Witam zrobilem loga;] oto on:
ComboFix 08-07-15.4 - Rodzice 2008-07-29 14:03:57.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.583 [GMT 2:00]
Running from: C:\Documents and Settings\Rodzice\Pulpit\Nie dotykac bo zabije! 
Command switches used :: C:\Documents and Settings\Rodzice\Pulpit\Nie dotykac bo zabije!
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED
.
- REDUCED FUNCTIONALITY MODE -
FILE ::
C:\WINDOWS\BMdfeffe3f.xml
C:\WINDOWS\system32\bkcisiwn.ini
C:\WINDOWS\system32\blphcrg7j0epde.scr
C:\WINDOWS\system32\bsndcom.dll
C:\WINDOWS\system32\drivers\c7ae1071.sys
C:\WINDOWS\system32\iifefDvS.dll
C:\WINDOWS\system32\ldskjf2w.exe
C:\WINDOWS\system32\lkaje3ewrkj.exe
C:\WINDOWS\system32\lphcrg7j0epde.exe
C:\WINDOWS\system32\mshaywre.dll
C:\WINDOWS\system32\nwisickb.dll
C:\WINDOWS\system32\phcrg7j0epde.bmp
C:\WINDOWS\system32\ydlmwidd.dll
.
((((((((((((((((((((((((( Files Created from 2008-06-28 to 2008-07-29 )))))))))))))))))))))))))))))))
.
2008-07-29 13:48 . 2008-07-29 13:48
2008-07-27 08:45 . 2008-07-27 08:45
2008-07-27 08:42 . 2008-07-27 08:42 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI
2008-07-26 18:22 . 2008-07-27 12:14
2008-07-21 14:26 . 2008-07-21 14:26
2008-07-20 14:58 . 2008-07-20 14:58
2008-07-20 14:58 . 2008-07-20 14:58
2008-07-20 14:21 . 2008-07-20 14:21
2008-07-20 14:21 . 2008-07-27 13:49
2008-07-20 13:53 . 2008-06-11 02:07 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2008-07-20 13:53 . 2008-06-11 02:07 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
2008-07-20 13:53 . 2008-06-11 02:07 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2008-07-20 13:44 . 2008-07-20 13:44
2008-07-20 13:43 . 2007-07-25 14:24 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-07-20 13:43 . 2007-03-10 12:51 282,624 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-07-20 13:43 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-07-20 13:43 . 2007-12-24 13:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-07-20 13:43 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-07-17 09:49 . 2008-07-17 09:49
2008-07-17 09:24 . 2008-07-17 09:24
2008-07-17 09:24 . 2008-07-29 13:08
2008-07-17 09:19 . 2008-07-17 09:19
2008-07-15 18:30 . 2008-07-20 14:43
2008-07-15 17:44 . 2008-07-15 17:44
2008-07-15 16:52 . 2008-07-25 13:17
2008-07-15 16:42 . 2008-07-15 16:42
2008-07-15 09:46 . 2008-07-15 16:52
2008-07-14 22:28 . 2008-07-29 14:04
2008-07-14 22:28 . 2008-07-14 22:28
2008-07-14 22:28 . 2007-02-04 20:35
2008-07-14 22:28 . 2008-07-28 21:22
2008-07-14 22:28 . 2008-07-28 18:30
2008-07-14 22:28 . 2008-07-17 09:24
2008-07-14 22:28 . 2008-07-26 18:22
2008-07-14 22:28 . 2008-07-28 14:24
2008-07-14 22:25 . 2008-07-27 13:11
2008-07-14 22:15 . 2008-07-29 14:04
2008-07-14 22:15 . 2008-07-21 21:28
2008-07-14 22:15 . 2007-02-04 20:35
2008-07-14 22:15 . 2008-07-29 14:03
2008-07-14 22:15 . 2008-07-27 09:01
2008-07-14 22:15 . 2008-07-14 22:25
2008-07-14 22:15 . 2008-07-28 13:22
2008-07-14 22:15 . 2008-07-29 14:00
2008-07-14 22:11 . 2008-07-14 22:12
2008-07-14 21:43 . 2008-07-19 09:48
2008-07-14 07:38 . 2008-07-14 07:38 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-07-13 12:31 . 2002-12-12 18:13 4,296,704 -ra------ C:\WINDOWS\unasetup.exe
2008-07-08 08:48 . 2008-07-08 08:48 265 --a------ C:\WINDOWS\War.avi.ini
2008-07-07 19:29 . 2008-07-07 19:29
2008-07-07 15:19 . 2008-06-14 20:01 273,024 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-07-07 15:19 . 2008-06-14 20:01 273,024 -----c— C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-07 14:29 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-07-07 14:10 . 2008-07-09 07:43
2008-07-07 13:40 . 2008-07-07 13:40
2008-07-07 11:00 . 2008-07-07 22:06 263 --a------ C:\WINDOWS\Obcy Vs. Predator 2.avi.ini
2008-07-07 10:57 . 2008-07-07 10:57 262 --a------ C:\WINDOWS\Cleaner.avi.ini
2008-07-07 10:54 . 2008-07-07 10:54 263 --a------ C:\WINDOWS\Juno.avi.ini
2008-07-07 10:49 . 2008-07-07 10:49 247 --a------ C:\WINDOWS\Katakumby PL.avi.ini
2008-07-07 10:36 . 2008-07-07 10:36 249 --a------ C:\WINDOWS\a man apart pl.avi.ini
2008-07-07 10:34 . 2008-07-07 10:34 263 --a------ C:\WINDOWS\Zaczarowana (Lekor).avi.ini
2008-07-07 08:54 . 2008-07-07 08:54 263 --a------ C:\WINDOWS\Projekt Monster.avi.ini
2008-07-07 08:53 . 2008-07-08 09:51 263 --a------ C:\WINDOWS\Poznaj moich Spartan.avi.ini
2008-06-30 21:18 . 2008-07-13 12:30
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-28 11:22 --------- d-----w C:\Program Files\Winamp
2008-07-20 12:15 --------- d-----w C:\Program Files\Common Files\Ahead
2008-07-20 11:53 --------- d-----w C:\Program Files\DivX
2008-07-16 17:51 --------- d–h--w C:\Program Files\InstallShield Installation Information
2008-07-15 15:09 --------- d-----w C:\Program Files\Google
2008-07-14 19:40 --------- d-----w C:\Program Files\eMule
2008-07-08 09:55 --------- d-----w C:\Program Files\Common Files\Adobe
2008-07-08 06:47 --------- d-----w C:\Program Files\DevastationZone Troopers
2008-07-07 12:13 --------- d-----w C:\Program Files\AWS
2008-07-07 11:40 21,275 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-06-26 12:35 --------- d-----w C:\Program Files\GameSpy Arcade
2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-18 17:52 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-06-11 00:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-06-11 00:07 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-06-11 00:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-06-11 00:04 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-06-11 00:04 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2007-04-09 14:01 56 --sh–r C:\WINDOWS\system32\B8F85BF0C5.sys
2007-04-09 16:18 1,056 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 00:44 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2005-08-02 10:35 7110656]
“NvMediaCenter”=“C:\WINDOWS\system32\NvMcTray.dll” [2005-08-02 10:35 86016]
“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2008-05-16 01:19 79224]
“CTRegRun”=“C:\WINDOWS\CTRegRun.EXE” [1999-10-11 03:00 41984]
“TWCU”=“C:\Program Files\TP-LINK\TWCU\TWCU.exe” [2006-03-29 16:12 364544]
“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50 155648]
“SoundMan”=“SOUNDMAN.EXE” [2005-04-15 05:01 77824 C:\WINDOWS\SOUNDMAN.EXE]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2004-08-04 00:44 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“msacm.l3acm”= L3codecp.acm
“msacm.divxa32”= divxa32.acm
“vidc.3iv2”= 3ivxVfWCodec.dll
“VIDC.HFYU”= huffyuv.dll
“VIDC.VP31”= vp31vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
“AntiVirusOverride”=dword:00000001
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe”=
“C:\Program Files\uTorrent\uTorrent.exe”=
“D:\Program Files\BearShare Applications\BearShare\BearShare.exe”=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 WinRServ;Softex WinRoute Service;C:\Program Files\Softex\winroute\WinRServ.exe [2002-07-02 10:42]
S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem;C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2006-05-31 17:36]
S3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface;C:\WINDOWS\system32\DRIVERS\ewusbapp.sys [2006-05-31 17:36]
S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface;C:\WINDOWS\system32\DRIVERS\ewusbser.sys [2006-05-31 17:36]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 23:10]
S3 odysseyIM4;Odyssey Network Agent Miniport;C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys [2005-06-10 06:55]
S3 SEM43XX;Sony Ericsson 802.11 sterownik sieciowego adaptera SEM43XX;C:\WINDOWS\system32\DRIVERS\semwl5.sys [2005-07-29 17:02]
S3 SEMWModem;Sony Ericsson SEMWModem;C:\WINDOWS\system32\DRIVERS\GCXX.sys [2005-07-29 17:02]
S3 SEMWWNIC;Sony Ericsson SEMWWNIC;C:\WINDOWS\system32\DRIVERS\GCXXNet.sys [2005-07-29 17:02]
S3 Sony_EricssonWWSC;Sony Ericsson SIM Card Reader;C:\WINDOWS\system32\DRIVERS\GCXXSC.sys [2005-07-29 17:02]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{1bab8a4f-c143-11dc-b0c9-00116721e5ce}]
\Shell\AutoRun\command - I:\a3g3.bat
\Shell\explore\Command - I:\a3g3.bat
\Shell\open\Command - I:\a3g3.bat
.
-
-
-
- ORPHANS REMOVED - - - -
-
-
HKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-29 14:04:34
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
**************************************************************************
.
Completion time: 2008-07-29 14:08:37
ComboFix-quarantined-files.txt 2008-07-29 12:07:33
ComboFix2.txt 2008-07-16 14:00:21
Pre-Run: 9,928,437,760 bajtów wolnych
Post-Run: 11,026,268,160 bajtów wolnych
181 — E O F — 2008-07-14 05:38:36
czysty czy nie??
