ComboFix 10-10-29.04 - Caba 2010-11-01 18:15:02.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2046.1739 [GMT 1:00] Uruchomiony z: c:\documents and settings\Caba\Pulpit\ComboFix.exe AV: G Data InternetSecurity 2011 *On-access scanning disabled* (Updated) {71310606-6F3B-49F2-9A81-8315AA75FBB3} FW: G Data Personal Firewall *disabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082} . ((((((((((((((((((((((((( Pliki utworzone od 2010-10-01 do 2010-11-01 ))))))))))))))))))))))))))))))) . Nie utworzono żadnych nowych plików w tym okresie . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-10 05:52 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-09-10 05:52 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2010-09-10 05:52 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2008-04-14 20:50 168032 --sha-r- c:\windows\system32\aunbdic.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\Steam.exe" [2010-10-24 1242448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "G Data AntiVirus Tray Application"="c:\program files\G Data InternetSecurity 2011\AVKTray\AVKTray.exe" [2010-09-28 996424] "GDFirewallTray"="c:\program files\G Data InternetSecurity 2011\Firewall\GDFirewallTray.exe" [2010-09-27 1537096] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-10 8429568] "nwiz"="nwiz.exe" [2007-05-10 1626112] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-10 81920] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "RTHDCPL"="RTHDCPL.EXE" [2007-05-10 16342528] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "f:\\F1 2010\\F1_2010_game.exe"= "c:\\Program Files\\Steam\\Steam.exe"= R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2010-10-24 33480] R0 GDNdisIc;GDNdisIc;c:\windows\system32\drivers\GDNdisIc.sys [2010-10-24 29640] R1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2010-10-24 62152] R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2010-10-24 68976] R1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2010-10-24 38600] R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2010-09-27 1098312] R2 AVKService;G Data Scheduler;c:\program files\G Data InternetSecurity 2011\AVK\AVKService.exe [2010-09-27 410696] R2 AVKWCtl;G Data Strażnik systemu plików;c:\program files\G Data InternetSecurity 2011\AVK\AVKWCtl.exe [2010-09-23 1331304] R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [2010-10-24 51400] R3 GDFwSvc;G Data Personal Firewall;c:\program files\G Data InternetSecurity 2011\Firewall\GDFwSvc.exe [2010-09-23 1607344] R3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2010-09-22 340552] . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-11-01 18:25 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . Czas ukończenia: 2010-11-01 18:27:07 ComboFix-quarantined-files.txt 2010-11-01 17:27 Przed: 55 464 103 936 bajtów wolnych Po: 55 420 420 096 bajtów wolnych WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - E4648FC3AABB9D09C1B790AC6892A609