ComboFix 12-08-17.03 - dora 2012-08-18  12:47:26.1.4 - x86
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.2037.985 [GMT 2:00]
Uruchomiony z: c:\documents and settings\dora\Pulpit\ComboFix_www.INSTALKI.pl.exe
AV: ArcaVir *Disabled/Updated* {430EE792-8EF9-4D8A-B486-78BBF686F0E1}
.
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dane aplikacji\aqtkfcaj.exe
c:\documents and settings\All Users\Dane aplikacji\inrrioqwrlikdkw
c:\documents and settings\All Users\Dane aplikacji\TEMP
c:\documents and settings\All Users\Dane aplikacji\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\ReadMe.txt
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-07-18 do 2012-08-18  )))))))))))))))))))))))))))))))
.
.
2012-08-18 09:53 . 2009-09-10 12:45	2560	----a-w-	c:\documents and settings\All Users\Dane aplikacji\Microsoft\USMT\iconlib.dll
2012-08-18 09:52 . 2012-08-18 09:52	--------	d-----w-	c:\documents and settings\dora
2012-08-17 19:23 . 2012-08-17 19:23	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\jdnittsjpyrfqhg
2012-07-21 12:55 . 2012-07-21 12:56	--------	d-----w-	c:\program files\Odkurzacz
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-17 11:59 . 2012-06-20 09:05	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-17 11:59 . 2011-08-28 12:43	70344	-c--a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2009-09-10 12:45	78336	----a-w-	c:\windows\system32\browser.dll
2012-07-04 14:05 . 2010-03-30 08:08	139784	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:21 . 2009-09-10 12:45	1875328	----a-w-	c:\windows\system32\win32k.sys
2012-07-02 17:37 . 2009-09-10 12:45	920064	----a-w-	c:\windows\system32\wininet.dll
2012-07-02 17:37 . 2009-09-10 12:45	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-07-02 17:37 . 2009-09-10 12:45	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2012-07-02 11:58 . 2009-09-10 12:45	385024	----a-w-	c:\windows\system32\html.iec
2012-06-05 15:48 . 2009-09-10 12:45	1447936	----a-w-	c:\windows\system32\msxml6.dll
2012-06-05 15:48 . 2009-09-10 12:45	1172480	----a-w-	c:\windows\system32\msxml3.dll
2012-06-04 04:31 . 2009-09-10 12:45	153088	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2010-03-30 08:09	329240	----a-w-	c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2010-03-30 08:09	210968	----a-w-	c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2010-03-30 08:09	219160	----a-w-	c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2009-08-06 18:24	15896	----a-w-	c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2009-08-06 18:24	24088	----a-w-	c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2010-03-30 08:09	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2010-03-30 08:09	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-02 13:19 . 2009-09-10 12:45	97304	----a-w-	c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2009-08-06 18:24	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 18:24	16408	----a-w-	c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2010-03-30 08:09	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2010-03-30 08:09	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-08-06 18:23	18968	----a-w-	c:\windows\system32\wuaueng.dll.mui
2012-05-31 13:22 . 2009-09-10 12:45	602624	----a-w-	c:\windows\system32\crypt32.dll
2010-09-17 10:46 . 2010-09-17 10:46	466944	----a-w-	c:\program files\PIKLib41.dll
2010-09-17 10:46 . 2010-09-17 10:46	241664	----a-w-	c:\program files\Historia.exe
2012-05-03 14:34 . 2012-01-23 09:25	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-01-19 18790432]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-21 134656]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-13 37888]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-10 20480]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-07-10 270336]
"snpstd3"="c:\windows\vsnpstd3.exe" [2007-05-10 835584]
"AvMenu"="c:\program files\ArcaBit\ArcaVir\AVMenu.exe" [2012-07-17 510576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-09-10 15360]
.
c:\documents and settings\Kamil\Menu Start\Programy\Autostart\
Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Gadu-Gadu 10\\gg.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"50001:TCP"= 50001:TCP:ArcaVir CommunicationPort (S)
"50000:TCP"= 50000:TCP:ArcaVir CommunicationPort (A)
.
R0 Si3124;Si3124;c:\windows\system32\drivers\si3124.sys [2009-09-10 69248]
R0 Si3531;Si3531;c:\windows\system32\drivers\Si3531.sys [2009-09-10 212520]
R1 ABTDI;ArcaBit Network Driver;c:\program files\ArcaBit\ArcaVir\ABTDI.sys [2010-10-26 51280]
R2 ABConfSV;ArcaBit Config Service;c:\program files\ArcaBit\Common\ArcaConfSV.exe [2012-01-09 141904]
R2 ABMainSV;ArcaBit Main Service;c:\program files\ArcaBit\ArcaVir\ArcaMainSV.exe [2012-04-02 159232]
R2 ArcaRemoteService;ArcaBit Control;c:\program files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe [2012-05-22 555632]
R2 AVTasks2;ArcaBit Tasks Service;c:\program files\ArcaBit\Common\ArcaTasksService.exe [2012-06-13 129648]
R2 AVUpdate;ArcaBit Update Service;c:\program files\ArcaBit\ArcaUpdate\update.exe [2012-04-12 129616]
R2 RtNdPt5x;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt5x.sys [2010-03-30 22016]
R3 ABFLT;ArcaBit File Monitor Driver;c:\program files\ArcaBit\ArcaVir\ABFLT.sys [2011-09-30 62544]
S2 AVBackup;ArcaBit Backup Service;c:\program files\ArcaBit\ArcaTools\ArcaBackup\ArcaBackupService.exe [2012-02-08 186960]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-03-30 1691480]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features;c:\windows\system32\drivers\RTLTEAMING.SYS [2010-03-30 29440]
S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [2010-03-30 17536]
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-08-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 11:59]
.
.
------- Skan uzupełniający -------
.
mStart Page = 
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{40525A66-DB98-480D-BCF9-7AF88C1AF438} - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - c:\program files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - 
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-18 12:52
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'winlogon.exe'(3664)
c:\windows\system32\igfxdev.dll
.
Czas ukończenia: 2012-08-18  12:53:38
ComboFix-quarantined-files.txt  2012-08-18 10:53
.
Przed: 10 493 923 328 bajtów wolnych
Po: 11 658 608 640 bajtów wolnych
.
- - End Of File - - FCA77982D340095FAAD73878615B01CC