ComboFix 13-01-06.01 - Administrator 2013-01-09  14:28:45.3.2 - x86 MINIMAL
Uruchomiony z: e:\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad
c:\documents and settings\All Users\Dane aplikacji\TEMP
c:\documents and settings\Damian\Menu Start\Programy\Autostart\runctf.lnk
c:\documents and settings\Damian\wgsdgsdgdsgsd.dll
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-12-09 do 2013-01-09  )))))))))))))))))))))))))))))))
.
.
2013-01-08 13:06 . 2013-01-08 13:06	--------	d-----w-	c:\documents and settings\Damian\Dane aplikacji\Spam Monitor
2013-01-08 13:06 . 2012-10-23 16:40	62688	----a-w-	c:\windows\system32\drivers\PCTBD.sys
2013-01-08 13:06 . 2012-10-23 16:40	150648	----a-w-	c:\windows\SGDetectionTool.dll
2013-01-08 13:06 . 2012-10-23 16:40	2280568	----a-w-	c:\windows\PCTBDCore.dll
2013-01-08 13:06 . 2012-10-23 16:40	1690744	----a-w-	c:\windows\PCTBDRes.dll
2013-01-08 13:06 . 2012-10-23 16:40	769144	----a-w-	c:\windows\BDTSupport.dll
2013-01-08 13:05 . 2012-10-31 13:21	260760	----a-w-	c:\windows\system32\drivers\pctgntdi.sys
2013-01-08 13:04 . 2012-11-01 14:35	19464	----a-w-	c:\windows\system32\drivers\pctBTFix.sys
2013-01-08 13:04 . 2012-10-31 08:19	577176	--s---w-	c:\windows\system32\drivers\TfSysMon.sys
2013-01-08 13:04 . 2012-10-31 08:19	55008	--s---w-	c:\windows\system32\drivers\TfFsMon.sys
2013-01-08 13:04 . 2012-10-31 08:19	36456	--s---w-	c:\windows\system32\drivers\TfNetMon.sys
2013-01-08 13:04 . 2012-11-16 10:22	128024	----a-w-	c:\windows\system32\drivers\pctplfw.sys
2013-01-08 13:04 . 2012-09-19 14:20	57536	----a-w-	c:\windows\system32\drivers\pctNdis.sys
2013-01-08 13:04 . 2012-09-17 14:25	92608	----a-w-	c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2013-01-08 13:04 . 2012-09-17 14:25	33512	----a-w-	c:\windows\system32\drivers\pctNdis-DNS.sys
2013-01-08 13:04 . 2012-11-01 14:35	68272	----a-w-	c:\windows\system32\drivers\pctplsm.sys
2013-01-08 13:04 . 2012-11-01 14:35	71752	----a-w-	c:\windows\system32\drivers\pctplsg.sys
2013-01-08 12:57 . 2012-02-28 10:43	909728	----a-w-	c:\windows\system32\drivers\pctEFA.sys
2013-01-08 12:57 . 2012-02-28 10:43	342168	----a-w-	c:\windows\system32\drivers\pctDS.sys
2013-01-08 12:57 . 2012-10-22 15:38	368616	----a-w-	c:\windows\system32\drivers\PCTCore.sys
2013-01-08 12:57 . 2012-10-22 15:38	163288	----a-w-	c:\windows\system32\drivers\PCTAppEvent.sys
2013-01-08 12:57 . 2013-01-09 09:08	--------	d-----w-	c:\program files\PC Tools
2013-01-08 12:57 . 2013-01-08 13:06	--------	d-----w-	c:\program files\Common Files\PC Tools
2013-01-08 12:57 . 2012-11-01 14:35	202280	----a-w-	c:\windows\system32\drivers\PCTSD.sys
2013-01-08 12:55 . 2013-01-08 12:55	--------	d-----w-	c:\documents and settings\Damian\Dane aplikacji\TestApp
2013-01-07 16:08 . 2013-01-07 16:08	2907	----a-w-	C:\Sharedaccess.reg
2013-01-07 15:35 . 2013-01-07 15:35	4744	----a-w-	C:\fix.reg
2013-01-03 10:46 . 2013-01-03 10:46	--------	d-----w-	c:\documents and settings\Damian\Dane aplikacji\Kyocera
2013-01-02 12:52 . 2013-01-02 12:52	--------	d-----w-	c:\documents and settings\Damian\Dane aplikacji\Malwarebytes
2013-01-02 12:52 . 2013-01-02 12:52	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2013-01-02 12:16 . 2013-01-02 12:16	93640	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-12-28 12:25 . 2012-12-28 12:25	--------	d-----w-	c:\program files\CCleaner
2012-12-28 11:51 . 2013-01-09 13:14	--------	d-----w-	c:\documents and settings\Administrator.DRO-KOM1.000
2012-12-27 17:08 . 2012-12-27 17:08	--------	d-----w-	c:\windows\system32\wbem\Repository
2012-12-27 09:51 . 2013-01-09 13:14	2982	----a-w-	c:\documents and settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.js
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 10:20 . 2012-04-06 07:01	697864	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-01-09 10:20 . 2011-05-25 08:18	74248	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-02 12:16 . 2012-11-12 14:02	859072	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-01-02 12:16 . 2011-12-02 08:16	779704	----a-w-	c:\windows\system32\deployJava1.dll
2013-01-02 12:16 . 2011-12-02 08:16	143872	----a-w-	c:\windows\system32\javacpl.cpl
2012-12-16 12:23 . 2008-04-15 12:00	290560	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 12:23 . 2008-04-15 12:00	290560	----a-w-	c:\windows\system32\atmfd(2).dll
2012-11-13 11:55 . 2008-04-15 12:00	1866624	----a-w-	c:\windows\system32\win32k.sys
2012-11-06 00:41 . 2008-04-15 12:00	290560	----a-w-	c:\windows\system32\atmfd(3).dll
2012-11-02 02:03 . 2008-04-15 12:00	375296	----a-w-	c:\windows\system32\dpnet.dll
2012-11-01 12:13 . 2008-04-15 12:00	916992	----a-w-	c:\windows\system32\wininet.dll
2012-11-01 12:13 . 2008-04-15 12:00	43520	------w-	c:\windows\system32\licmgr10.dll
2012-11-01 12:13 . 2008-04-15 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2008-04-15 12:00	385024	------w-	c:\windows\system32\html.iec
2012-10-23 15:30 . 2013-01-08 13:06	3488	----a-w-	c:\windows\UDB.zip
2012-10-23 15:30 . 2013-01-08 13:06	131	----a-w-	c:\windows\IDB.zip
2009-09-04 17:01 . 2009-09-04 17:01	1691464	----a-w-	c:\program files\dsetup32.dll
2000-03-28 13:03 . 2009-04-10 09:58	40960	----a-w-	c:\program files\lfndlg.dll
2012-12-11 08:48 . 2012-12-11 08:48	262112	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"Rocky2Xerox_S2P"="c:\program files\Xerox\Xerox WC PE120 Series\RCP\Scan2Pc.exe" [2005-03-24 65536]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-07-14 570664]
"CnwiDeviceAgent"="c:\program files\Canon\imagePROGRAFStatusMonitor\cnwida.exe" [2007-12-21 71504]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"SkyTel"="SkyTel.EXE" [2007-06-15 1826816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"ISTray"="c:\program files\PC Tools\PC Tools Security\pctsGui.exe" [2012-11-16 2717816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
.
c:\documents and settings\Damian\Menu Start\Programy\Autostart\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
Total Commander.lnk - c:\totalcmd\TOTALCMD.EXE [2009-4-8 825380]
.
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
imagePROGRAF Status Monitor.lnk - c:\program files\Canon\imagePROGRAFStatusMonitor\cnwism.exe [2009-4-10 341840]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [x]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys [x]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [x]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [x]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [x]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [x]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis.sys [x]
R3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis.sys [x]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [x]
R3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [x]
R3 pctplsm;pctplsm;c:\windows\system32\drivers\pctplsm.sys [x]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 ThreatFire;ThreatFire;c:\program files\PC Tools\PC Tools Security\TFEngine\TFService.exe service [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools\PC Tools Security\pctsAuxs.exe [x]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 10:20]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
TCP: Interfaces\{BAA4D642-7D45-4AE8-979D-3061901DE75A}: NameServer = 194.204.159.1
FF - ProfilePath - 
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-09 14:31
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'winlogon.exe'(256)
c:\windows\system32\Ati2evxx.dll
.
Czas ukończenia: 2013-01-09  14:32:01
ComboFix-quarantined-files.txt  2013-01-09 13:31
ComboFix2.txt  2013-01-08 08:56
.
Przed: 21 158 498 304 bajtów wolnych
Po: 21 175 263 232 bajtów wolnych
.
- - End Of File - - 2019B37F5CE39B9832405D01D57A7C55