ComboFix 11-12-24.10 - Administrator 2011-12-26  19:28:30.1.1 - FAT32x86 NETWORK
Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.1279.975 [GMT 1:00]
Uruchomiony z: d:\documents and settings\Emila.B-02D438CD598A4\Pulpit\debele.exe
AV: System antywirusowy NOD32 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\Emila.B-02D438CD598A4\Ustawienia lokalne\Temporary Internet Files\Sqm
d:\windows\system32\CddbCdda.dll
d:\windows\system32\SET87.tmp
d:\windows\system32\SET8C.tmp
d:\windows\system32\SET93.tmp
d:\windows\WindowsUpdate.log
F:\lcw.exe
F:\p3vwxx.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-11-26 do 2011-12-26  )))))))))))))))))))))))))))))))
.
.
2011-12-26 17:49 . 2011-12-26 17:49	--------	d-----w-	d:\documents and settings\Administrator
2011-12-26 17:49 . 2011-12-26 17:49	--------	d-----w-	D:\FOUND.086
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-22 20:13	57344	--sha-r-	d:\windows\system32\c_10010S.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="d:\program files\Eset\nod32kui.exe" [2010-11-09 949376]
"UpdateReminder"="d:\program files\Eset\UpdateReminder.exe" [2011-03-13 462848]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-17 2548552]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
.
d:\documents and settings\Emila.B-02D438CD598A4\Menu Start\Programy\Autostart\
OpenOffice.org 3.2.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-08-31 16:00	449608	----a-w-	d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"ISUSScheduler"="d:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"ISUSPM Startup"="d:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
"QuickTime Task"="d:\program files\QuickTime\QTTask.exe" -atboottime
"WinampAgent"="d:\program files\Winamp\winampa.exe"
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Axesstel\\AxessManager MV500\\AxessManager.exe"=
"d:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [2011-01-06 27576]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdGuard.sys [2011-01-06 239368]
S1 nod32drv;nod32drv;d:\windows\system32\drivers\nod32drv.sys [2010-11-09 15424]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-22 366152]
S3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [2010-12-22 22216]
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-04-21 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-04-27 d:\windows\Tasks\klvvtwj.job
- d:\windows\system32\c_10010S.dll [2011-01-22 20:13]
.
2011-04-27 d:\windows\Tasks\GlaryInitialize.job
- d:\program files\Glary Utilities\initialize.exe [2011-02-16 16:24]
.
2011-12-26 d:\windows\Tasks\User_Feed_Synchronization-{83CD59ED-437C-43DA-8DF7-D4EEF0BD6257}.job
- d:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Skan uzupełniający -------
.
LSP: d:\windows\system32\imon.dll
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{2B89C780-4AAD-488D-B8DB-D1667ED7DA1E}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{A9F6DD90-AE68-4333-B282-612A9A0F2349}: NameServer = 156.154.70.25,156.154.71.25
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-26 19:34
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'winlogon.exe'(548)
d:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(604)
d:\windows\system32\guard32.dll
.
Czas ukończenia: 2011-12-26  19:36:55
ComboFix-quarantined-files.txt  2011-12-26 18:36
.
Przed: 11 649 171 456 bajtów wolnych
Po: 12 251 316 224 bajtów wolnych
.
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - BBAD1F1D0B42955A68F01D83D2EFFBC3