ComboFix 12-07-06.02 - Admin 2012-07-07 0:24.2.1 - x86 NETWORK Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.799 [GMT 2:00] Uruchomiony z: c:\documents and settings\Admin\Pulpit\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Poprzednie uruchomienie ------- . c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\avgmfapx.exe c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\avgmfarx.dll c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\avgntdumpx.exe c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\avgrunasx.exe c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\avi7.avg c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\compat.ini c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\htmlayout.dll c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\incavi.avm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_cz.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_da.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_es.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_fr.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_ge.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_hu.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_id.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_in.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_it.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_jp.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_ko.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_ms.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_nl.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_pb.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_pl.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_pt.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_ru.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_sc.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_sk.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_sp.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_tr.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_us.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_zh.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\license_zt.htm c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfaconf.txt c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfacz.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfada.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfaes.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfafr.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfage.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfahu.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfaid.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfain.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfait.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfajp.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfako.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfams.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfanl.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfapb.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfapl.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfapt.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfaru.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfasc.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfask.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfasp.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfatr.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfaus.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfavera.txt c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfaverx.txt c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfazh.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\mfazt.lns c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\microavi.avg c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\miniavi.avg c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\setup.exe c:\documents and settings\All Users\Dane aplikacji\TEMP\AVG\setup.ini c:\windows\msmqinst.log c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\3b15dc0dcffe7f8a.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\876af58cf8e50727.fb c:\windows\system32\Cache\a03ef4e9f96bb2ad.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\b3cb6ed9e71b6203.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\e0de16f883bea794.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\system . . ((((((((((((((((((((((((( Pliki utworzone od 2012-06-06 do 2012-07-06 ))))))))))))))))))))))))))))))) . . 2012-07-06 19:56 . 2012-07-06 19:56 -------- d-----w- c:\documents and settings\Admin\Dane aplikacji\hellomoto 2012-06-21 22:07 . 2012-06-21 22:07 -------- d-----w- c:\program files\Common Files\Skype 2012-06-13 15:02 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-13 12:24 . 2012-06-13 12:24 -------- d-----w- c:\documents and settings\Admin\Ustawienia lokalne\Dane aplikacji\AVG Secure Search 2012-06-09 13:24 . 2012-06-09 13:24 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll 2012-06-09 13:24 . 2012-06-09 13:24 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-19 17:22 . 2012-04-02 21:34 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-19 17:22 . 2011-05-15 10:47 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-02 13:19 . 2008-07-29 11:21 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2008-07-29 11:21 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2008-07-29 11:21 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2008-07-18 20:10 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2008-07-18 20:09 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2008-07-29 11:21 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2008-07-29 11:21 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2008-07-18 20:10 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2004-08-04 14:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2008-07-18 20:09 16408 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2008-07-29 11:21 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2008-07-29 11:21 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2008-07-18 20:09 18968 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:18 . 2008-10-17 22:38 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2008-10-17 22:38 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2008-07-18 20:07 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2004-08-04 14:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2004-08-04 14:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:55 . 2004-08-04 14:00 1863424 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:44 . 2004-08-04 14:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2004-08-04 14:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2004-08-04 14:00 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 03:15 . 2004-08-04 00:38 2070400 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-05 03:15 . 2004-08-04 14:00 2193920 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-02 13:47 . 2008-07-29 11:19 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-16 18:24 . 2011-12-11 11:45 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-13 09:14 2068536 ----a-w- c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-13 2068536] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544] "AGRSMMSG"="AGRSMMSG.exe" [2005-04-13 88209] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-01-19 339968] "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-01-14 233534] "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816] "UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-02 122939] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-01-21 790528] "CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920] "WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2004-12-08 184320] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-10-26 417792] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888] "HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-01-07 585728] "V0230Mon.exe"="c:\windows\V0230Mon.exe" [2006-09-06 32768] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-13 1104440] "ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-16 928096] "TabbtnEx"="c:\documents and settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\3565\TabbtnEx.exe" [2012-07-06 49152] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programy\Autostart\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-5-31 577597] DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-7-29 184320] Przyspieszenie uruchomienia programu AutoCAD.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2004-11-10 00:19 38912 ----a-w- c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\StreamTorrent 1.0\\StreamTorrent.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\totalcmd\\TOTALCMD.EXE"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-07-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-09-13 32592] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-07-11 295248] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2011-06-21 436792] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-07 230608] S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2004-08-04 14336] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-06-07 160944] S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-06-13 935480] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-07-11 134608] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-07-11 24272] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-04 16720] S3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2004-05-03 80384] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-03-26 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-06-22 21248] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 113120] S3 V0230Vfx;V0230Vfx;c:\windows\system32\drivers\V0230Vfx.sys [2011-07-08 6272] S3 V0230VID;Live! Cam Video IM Pro;c:\windows\system32\drivers\V0230VID.sys [2011-07-08 500608] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Cognizance REG_MULTI_SZ ASChannel . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.pg.gda.pl/ IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Wyślij do interfejsu &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.1.1 0.0.0.0 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ozu5skkq.default\ FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B0acd6cbd-859a-4652-addf-ea36a47d5cf0%7D&mid=9b57739c4bd354c1f5de8d35c758273e-1c8f78cdc85a0b02c3c0eaa1e0c742304ef81248&ds=AVG&v=11.1.0.7&lang=pl&pr=fr&d=2011-11-13%2014%3A13%3A01&sap=ku&q= . . ------- Skojarzenia plików ------- . .scr=AutoCADScriptFile . - - - - USUNIĘTO PUSTE WPISY - - - - . Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) AddRemove-358836337.www.abakan.pl - c:\program files\Microsoft Silverlight\4.0.60531.0\Silverlight.Configuration.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-07-07 00:31 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????2?5?2?4??????? ?d?B?????????????hLC? ?????? . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'winlogon.exe'(824) c:\windows\system32\Ati2evxx.dll c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll c:\program files\HPQ\IAM\Bin\TrayIcon.dll c:\program files\HPQ\IAM\Bin\ItMsg.dll c:\program files\HPQ\IAM\bin\HPBrand.dll . - - - - - - - > 'explorer.exe'(2000) c:\windows\system32\WININET.dll . Czas ukończenia: 2012-07-07 00:34:04 ComboFix-quarantined-files.txt 2012-07-06 22:33 . Przed: 3 505 385 472 bajtów wolnych Po: 3 458 772 992 bajtów wolnych . - - End Of File - - 67642E04E37A97E1F8DDCAFE169C51D5