ComboFix 12-10-04.02 - Administrator 2012-10-06  12:58:24.1.1 - x86 NETWORK
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.2302.1810 [GMT 2:00]
Uruchomiony z: d:\documents and settings\Administrator\Pulpit\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\AUTORUN.INF
d:\documents and settings\Alicja\Dane aplikacji\msconfig.dat
d:\windows\system32\sqlite3.dll
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-09-06 do 2012-10-06  )))))))))))))))))))))))))))))))
.
.
2012-10-06 07:53 . 2012-10-06 07:54	--------	d-----w-	d:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\Temp
2012-10-06 07:53 . 2012-10-06 07:54	--------	d-----w-	d:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
2012-10-06 07:39 . 2012-10-06 10:35	--------	d-----w-	d:\documents and settings\Administrator
2012-09-28 18:46 . 2012-09-28 18:46	--------	d-----w-	d:\documents and settings\Alicja\Ustawienia lokalne\Dane aplikacji\Opera
2012-09-28 18:46 . 2012-09-28 18:46	--------	d-----w-	d:\program files\Opera
2012-09-28 18:37 . 2001-10-26 14:57	12160	-c--a-w-	d:\windows\system32\dllcache\mouhid.sys
2012-09-28 18:37 . 2001-10-26 14:57	12160	----a-w-	d:\windows\system32\drivers\mouhid.sys
2012-09-28 18:37 . 2008-04-13 17:45	10368	-c--a-w-	d:\windows\system32\dllcache\hidusb.sys
2012-09-28 18:37 . 2008-04-13 17:45	10368	----a-w-	d:\windows\system32\drivers\hidusb.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 15:18 . 2012-02-13 21:42	916992	----a-w-	d:\windows\system32\wininet.dll
2012-08-28 15:18 . 2012-02-13 21:42	43520	----a-w-	d:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2012-02-13 21:42	1469440	----a-w-	d:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2012-02-13 21:42	385024	----a-w-	d:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01	122512	----a-w-	d:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41	1232896	----a-w-	d:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41	1232896	----a-w-	d:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41	1232896	----a-w-	d:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41	1232896	----a-w-	d:\documents and settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="d:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"avast"="d:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"WinampAgent"="d:\program files\Winamp\winampa.exe" [2011-12-09 74752]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 17:43	69632	----a-w-	d:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2006-07-17 21:40	53248	------w-	d:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
2005-11-11 19:40	1236992	----a-w-	d:\windows\system32\WLTRAY.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 17:21	15360	----a-w-	d:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 17:21	171520	----a-w-	d:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-04-10 15:52	16861184	----a-w-	d:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 10:07	252296	----a-w-	d:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"d:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"d:\\Program Files\\Winamp\\winamp.exe"=
"d:\\Program Files\\Ares\\Ares.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
.
R3 huawei_enumerator;huawei_enumerator;d:\windows\system32\drivers\ew_jubusenum.sys [2012-02-17 72576]
S1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [2012-02-14 435032]
S1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [2012-02-14 314456]
S2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2012-02-14 20568]
S2 cvhsvc;Client Virtualization Handler;d:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HWDeviceService.exe;HWDeviceService.exe;d:\documents and settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -/service --> d:\documents and settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -/service [?]
S2 sftlist;Application Virtualization Client;d:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;d:\windows\system32\drivers\ew_hwusbdev.sys [2012-02-17 102784]
S3 ewusbnet;HUAWEI USB-NDIS miniport;d:\windows\system32\DRIVERS\ewusbnet.sys --> d:\windows\system32\DRIVERS\ewusbnet.sys [?]
S3 osppsvc;Office Software Protection Platform;d:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Sftfs;Sftfs;d:\windows\system32\drivers\Sftfsxp.sys [2009-12-02 584680]
S3 Sftplay;Sftplay;d:\windows\system32\drivers\Sftplayxp.sys [2009-12-02 209512]
S3 Sftredir;Sftredir;d:\windows\system32\drivers\Sftredirxp.sys [2009-12-02 20584]
S3 Sftvol;Sftvol;d:\windows\system32\drivers\Sftvolxp.sys [2009-12-02 18280]
S3 sftvsa;Application Virtualization Service Agent;d:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-09-21 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1292428093-725345543-1003Core.job
- d:\documents and settings\Alicja\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2012-02-14 09:11]
.
2012-10-05 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1292428093-725345543-1003UA.job
- d:\documents and settings\Alicja\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2012-02-14 09:11]
.
.
------- Skan uzupełniający -------
.
mStart Page = about:blank
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 77.65.148.1 77.65.128.56
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
MSConfigStartUp-SweetIM - d:\program files\SweetIM\Messenger\SweetIM.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-06 13:04
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'winlogon.exe'(636)
d:\windows\system32\Ati2evxx.dll
d:\windows\System32\BCMLogon.dll
.
Czas ukończenia: 2012-10-06  13:06:41
ComboFix-quarantined-files.txt  2012-10-06 11:06
.
Przed: 50 862 764 032 bajtów wolnych
Po: 51 632 078 848 bajtów wolnych
.
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - B6D6293E069840CCA43396A6D42E78A6