ComboFix 12-07-07.02 - d 2012-07-07  10:43:11.2.2 - x86 NETWORK
Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.511.224 [GMT 2:00]
Uruchomiony z: c:\documents and settings\d\Pulpit\ComboFix.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-06-07 do 2012-07-07  )))))))))))))))))))))))))))))))
.
.
2012-07-07 07:43 . 2012-07-07 07:43	--------	d-----w-	c:\documents and settings\Administrator
2012-07-06 17:33 . 2012-07-06 17:33	--------	d-----w-	c:\documents and settings\d\Dane aplikacji\hellomoto
2012-07-05 13:43 . 2012-07-05 13:43	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-07-05 13:43 . 2012-07-05 13:43	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 10:30 . 2012-07-05 10:30	770384	----a-w-	c:\program files\Mozilla Firefox\msvcr100.dll
2012-07-05 10:30 . 2012-07-05 10:30	421200	----a-w-	c:\program files\Mozilla Firefox\msvcp100.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2005-03-31 20:17 . 2010-06-12 12:33	40960	----a-w-	c:\program files\Uninstall_CDS.exe
2012-07-05 10:30 . 2011-10-27 07:54	85472	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2008-12-03 2181672]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-02-24 385928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-03 13672448]
"nwiz"="nwiz.exe" [2008-12-03 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-03 86016]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-10-15 196608]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-06-10 1397760]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2004-08-03 208896]
"wdscore"="c:\documents and settings\d\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\3636\wdscore.exe" [2012-07-06 49664]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-05 113120]
S3 tj2knd5;Terayon Cable Modem (NDIS);c:\windows\system32\drivers\tj2knd5.sys [2010-06-11 17616]
S3 tj2kunic;Terayon Cable Modem (WDM);c:\windows\system32\drivers\tj2kunic.sys [2010-06-11 69680]
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - 16118970
*Deregistered* - 16118970
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-07-07 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-10-14 20:18]
.
.
------- Skan uzupełniający -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\d\Dane aplikacji\Mozilla\Firefox\Profiles\trwjaotq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.pl
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-07 10:50
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'explorer.exe'(672)
c:\windows\system32\msi.dll
.
Czas ukończenia: 2012-07-07  10:52:30
ComboFix-quarantined-files.txt  2012-07-07 08:52
.
Przed: 40 488 042 496 bajtów wolnych
Po: 40 477 245 440 bajtów wolnych
.
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 86B9944F46E9B7FA784FD67E4C478D36