ComboFix 12-01-13.05 - JA 2012-01-14  23:03:03.3.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.1015.717 [GMT 1:00]
Uruchomiony z: c:\documents and settings\JA\Pulpit\ComboFix.exe
Użyto następujących komend :: c:\documents and settings\JA\Pulpit\CFScript.txt
AV: avast! antivirus 4.8.1229 [VPS 080912-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dane aplikacji\TEMP
.
.
--------------- FCopy ---------------
.
c:\tmp\afd.sys --> c:\windows\system32\dllcache\afd.sys
c:\tmp\afd.sys --> c:\windows\system32\drivers\afd.sys
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-12-14 do 2012-01-14  )))))))))))))))))))))))))))))))
.
.
2012-01-14 21:48 . 2012-01-14 21:49	--------	d-----w-	C:\Tmp
2012-01-03 00:58 . 2012-01-03 00:58	--------	d-----w-	c:\documents and settings\JA\Dane aplikacji\Malwarebytes
2012-01-03 00:58 . 2012-01-03 00:58	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2012-01-03 00:58 . 2012-01-03 00:58	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-01-03 00:58 . 2011-12-10 14:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-01-02 22:31 . 2012-01-02 22:31	--------	d-----w-	c:\documents and settings\LocalService\Pulpit
2012-01-02 21:44 . 2010-07-16 13:59	656320	----a-w-	c:\windows\system32\drivers\pctEFA.sys
2012-01-02 21:44 . 2010-07-16 13:59	338880	----a-w-	c:\windows\system32\drivers\pctDS.sys
2012-01-02 21:43 . 2011-01-17 08:10	251560	----a-w-	c:\windows\system32\drivers\pctgntdi.sys
2012-01-02 21:43 . 2010-12-10 15:57	160448	----a-w-	c:\windows\system32\drivers\PCTAppEvent.sys
2012-01-02 21:43 . 2010-12-10 12:24	239168	----a-w-	c:\windows\system32\drivers\PCTCore.sys
2012-01-02 21:43 . 2010-12-16 07:46	70536	----a-w-	c:\windows\system32\drivers\pctplsg.sys
2012-01-02 21:43 . 2012-01-03 01:19	--------	d-----w-	c:\program files\PC Tools Security
2012-01-02 21:43 . 2012-01-02 21:52	--------	d-----w-	c:\program files\Common Files\PC Tools
2012-01-02 21:43 . 2012-01-02 21:43	--------	d-----w-	c:\documents and settings\JA\Dane aplikacji\PC Tools
2012-01-02 21:32 . 2012-01-02 21:43	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\PC Tools
2012-01-02 21:27 . 2012-01-02 21:27	--------	d-----w-	c:\documents and settings\LocalService\Dane aplikacji\McAfee
2012-01-01 16:05 . 2012-01-03 01:17	--------	d-sh--w-	c:\documents and settings\JA\Ustawienia lokalne\Dane aplikacji\b52a7b6b
2012-01-01 16:05 . 2012-01-03 01:17	--------	d-----w-	c:\documents and settings\JA\Dane aplikacji\pny
2011-12-27 23:54 . 2011-12-27 23:54	--------	d-----w-	c:\documents and settings\JA\Dane aplikacji\Fender
2011-12-27 23:43 . 2006-06-29 12:07	14048	------w-	c:\windows\system32\spmsg2.dll
2011-12-27 23:40 . 2011-12-27 23:43	--------	d-----w-	c:\windows\system32\XPSViewer
2011-12-27 23:40 . 2011-12-27 23:40	--------	d-----w-	c:\program files\MSBuild
2011-12-27 23:40 . 2011-12-27 23:40	--------	d-----w-	c:\program files\Reference Assemblies
2011-12-27 23:39 . 2008-07-06 12:06	89088	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-12-27 23:39 . 2008-07-06 12:06	89088	-c----w-	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-12-27 23:39 . 2008-07-06 12:06	575488	-c----w-	c:\windows\system32\dllcache\xpsshhdr.dll
2011-12-27 23:39 . 2008-07-06 12:06	575488	------w-	c:\windows\system32\xpsshhdr.dll
2011-12-27 23:39 . 2008-07-06 12:06	1676288	-c----w-	c:\windows\system32\dllcache\xpssvcs.dll
2011-12-27 23:39 . 2008-07-06 12:06	1676288	------w-	c:\windows\system32\xpssvcs.dll
2011-12-27 23:39 . 2008-07-06 12:06	117760	------w-	c:\windows\system32\prntvpt.dll
2011-12-27 23:39 . 2008-07-06 10:50	597504	-c----w-	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-12-27 23:39 . 2008-07-06 10:50	597504	------w-	c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-12-27 23:38 . 2011-12-27 23:39	--------	d-----w-	C:\51977bc67ed57aab9992
2011-12-27 23:18 . 2011-12-27 23:52	--------	d-----w-	c:\program files\Fender
2011-12-27 18:20 . 2011-12-27 18:20	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-27 18:20 . 2011-12-27 18:20	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\McAfee
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 14:40 . 2006-03-02 12:00	1859840	----a-w-	c:\windows\system32\win32k.sys
2011-11-01 16:07 . 2006-03-02 12:00	1288192	----a-w-	c:\windows\system32\ole32.dll
2011-10-31 23:37 . 2006-03-02 12:00	832512	----a-w-	c:\windows\system32\wininet.dll
2011-10-31 23:37 . 2006-03-02 12:00	78336	----a-w-	c:\windows\system32\ieencode.dll
2011-10-31 23:37 . 2006-03-02 12:00	1830912	------w-	c:\windows\system32\inetcpl.cpl
2011-10-31 23:37 . 2006-03-02 12:00	17408	------w-	c:\windows\system32\corpol.dll
2011-10-28 05:32 . 2006-03-02 12:00	33280	----a-w-	c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2006-03-02 12:00	2194048	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2004-08-04 00:38	2070656	----a-w-	c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2006-03-02 12:00	186880	----a-w-	c:\windows\system32\encdec.dll
2011-12-09 08:26 . 2011-12-09 08:26	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-01-03_01.24.07   )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-14 22:00 . 2012-01-14 22:00	16384              c:\windows\Temp\Perflib_Perfdata_674.dat
+ 2012-01-14 22:00 . 2012-01-14 22:00	16384              c:\windows\Temp\Perflib_Perfdata_440.dat
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 688218]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-03 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"HPHUPD05"="c:\program files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe" [2005-07-08 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2003-12-05 49152]
"HPHmon05"="c:\windows\system32\hphmon05.exe" [2005-07-08 491520]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2005-07-08 176128]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk - c:\program files\SAGEM WiFi manager\WLANUTL.exe [2007-6-26 925696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R?2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [2012-01-02 1150936]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2012-01-02 239168]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2012-01-02 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2012-01-02 656320]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-05 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-05 20560]
R2 CommSBEP;CommSBEP;c:\windows\system32\drivers\COMMSBEP.sys [2008-10-20 24476]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-03 652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-01-03 20464]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [2009-12-09 450560]
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-01-14 c:\windows\Tasks\HP Usg Daily.job
- c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe [2007-07-02 04:55]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\JA\Dane aplikacji\Mozilla\Firefox\Profiles\bu7sca0d.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.onet.pl/#
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&src=sp&cf=857c9458-2694-11e1-ba04-0060b38f6a3a&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-14 23:10
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
Czas ukończenia: 2012-01-14  23:13:46
ComboFix-quarantined-files.txt  2012-01-14 22:13
ComboFix2.txt  2012-01-03 02:32
ComboFix3.txt  2012-01-03 01:28
.
Przed: 94 935 416 832 bajtów wolnych
Po: 94 931 759 104 bajtów wolnych
.
- - End Of File - - 495A53306E31B976339726C6D4F82215