ComboFix 11-08-07.01 - m k 2011-08-07  19:51:46.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.511.30 [GMT 2:00]
Uruchomiony z: c:\documents and settings\m k\Pulpit\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: AVG 7.5.524 *Enabled/Outdated* {41564737-3200-1071-989B-0000E87B4FB1}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Bartosz_2\WINDOWS
c:\program files\Internet Explorer\msimg32.dll
c:\program files\messenger\msmsgsin.exe
c:\windows\ST6UNST.000
c:\windows\system32\crt.dat
c:\windows\system32\dzgtactx.dll
c:\windows\system32\shimg.dll
c:\windows\unin0415.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-07-07 do 2011-08-07  )))))))))))))))))))))))))))))))
.
.
2011-08-07 17:02 . 2011-08-07 17:02	443448	----a-w-	c:\windows\system32\drivers\sptd.sys
2011-08-07 17:02 . 2011-08-07 17:02	--------	dc----w-	C:\TDSSKiller_Quarantine
2011-08-01 11:37 . 2011-08-01 11:37	--------	d-----w-	c:\windows\Hewlett-Packard
2011-07-10 22:39 . 2011-07-17 22:01	--------	d-----w-	c:\program files\Odkurzacz
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-16 20:24 . 2011-01-09 17:12	138192	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-07-16 20:24 . 2011-01-09 17:12	66616	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-06-06 11:35 . 2003-04-16 12:00	1859200	----a-w-	c:\windows\system32\win32k.sys
2006-11-29 23:02 . 2008-08-05 13:47	774144	-c--a-w-	c:\program files\RngInterstitial.dll
2011-07-08 07:50 . 2011-07-29 19:51	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2011-03-11 1373512]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2010-07-06 2634048]
"Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2011-02-20 370688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2001-11-15 1216512]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-23 1398272]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]
"nwiz"="nwiz.exe" [2006-08-11 1519616]
"NvMediaCenter"="NvMCTray.dll" [2006-08-11 86016]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"CardDetectorHUAWEI1752_1552"="c:\program files\CardDetector\HUAWEI1752_1552\CardDetector.exe" [2009-10-14 282624]
"BEWINTERNET-PLSessionManager"="e:\sessionmanager\SessionManager.exe" [2009-10-14 140016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\EXCEL.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Last.fm\\LastFM.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"e:\\steam\\Steam.exe"=
"e:\\steam\\steamapps\\karam1993\\counter-strike beta\\hl.exe"=
"e:\\Gadu-Gadu 10\\gg.exe"=
"c:\\Documents and Settings\\m k\\Dane aplikacji\\ENet\\Apache\\Apache.exe"=
"e:\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\steam\\steamapps\\karam1993\\counter-strike\\hl.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7753:TCP"= 7753:TCP:BitComet 7753 TCP
"7753:UDP"= 7753:UDP:BitComet 7753 UDP
"19078:TCP"= 19078:TCP:BitComet 19078 TCP
"19078:UDP"= 19078:UDP:BitComet 19078 UDP
"5347:TCP"= 5347:TCP:pudswr
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"2716:TCP"= 2716:TCP:Services
"3932:TCP"= 3932:TCP:Services
"5007:TCP"= 5007:TCP:Services
"3102:TCP"= 3102:TCP:Services
"8886:TCP"= 8886:TCP:Services
"6012:TCP"= 6012:TCP:Services
"3527:TCP"= 3527:TCP:Services
"2028:TCP"= 2028:TCP:Services
"4637:TCP"= 4637:TCP:Services
"7964:TCP"= 7964:TCP:Services
"7370:TCP"= 7370:TCP:Services
"3043:TCP"= 3043:TCP:Services
"8444:TCP"= 8444:TCP:Services
"9194:TCP"= 9194:TCP:Services
"8277:TCP"= 8277:TCP:Services
"1855:TCP"= 1855:TCP:Services
"6199:TCP"= 6199:TCP:Services
"5023:TCP"= 5023:TCP:Services
"3461:TCP"= 3461:TCP:Services
"9432:TCP"= 9432:TCP:Services
"4387:TCP"= 4387:TCP:Services
"9198:TCP"= 9198:TCP:Services
"8261:TCP"= 8261:TCP:Services
"8898:TCP"= 8898:TCP:Services
"3168:TCP"= 3168:TCP:Services
"4836:TCP"= 4836:TCP:Services
"9214:TCP"= 9214:TCP:Services
"8120:TCP"= 8120:TCP:Services
"9104:TCP"= 9104:TCP:Services
"8745:TCP"= 8745:TCP:Services
"7479:TCP"= 7479:TCP:Services
"2854:TCP"= 2854:TCP:Services
"3511:TCP"= 3511:TCP:Services
"6147:TCP"= 6147:TCP:Services
"2604:TCP"= 2604:TCP:Services
"9061:TCP"= 9061:TCP:Services
"3542:TCP"= 3542:TCP:Services
"7948:TCP"= 7948:TCP:Services
"4886:TCP"= 4886:TCP:Services
"1808:TCP"= 1808:TCP:Services
"7979:TCP"= 7979:TCP:Services
"9743:TCP"= 9743:TCP:Services
"3401:TCP"= 3401:TCP:Services
"2929:TCP"= 2929:TCP:Services
"9729:TCP"= 9729:TCP:Services
"9714:TCP"= 9714:TCP:Services
"4172:TCP"= 4172:TCP:Services
"2965:TCP"= 2965:TCP:Services
"7620:TCP"= 7620:TCP:Services
"2914:TCP"= 2914:TCP:Services
"8933:TCP"= 8933:TCP:Services
"9058:TCP"= 9058:TCP:Services
"2851:TCP"= 2851:TCP:Services
"6164:TCP"= 6164:TCP:Services
"9323:TCP"= 9323:TCP:Services
"4246:TCP"= 4246:TCP:Services
"9839:TCP"= 9839:TCP:Services
"4136:TCP"= 4136:TCP:Services
"5960:TCP"= 5960:TCP:Services
"7432:TCP"= 7432:TCP:Services
"1820:TCP"= 1820:TCP:Services
"1637:TCP"= 1637:TCP:Services
"2992:TCP"= 2992:TCP:Services
"2087:TCP"= 2087:TCP:Services
"2774:TCP"= 2774:TCP:Services
"9386:TCP"= 9386:TCP:Services
"2748:TCP"= 2748:TCP:Services
"1530:TCP"= 1530:TCP:Services
"1664:TCP"= 1664:TCP:Services
"7870:TCP"= 7870:TCP:Services
"4090:TCP"= 4090:TCP:Services
"5976:TCP"= 5976:TCP:Services
"8323:TCP"= 8323:TCP:Services
"7214:TCP"= 7214:TCP:Services
"4512:TCP"= 4512:TCP:Services
"9654:TCP"= 9654:TCP:Services
"2156:TCP"= 2156:TCP:Services
"9357:TCP"= 9357:TCP:Services
"3245:TCP"= 3245:TCP:Services
"5788:TCP"= 5788:TCP:Services
"8022:TCP"= 8022:TCP:Services
"4117:TCP"= 4117:TCP:Services
"2030:TCP"= 2030:TCP:Services
"6313:TCP"= 6313:TCP:Services
"4904:TCP"= 4904:TCP:Services
"8979:TCP"= 8979:TCP:Services
"4120:TCP"= 4120:TCP:Services
"8605:TCP"= 8605:TCP:Services
"3431:TCP"= 3431:TCP:Services
"5362:TCP"= 5362:TCP:Services
"7761:TCP"= 7761:TCP:Services
"2213:TCP"= 2213:TCP:Services
"7259:TCP"= 7259:TCP:Services
"3792:TCP"= 3792:TCP:Services
"8070:TCP"= 8070:TCP:Services
"6804:TCP"= 6804:TCP:Services
"9883:TCP"= 9883:TCP:Services
"8695:TCP"= 8695:TCP:Services
"2226:TCP"= 2226:TCP:Services
"9850:TCP"= 9850:TCP:Services
"4991:TCP"= 4991:TCP:Services
"5039:TCP"= 5039:TCP:Services
"3164:TCP"= 3164:TCP:Services
"6212:TCP"= 6212:TCP:Services
"7414:TCP"= 7414:TCP:Services
"8148:TCP"= 8148:TCP:Services
"2383:TCP"= 2383:TCP:Services
"5961:TCP"= 5961:TCP:Services
"9086:TCP"= 9086:TCP:Services
"9632:TCP"= 9632:TCP:Services
"4508:TCP"= 4508:TCP:Services
"6445:TCP"= 6445:TCP:Services
"6836:TCP"= 6836:TCP:Services
"1602:TCP"= 1602:TCP:Services
"4930:TCP"= 4930:TCP:Services
"1945:TCP"= 1945:TCP:Services
"2367:TCP"= 2367:TCP:Services
"7772:TCP"= 7772:TCP:Services
"8772:TCP"= 8772:TCP:Services
"4854:TCP"= 4854:TCP:Services
"6791:TCP"= 6791:TCP:Services
"3944:TCP"= 3944:TCP:Services
"6366:TCP"= 6366:TCP:Services
"6367:TCP"= 6367:TCP:Services
"3876:TCP"= 3876:TCP:Services
"5803:TCP"= 5803:TCP:Services
"5616:TCP"= 5616:TCP:Services
"3149:TCP"= 3149:TCP:Services
"3475:TCP"= 3475:TCP:Services
"5117:TCP"= 5117:TCP:Services
"2273:TCP"= 2273:TCP:Services
"6842:TCP"= 6842:TCP:Services
"6053:TCP"= 6053:TCP:Services
"3178:TCP"= 3178:TCP:Services
"5516:TCP"= 5516:TCP:Services
"4276:TCP"= 4276:TCP:Services
"3194:TCP"= 3194:TCP:Services
"9225:TCP"= 9225:TCP:Services
"6773:TCP"= 6773:TCP:Services
"4039:TCP"= 4039:TCP:Services
"9397:TCP"= 9397:TCP:Services
"2798:TCP"= 2798:TCP:Services
"8353:TCP"= 8353:TCP:Services
"6430:TCP"= 6430:TCP:Services
"4898:TCP"= 4898:TCP:Services
"1851:TCP"= 1851:TCP:Services
"6960:TCP"= 6960:TCP:Services
"2508:TCP"= 2508:TCP:Services
"6329:TCP"= 6329:TCP:Services
"4040:TCP"= 4040:TCP:Services
"9603:TCP"= 9603:TCP:Services
"7397:TCP"= 7397:TCP:Services
"7601:TCP"= 7601:TCP:Services
"2133:TCP"= 2133:TCP:Services
"4742:TCP"= 4742:TCP:Services
"7984:TCP"= 7984:TCP:Services
"4164:TCP"= 4164:TCP:Services
"1961:TCP"= 1961:TCP:Services
"9919:TCP"= 9919:TCP:Services
"4088:TCP"= 4088:TCP:Services
"5383:TCP"= 5383:TCP:Services
"9167:TCP"= 9167:TCP:Services
"8809:TCP"= 8809:TCP:Services
"1743:TCP"= 1743:TCP:Services
"5805:TCP"= 5805:TCP:Services
"7413:TCP"= 7413:TCP:Services
"8273:TCP"= 8273:TCP:Services
"3773:TCP"= 3773:TCP:Services
"5041:TCP"= 5041:TCP:Services
"6086:TCP"= 6086:TCP:Services
"8054:TCP"= 8054:TCP:Services
"9836:TCP"= 9836:TCP:Services
"8398:TCP"= 8398:TCP:Services
"2477:TCP"= 2477:TCP:Services
"2602:TCP"= 2602:TCP:Services
"3774:TCP"= 3774:TCP:Services
"6092:TCP"= 6092:TCP:Services
"2412:TCP"= 2412:TCP:Services
"2538:TCP"= 2538:TCP:Services
"4211:TCP"= 4211:TCP:Services
"8741:TCP"= 8741:TCP:Services
"6225:TCP"= 6225:TCP:Services
"2725:TCP"= 2725:TCP:Services
"5882:TCP"= 5882:TCP:Services
"6616:TCP"= 6616:TCP:Services
"9552:TCP"= 9552:TCP:Services
"8568:TCP"= 8568:TCP:Services
"7709:TCP"= 7709:TCP:Services
"3490:TCP"= 3490:TCP:Services
"3303:TCP"= 3303:TCP:Services
"3740:TCP"= 3740:TCP:Services
"3241:TCP"= 3241:TCP:Services
"2427:TCP"= 2427:TCP:Services
"9301:TCP"= 9301:TCP:Services
"5285:TCP"= 5285:TCP:Services
"5537:TCP"= 5537:TCP:Services
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 a2free;a-squared Free Service;e:\a-squared free\a2service.exe [2007-10-03 217208]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-01-09 136360]
R3 xcpip;Sterownik protokołu TCP/IP;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
R3 xpsec;Sterownik IPSEC;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 cvqzenwdj;Helper Task;c:\windows\system32\svchost.exe -k netsvcs [2003-04-16 14336]
S2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 135664]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys --> c:\windows\system32\DRIVERS\adusbser.sys [?]
S3 agndudfa;agndudfa;\??\c:\windows\system32\013.tmp --> c:\windows\system32\013.tmp [?]
S3 ddsxeiservice;ddsxeiservice2;\??\e:\cs non steam\sXe Injected\ddsxei.sys --> e:\cs non steam\sXe Injected\ddsxei.sys [?]
S3 gupdatem;Usługa Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 135664]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2011-02-02 102656]
S3 Icpgpl1;Icpgpl1; [x]
S3 tj2knd5;Terayon Cable Modem (NDIS);c:\windows\system32\drivers\tj2knd5.sys [2006-06-29 17616]
S3 tj2kunic;Terayon Cable Modem (WDM);c:\windows\system32\drivers\tj2kunic.sys [2006-06-29 69680]
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - ISAPNP
*NewlyCreated* - SPTD
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
cvqzenwdj
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-07-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 20:00]
.
2011-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 20:00]
.
2011-08-07 c:\windows\Tasks\User_Feed_Synchronization-{7E28832C-EA4A-490E-8C2E-B9C251AA49F3}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 17:36]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.orbitdownloader.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\m k\Dane aplikacji\Mozilla\Firefox\Profiles\jm1a72vm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110326191430484&tb_oid=07-10-2010&tb_mrud=26-03-2011&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ig?hl=pl
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20110326191430484&tb_oid=07-10-2010&tb_mrud=26-03-2011&query=
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKCU-Run-PCSpeedUp - c:\program files\Przyspiesz Komputer\PCSpeedUp.exe
HKLM-Run-e-Kiosk - d:\e-kiosk reader\eGazetaST.exe
HKLM-Run-ChomikBox - e:\chomik\ChomikBox.exe
HKLM-Run-hpqSRMon - (no file)
AddRemove-CoreEditor_is1 - c:\program files\CoreEditor\unins000.exe
AddRemove-EZface ActiveX - c:\progra~1\EZFace\ActiveX\uninst.bat
AddRemove-InCD!UninstallKey - c:\windows\NuNInst.exe
AddRemove-NAPIPROJEKT_is1 - c:\program files\Common Files\GTK\2.0\unins000.exe
AddRemove-NeroVision!UninstallKey - c:\windows\UNNeroVision.exe
AddRemove-NMPUninstallKey - c:\windows\UNNMP.exe
AddRemove-save2pc Light_is1 - c:\program files\FDRLab\save2pc\unins000.exe
AddRemove-sXe_Injected - e:\cs non steam\sXe Injected\uninstall.exe
AddRemove-Xilisoft 3GP Video Converter - c:\program files\Xilisoft\3GP Video Converter 3\Uninstall.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files\DivX\DivXPlayerUninstall.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{B7050CBDB2504B34BC2A9CA0A692CC29} - c:\program files\DivX\DivXWebPlayerUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-07 20:05
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\agndudfa]
"ImagePath"="\??\c:\windows\system32\013.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\cvqzenwdj]
"ServiceDll"="c:\windows\system32\uhngqrp.dll"
.
Czas ukończenia: 2011-08-07  20:16:41
ComboFix-quarantined-files.txt  2011-08-07 18:16
.
Przed: 921 030 656 bajtów wolnych
Po: 1 064 022 016 bajtów wolnych
.
WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 60A869B4F7A0EB49E007B997E65E4C1A