[firewall]skanowanie portow

Uciążliwe skanowanie portów owocuje zmniejszeniem prędkości łącza. I już męcze się z tym drógi dzień i dalej nic.
A oto krótki wyciąg z logow Outpost firewall pro:
21:54:31 Detected 135 port(s) scanning from 83.5.48.132 SINGLE PORTSCAN
21:54:13 Detected 135 port(s) scanning from 83.5.66.123 SINGLE PORTSCAN
21:54:09 Detected 135 port(s) scanning from 83.5.129.90 SINGLE PORTSCAN
21:53:33 Detected 135 port(s) scanning from 83.5.94.121 SINGLE PORTSCAN
.
.
.
21:41:42 Detected 6348 port(s) scanning from 149.225.4.3 SINGLE PORTSCAN
21:41:38 Detected 1433 port(s) scanning from 83.5.220.233 SINGLE PORTSCAN
.
.
.
21:39:50 Detected 41871 port(s) scanning from 200.54.132.161 SINGLE PORTSCAN

hlp!

Daj loga z combofixa

Szkopuł w tym że combofix u mnie nie dziala( pomimo wyłączenia i firewalla i antyvira) ...

a hjt?

ok zrobilem skana dss-em

Deckard's System Scanner v20071014.68Run by Komputerek on 2008-02-20 15:25:40Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --5: 2008-02-20 14:25:44 UTC - RP8 - Deckard's System Scanner Restore Point4: 2008-02-19 15:33:11 UTC - RP7 - Punkt kontrolny systemu3: 2008-02-18 09:05:33 UTC - RP6 - Agnitum Outpost Firewall Restore Point: install2: 2008-02-16 22:01:04 UTC - RP5 - Punkt kontrolny systemu1: 2008-02-15 17:47:57 UTC - RP4 - Zainstalowane sterowniki drukarek: HP LaserJet 1018Backed up registry hives.Performed disk cleanup.-- HijackThis (run as Komputerek.exe) ------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 15:26:44, on 2008-02-20Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\CTsvcCDA.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\UAService7.exeC:\WINDOWS\system32\MsPMSPSv.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeD:\prgramy\ldoce4v2\qttask.exeC:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exeC:\Programy\Gadu-Gadu\gg.exeC:\Programy\DAEMON Tools\daemon.exeC:\Documents and Settings\Komputerek\Pulpit\dss.exeC:\PROGRA~1\TRENDM~1\HIJACK~1\Komputerek.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.www.daemon-search.com/default"]http://www.www.daemon-search.com/default[/url]R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [url="http://www.symantec.com/msi3"]http://www.symantec.com/msi3[/url]R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocxO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dllO4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /runO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"O4 - HKLM\..\Run: [QuickTime Task] "D:\prgramy\ldoce4v2\qttask.exe" -atboottimeO4 - HKLM\..\Run: [combofix] \kmd.exe /c C:\ComboFix\Combobatch.batO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [OutpostMonitor] C:\Programy\Agnitum\OUTPOS~1\op_mon.exe /tray /noserviceO4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Programy\Gadu-Gadu\gg.exe" /trayO4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools\daemon.exe" -autorunO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: Download with GetRight - C:\Programy\GetRight\GRdownload.htmO8 - Extra context menu item: Open with GetRight Browser - C:\Programy\GetRight\GRbrowse.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programy\Agnitum\Outpost Firewall Pro\ie_bar.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - [url="http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab"]http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab[/url]O17 - HKLM\System\CCS\Services\Tcpip\..\{B006E47E-72DF-40C3-AA70-2F74CEF95EDA}: NameServer = 194.204.159.1 217.98.63.164O20 - AppInit_DLLs: c:\programy\agnitum\outpos~1\wl_hook.dllO23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\Programy\Agnitum\OUTPOS~1\acs.exeO23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe--End of file - 4895 bytes-- File Associations -----------------------------------------------------------.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------S2 AMON - c:\windows\system32\drivers\amon.sys (file missing)-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------R2 UserAccess7 (SecuROM User Access Service (V7)) - c:\windows\system32\uaservice7.exeS2 acssrv (Agnitum Client Security Service) - c:\programy\agnitum\outpos~1\acs.exe <Not Verified; Agnitum Ltd.; Agnitum Outpost Service>-- Device Manager: Disabled ----------------------------------------------------Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}Description: Realtek High Definition AudioDevice ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1458A002&REV_1000\4&2F790C35&0&0201Manufacturer: RealtekName: Realtek High Definition AudioPNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1458A002&REV_1000\4&2F790C35&0&0201Service: Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}Description: Karta sieciowa 1394Device ID: V1394\NIC1394\3106680523C00Manufacturer: MicrosoftName: Karta sieciowa 1394PNP Device ID: V1394\NIC1394\3106680523C00Service: NIC1394-- Files created between 2008-01-20 and 2008-02-20 -----------------------------2008-02-20 15:26:39         0 d-------- C:\Program Files\Trend Micro2008-02-19 22:45:23         0 d-------- C:\ComboFix2222008-02-19 22:38:10         0 d-------- C:\ComboFix (1)2008-02-19 22:25:12         0 d-------- C:\23232008-02-19 22:21:01         0 d-------- C:\ComboFix662008-02-19 22:12:07         0 d-------- C:\ComboFix222008-02-19 22:08:14         0 d-------- C:\327882R2FWJFW2008-02-19 21:01:16         0 d-------- C:\WINDOWS\system32\Kaspersky Lab2008-02-19 18:54:44    298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>2008-02-19 13:12:21         0 d-------- C:\Program Files\Common Files\Blizzard Entertainment2008-02-18 13:19:47      4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>2008-02-18 10:08:09         0 d-------- C:\Documents and Settings\All Users\Application Data2008-02-18 10:08:09         0 d-------- C:\Documents and Settings\All Users\Application Data\Agnitum2008-02-18 10:05:27         0 d-------- C:\WINDOWS\system32\Filt2008-02-16 23:43:37         0 d-------- C:\Downloads2008-02-15 18:47:49    143360 -ra------ C:\WINDOWS\apptune1018.exe <Not Verified; Zenographics; Zenographics apptune>2008-02-15 18:47:39         0 d-------- C:\Program Files\Hewlett-Packard2008-02-15 18:47:38         0 d--h----- C:\Program Files\Zenographics2008-02-14 14:43:30         0 d--h----- C:\WINDOWS\PIF2008-02-14 12:08:42         0 d-------- C:\WINDOWS\pss2008-02-13 18:37:50         0 d-------- C:\WINDOWS\NV11361140.TMP2008-02-13 18:35:40         0 d-------- C:\WINDOWS\NV10121016.TMP2008-02-12 18:26:53         0 d-------- C:\WINDOWS\system32\AGEIA2008-02-12 18:26:52         0 d-------- C:\Program Files\AGEIA Technologies2008-02-12 18:26:41         0 d-------- C:\Program Files\Common Files\Wise Installation Wizard2008-02-12 17:49:43         0 d--h----- C:\WINDOWS\msdownld.tmp2008-02-12 12:35:18    126976 --a------ C:\WINDOWS\system32\UAService7.exe2008-02-12 12:34:10    205312 --a------ C:\WINDOWS\system32\Illprs.dll <Not Verified; TEXTware A/S; Illuminator 2.0>2008-02-12 12:34:10    160768 --a------ C:\WINDOWS\system32\ILLKRN.DLL <Not Verified; TEXTware A/S; Illuminator 2.0>2008-02-12 12:34:10         0 d-------- C:\Program Files\TEXTware2008-02-12 12:34:10         0 d-------- C:\Program Files\IDM2008-02-12 12:33:45     86016 --a------ C:\WINDOWS\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3>2008-02-12 12:32:57         0 d-------- C:\WINDOWS\system32\QuickTime2008-02-12 10:10:03         0 d-------- C:\Media2008-02-11 22:47:55         0 d-------- C:\Program Files\Java2008-02-11 22:44:30         0 d-------- C:\Program Files\Common Files\Java2008-02-11 22:34:32         0 d-------- C:\gry2008-02-11 22:30:50    716272 --a------ C:\WINDOWS\system32\drivers\sptd.sys2008-02-11 21:53:20         0 d-------- C:\WINDOWS\system32\PreInstall2008-02-11 21:53:06         0 d--h----- C:\WINDOWS\$hf_mig$2008-02-11 18:07:38         0 d-------- C:\Programy2008-02-11 17:48:24         0 d-------- C:\WINDOWS\Provisioning2008-02-11 17:48:24         0 d-------- C:\WINDOWS\PeerNet2008-02-11 17:48:24         0 d-------- C:\WINDOWS\ehome2008-02-11 17:46:38         0 d-------- C:\Program Files\Norton Internet Security2008-02-11 17:46:00         0 d-------- C:\Program Files\Symantec2008-02-11 17:45:24         0 d-------- C:\Program Files\Common Files\Symantec Shared2008-02-11 17:37:37         0 d-------- C:\WINDOWS\system32\SoftwareDistribution2008-02-11 17:29:45         0 d-------- C:\Program Files\Thomson2008-02-11 17:26:24         0 d-------- C:\Program Files\GIGABYTE2008-02-11 17:23:50        24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000004-00000000-00000000-00001102-00000004-00531102}.dat2008-02-11 17:23:50        24 --a------ C:\WINDOWS\system32\DVCState-{00000004-00000000-00000000-00001102-00000004-00531102}.dat2008-02-11 17:22:56     18432 -ra------ C:\WINDOWS\system32\RtkCoInst.dll <Not Verified; Realtek Semiconductor Corp.; Realtek HD Audio Coinstaller>2008-02-11 17:22:55    135168 -ra------ C:\WINDOWS\system32\SRSWOW.dll <Not Verified; SRS Labs, Inc.; WOW HD>2008-02-11 17:22:55    339968 -ra------ C:\WINDOWS\system32\SRSTSXT.dll <Not Verified; SRS Labs, Inc.; TruSurroundXT>2008-02-11 17:22:55    180224 -ra------ C:\WINDOWS\system32\SRSTSHD.dll <Not Verified; SRS Labs, Inc.; TruSurround HD and HD4 COM object for Windows>2008-02-11 17:22:55     98304 -ra------ C:\WINDOWS\system32\SRSHP360.dll <Not Verified; SRS Labs, Inc.; Headphone 360 for Windows>2008-02-11 17:22:55    530432 -ra------ C:\WINDOWS\system32\RtkPgExt.dll <Not Verified; Realtek Semiconductor Corp.; Realtek LFX/GFX DSP UI component>2008-02-11 17:22:55    266240 -ra------ C:\WINDOWS\system32\RtkApoApi.dll <Not Verified; Realtek Semiconductor Corp.; Realtek APO API>2008-02-11 17:22:54   1900032 -ra------ C:\WINDOWS\system32\RtkAPO.dll <Not Verified; Realtek Semiconductor Corp.; Realtek® LFX/GFX DSP component>2008-02-11 17:22:52   4435968 -ra------ C:\WINDOWS\RtHDVCpl.exe <Not Verified; Realtek Semiconductor; HD Audio Control Panel>2008-02-11 17:22:45         0 d-------- C:\WINDOWS\OPTIONS2008-02-11 17:22:39         0 d-------- C:\WINDOWS\system32\RTCOM2008-02-11 17:22:22     86016 --a------ C:\WINDOWS\SOUNDMAN.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek HD Sound Manager>2008-02-11 17:22:20   1822720 -ra------ C:\WINDOWS\SkyTel.exe <Not Verified; Realtek Semiconductor Corp.; Realtek Voice Manager>2008-02-11 17:22:18   1191936 -ra------ C:\WINDOWS\RtlUpd.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Update and remove driver Tool>2008-02-11 17:22:08   9715200 --a------ C:\WINDOWS\RTLCPL.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek Audio Sound Effect Manager>2008-02-11 17:22:05   4402176 --a------ C:\WINDOWS\system32\drivers\RtkHDAud.sys <Not Verified; Realtek Semiconductor Corp.; Realtek® High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)>2008-02-11 17:22:02  16132608 --a------ C:\WINDOWS\RTHDCPL.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek HD Audio Sound Effect Manager>2008-02-11 17:22:02   2157568 --a------ C:\WINDOWS\MicCal.exe <Not Verified; Realtek Semiconductor Corp.; Realtek Audio Microphone Calibration>2008-02-11 17:22:01   2808832 --a------ C:\WINDOWS\ALCWZRD.EXE <Not Verified; RealTek Semicoductor Corp.; ALCWZRD>2008-02-11 17:22:01     69632 --a------ C:\WINDOWS\ALCMTR.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek AC97 Audio - Event Monitor>2008-02-11 17:22:00         0 d-------- C:\Program Files\Realtek2008-02-11 17:21:57    315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>2008-02-11 17:16:22         0 d-------- C:\WINDOWS\system32\ReinstallBackups2008-02-11 17:16:19         0 d------c- C:\WINDOWS\system32\DRVSTORE2008-02-11 17:16:19         0 d-------- C:\Program Files\Intel2008-02-11 17:16:17         0 d-------- C:\Intel2008-02-11 17:12:38         0 d-------- C:\WINDOWS\Profiles2008-02-11 17:12:37         0 d-------- C:\WINDOWS\system32\Adobe2008-02-11 17:12:37         0 d-------- C:\Program Files\Common Files\Adobe2008-02-11 17:10:38    306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>2008-02-11 17:10:36   1048576 -----n--- C:\WINDOWS\system32\SFMAN.DAT2008-02-11 17:10:36     26768 -----n--- C:\WINDOWS\system32\CTL3D.DLL <Not Verified; Microsoft Corporation; 3D Windows Control>2008-02-11 17:10:36     53552 -----n--- C:\WINDOWS\CTCCW.DLL <Not Verified; Creative® Technology Ltd.; Custom Control for Windows>2008-02-11 17:10:35         0 d-------- C:\WINDOWS\system32\Defaults2008-02-11 17:10:04         0 d-------- C:\WINDOWS\system32\Data2008-02-11 17:09:56    270336 --a------ C:\WINDOWS\system32\SFMS32.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:56     36864 --a------ C:\WINDOWS\system32\REGPLIB.EXE2008-02-11 17:09:56    110592 --a------ C:\WINDOWS\system32\PIAPROXY.DLL <Not Verified; Creative Technology Ltd; E-mu PIA>2008-02-11 17:09:56    135168 --a------ C:\WINDOWS\system32\OPENAL32.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:56     49152 --a------ C:\WINDOWS\system32\KILLAPPS.EXE2008-02-11 17:09:56     77824 --a------ C:\WINDOWS\system32\EAXAC3.DLL <Not Verified; Creative Labs; EAX-AC3 DLL>2008-02-11 17:09:56    184320 --a------ C:\WINDOWS\PSCONV.EXE2008-02-11 17:09:56     61440 --a------ C:\WINDOWS\MIDIDEF.EXE <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:56     94208 --a------ C:\WINDOWS\DEVREG.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:56     49152 --a------ C:\WINDOWS\CTDCRES.DLL <Not Verified; Creative Technology Ltd; Creative Technology Ltd CTDCRES>2008-02-11 17:09:55     28672 --a------ C:\WINDOWS\system32\CTSPKHLP.DLL <Not Verified; Creative Technology Ltd; CtSpkHlp Dynamic Link Library>2008-02-11 17:09:55    643072 --a------ C:\WINDOWS\system32\CTSBLFX.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:55    155648 --a------ C:\WINDOWS\system32\CTOSUSER.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:55     24576 --a------ C:\WINDOWS\system32\CTHELPER.EXE <Not Verified; Creative Technology Ltd; CtHelper Application>2008-02-11 17:09:55     36864 --a------ C:\WINDOWS\system32\CTEMUPIA.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:53    106496 --a------ C:\WINDOWS\system32\CTDPROXY.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:53    319488 --a------ C:\WINDOWS\system32\CTDEVCON.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:52    106496 --a------ C:\WINDOWS\system32\CTASIO.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:52     57344 --a------ C:\WINDOWS\system32\CTAGENT.DLL <Not Verified; Creative Technology Ltd; ctagent>2008-02-11 17:09:52    110592 --a------ C:\WINDOWS\system32\COMMONFX.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:09:52     53248 --a------ C:\WINDOWS\system32\AC3API.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>2008-02-11 17:08:51     25088 -----n--- C:\WINDOWS\system32\CTsvcCtl.EXE <Not Verified; Creative Technology Ltd; Creative Service Control>2008-02-11 17:08:51     44032 -----n--- C:\WINDOWS\system32\CTsvcCDA.EXE <Not Verified; Creative Technology Ltd; Creative Service for CDROM Access>2008-02-11 17:08:49     54784 -----n--- C:\WINDOWS\system32\INETWH32.DLL <Not Verified; Blue Sky Software Corporation.; Blue Sky Software - INETWH32>2008-02-11 17:08:18         0 d--h----- C:\Program Files\InstallShield Installation Information2008-02-11 17:06:04     41984 -----n--- C:\WINDOWS\CTRegRun.exe <Not Verified; Creative Technology Ltd; Creative On-line Registration System>2008-02-11 17:06:00         0 d-------- C:\Program Files\Creative2008-02-11 17:02:37         0 d-------- C:\WINDOWS\SoftwareDistribution2008-02-11 17:02:34         0 d---s---- C:\WINDOWS\system32\Microsoft2008-02-11 17:02:34         0 d-------- C:\WINDOWS\Prefetch2008-02-11 16:53:52         0 d-------- C:\WINDOWS2008-02-11 16:53:52         0 d-------- C:\WINDOWS\WinSxS2008-02-11 16:53:52         0 dr------- C:\WINDOWS\Web2008-02-11 16:53:52         0 d-------- C:\WINDOWS\twain_322008-02-11 16:53:52         0 d-------- C:\WINDOWS\system322008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\wins2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\wbem2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\usmt2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\spool2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\ShellExt2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\Setup2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\ras2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\oobe2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\npp2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\mui2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\inetsrv2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\IME2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\icsxml2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\ias2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\export2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\drivers2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\drivers\etc2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\drivers\disdn2008-02-11 16:53:52         0 dr-hs--c- C:\WINDOWS\system32\dllcache2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\dhcp2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\config2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\3com_dmi2008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\30762008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\20522008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10542008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10452008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10422008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10412008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10372008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10332008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10312008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10282008-02-11 16:53:52         0 d-------- C:\WINDOWS\system32\10252008-02-11 16:53:52         0 d-------- C:\WINDOWS\system2008-02-11 16:53:52         0 d-------- C:\WINDOWS\security2008-02-11 16:53:52         0 d-------- C:\WINDOWS\Resources2008-02-11 16:53:52         0 d-------- C:\WINDOWS\repair2008-02-11 16:53:52         0 d-------- C:\WINDOWS\mui2008-02-11 16:53:52         0 d-------- C:\WINDOWS\msapps2008-02-11 16:53:52         0 d-------- C:\WINDOWS\msagent2008-02-11 16:53:52         0 d-------- C:\WINDOWS\Media2008-02-11 16:53:52         0 d-------- C:\WINDOWS\java2008-02-11 16:53:52         0 d--h----- C:\WINDOWS\inf2008-02-11 16:53:52         0 d-------- C:\WINDOWS\ime2008-02-11 16:53:52         0 d-------- C:\WINDOWS\Help2008-02-11 16:53:52         0 dr--s---- C:\WINDOWS\Fonts2008-02-11 16:53:52         0 d-------- C:\WINDOWS\Driver Cache2008-02-11 16:53:52         0 d-------- C:\WINDOWS\Debug2008-02-11 16:53:52         0 d-------- C:\WINDOWS\Cursors2008-02-11 16:53:52         0 d-------- C:\WINDOWS\Connection Wizard2008-02-11 16:53:52         0 d-------- C:\WINDOWS\Config2008-02-11 16:53:52         0 d-------- C:\WINDOWS\AppPatch2008-02-11 16:53:52         0 d-------- C:\WINDOWS\addins2008-02-11 16:45:02         0 d-------- C:\WINDOWS\setup.pss2008-02-11 16:26:36         0 d-------- C:\WINDOWS\nview2008-02-11 16:26:20         0 d-------- C:\Program Files\Common Files\InstallShield2008-02-11 16:25:56         0 d-------- C:\NVIDIA2008-02-11 16:25:12         0 d--hs---- C:\WINDOWS\Installer2008-02-11 16:24:09         0 d--hs---- C:\System Volume Information2008-02-11 16:20:13         0 d-------- C:\WINDOWS\system32\xircom2008-02-11 16:20:13         0 d-------- C:\Program Files\microsoft frontpage2008-02-11 16:20:01         0 -rahs---- C:\MSDOS.SYS2008-02-11 16:20:01         0 -rahs---- C:\IO.SYS2008-02-11 16:20:01         0 --a------ C:\CONFIG.SYS2008-02-11 16:20:01         0 --a------ C:\AUTOEXEC.BAT2008-02-11 16:19:21         0 d--hs---- C:\Documents and Settings\All Users\DRM2008-02-11 16:19:15         0 dr------- C:\WINDOWS\Offline Web Pages2008-02-11 16:19:15         0 d---s---- C:\WINDOWS\Downloaded Program Files2008-02-11 16:18:59         0 d-------- C:\WINDOWS\srchasst2008-02-11 16:18:54         0 d-------- C:\WINDOWS\system32\Macromed2008-02-11 16:18:54         0 d-------- C:\WINDOWS\system32\DirectX2008-02-11 16:18:45         0 d-------- C:\Program Files\Movie Maker2008-02-11 16:18:26         0 d-------- C:\WINDOWS\system32\Restore2008-02-11 16:18:22         0 d-------- C:\WINDOWS\PCHEALTH2008-02-11 16:18:18         0 d---s---- C:\WINDOWS\Tasks2008-02-11 16:18:15         0 d-------- C:\Program Files\Common Files\MSSoap2008-02-11 16:17:55     23016 --a------ C:\WINDOWS\system32\emptyregdb.dat2008-02-11 16:17:41         0 d-------- C:\WINDOWS\Registration2008-02-11 16:17:35         0 d--h----- C:\Program Files\WindowsUpdate2008-02-11 16:17:35         0 d-------- C:\Program Files\Usługi online2008-02-11 16:17:29         0 d-------- C:\Program Files\Messenger2008-02-11 16:17:22         0 d-------- C:\Program Files\MSN Gaming Zone2008-02-11 16:17:15         0 d-------- C:\Program Files\Windows NT2008-02-11 16:17:05         0 d-------- C:\WINDOWS\system32\MsDtc2008-02-11 16:17:02         0 d-------- C:\WINDOWS\system32\Com2008-02-11 16:11:17         0 d-------- C:\Program Files\Common Files\ODBC2008-02-11 16:11:16         0 d-------- C:\Program Files\Common Files\SpeechEngines2008-02-11 16:11:15         0 dr------- C:\Program Files2008-02-11 16:11:15         0 d-------- C:\Program Files\Common Files2008-02-11 16:10:58         0 d-------- C:\Documents and Settings\All Users\Ulubione2008-02-11 16:10:58         0 d--h----- C:\Documents and Settings\All Users\Szablony2008-02-11 16:10:58         0 d-------- C:\Documents and Settings\All Users\Pulpit2008-02-11 16:10:58         0 dr------- C:\Documents and Settings\All Users\Menu Start <MENUST~1>2008-02-11 16:10:58         0 dr------- C:\Documents and Settings\All Users\Dokumenty2008-02-11 16:10:50         0 d-------- C:\WINDOWS\system32\CatRoot22008-02-11 16:10:50         0 d-------- C:\WINDOWS\system32\CatRoot2008-02-11 16:10:45         0 dr-h----- C:\Documents and Settings\All Users\Dane aplikacji <DANEAP~1>2008-02-11 16:10:33         0 d-------- C:\Documents and Settings-- Find3M Report ---------------------------------------------------------------2008-02-20 14:45:19    448004 --a------ C:\WINDOWS\system32\perfh015.dat2008-02-20 14:45:19     74230 --a------ C:\WINDOWS\system32\perfc015.dat2008-02-19 14:23:55         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Azureus2008-02-19 13:21:41         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Winamp2008-02-19 13:21:40         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Media Player Classic2008-02-19 13:21:36         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\ldoce42008-02-19 13:21:36         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\GetRight2008-02-19 13:21:35         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\DAEMON Tools2008-02-19 13:21:32         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\BearShare2008-02-18 10:06:27         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Agnitum2008-02-11 19:41:41         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Macromedia2008-02-11 19:41:40         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Adobe2008-02-11 18:13:41         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Gadu-Gadu <GADU-G~1>2008-02-11 18:09:25         0 dr-h----- C:\Documents and Settings\Komputerek\Dane aplikacji\SecuROM2008-02-11 17:22:32         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\InstallShield2008-02-11 17:13:53         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Creative2008-02-11 17:12:37         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\InterTrust2008-02-11 16:25:10         0 d-------- C:\Documents and Settings\Komputerek\Dane aplikacji\Identities2008-02-11 16:10:58        62 --ahs---- C:\Documents and Settings\Komputerek\Dane aplikacji\desktop.ini2007-12-05 01:41:00   1626112 --a------ C:\WINDOWS\system32\nwiz.exe2007-12-05 01:41:00   1019904 --a------ C:\WINDOWS\system32\nvwimg.dll2007-12-05 01:41:00   1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll2007-12-05 01:41:00    466944 --a------ C:\WINDOWS\system32\nvshell.dll2007-12-05 01:41:00   1474560 --a------ C:\WINDOWS\system32\nview.dll2007-12-05 01:41:00   1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe2007-12-05 01:41:00    442368 --a------ C:\WINDOWS\system32\nvappbar.exe2007-12-05 01:41:00    425984 --a------ C:\WINDOWS\system32\keystone.exe-- Registry Dump ---------------------------------------------------------------*Note* empty entries & legit default entries are not shown[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Jet Detection"="C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-11-29 01:00]"CTStartup"="C:\Program Files\Creative\Splash Screen\CTEaxSpl.exe" [2001-12-20 01:00]"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 C:\WINDOWS\RTHDCPL.EXE]"SoundMan"="SOUNDMAN.EXE" [2006-07-21 09:14 C:\WINDOWS\SOUNDMAN.EXE]"AlcWzrd"="ALCWZRD.EXE" [2006-05-04 09:26 C:\WINDOWS\ALCWZRD.EXE]"Alcmtr"="ALCMTR.EXE" [2005-05-03 11:43 C:\WINDOWS\ALCMTR.EXE]"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]"QuickTime Task"="D:\prgramy\ldoce4v2\qttask.exe" [2008-02-12 12:33]"combofix"="\kmd.exe" []"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41]"OutpostMonitor"="C:\Programy\Agnitum\OUTPOS~1\op_mon.exe" [2007-12-08 16:51][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"TaskTray"="C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe" [2001-06-29 01:00]"Gadu-Gadu"="C:\Programy\Gadu-Gadu\gg.exe" [2007-11-14 11:54]"DAEMON Tools Lite"="C:\Programy\DAEMON Tools\daemon.exe" [2008-01-17 17:51][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]@=[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"appinit_dlls"=c:\programy\agnitum\outpos~1\wl_hook.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]"C:\Program Files\Messenger\msmsgs.exe" /background[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]nwiz.exe /install[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]SkyTel.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]C:\WINDOWS\UpdReg.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]D:\Prgramy\Winamp\winampa.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]CTHELPER.EXE-- End of Deckard's System Scanner: finished at 2008-02-20 15:27:29 ------------

Co do hjt.Odpal go i wybierz opcję do a system scan only.Zrobi Ci się log i zaznacz kwadrat obok poniższego pliku i daj fix

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE


co do combofixa : Ci jutro sprawdzę

Ok przywróciłem stan system sprzed tygodnia (chwała przywracaniu systemu). Ale problem z wolnym internetem znowy sie pojawił ... ale teraz udało mi się odpalić combofixa i proszę o sprawdzenie tego loga :

ComboFix 08-02-22.3 - Komputerek 2008-02-22 21:24:04.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.586 [GMT 1:00]Running from: C:\Documents and Settings\Komputerek\Pulpit\ComboFix.exe * Created a new restore point<strong class='bbc'>WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED </strong>.(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\WINDOWS\OPTIONS\CABS\_desktop.ini.(((((((((((((((((((((((((   Files Created from 2008-01-22 to 2008-02-22  ))))))))))))))))))))))))))))))).2008-02-22 13:09 . 2008-02-22 13:19	<DIR>	d--------	C:\WINDOWS\LastGood2008-02-21 12:04 . 2008-02-21 12:04	<DIR>	d--------	C:\Program Files\Combined Community Codec Pack2008-02-21 11:35 . 2008-02-22 12:01	<DIR>	d--------	C:\WINDOWS\system32\Filt2008-02-21 11:35 . 2007-11-29 18:23	439,232	--a------	C:\WINDOWS\system32\drivers\SandBox.sys2008-02-21 11:35 . 2007-12-03 13:40	199,696	--a------	C:\WINDOWS\system32\drivers\afw.sys2008-02-21 10:16 . 2008-02-21 10:15	512,096	--a------	C:\WINDOWS\system32\drivers\amon.sys2008-02-21 10:16 . 2008-02-21 10:15	298,104	--a------	C:\WINDOWS\system32\imon.dll2008-02-21 10:16 . 2008-02-21 10:15	15,424	--a------	C:\WINDOWS\system32\drivers\nod32drv.sys2008-02-21 09:57 . 2008-02-21 09:57	<DIR>	d--------	C:\GG2008-02-20 22:36 . 2008-02-20 22:36	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft2008-02-20 21:36 . 2008-02-20 21:36	2,543	--a------	C:\WINDOWS\unins000.dat2008-02-20 21:08 . 2008-02-21 09:57	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy2008-02-20 15:26 . 2008-02-20 15:26	<DIR>	d--------	C:\Program Files\Trend Micro2008-02-19 21:01 . 2008-02-19 21:01	<DIR>	d--------	C:\WINDOWS\system32\Kaspersky Lab2008-02-19 20:37 . 2008-02-21 09:57	<DIR>	d--------	C:\Documents and Settings\Komputerek\UserData2008-02-19 18:53 . 2008-02-21 09:57	<DIR>	d--------	C:\Program Files\ESET2008-02-18 20:36 . 2007-10-30 19:55	625,032	--a------	C:\WINDOWS\system32\SymNeti.dll2008-02-18 10:06 . 2008-02-18 10:06	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\Agnitum2008-02-18 10:05 . 2007-10-25 18:17	49	--a------	C:\WINDOWS\transp.gif2008-02-18 10:04 . 2008-02-18 10:04	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Agnitum2008-02-16 23:43 . 2008-02-22 20:52	<DIR>	d--------	C:\Downloads2008-02-16 23:41 . 2008-02-21 10:02	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\GetRight2008-02-15 18:47 . 2008-02-15 18:47	<DIR>	d--h-----	C:\Program Files\Zenographics2008-02-15 18:47 . 2008-02-15 18:48	<DIR>	d--------	C:\Program Files\Hewlett-Packard2008-02-15 18:36 . 2008-02-15 18:41	754	--a------	C:\WINDOWS\WORDPAD.INI2008-02-14 18:06 . 2008-02-19 13:21	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\BearShare2008-02-14 18:06 . 2006-11-12 11:39	483,328	--a------	C:\WINDOWS\system32\actskn45.ocx2008-02-14 14:43 . 2008-02-14 14:43	<DIR>	d--h-----	C:\WINDOWS\PIF2008-02-13 18:37 . 2008-02-19 13:36	<DIR>	d--------	C:\WINDOWS\NV11361140.TMP2008-02-13 18:34 . 2007-12-05 01:41	7,435,392	--a------	C:\WINDOWS\system32\drivers\nv4_mini.sys2008-02-13 18:34 . 2007-12-05 01:41	6,901,760	--a------	C:\WINDOWS\system32\nvoglnt.dll2008-02-13 18:34 . 2007-12-05 01:41	5,773,568	--a------	C:\WINDOWS\system32\nv4_disp.dll2008-02-13 18:34 . 2007-12-05 01:41	1,089,536	--a------	C:\WINDOWS\system32\nvcuda.dll2008-02-13 18:34 . 2007-12-05 01:41	385,024	--a------	C:\WINDOWS\system32\nvapi.dll2008-02-13 18:34 . 2007-12-05 01:41	155,716	--a------	C:\WINDOWS\system32\nvsvc32.exe2008-02-13 18:25 . 2008-02-19 13:21	<DIR>	d--h-----	C:\Documents and Settings\Administrator\Ustawienia lokalne2008-02-13 18:25 . 2008-02-11 16:10	<DIR>	d--------	C:\Documents and Settings\Administrator\Ulubione2008-02-13 18:25 . 2008-02-19 13:21	<DIR>	d--h-----	C:\Documents and Settings\Administrator\Szablony2008-02-13 18:25 . 2008-02-11 16:10	<DIR>	d--------	C:\Documents and Settings\Administrator\Pulpit2008-02-13 18:25 . 2008-02-11 16:10	<DIR>	d--------	C:\Documents and Settings\Administrator\Moje dokumenty2008-02-13 18:25 . 2008-02-19 13:21	<DIR>	dr-------	C:\Documents and Settings\Administrator\Menu Start2008-02-13 18:25 . 2008-02-19 13:21	<DIR>	dr-h-----	C:\Documents and Settings\Administrator\Dane aplikacji2008-02-12 19:48 . 2008-02-19 13:21	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\Media Player Classic2008-02-12 18:26 . 2008-02-12 18:26	<DIR>	d--------	C:\WINDOWS\system32\AGEIA2008-02-12 18:26 . 2008-02-20 22:36	<DIR>	d--------	C:\Program Files\Common Files\Wise Installation Wizard2008-02-12 18:26 . 2008-02-19 13:30	<DIR>	d--------	C:\Program Files\AGEIA Technologies2008-02-12 17:49 . 2008-02-22 13:18	<DIR>	d--h-----	C:\WINDOWS\msdownld.tmp2008-02-12 12:36 . 2008-02-19 13:21	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\ldoce42008-02-12 12:36 . 2008-02-19 17:23	54,156	--ah-----	C:\WINDOWS\QTFont.qfn2008-02-12 12:36 . 2008-02-12 12:36	1,409	--a------	C:\WINDOWS\QTFont.for2008-02-12 12:35 . 2008-02-12 12:35	126,976	--a------	C:\WINDOWS\system32\UAService7.exe2008-02-12 12:34 . 2008-02-12 12:34	<DIR>	d--------	C:\Program Files\TEXTware2008-02-12 12:34 . 2008-02-12 12:34	<DIR>	d--------	C:\Program Files\IDM2008-02-12 12:34 . 1998-10-22 05:01	1,888,744	--a------	C:\WINDOWS\system32\VCL40.BPL2008-02-12 12:34 . 2003-04-29 19:09	205,312	--a------	C:\WINDOWS\system32\Illprs.dll2008-02-12 12:34 . 2002-08-01 16:44	160,768	--a------	C:\WINDOWS\system32\ILLKRN.DLL2008-02-12 12:34 . 2004-06-10 11:29	48,128	--a------	C:\WINDOWS\system32\QFClient.ILX2008-02-12 12:33 . 1999-11-10 12:05	86,016	--a------	C:\WINDOWS\unvise32qt.exe2008-02-12 12:32 . 2008-02-19 13:39	<DIR>	d--------	C:\WINDOWS\system32\QuickTime2008-02-12 12:32 . 2008-02-19 13:21	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\QuickTime2008-02-12 10:10 . 2008-02-12 10:10	<DIR>	d--------	C:\Media2008-02-12 09:59 . 2008-02-22 21:03	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\Azureus2008-02-12 09:48 . 2004-08-04 01:44	221,184	--a------	C:\WINDOWS\system32\wmpns.dll2008-02-11 22:49 . 2007-09-24 23:31	69,632	--a------	C:\WINDOWS\system32\javacpl.cpl2008-02-11 22:47 . 2008-02-11 22:49	<DIR>	d--------	C:\Program Files\Java2008-02-11 22:44 . 2008-02-11 22:44	<DIR>	d--------	C:\Program Files\Common Files\Java2008-02-11 22:34 . 2008-02-22 12:57	<DIR>	d--------	C:\gry2008-02-11 22:33 . 2008-02-19 13:21	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\DAEMON Tools2008-02-11 22:30 . 2008-02-11 22:30	716,272	--a------	C:\WINDOWS\system32\drivers\sptd.sys2008-02-11 21:53 . 2008-02-13 23:43	<DIR>	d--h-----	C:\WINDOWS\$hf_mig$2008-02-11 21:51 . 2008-01-12 18:32	23,904	--a------	C:\WINDOWS\system32\drivers\COH_Mon.sys2008-02-11 21:51 . 2008-01-15 09:54	10,537	--a------	C:\WINDOWS\system32\drivers\COH_Mon.cat2008-02-11 21:51 . 2008-01-15 05:28	706	--a------	C:\WINDOWS\system32\drivers\COH_Mon.inf2008-02-11 19:09 . 2008-02-19 13:21	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\Winamp2008-02-11 18:13 . 2008-02-14 22:11	<DIR>	d--------	C:\Documents and Settings\Komputerek\Gadu-Gadu2008-02-11 18:13 . 2008-02-11 18:13	<DIR>	d--------	C:\Documents and Settings\Komputerek\Dane aplikacji\Gadu-Gadu2008-02-11 18:13 . 2004-08-03 23:08	26,496	--a--c---	C:\WINDOWS\system32\dllcache\usbstor.sys2008-02-11 18:09 . 2008-02-11 18:09	<DIR>	dr-h-----	C:\Documents and Settings\Komputerek\Dane aplikacji\SecuROM2008-02-11 18:09 . 2008-02-11 18:09	108,144	--a------	C:\WINDOWS\system32\CmdLineExt.dll2008-02-11 18:07 . 2008-02-21 11:35	<DIR>	d--------	C:\Programy2008-02-11 17:48 . 2008-02-11 17:48	<DIR>	d--------	C:\WINDOWS\Provisioning2008-02-11 17:48 . 2008-02-19 13:37	<DIR>	d--------	C:\WINDOWS\PeerNet2008-02-11 17:48 . 2008-02-19 13:35	<DIR>	d--------	C:\WINDOWS\ehome2008-02-11 17:46 . 2008-02-21 10:00	<DIR>	d--------	C:\Program Files\Symantec2008-02-11 17:46 . 2008-02-21 10:01	<DIR>	d--------	C:\Program Files\Norton Internet Security2008-02-11 17:46 . 2008-02-11 18:12	123,952	--a------	C:\WINDOWS\system32\drivers\SYMEVENT.SYS2008-02-11 17:46 . 2008-02-11 18:12	60,800	--a------	C:\WINDOWS\system32\S32EVNT1.DLL2008-02-11 17:46 . 2008-02-11 18:12	10,740	--a------	C:\WINDOWS\system32\drivers\SYMEVENT.CAT2008-02-11 17:46 . 2008-02-11 18:12	805	--a------	C:\WINDOWS\system32\drivers\SYMEVENT.INF2008-02-11 17:45 . 2008-02-21 10:04	<DIR>	d--------	C:\Program Files\Common Files\Symantec Shared2008-02-11 17:45 . 2008-02-21 10:01	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\Symantec2008-02-11 17:29 . 2008-02-11 17:29	<DIR>	d--------	C:\Program Files\Thomson2008-02-11 17:29 . 2003-12-08 11:53	70,688	--a------	C:\WINDOWS\system32\drivers\alcaudsl.sys2008-02-11 17:29 . 2003-12-08 11:53	53,600	--a------	C:\WINDOWS\system32\drivers\alcan5wn.sys2008-02-11 17:29 . 2003-12-08 11:53	5,606	--a------	C:\WINDOWS\system32\stci.dll2008-02-11 17:29 . 2003-12-08 11:53	5,280	--a------	C:\WINDOWS\system32\drivers\alcawh.sys2008-02-11 17:29 . 2003-12-08 11:53	3,968	--a------	C:\WINDOWS\system32\drivers\alcacr.sys2008-02-11 17:26 . 2008-02-11 17:26	<DIR>	d--------	C:\Program Files\GIGABYTE2008-02-11 17:26 . 2008-02-11 17:26	<DIR>	d--------	C:\Documents and Settings\All Users\Dane aplikacji\InstallShield2008-02-11 17:26 . 2005-02-17 07:15	73,728	--a------	C:\WINDOWS\system32\ISUSPM.cpl.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-02-19 12:32	---------	d-----w	C:\Program Files\Usługi online2008-02-11 16:43	15,600	----a-w	C:\WINDOWS\gdrv.sys2008-02-11 16:26	---------	d-----w	C:\Program Files\Common Files\InstallShield2008-02-11 15:20	---------	d-----w	C:\Program Files\microsoft frontpage2007-12-07 01:08	662,016	----a-w	C:\WINDOWS\system32\wininet.dll2007-12-05 01:53	356,352	----a-w	C:\WINDOWS\system32\NVUNINST.EXE2007-12-04 18:42	550,912	----a-w	C:\WINDOWS\system32\oleaut32.dll.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:44 15360]"TaskTray"="C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe" [2001-06-29 01:00 163840]"Gadu-Gadu"="C:\Programy\Gadu-Gadu\gg.exe" [2007-11-14 11:54 2131392]"DAEMON Tools Lite"="C:\Programy\DAEMON Tools\daemon.exe" [2008-01-17 17:51 486856][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 10:56 24576 C:\WINDOWS\system32\CTHELPER.EXE]"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]"Jet Detection"="C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-11-29 01:00 28672]"CTStartup"="C:\Program Files\Creative\Splash Screen\CTEaxSpl.exe" [2001-12-20 01:00 28672]"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.EXE]"SkyTel"="SkyTel.EXE" [2007-04-13 08:36 1822720 C:\WINDOWS\SkyTel.exe]"SoundMan"="SOUNDMAN.EXE" [2006-07-21 09:14 86016 C:\WINDOWS\SOUNDMAN.EXE]"AlcWzrd"="ALCWZRD.EXE" [2006-05-04 09:26 2808832 C:\WINDOWS\ALCWZRD.EXE]"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38 866816]"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59 115816]"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-01-14 00:11 771704]"WinampAgent"="D:\Prgramy\Winamp\winampa.exe" [ ]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]"QuickTime Task"="D:\prgramy\ldoce4v2\qttask.exe" [2008-02-12 12:33 98304]"nod32kui"="C:\Programy\Eset\nod32kui.exe" [2008-02-21 10:15 949376]"OutpostMonitor"="C:\Programy\OUTPOS~1\op_mon.exe" [2007-12-08 16:51 1744384]"OutpostFeedBack"="C:\Programy\Outpost Firewall Pro\feedback.exe" [2007-12-04 14:45 405504]"OrderReminder"="C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-01-30 17:00 98304][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"DXWSETUP_DOWNLOAD"="C:\WINDOWS\system32\advpack.dll" [2004-08-04 01:43 100864][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:44 15360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\programy\outpos~1\wl_hook.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]--a------ 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]--a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"= %windir%\\system32\\sessmgr.exe:@xpsp2res.dll,-22019R1 SandBox;SandBox;C:\WINDOWS\system32\DRIVERS\SandBox.sys [2007-11-29 18:23]R3 afw;Agnitum firewall driver;C:\WINDOWS\system32\DRIVERS\afw.sys [2007-12-03 13:40]S2 acssrv;Agnitum Client Security Service;C:\Programy\OUTPOS~1\acs.exe [2007-12-04 14:47]S3 ASWFilt;ASWFilt;C:\WINDOWS\system32\Filt\ASWFilt.dll [2007-11-29 18:24]S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-11 17:43]S3 MarkFun_NT;MarkFun_NT;C:\Program Files\Gigabyte\@BIOS\markfun.w32 [2007-08-21 11:49]*Newly Created Service* - COMHOST.**************************************************************************catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]Rootkit scan 2008-02-22 21:26:42Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ...HKLM\Software\Microsoft\Windows\CurrentVersion\Run  CTStartup = C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????:7???6~??6~????????\???\???????????U?6~??6~\???\???????@?_??????C@?\???\??????s????\??????s\????:7?A??s?:7??C@?x???`|?w\?????@ scanning hidden files ... C:\WINDOWS\OP_CACHE.ATR 5160 bytesC:\WINDOWS\OP_CACHE.IDX 2580 bytesC:\WINDOWS\system32\OP_CACHE.ATR 49920 bytesC:\WINDOWS\system32\OP_CACHE.IDX 24960 bytesC:\WINDOWS\system32\drivers\OP_CACHE.ATR 4968 bytesC:\WINDOWS\system32\drivers\OP_CACHE.IDX 2484 bytesscan completed successfully hidden files: 6 **************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]-> C:\Programy\Eset\pr_imon.dll.Completion time: 2008-02-22 21:27:05ComboFix-quarantined-files.txt  2008-02-22 20:27:03.2008-02-13 22:43:52	--- E O F ---