ComboFix 11-05-04.04 - HIP and Osi 2011-05-07  13:38:41.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.2047.1671 [GMT 2:00]
Uruchomiony z: c:\documents and settings\HIP and Osi\Pulpit\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-04-07 do 2011-05-07  )))))))))))))))))))))))))))))))
.
.
2011-05-02 21:09 . 2011-05-03 03:38	--------	d-----w-	C:\asds
2011-05-02 08:43 . 2011-05-02 09:00	--------	d-----w-	C:\brsw
2011-05-01 08:36 . 2011-05-01 08:36	--------	d-----w-	C:\GarminMobilePC
2011-04-25 09:48 . 2011-04-25 09:48	--------	d-----w-	C:\b14930b9045fcf1a6179
2011-04-24 11:18 . 2011-04-24 11:18	--------	d-----w-	C:\1f875f211ae8e5fbcb947b556fb40bb2
2011-04-22 18:05 . 2011-05-06 06:07	--------	d-----r-	C:\Program Files
2011-04-22 18:02 . 2011-04-22 16:17	--------	d-----w-	C:\Documents and Settings
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-08 01:16 . 2011-02-08 01:16	922112	------w-	c:\windows\system32\imapi2fs.dll
2011-02-08 01:16 . 2011-02-08 01:16	426496	------w-	c:\windows\system32\imapi2.dll
2011-02-08 01:16 . 2004-08-03 20:59	62592	----a-w-	c:\windows\system32\drivers\cdrom.sys
2011-04-29 16:04 . 2011-04-22 17:06	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-05-05_19.20.58   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-07 11:37 . 2011-05-07 11:37	16384              c:\windows\Temp\Perflib_Perfdata_590.dat
+ 2011-05-06 06:07 . 2011-05-06 06:07	30208              c:\windows\Installer\24b8329.msi
+ 2011-05-03 04:58 . 2011-05-06 14:17	281656              c:\windows\system32\PnkBstrB.exe
- 2011-05-03 04:58 . 2011-05-03 11:04	281656              c:\windows\system32\PnkBstrB.exe
+ 2011-05-03 04:58 . 2011-05-06 14:17	141200              c:\windows\system32\drivers\PnkBstrK.sys
- 2011-05-03 04:58 . 2011-05-03 11:04	141200              c:\windows\system32\drivers\PnkBstrK.sys
+ 2011-05-06 06:04 . 2011-05-06 10:38	218688              c:\windows\system32\drivers\dtsoftbus01.sys
- 2011-04-22 18:46 . 2011-04-22 18:46	218688              c:\windows\system32\drivers\dtsoftbus01.sys
+ 2011-05-06 10:48 . 2011-05-06 10:48	478432              c:\windows\Installer\{6033673D-2530-4587-8AD0-EB059FC263F9}\Crysis2Launcher.exe
+ 2011-05-06 10:48 . 2011-05-06 10:48	4032512              c:\windows\Installer\3e1aa.msi
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25	122512	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-12-05 2295072]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-05-02 2937528]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"nwiz"="nwiz.exe" [2008-10-07 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-04-24 273544]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-11-26 1629480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-11-26 1057064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^GamersFirst LIVE!.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20	1305408	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2011-03-28 13:41	1910152	----a-w-	c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\saints row 2\\SR2_pc.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"e:\\Program Files\\Metin2\\metin2mod_2011sf.exe"=
"e:\\Gry®™\\CS\\hl.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"e:\\Program Files\\JoWood\\Gothic2ZlotaEdycja\\System\\Gothic.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"e:\\Metek ziom\\extreme2ch1.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"e:\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"e:\\Program Files\\Valve\\Portal 2\\portal2.exe"=
"e:\\Program Files\\GamersFirst\\APB Reloaded\\Binaries\\APB.exe"=
"e:\\Program Files\\GamersFirst\\APB Reloaded\\Binaries\\VivoxVoiceService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57319:TCP"= 57319:TCP:Pando Media Booster
"57319:UDP"= 57319:UDP:Pando Media Booster
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-04-22 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-04-22 307288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-05-06 218688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-04-22 19544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
S2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 136176]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2011-04-27 13224]
S3 gupdatem;Usługa Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 136176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-12-05 10:27	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 16:50]
.
2011-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 16:50]
.
2011-05-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-1604221776-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-05-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-1604221776-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.yahoo.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\HIP and Osi\Dane aplikacji\Mozilla\Firefox\Profiles\pnjw00ds.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-07 13:44
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
Czas ukończenia: 2011-05-07  13:46:53
ComboFix-quarantined-files.txt  2011-05-07 11:46
ComboFix2.txt  2011-05-05 19:23
.
Przed: 43 951 214 592 bajtów wolnych
Po: 43 958 304 768 bajtów wolnych
.
- - End Of File - - 9167B5762F6F72285A69B5BD42EFE3A6