:\recycler\S-1-5-21-7220768733-6987421789-357862592-5420
d:\recycler\S-1-5-21-7321277296-3751540452-080525377-1149
d:\recycler\S-1-5-21-7321277296-3751540452-080525377-1149\Desktop.ini
d:\recycler\S-1-5-21-7473616921-7792742891-130503897-2670
d:\recycler\S-1-5-21-7473616921-7792742891-130503897-2670\Desktop.ini
d:\recycler\S-1-5-21-7490984464-7328874046-771060094-3446
d:\recycler\S-1-5-21-7490984464-7328874046-771060094-3446\Desktop.ini
d:\recycler\S-1-5-21-7915226738-3428039097-329360011-4065
d:\recycler\S-1-5-21-7915226738-3428039097-329360011-4065\Desktop.ini
d:\recycler\S-1-5-21-7915226738-3428039097-329360011-4065\nissan.exe
d:\recycler\S-1-5-21-8469328809-1316669618-578102854-5134
d:\recycler\S-1-5-21-8469328809-1316669618-578102854-5134\Desktop.ini
d:\recycler\S-1-5-21-9305663016-6939673521-055535756-4594
d:\recycler\S-1-5-21-9305663016-6939673521-055535756-4594\Desktop.ini
d:\recycler\S-1-5-21-9927105958-1278041251-435873411-0761
d:\recycler\S-1-5-21-9927105958-1278041251-435873411-0761\Desktop.ini

.
((((((((((((((((((((((((( Pliki utworzone od 2010-01-08 do 2010-02-08 )))))))))))))))))))))))))))))))
.

2010-02-08 20:25 . 2010-02-08 20:25 -------- d-----w- d:\documents and settings\Mariusz\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
2010-02-08 19:41 . 2010-02-08 19:44 -------- d-----w- d:\documents and settings\Mariusz\Dane aplikacji\Ahead
2010-02-08 19:40 . 2010-02-08 19:41 -------- d-----w- d:\documents and settings\Mariusz\Ustawienia lokalne\Dane aplikacji\Ahead
2010-02-08 19:39 . 2010-02-08 19:39 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\Ahead
2010-02-08 19:38 . 2010-02-08 19:39 -------- d-----w- d:\program files\Common Files\Ahead
2010-02-08 19:38 . 2010-02-08 19:38 -------- d-----w- d:\program files\Nero
2010-02-08 19:38 . 2010-02-08 19:38 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\Nero
2010-02-08 15:54 . 2010-02-08 15:54 -------- d-----w- d:\program files\SlySoft

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-08 21:34 . 2009-10-30 13:52 -------- d-----w- d:\documents and settings\Mariusz\Dane aplikacji\Winamp
2010-02-08 17:02 . 2009-12-14 17:08 -------- d-----w- d:\documents and settings\Mariusz\Dane aplikacji\Vso
2010-02-08 15:56 . 2010-02-08 15:55 24 --sh--w- d:\windows\S7203CAF6.tmp
2009-12-27 20:32 . 2009-10-17 19:40 -------- d-----w- d:\program files\Opera
2009-12-27 12:49 . 2009-12-25 14:23 -------- d-----w- d:\program files\eGames
2009-12-25 14:23 . 2009-12-25 14:23 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\Trymedia
2009-12-22 17:17 . 2009-10-17 12:59 18312 ----a-w- d:\documents and settings\Mariusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-12-21 19:38 . 2009-12-21 19:38 -------- d-----w- d:\program files\Common Files\INCA Shared
2009-12-20 21:03 . 2009-12-20 21:03 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\JollyBear
2009-12-20 21:02 . 2009-12-20 20:58 -------- d-----w- d:\documents and settings\Mariusz\Dane aplikacji\DAEMON Tools Lite
2009-12-20 20:59 . 2009-12-20 20:59 -------- d-----w- d:\program files\DAEMON Tools Toolbar
2009-12-20 20:59 . 2009-12-20 20:59 -------- d-----w- d:\program files\DAEMON Tools Lite
2009-12-20 20:59 . 2009-12-20 20:59 691696 ----a-w- d:\windows\system32\drivers\sptd.sys
2009-12-20 20:53 . 2009-12-20 20:53 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite
2009-12-14 17:06 . 2009-12-14 17:06 -------- d-----w- d:\program files\VSO
2009-12-14 16:53 . 2009-12-14 16:36 -------- d-----w- d:\program files\IrfanView
2009-11-30 19:53 . 2009-11-30 19:53 0 ----a-w- d:\windows\nsreg.dat
2009-11-24 23:54 . 2009-10-22 17:45 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-10-22 17:45 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-10-22 17:45 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-10-22 17:45 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-10-22 17:45 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-10-22 17:45 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-24 07:24 . 2001-10-26 17:15 49910 ----a-w- d:\windows\system32\perfc015.dat
2009-11-24 07:24 . 2001-10-26 17:15 356068 ----a-w- d:\windows\system32\perfh015.dat
2009-11-24 07:24 . 2009-11-24 07:24 152576 ----a-w- d:\documents and settings\Mariusz\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-24 07:21 . 2009-11-24 07:21 79488 ----a-w- d:\documents and settings\Mariusz\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-17_16.37.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-08 18:01 . 2010-02-08 18:01 82432 d:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2009-12-16 05:31 . 2009-12-16 05:31 16384 d:\windows\Temp\Perflib_Perfdata_6fc.dat
+ 2010-02-08 21:52 . 2010-02-08 21:52 16384 d:\windows\Temp\Perflib_Perfdata_5bc.dat
+ 2005-01-28 12:44 . 2005-01-28 12:44 10752 d:\windows\system32\wpdtrace.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 66560 d:\windows\system32\wpdmtpus.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 61952 d:\windows\system32\wpdconns.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 38912 d:\windows\system32\wpd_ci.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 33792 d:\windows\system32\WMDMPS.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 28160 d:\windows\system32\WMDMLOG.dll
- 2004-08-04 00:44 . 2004-08-03 22:54 23552 d:\windows\system32\wdmaud.drv
+ 2004-08-04 00:44 . 2004-08-03 22:44 23552 d:\windows\system32\wdmaud.drv
+ 2005-01-28 12:44 . 2005-01-28 12:44 38912 d:\windows\system32\wdfmgr.exe
+ 2005-01-28 12:44 . 2005-01-28 12:44 15872 d:\windows\system32\wdfapi.dll
+ 2009-10-30 13:52 . 2009-04-28 20:20 96752 d:\windows\system32\vxblock.dll
+ 1999-11-24 16:40 . 1999-11-24 16:40 40960 d:\windows\system32\VBAME.DLL
+ 2005-01-28 12:44 . 2005-01-28 12:44 47104 d:\windows\system32\uwdf.exe
+ 2009-10-17 13:46 . 2004-08-03 22:44 77312 d:\windows\system32\usbui.dll
- 2009-10-17 13:46 . 2004-08-04 00:44 77312 d:\windows\system32\usbui.dll
+ 2009-10-17 18:40 . 2006-03-03 11:08 69722 d:\windows\system32\SynTPFcs.dll
+ 2009-10-17 18:40 . 2006-03-03 11:10 81920 d:\windows\system32\SynTPCo2.dll
+ 2009-10-17 18:40 . 2006-03-03 10:55 94298 d:\windows\system32\SynTPAPI.dll
+ 2009-10-17 18:40 . 2006-03-03 10:55 82013 d:\windows\system32\SynCOM.dll
+ 2009-10-17 18:28 . 2004-11-18 08:42 22752 d:\windows\system32\spupdsvc.exe
+ 2009-10-22 17:06 . 2003-06-18 23:31 18944 d:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2009-10-22 17:06 . 2003-06-18 23:31 35328 d:\windows\system32\spool\drivers\w32x86\mdiui.dll
+ 2009-10-22 17:06 . 2003-06-18 23:31 35328 d:\windows\system32\spool\drivers\w32x86\3\mdiui.dll
+ 1998-03-24 19:54 . 1998-03-24 19:54 15872 d:\windows\system32\SCP32.DLL
+ 2009-10-17 18:44 . 2004-08-03 22:44 77312 d:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\usbui.dll
+ 2009-10-17 18:44 . 2004-08-03 21:08 57600 d:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\usbhub.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 26624 d:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\usbehci.sys
+ 2009-10-17 18:44 . 2004-08-03 22:44 77312 d:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\usbui.dll
+ 2009-10-17 18:44 . 2004-08-03 21:08 20480 d:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\usbuhci.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 57600 d:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\usbhub.sys
+ 2009-10-17 18:44 . 2004-08-03 22:44 77312 d:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\usbui.dll
+ 2009-10-17 18:44 . 2004-08-03 21:08 20480 d:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\usbuhci.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 57600 d:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\usbhub.sys
+ 2009-10-17 18:44 . 2004-08-03 22:44 77312 d:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbui.dll
+ 2009-10-17 18:44 . 2004-08-03 21:08 20480 d:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbuhci.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 57600 d:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbhub.sys
+ 2009-10-17 18:44 . 2004-08-04 00:44 77312 d:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\usbui.dll
+ 2009-10-17 18:44 . 2004-08-03 21:08 20480 d:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\usbuhci.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 57600 d:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\usbhub.sys
+ 2009-10-17 18:44 . 2004-08-03 20:59 25088 d:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\pciidex.sys
+ 2009-10-17 18:44 . 2004-08-03 20:59 95360 d:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
+ 2009-10-17 18:44 . 2004-08-03 22:34 68608 d:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\pci.sys
+ 2009-10-17 18:44 . 2004-08-03 22:34 68608 d:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\pci.sys
+ 2009-10-17 18:44 . 2004-08-03 22:34 68608 d:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\pci.sys
+ 2009-10-17 18:44 . 2004-08-03 22:34 68608 d:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\pci.sys
+ 2009-10-17 18:44 . 2001-10-26 17:47 36224 d:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\isapnp.sys
+ 2009-10-17 18:44 . 2004-08-03 22:34 68608 d:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\pci.sys
+ 2009-10-17 18:40 . 2004-08-03 22:54 23296 d:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\mouclass.sys
+ 2009-10-17 18:40 . 2004-08-03 22:36 53504 d:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\i8042prt.sys
+ 2009-10-30 13:52 . 2009-04-28 20:20 66032 d:\windows\system32\pxinsa64.exe
+ 2009-10-30 13:52 . 2009-04-28 20:20 72176 d:\windows\system32\pxhpinst.exe
+ 2009-10-30 13:52 . 2009-04-28 20:20 66544 d:\windows\system32\pxcpya64.exe
+ 2001-08-17 22:30 . 2009-11-24 07:24 40326 d:\windows\system32\perfc009.dat
- 2001-08-17 22:30 . 2009-10-17 13:02 40326 d:\windows\system32\perfc009.dat
+ 2007-08-29 12:14 . 2007-08-29 12:14 95600 d:\windows\system32\NeroCo.dll
+ 2003-04-18 15:29 . 2003-04-18 15:29 82432 d:\windows\system32\msxml4r.dll
+ 1998-08-09 09:07 . 1998-08-09 09:07 94208 d:\windows\system32\MSSTKPRP.DLL
+ 2004-08-03 22:44 . 2005-01-28 12:44 25088 d:\windows\system32\MsPMSNSv.dll
+ 1999-04-08 09:23 . 1999-04-08 09:23 53248 d:\windows\system32\MFC42PLK.DLL
+ 2009-10-17 13:30 . 2006-06-19 12:26 94208 d:\windows\system32\mdmxsdk.dll
+ 2009-10-22 17:06 . 2003-06-18 23:31 17920 d:\windows\system32\mdimon.dll
+ 2009-10-17 19:46 . 2009-12-17 06:19 84661 d:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-10-17 17:43 . 2009-10-17 17:43 88589 d:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2004-08-03 22:44 . 2005-01-28 12:44 96768 d:\windows\system32\logagent.exe
+ 2009-10-17 13:30 . 2006-03-23 10:17 94208 d:\windows\system32\igfxtray.exe
+ 2009-10-17 13:30 . 2006-03-23 10:13 61440 d:\windows\system32\igfxsrvc.dll
+ 2009-10-17 13:30 . 2006-03-23 10:17 94208 d:\windows\system32\igfxext.exe
+ 2009-10-17 13:30 . 2006-03-23 10:17 40960 d:\windows\system32\igfxexps.dll
+ 2009-10-17 13:30 . 2006-03-23 10:13 86016 d:\windows\system32\igfxdo.dll
+ 2009-10-17 13:30 . 2006-03-23 10:38 45694 d:\windows\system32\ialmrnt5.dll
+ 2009-10-17 13:30 . 2006-03-23 10:38 49152 d:\windows\system32\ialmrem.dll
+ 2009-10-17 13:30 . 2006-03-23 10:38 61440 d:\windows\system32\iAlmCoIn_v4543.dll
+ 2009-10-17 13:30 . 2006-03-23 10:13 77824 d:\windows\system32\hkcmd.exe
+ 2005-01-07 15:07 . 2005-01-07 15:07 61952 d:\windows\system32\HdAShCut.exe
+ 2005-01-07 15:07 . 2005-01-07 15:07 25088 d:\windows\system32\HdAProp.dll
+ 2009-10-17 13:30 . 2006-03-23 10:12 73728 d:\windows\system32\hccutils.dll
+ 2003-07-15 04:57 . 2003-07-15 04:57 32584 d:\windows\system32\FM20ENU.DLL
+ 2007-08-10 19:56 . 2007-08-10 19:56 93128 d:\windows\system32\ElbyCDIO.dll
+ 2004-08-03 22:43 . 2005-01-28 12:44 96768 d:\windows\system32\drmstor.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 18944 d:\windows\system32\drivers\wpdusb.sys
+ 2009-10-17 18:29 . 2004-08-03 21:15 82944 d:\windows\system32\drivers\wdmaud.sys
+ 2009-10-17 18:29 . 2004-08-03 21:15 60800 d:\windows\system32\drivers\sysaudio.sys
+ 2009-10-17 18:29 . 2001-08-17 20:00 54272 d:\windows\system32\drivers\swmidi.sys
- 2004-08-03 23:08 . 2004-08-03 22:54 48640 d:\windows\system32\drivers\stream.sys
+ 2004-08-03 23:08 . 2004-08-03 21:08 48640 d:\windows\system32\drivers\stream.sys
+ 2009-10-30 13:52 . 2009-04-28 20:20 44944 d:\windows\system32\drivers\PxHelp20.sys
+ 2009-10-17 13:30 . 2006-06-19 12:26 12672 d:\windows\system32\drivers\mdmxsdk.sys
- 2001-10-26 17:47 . 2001-10-26 17:47 36224 d:\windows\system32\drivers\isapnp.sys
+ 2001-10-26 17:47 . 2001-10-26 14:47 36224 d:\windows\system32\drivers\isapnp.sys
+ 2007-11-26 13:54 . 2007-11-26 13:54 38440 d:\windows\system32\drivers\InCDRm.sys
+ 2007-11-26 13:54 . 2007-11-26 13:54 16040 d:\windows\system32\drivers\InCDrec.sys
+ 2007-11-26 13:54 . 2007-11-26 13:54 36776 d:\windows\system32\drivers\InCDPass.sys
+ 2009-10-17 13:30 . 2006-06-16 17:17 74752 d:\windows\system32\drivers\ESM7SK.sys
+ 2009-10-17 13:30 . 2006-06-16 17:17 40064 d:\windows\system32\drivers\ESD7SK.sys
+ 2009-10-17 13:30 . 2006-06-16 17:17 61056 d:\windows\system32\drivers\EMS7SK.sys
+ 2007-08-07 19:48 . 2007-08-07 19:48 25160 d:\windows\system32\drivers\ElbyCDIO.sys
+ 2007-02-16 00:57 . 2007-02-16 00:57 34760 d:\windows\system32\drivers\ElbyCDFL.sys
+ 2009-10-17 18:29 . 2004-08-03 21:08 60288 d:\windows\system32\drivers\drmk.sys
+ 2009-10-17 18:29 . 2004-08-03 21:07 52864 d:\windows\system32\drivers\DMusic.sys
+ 2009-10-17 13:30 . 2005-10-31 12:17 45312 d:\windows\system32\drivers\bcm4sbxp.sys
- 2009-10-17 12:56 . 2009-09-15 10:56 94160 d:\windows\system32\drivers\aswmon2.sys
+ 2009-10-22 17:45 . 2009-09-15 10:56 94160 d:\windows\system32\drivers\aswmon2.sys
+ 2009-10-22 17:45 . 2009-09-15 10:55 20560 d:\windows\system32\drivers\aswFsBlk.sys
- 2009-10-17 12:56 . 2009-09-15 10:55 20560 d:\windows\system32\drivers\aswFsBlk.sys
+ 2009-10-17 22:58 . 2007-09-28 16:05 81920 d:\windows\system32\dpl100.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 33792 d:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 28160 d:\windows\system32\dllcache\wmdmlog.dll
+ 2009-10-17 18:29 . 2004-08-03 21:15 82944 d:\windows\system32\dllcache\wdmaud.sys
+ 2004-08-04 00:44 . 2004-08-03 22:44 23552 d:\windows\system32\dllcache\wdmaud.drv
+ 2009-10-17 13:46 . 2004-08-03 22:44 77312 d:\windows\system32\dllcache\usbui.dll
+ 2004-08-03 21:08 . 2004-08-03 21:08 20480 d:\windows\system32\dllcache\usbuhci.sys
+ 2004-08-03 21:08 . 2004-08-03 21:08 57600 d:\windows\system32\dllcache\usbhub.sys
+ 2004-08-03 21:08 . 2004-08-03 21:08 26624 d:\windows\system32\dllcache\usbehci.sys
+ 2009-10-17 18:29 . 2004-08-03 21:15 60800 d:\windows\system32\dllcache\sysaudio.sys
+ 2009-10-17 18:29 . 2001-08-17 20:00 54272 d:\windows\system32\dllcache\swmidi.sys
+ 2004-08-03 23:08 . 2004-08-03 21:08 48640 d:\windows\system32\dllcache\stream.sys
+ 2004-08-03 20:59 . 2004-08-03 20:59 25088 d:\windows\system32\dllcache\pciidex.sys
+ 2004-08-03 22:34 . 2004-08-03 22:34 68608 d:\windows\system32\dllcache\pci.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44 25088 d:\windows\system32\dllcache\mspmsnsv.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 96768 d:\windows\system32\dllcache\logagent.exe
+ 2001-10-26 17:47 . 2001-10-26 14:47 36224 d:\windows\system32\dllcache\isapnp.sys
+ 2004-08-03 22:43 . 2005-01-28 12:44 96768 d:\windows\system32\dllcache\drmstor.dll
+ 2009-10-17 18:29 . 2004-08-03 21:08 60288 d:\windows\system32\dllcache\drmk.sys
+ 2009-10-17 18:29 . 2004-08-03 21:07 52864 d:\windows\system32\dllcache\dmusic.sys
+ 2004-08-03 20:59 . 2004-08-03 20:59 95360 d:\windows\system32\dllcache\atapi.sys
+ 2009-10-30 15:12 . 2009-10-30 15:12 43520 d:\windows\system32\CmdLineExt03.dll
+ 2009-10-17 18:29 . 2005-07-15 14:48 40960 d:\windows\system32\ChCfg.exe
+ 2003-03-18 20:05 . 2003-03-18 20:05 89088 d:\windows\system32\atl71.dll
+ 2009-10-17 18:28 . 2006-05-04 14:22 86016 d:\windows\SoundMan.exe
+ 2009-10-30 14:25 . 2005-01-28 12:44 96768 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmstor.dll
+ 2009-10-30 14:25 . 2004-08-03 22:43 87040 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmstor.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 96768 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
+ 2009-10-30 14:25 . 2005-01-28 12:44 18944 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdusb.sys
+ 2009-10-30 14:25 . 2005-01-28 12:44 10752 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdtrace.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 66560 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpus.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 61952 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdconns.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 38912 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpd_ci.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 38912 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
+ 2009-10-30 14:25 . 2005-01-28 12:44 15872 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfapi.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 47104 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
+ 2009-10-30 14:25 . 2005-01-28 12:44 33792 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMPS.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 28160 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMLOG.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 25088 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 23552 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMPS.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 27136 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMLOG.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 52736 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
+ 2009-10-17 11:54 . 2009-10-18 22:41 86327 d:\windows\pchealth\helpctr\OfflineCache\index.dat
- 2009-10-17 11:54 . 2009-10-17 11:55 86327 d:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2009-10-17 17:43 . 2009-10-17 17:43 24064 d:\windows\Installer\1f6d6e.msi
+ 2009-11-04 21:58 . 2009-11-04 21:58 25214 d:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A70900000002}\SC_Reader.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 23040 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 61440 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 27136 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 11264 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 86016 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 12288 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-02-08 19:39 . 2010-02-08 19:39 25214 d:\windows\Installer\{45B3A3BD-F90D-48FE-A147-D74878A51045}\ARPPRODUCTICON.exe
+ 2009-10-17 18:28 . 2005-05-03 16:43 69632 d:\windows\Alcmtr.exe
+ 2009-10-17 18:44 . 2004-08-03 22:44 7168 d:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\hccoin.dll
+ 2009-10-17 18:44 . 2001-10-26 17:56 3456 d:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\pciide.sys
+ 2009-11-08 20:10 . 1998-05-12 19:36 5632 d:\windows\system32\pndx5032.dll
+ 2009-11-08 20:10 . 1998-03-26 03:57 6656 d:\windows\system32\pndx5016.dll
+ 2009-12-21 19:38 . 2005-01-04 09:43 4682 d:\windows\system32\npptNT2.sys
+ 1999-06-04 13:22 . 1999-06-04 13:22 7680 d:\windows\system32\MSPRPPL.DLL
- 2004-08-03 22:44 . 2004-08-03 22:44 6656 d:\windows\system32\laprxy.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 6656 d:\windows\system32\laprxy.dll
- 2009-10-17 13:47 . 2004-08-04 00:44 4096 d:\windows\system32\ksuser.dll
+ 2009-10-17 13:47 . 2004-08-03 22:44 4096 d:\windows\system32\ksuser.dll
+ 2005-01-07 15:07 . 2005-01-07 15:07 5120 d:\windows\system32\HdAudRes.dll
+ 2009-10-17 22:58 . 2007-07-29 15:51 7680 d:\windows\system32\ff_vfw.dll
+ 2009-10-17 18:29 . 2004-08-03 21:07 6400 d:\windows\system32\drivers\splitter.sys
+ 2001-10-26 17:56 . 2001-10-26 14:56 3456 d:\windows\system32\drivers\pciide.sys
- 2001-10-26 17:56 . 2001-10-26 17:56 3456 d:\windows\system32\drivers\pciide.sys
+ 2009-10-17 18:29 . 2004-08-03 21:07 2944 d:\windows\system32\drivers\drmkaud.sys
+ 2009-10-30 13:52 . 2009-04-28 20:20 9200 d:\windows\system32\drivers\cdralw2k.sys
+ 2009-10-30 13:52 . 2009-04-28 20:20 9072 d:\windows\system32\drivers\cdr4_xp.sys
+ 2009-10-17 18:29 . 2004-08-03 21:07 6400 d:\windows\system32\dllcache\splitter.sys
+ 2001-10-26 17:56 . 2001-10-26 14:56 3456 d:\windows\system32\dllcache\pciide.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44 6656 d:\windows\system32\dllcache\laprxy.dll
- 2004-08-03 22:44 . 2004-08-03 22:44 6656 d:\windows\system32\dllcache\laprxy.dll
+ 2009-10-17 13:47 . 2004-08-03 22:44 4096 d:\windows\system32\dllcache\ksuser.dll
+ 2009-10-17 18:29 . 2004-08-03 21:07 2944 d:\windows\system32\dllcache\drmkaud.sys
+ 2009-10-30 14:25 . 2005-01-28 12:44 6656 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\laprxy.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 6656 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\laprxy.dll
+ 2009-10-17 11:54 . 2009-10-18 22:41 2426 d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2009-10-17 11:55 . 2009-10-18 22:41 8972 d:\windows\pchealth\helpctr\Config\Cntstore.bin
+ 2009-10-22 17:06 . 2009-10-22 17:06 4096 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-03-20 19:22 . 2007-03-20 19:22 972336 d:\windows\UNNeroBackItUp.exe
+ 2009-10-17 22:58 . 2004-01-25 16:18 217088 d:\windows\system32\yv12vfw.dll
+ 2009-10-17 22:58 . 2007-03-10 11:51 282624 d:\windows\system32\xvidvfw.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 331264 d:\windows\system32\wpdsp.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 331776 d:\windows\system32\wpdmtpdr.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 114176 d:\windows\system32\wpdmtp.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 895736 d:\windows\system32\wmvdmod.dll
+ 2009-10-30 15:12 . 2001-05-16 16:54 309616 d:\windows\system32\wmv8dmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 940544 d:\windows\system32\wmspdmoe.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 413944 d:\windows\system32\wmspdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 774904 d:\windows\system32\wmsdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 150016 d:\windows\system32\wmidx.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 290816 d:\windows\system32\WMDRMNet.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 335872 d:\windows\system32\WMDRMdev.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 224768 d:\windows\system32\wmasf.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 716288 d:\windows\system32\wmadmoe.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 396528 d:\windows\system32\wmadmod.dll
+ 2002-08-21 03:13 . 2002-08-21 03:13 189952 d:\windows\system32\WISPTIS.EXE
+ 2009-10-17 22:58 . 2007-09-04 16:56 164352 d:\windows\system32\unrar.dll
+ 2009-10-17 13:30 . 2006-12-20 15:37 176128 d:\windows\system32\UCI32M16.dll
+ 2004-07-09 07:43 . 2004-07-09 07:43 364544 d:\windows\system32\TwnLib4.dll
+ 2009-10-17 18:40 . 2006-03-03 10:55 114688 d:\windows\system32\SynCtrl.dll
+ 2009-10-22 17:06 . 2003-06-18 23:31 758784 d:\windows\system32\spool\drivers\w32x86\mdigraph.dll
+ 2009-10-22 17:06 . 2003-06-18 23:31 758784 d:\windows\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2009-10-17 18:29 . 2005-10-31 16:17 135168 d:\windows\system32\RtlCPAPI.dll
+ 2009-10-17 18:28 . 2005-10-31 16:17 135168 d:\windows\system32\RTCOM\RTLCPAPI.dll
+ 2009-10-17 18:28 . 2006-06-06 13:46 270336 d:\windows\system32\RTCOM\RTCOMDLL.dll
+ 2009-11-08 20:10 . 2006-10-07 04:18 185952 d:\windows\system32\rmoc3260.dll
+ 2009-10-17 18:44 . 2004-08-03 21:08 142976 d:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\usbport.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 142976 d:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\usbport.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 142976 d:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\usbport.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 142976 d:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbport.sys
+ 2009-10-17 18:44 . 2004-08-03 21:08 142976 d:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\usbport.sys
+ 2009-10-17 18:41 . 2004-08-03 22:34 120064 d:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\pcmcia.sys
+ 2000-04-03 15:52 . 2000-04-03 15:52 151552 d:\windows\system32\RDOCURS.DLL
+ 2004-08-03 22:44 . 2005-01-28 12:44 221184 d:\windows\system32\qasf.dll
+ 2009-10-30 13:52 . 2009-04-28 20:20 436720 d:\windows\system32\pxwave.dll
+ 2009-10-30 13:52 . 2009-04-28 20:20 219632 d:\windows\system32\pxmas.dll
+ 2009-10-30 13:52 . 2009-04-28 20:20 551408 d:\windows\system32\pxdrv.dll
+ 2009-10-30 13:52 . 2009-04-28 20:20 129520 d:\windows\system32\pxafs.dll
+ 2009-10-30 13:52 . 2009-04-28 20:20 670192 d:\windows\system32\px.dll
+ 2009-11-08 20:10 . 2001-06-23 00:31 278528 d:\windows\system32\pncrt.dll
- 2001-08-17 22:30 . 2009-10-17 13:02 311938 d:\windows\system32\perfh009.dat
+ 2001-08-17 22:30 . 2009-11-24 07:24 311938 d:\windows\system32\perfh009.dat
+ 2004-08-03 22:44 . 2005-01-28 12:44 315904 d:\windows\system32\MSWMDM.dll
+ 2000-05-23 20:45 . 2000-05-23 20:45 118784 d:\windows\system32\MSSTDFMT.DLL
+ 2004-08-03 22:44 . 2005-01-28 12:44 364784 d:\windows\system32\MSSCP.dll
+ 2000-05-11 11:06 . 2000-05-11 11:06 397312 d:\windows\system32\MSRDO20.DLL
+ 2004-08-03 22:44 . 2005-01-28 12:44 173568 d:\windows\system32\MsPMSP.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 142336 d:\windows\system32\msnetobj.dll
+ 2009-10-30 15:12 . 2001-05-11 12:18 420240 d:\windows\system32\mpg4c32.dll
+ 2009-10-28 03:40 . 2009-10-28 03:40 257440 d:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-07-18 03:12 . 2009-07-18 03:12 257440 d:\windows\system32\Macromed\Flash\FlashUtil10c.exe
+ 2009-11-24 07:25 . 2009-10-11 03:17 149280 d:\windows\system32\javaws.exe
+ 2009-11-24 07:25 . 2009-10-11 03:17 145184 d:\windows\system32\javaw.exe
+ 2009-11-24 07:25 . 2009-10-11 03:17 145184 d:\windows\system32\java.exe
+ 2002-08-21 03:10 . 2002-08-21 03:10 204800 d:\windows\system32\INKED.DLL
+ 2004-07-26 15:16 . 2004-07-26 15:16 471040 d:\windows\system32\imagXRA7.dll
+ 2004-07-26 15:16 . 2004-07-26 15:16 262144 d:\windows\system32\imagXR7.dll
+ 2004-07-26 15:16 . 2004-07-26 15:16 476320 d:\windows\system32\imagXpr7.dll
+ 2009-10-17 13:30 . 2006-03-23 10:31 524288 d:\windows\system32\igldev32.dll
+ 2009-10-17 13:30 . 2006-03-23 10:17 114688 d:\windows\system32\igfxzoom.exe
+ 2009-10-17 13:30 . 2006-03-23 10:13 163840 d:\windows\system32\igfxsrvc.exe
+ 2009-10-17 18:35 . 2006-03-23 10:18 143360 d:\windows\system32\igfxres.dll
+ 2009-10-17 13:30 . 2006-03-23 10:16 143360 d:\windows\system32\igfxpph.dll
+ 2009-10-17 13:30 . 2006-03-23 10:17 118784 d:\windows\system32\igfxpers.exe
+ 2009-10-17 13:30 . 2006-03-23 10:12 139264 d:\windows\system32\igfxdev.dll
+ 2009-10-17 13:30 . 2006-03-23 10:16 450560 d:\windows\system32\igfxcfg.exe
+ 2009-10-17 13:30 . 2006-03-23 10:38 121467 d:\windows\system32\ialmdnt5.dll
+ 2009-10-17 13:30 . 2006-03-23 10:38 238650 d:\windows\system32\ialmdev5.dll
+ 2009-10-17 13:30 . 2006-03-23 10:45 956026 d:\windows\system32\ialmdd5.dll
+ 2009-10-17 13:43 . 2009-12-21 22:14 114968 d:\windows\system32\FNTCACHE.DAT
+ 2004-08-03 22:44 . 2005-01-28 12:44 502272 d:\windows\system32\drmv2clt.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 258296 d:\windows\system32\drmclien.dll
+ 2009-10-17 18:40 . 2006-03-03 10:52 192672 d:\windows\system32\drivers\SynTP.sys
+ 2004-03-16 08:58 . 2004-03-16 08:58 136960 d:\windows\system32\drivers\portcls.sys
- 2004-08-03 23:15 . 2004-08-03 22:54 140928 d:\windows\system32\drivers\ks.sys
+ 2004-08-03 23:15 . 2004-08-03 21:15 140928 d:\windows\system32\drivers\ks.sys
+ 2009-10-17 18:29 . 2004-08-03 21:07 171776 d:\windows\system32\drivers\kmixer.sys
+ 2007-11-26 13:54 . 2007-11-26 13:54 118952 d:\windows\system32\drivers\InCDfs.sys
+ 2009-10-17 13:30 . 2006-12-22 09:56 209664 d:\windows\system32\drivers\HSFHWAZL.sys
+ 2009-10-17 13:30 . 2006-12-22 09:56 988800 d:\windows\system32\drivers\HSF_DPV.sys
+ 2009-10-17 13:30 . 2006-12-22 09:55 730112 d:\windows\system32\drivers\HSF_CNXT.sys
+ 2005-01-07 15:07 . 2005-01-07 15:07 145920 d:\windows\system32\drivers\Hdaudio.sys
+ 2005-01-07 15:07 . 2005-01-07 15:07 138752 d:\windows\system32\drivers\Hdaudbus.sys
+ 2009-10-22 17:45 . 2009-09-15 10:55 114768 d:\windows\system32\drivers\aswSP.sys
- 2009-10-17 12:56 . 2009-09-15 10:55 114768 d:\windows\system32\drivers\aswSP.sys
+ 2009-10-17 18:29 . 2004-08-03 20:39 142464 d:\windows\system32\drivers\aec.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44 895736 d:\windows\system32\dllcache\wmvdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 940544 d:\windows\system32\dllcache\wmspdmoe.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 413944 d:\windows\system32\dllcache\wmspdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 774904 d:\windows\system32\dllcache\wmsdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 150016 d:\windows\system32\dllcache\wmidx.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 224768 d:\windows\system32\dllcache\wmasf.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 716288 d:\windows\system32\dllcache\wmadmoe.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 396528 d:\windows\system32\dllcache\wmadmod.dll
+ 2004-08-03 21:08 . 2004-08-03 21:08 142976 d:\windows\system32\dllcache\usbport.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44 221184 d:\windows\system32\dllcache\qasf.dll
+ 2004-08-03 22:34 . 2004-08-03 22:34 120064 d:\windows\system32\dllcache\pcmcia.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44 315904 d:\windows\system32\dllcache\mswmdm.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 364784 d:\windows\system32\dllcache\msscp.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 173568 d:\windows\system32\dllcache\mspmsp.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 142336 d:\windows\system32\dllcache\msnetobj.dll
+ 2004-08-03 23:15 . 2004-08-03 21:15 140928 d:\windows\system32\dllcache\ks.sys
+ 2009-10-17 18:29 . 2004-08-03 21:07 171776 d:\windows\system32\dllcache\kmixer.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44 502272 d:\windows\system32\dllcache\drmv2clt.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 258296 d:\windows\system32\dllcache\drmclien.dll
+ 2004-08-03 22:43 . 2005-01-28 12:44 164864 d:\windows\system32\dllcache\cewmdm.dll
+ 2004-08-03 22:43 . 2005-01-28 12:44 294912 d:\windows\system32\dllcache\blackbox.dll
+ 2009-10-17 18:29 . 2004-08-03 20:39 142464 d:\windows\system32\dllcache\aec.sys
+ 2009-10-17 22:58 . 2007-09-28 16:05 739840 d:\windows\system32\divx.dll
+ 2009-10-30 16:18 . 2009-10-11 03:17 411368 d:\windows\system32\deploytk.dll
+ 2009-10-22 17:43 . 2009-10-22 17:43 262144 d:\windows\system32\config\systemprofile\NtUser.dat
+ 2004-08-03 22:43 . 2005-01-28 12:44 164864 d:\windows\system32\cewmdm.dll
+ 2004-08-03 22:43 . 2005-01-28 12:44 294912 d:\windows\system32\blackbox.dll
+ 2009-10-17 18:28 . 2006-03-09 15:45 364544 d:\windows\RtlUpd.exe
+ 2009-10-17 18:28 . 2005-04-16 20:20 487424 d:\windows\RtlExUpd.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 142336 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\msnetobj.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 502272 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmv2clt.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 258296 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmclien.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 294912 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\blackbox.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 259072 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\msnetobj.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 695296 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmv2clt.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 299520 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmclien.dll
+ 2009-10-30 14:25 . 2004-08-03 22:43 286208 d:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\blackbox.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 940544 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmspdmoe.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 150016 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmidx.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 290816 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMNet.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 335872 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMdev.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 224768 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmasf.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 716288 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmadmoe.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 221184 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\qasf.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 896512 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmspdmoe.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 151552 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmidx.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 230400 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmasf.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 670720 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmadmoe.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 237568 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\qasf.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 103936 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
+ 2009-10-30 14:25 . 2005-01-28 12:44 895736 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvdmod.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 413944 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmspdmod.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 774904 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmsdmod.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 396528 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmadmod.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 809984 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmvdmod.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 484864 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmspdmod.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 759296 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmsdmod.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 408064 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmadmod.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 331264 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdsp.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 331776 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpdr.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 114176 d:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtp.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 315904 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSWMDM.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 364784 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSSCP.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 173568 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSP.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 164864 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\cewmdm.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 246272 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSWMDM.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 356352 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSSCP.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 201728 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSP.dll
+ 2009-10-30 14:25 . 2004-08-03 22:43 159232 d:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\cewmdm.dll
+ 2007-11-26 13:54 . 2007-11-26 13:54 238888 d:\windows\NuNInst.exe
+ 2009-10-30 16:33 . 2009-10-30 16:33 537600 d:\windows\Installer\ac6f1e.msi
+ 2010-02-08 18:01 . 2010-02-08 18:01 100352 d:\windows\Installer\736dc4.msi
+ 2009-10-22 17:06 . 2009-10-22 17:06 409600 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 286720 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 249856 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 794624 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 135168 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-10-22 17:06 . 2009-10-22 17:06 593920 d:\windows\Installer\{90110415-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-10-17 18:41 . 2006-06-16 17:17 356352 d:\windows\EMCRI.dll
+ 2004-03-16 08:58 . 2004-03-16 08:58 136960 d:\windows\Driver Cache\i386\portcls.sys
+ 2009-10-17 18:28 . 2004-11-18 08:45 371936 d:\windows\$NtUninstallKB888111WXPSP2$\spuninst\updspapi.dll
+ 2009-10-17 18:28 . 2004-11-18 08:44 209632 d:\windows\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
+ 2010-02-08 18:01 . 2010-02-08 18:01 1233920 d:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
+ 2009-10-17 22:58 . 2007-07-25 13:24 1559040 d:\windows\system32\xvidcore.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 1003008 d:\windows\system32\wmvdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 2370296 d:\windows\system32\wmvcore.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 1512448 d:\windows\system32\WMVADVE.DLL
+ 2005-01-28 12:44 . 2005-01-28 12:44 1218808 d:\windows\system32\wmvadvd.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 1119744 d:\windows\system32\wmsdmoe2.dll
- 2004-08-03 22:44 . 2004-08-03 22:44 1119744 d:\windows\system32\wmsdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 1027072 d:\windows\system32\wmnetmgr.dll
+ 2009-10-17 22:58 . 2007-09-28 16:07 3596288 d:\windows\system32\qt-dx331.dll
+ 2009-10-30 13:52 . 2009-04-28 20:20 1858032 d:\windows\system32\pxsfs.dll
+ 2003-04-18 15:46 . 2003-04-18 15:46 1233920 d:\windows\system32\msxml4.dll
+ 2009-10-28 03:40 . 2009-10-28 03:40 3885984 d:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2004-07-26 15:16 . 2004-07-26 15:16 1568768 d:\windows\system32\imagX7.dll
+ 2009-10-17 13:30 . 2006-03-23 10:29 2318336 d:\windows\system32\iglicd32.dll
+ 2009-10-17 13:30 . 2006-03-23 10:16 1503232 d:\windows\system32\igfxress.dll
+ 2003-08-03 16:56 . 2003-08-03 16:56 1146184 d:\windows\system32\FM20.DLL
+ 2009-10-17 18:28 . 2006-06-28 14:25 4304384 d:\windows\system32\drivers\RtkHDAud.Sys
+ 2009-10-17 13:30 . 2006-03-23 10:47 1166972 d:\windows\system32\drivers\ialmnt5.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44 1003008 d:\windows\system32\dllcache\wmvdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 2370296 d:\windows\system32\dllcache\wmvcore.dll
- 2004-08-03 22:44 . 2004-08-03 22:44 1119744 d:\windows\system32\dllcache\wmsdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 1119744 d:\windows\system32\dllcache\wmsdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44 1027072 d:\windows\system32\dllcache\wmnetmgr.dll
+ 2010-02-08 19:37 . 2006-03-31 11:40 2388176 d:\windows\system32\d3dx9_30.dll
+ 2010-02-08 19:37 . 2005-12-05 17:09 2323664 d:\windows\system32\d3dx9_28.dll
+ 2009-10-17 18:28 . 2006-05-16 16:04 2879488 d:\windows\SkyTel.exe
+ 2009-10-17 18:28 . 2006-05-04 14:35 9709568 d:\windows\RTLCPL.exe
+ 2009-10-30 14:25 . 2005-01-28 12:44 1003008 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvdmoe2.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 2370296 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvcore.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 1512448 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMVADVE.DLL
+ 2009-10-30 14:25 . 2005-01-28 12:44 1119744 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmsdmoe2.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 1027072 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmnetmgr.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 1001472 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvdmoe2.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 2105344 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvcore.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 1119744 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmsdmoe2.dll
+ 2009-10-30 14:25 . 2004-08-03 22:44 1050624 d:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmnetmgr.dll
+ 2009-10-30 14:25 . 2005-01-28 12:44 1218808 d:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvadvd.dll
+ 2009-10-17 18:28 . 2006-06-28 12:00 2158592 d:\windows\MicCal.exe
+ 2010-02-08 19:39 . 2010-02-08 19:39 6152192 d:\windows\Installer\563220.msi
+ 2009-11-04 21:58 . 2009-11-04 21:58 3200000 d:\windows\Installer\2ef204.msi
+ 2009-12-27 20:32 . 2009-12-27 20:32 2226688 d:\windows\Installer\1b3d08c.msi
+ 2009-10-22 17:06 . 2009-10-22 17:06 5790208 d:\windows\Installer\133b60.msi
+ 2009-10-17 18:28 . 2006-05-04 14:26 2808832 d:\windows\alcwzrd.exe
+ 2009-10-17 18:28 . 2006-06-28 12:54 16248320 d:\windows\RTHDCPL.exe
.
-- Migawka wyzerowana --
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "d:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-17 39408]
"Gadu-Gadu"="d:\program files\Gadu-Gadu\gg.exe" [2005-03-31 790528]
"TimeToTime"="d:\documents and settings\Mariusz\Pulpit\TimeToTime.exe" [2003-12-12 231936]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="d:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"igfxtray"="d:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="d:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="d:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"WinampAgent"="d:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"CloneCDTray"="d:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="d:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-11-26 1629480]
"InCD"="d:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-11-26 1057064]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

d:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - d:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"e:\\programy\\nero 7\\Nero 7\\Installation\\Setupx.exe"=

R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [2009-10-22 114768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2009-10-22 20560]
S3 npggsvc;nProtect GameGuard Service;d:\windows\system32\GameMon.des -service --> d:\windows\system32\GameMon.des -service [?]
S4 sptd;sptd;d:\windows\system32\drivers\sptd.sys [2009-12-20 691696]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - INCDFS
*NewlyCreated* - INCDSRV
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - d:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&ksport do programu Microsoft Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Funkcja Google Sidewiki - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - d:\documents and settings\Mariusz\Dane aplikacji\Mozilla\Firefox\Profiles\b9wh81u6.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - component: d:\documents and settings\Mariusz\Dane aplikacji\Mozilla\Firefox\Profiles\b9wh81u6.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: d:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: d:\program files\Opera\program\plugins\nprpjplug.dll
.
- - - - USUNIĘTO PUSTE WPISY - - - -

AddRemove-HijackThis - d:\documents and settings\Mariusz\Pulpit\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-08 22:53
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="d:\windows\system32\GameMon.des -service"
.
Czas ukończenia: 2010-02-08 22:55:00
ComboFix-quarantined-files.txt 2010-02-08 21:54
ComboFix2.txt 2009-10-17 16:38

Przed: 2 147 356 672 bajtów wolnych
Po: 2 212 130 816 bajtów wolnych

- - End Of File - - 165CAE9A6364251AB238386767F559B5

[ordynat]

ComboFix już usunął, co było do usunięcia, i nic więcej szkodliwego w logu nie widać.

Usuń ręcznie folder C:\Qoobox.

Usuń kopie szkodników z folderu "System Volume Information" poprzez chwilowe wyłączenie "Przywracania Systemu":

>START>Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.
(W czasie tego chwilowego wyłączenia te kopie usuną się samoczynnie, więc nie ma potrzeby zaglądania do folderu.)
Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka).

Użyj którejś z tych szczepionek:
>Flash Disinfector
>Panda Vaccine
.

[fornal96]

Otwórz notatnik i wklej:

File::
d:\windows\system32\GameMon.des

Driver::
npggsvc

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
[-HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[-HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[-HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[-HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

Potem plik ---> zapisz jako ----> CFScript.txt (tam gdzie masz combofix). Potem przeciągasz i upuszczasz CFScript.txt na Combofix.exe. Na forum wklej log który wygeneruje ci combofix nowy log z hijackthis. Potem profilaktycznie pełny skan Dr.Web CureIt!

[Malotnik]

oki, zaraz sie biore za dalsze wskazówki. faktycznie juz po samym combofixie kompowi sie poprawilo. dzieki wielkie za dotychczasowe wskazowki

[Malotnik]

oto log z hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:07:58, on 2010-02-09
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\system32\igfxpers.exe
D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Gadu-Gadu\gg.exe
D:\Documents and Settings\Mariusz\Pulpit\TimeToTime.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Opera\opera.exe
D:\Program Files\Winamp\winamp.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - D:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - D:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] D:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [igfxtray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] D:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [TimeToTime] D:\Documents and Settings\Mariusz\Pulpit\TimeToTime.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Winamp Search - D:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Funkcja Google Sidewiki - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

--
End of file - 6327 bytes



oraz z combofixa



ComboFix 10-02-08.09 - Mariusz 2010-02-09 19:40:45.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1014.703 [GMT 1:00]
Uruchomiony z: d:\documents and settings\Mariusz\Pulpit\ComboFix.exe
Użyto następujących komend :: d:\documents and settings\Mariusz\Pulpit\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100209-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"d:\windows\system32\GameMon.des"
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\windows\system32\GameMon.des

.
((((((((((((((((((((((((( Pliki utworzone od 2010-01-09 do 2010-02-09 )))))))))))))))))))))))))))))))
.

2010-02-08 21:57 . 2010-02-08 21:57 -------- d-s---w- d:\windows\Cookies
2010-02-08 20:25 . 2010-02-08 20:25 -------- d-----w- d:\documents and settings\Mariusz\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
2010-02-08 19:41 . 2010-02-08 19:44 -------- d-----w- d:\documents and settings\Mariusz\Dane aplikacji\Ahead
2010-02-08 19:40 . 2010-02-08 19:41 -------- d-----w- d:\documents and settings\Mariusz\Ustawienia lokalne\Dane aplikacji\Ahead
2010-02-08 19:39 . 2010-02-08 19:39 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\Ahead
2010-02-08 19:38 . 2010-02-08 19:38 -------- d-----w- d:\program files\Nero
2010-02-08 15:54 . 2010-02-08 15:54 -------- d-----w- d:\program files\SlySoft

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 17:33 . 2009-10-30 13:52 -------- d-----w- d:\documents and settings\Mariusz\Dane aplikacji\Winamp
2010-02-08 17:02 . 2009-12-14 17:08 -------- d-----w- d:\documents and settings\Mariusz\Dane aplikacji\Vso
2010-02-08 15:56 . 2010-02-08 15:55 24 --sh--w- d:\windows\S7203CAF6.tmp
2009-12-27 20:32 . 2009-10-17 19:40 -------- d-----w- d:\program files\Opera
2009-12-27 12:49 . 2009-12-25 14:23 -------- d-----w- d:\program files\eGames
2009-12-25 14:23 . 2009-12-25 14:23 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\Trymedia
2009-12-22 17:17 . 2009-10-17 12:59 18312 ----a-w- d:\documents and settings\Mariusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-12-21 19:38 . 2009-12-21 19:38 -------- d-----w- d:\program files\Common Files\INCA Shared
2009-12-20 21:03 . 2009-12-20 21:03 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\JollyBear
2009-12-20 21:02 . 2009-12-20 20:58 -------- d-----w- d:\documents and settings\Mariusz\Dane aplikacji\DAEMON Tools Lite
2009-12-20 20:59 . 2009-12-20 20:59 -------- d-----w- d:\program files\DAEMON Tools Toolbar
2009-12-20 20:59 . 2009-12-20 20:59 -------- d-----w- d:\program files\DAEMON Tools Lite
2009-12-20 20:59 . 2009-12-20 20:59 691696 ----a-w- d:\windows\system32\drivers\sptd.sys
2009-12-20 20:53 . 2009-12-20 20:53 -------- d-----w- d:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite
2009-12-14 17:06 . 2009-12-14 17:06 -------- d-----w- d:\program files\VSO
2009-12-14 16:53 . 2009-12-14 16:36 -------- d-----w- d:\program files\IrfanView
2009-11-30 19:53 . 2009-11-30 19:53 0 ----a-w- d:\windows\nsreg.dat
2009-11-24 23:54 . 2009-10-22 17:45 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-10-22 17:45 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-10-22 17:45 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-10-22 17:45 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-10-22 17:45 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-10-22 17:45 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-24 07:24 . 2001-10-26 17:15 49910 ----a-w- d:\windows\system32\perfc015.dat
2009-11-24 07:24 . 2001-10-26 17:15 356068 ----a-w- d:\windows\system32\perfh015.dat
2009-11-24 07:24 . 2009-11-24 07:24 152576 ----a-w- d:\documents and settings\Mariusz\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-24 07:21 . 2009-11-24 07:21 79488 ----a-w- d:\documents and settings\Mariusz\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-17 39408]
"Gadu-Gadu"="d:\program files\Gadu-Gadu\gg.exe" [2005-03-31 790528]
"TimeToTime"="d:\documents and settings\Mariusz\Pulpit\TimeToTime.exe" [2003-12-12 231936]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="d:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"igfxtray"="d:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="d:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="d:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"WinampAgent"="d:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"CloneCDTray"="d:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

d:\documents and settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - d:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"e:\\programy\\nero 7\\Nero 7\\Installation\\Setupx.exe"=

R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [2009-10-22 114768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2009-10-22 20560]
S4 sptd;sptd;d:\windows\system32\drivers\sptd.sys [2009-12-20 691696]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - d:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&ksport do programu Microsoft Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Funkcja Google Sidewiki - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - d:\documents and settings\Mariusz\Dane aplikacji\Mozilla\Firefox\Profiles\b9wh81u6.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - component: d:\documents and settings\Mariusz\Dane aplikacji\Mozilla\Firefox\Profiles\b9wh81u6.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: d:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: d:\program files\Opera\program\plugins\nprpjplug.dll
.
- - - - USUNIĘTO PUSTE WPISY - - - -

URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 19:43
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2010-02-09 19:44:15
ComboFix-quarantined-files.txt 2010-02-09 18:44
ComboFix2.txt 2010-02-08 21:55

Przed: 2 674 159 616 bajtów wolnych
Po: 2 640 539 648 bajtów wolnych

- - End Of File - - 1873045D426967E6903D2347C5CBEE63

[fornal96]

Profilaktycznie pełny skan Dr.Web CureIt! (link w stopce)

[Malotnik]

oczywiscie zrobilem pełny skan Dr.Web CureIt! znalazl jakies 2 zawirusowane pliki i tyle. ale prablem z powolnym uruchamianiem opery, winampa i mojego komputera pozostal. czy wiecie czego to moze byc przyczyna?? oczywiscie wielkie dzieki za dotychczasowe porady bo duzo mi pomogly.

[fornal96]

Wiesz zobacz w procesy; może warto też sprawdzić dysk pod katem błędów, defragmentacje zrobić.

[Malotnik]

aha, no moze defragmentacja cos pomoze. dobra dzieki wielkie za pomoc.

[fornal96]

Polecamy się na przyszłość

[Łukasz Domeradzk...]

Ok to zamykam
Ew. o optymalizowaniu kompa możesz przeczytać w moim FAQ.
Pozdrawiam.