Proszę o ponowne sprawdzenie loga-powtarzejący się problem

[optimus9292]

ComboFix 07-12-02.6 - Dom 2007-12-06 16:35:43.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.0.1250.1.1045.18.527 [GMT 1:00]
Running from: C:\Documents and Settings\Dom\Pulpit\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\Bin52.sys
C:\WINDOWS\system32\drivers\PRHW63.sys
C:\WINDOWS\system32\drivers\symavc32.sys
C:\WINDOWS\system32\ntio256.sys
C:\WINDOWS\system32\protector.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_PRHW63


((((((((((((((((((((((((( Files Created from 2007-11-06 to 2007-12-06 )))))))))))))))))))))))))))))))
.

2007-12-06 16:36 . 2007-12-06 16:36 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2007-12-06 14:51 . 2007-12-06 14:51 20,992 --a------ C:\gfifrww.exe
2007-12-05 21:03 . 2007-12-05 21:03 29 --a------ C:\WINDOWS\system32\qsruawpd.tmp
2007-12-05 21:02 . 2007-12-05 21:02 46,592 --a------ C:\WINDOWS\system32\e404d.dll
2007-12-05 21:02 . 2007-12-06 14:51 2 --a------ C:\1282569011
2007-12-05 21:00 . 2007-12-06 14:51 57,856 --a------ C:\actgm.exe
2007-12-05 20:41 . 2001-08-18 06:24 79,616 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-12-05 20:41 . 2001-08-18 06:24 79,616 --a--c--- C:\WINDOWS\system32\dllcache\wdmaud.sys
2007-12-05 20:41 . 2001-08-17 22:00 5,632 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-12-05 20:41 . 2001-08-17 22:00 5,632 --a--c--- C:\WINDOWS\system32\dllcache\splitter.sys
2007-12-05 20:36 . 2007-12-05 20:36 <DIR> d-------- C:\Documents and Settings\Dom\WINDOWS
2007-12-05 20:35 . 2007-12-05 20:36 81,920 --a------ C:\WINDOWS\system32\hqghumea.dll
2007-12-05 20:22 . 2007-12-05 20:22 <DIR> d-------- C:\Program Files\Analog Devices
2007-12-05 20:22 . 2002-06-06 15:28 45,056 --a------ C:\WINDOWS\system32\DSndUp.exe
2007-12-05 20:22 . 2002-04-17 15:05 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
2007-12-05 20:22 . 2007-12-05 20:40 44 --a------ C:\WINDOWS\system32\msssc.dll
2007-12-05 20:21 . 2000-03-29 15:17 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2007-12-05 20:21 . 2007-12-05 20:47 3,473 --a------ C:\WINDOWS\Ascd_tmp.ini
2007-12-05 19:34 . 2007-12-05 21:09 458,752 --a------ C:\WINDOWS\system32\nope.dll
2007-12-05 19:32 . 2007-12-05 19:32 20,101 --a------ C:\WINDOWS\system32\ghhgjhj.exe
2007-12-05 19:26 . 2007-12-05 19:34 547,770 --a------ C:\WINDOWS\system32\ghhgj.exe
2007-12-05 19:22 . 2007-12-05 21:09 458,752 ---hs---- C:\WINDOWS\system32\Wseclayer.exe
2007-12-05 19:22 . 2007-12-06 16:33 0 --a------ C:\adware.exe
2007-12-05 19:21 . 2007-12-05 20:14 27 --a------ C:\WINDOWS\system32\kuki.bat
2007-12-05 19:19 . 2007-12-05 19:19 <DIR> d-------- C:\Documents and Settings\Dom\.java
2007-12-05 19:19 . 2007-12-05 19:21 547,770 --a------ C:\virnatoag.exe
2007-12-04 22:47 . 2007-12-04 22:47 <DIR> d-------- C:\Program Files\HP
2007-12-04 22:47 . 2007-12-04 22:48 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-12-04 22:47 . 2003-12-11 11:15 1,230,336 -ra------ C:\WINDOWS\system32\MSXML4.dll
2007-12-04 22:47 . 2003-12-11 11:15 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2007-12-04 22:47 . 2003-12-11 11:15 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2007-12-04 22:47 . 2003-12-11 11:15 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
2007-12-04 22:47 . 2007-12-04 22:46 84,914 --a------ C:\WINDOWS\hpdj3740.hi1
2007-12-04 22:47 . 2003-12-11 11:15 82,432 -ra------ C:\WINDOWS\system32\MSXML4r.dll
2007-12-04 22:47 . 2003-12-11 11:15 44,544 -ra------ C:\WINDOWS\system32\MSXML4a.dll
2007-12-04 22:47 . 2007-12-04 22:46 9,062 --a------ C:\WINDOWS\hpdj3740.bu1
2007-12-04 22:44 . 2007-12-04 22:51 98,482 --a------ C:\WINDOWS\hpdj3740.his
2007-12-04 22:44 . 2007-12-04 22:51 10,276 --a------ C:\WINDOWS\hpdj3740.ini
2007-12-04 22:23 . 2007-12-04 22:23 0 --a------ C:\WINDOWS\system32\mpdemo.exe
2007-12-04 22:20 . 2007-12-04 22:20 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-12-04 22:03 . 2007-12-04 22:08 851,968 --a------ C:\WINDOWS\system32\Srb0ty.exe
2007-12-04 21:58 . 2007-12-04 21:58 <DIR> d---s---- C:\Documents and Settings\Dom\UserData
2007-12-04 20:57 . 2007-12-04 20:57 <DIR> d-------- C:\Documents and Settings\Dom\Dane aplikacji\Gadu-Gadu
2007-12-04 20:35 . 2007-12-05 21:13 <DIR> dr------- C:\Documents and Settings\Dom\Moje dokumenty
2007-12-04 20:15 . 2007-12-04 20:15 <DIR> d-------- C:\Program Files\Winamp Toolbar
2007-12-04 20:15 . 2007-12-04 20:15 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar
2007-12-04 20:15 . 2007-12-04 20:15 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
2007-12-04 20:12 . 2007-12-04 20:12 <DIR> d-------- C:\Program Files\Gadu-Gadu
2007-12-04 20:12 . 2007-12-04 20:13 <DIR> d-------- C:\Documents and Settings\Dom\Gadu-Gadu
2007-12-04 20:10 . 2007-12-04 20:16 <DIR> d-------- C:\Program Files\Winamp
2007-12-04 20:10 . 2007-12-04 20:33 <DIR> d-------- C:\Documents and Settings\Dom\Dane aplikacji\Winamp
2007-12-04 20:08 . 2001-08-17 21:48 4,992 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-12-04 20:08 . 2001-08-17 21:48 4,992 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
2007-12-04 20:06 . 2007-12-05 20:48 <DIR> d-------- C:\WUTemp
2007-12-04 20:02 . 2007-12-04 20:02 <DIR> d-------- C:\Documents and Settings\Dom\Dane aplikacji\Talkback
2007-12-04 19:59 . 2007-12-06 16:38 <DIR> d-a------ C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2007-12-04 19:58 . 2007-12-06 15:11 <DIR> d-------- C:\Program Files\Spyware Doctor
2007-12-04 19:58 . 2007-12-04 19:58 <DIR> d-------- C:\Documents and Settings\Dom\Dane aplikacji\PC Tools
2007-12-04 19:58 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-12-04 19:58 . 2005-07-06 18:13 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-12-04 19:58 . 2005-07-06 18:13 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-12-04 19:58 . 2007-10-18 00:16 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-12-04 19:58 . 2007-10-18 00:15 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-12-04 19:58 . 2007-10-18 00:14 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-12-04 19:58 . 2007-10-18 00:16 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-12-04 19:37 . 2007-12-04 19:37 0 --a------ C:\WINDOWS\system32\scrcs.exe
2007-12-04 19:36 . 2007-12-04 19:37 <DIR> dr------- C:\Documents and Settings\Dom\Ulubione
2007-12-04 19:34 . 2007-12-04 20:12 <DIR> dr------- C:\Documents and Settings\Dom\Menu Start
2007-12-04 19:34 . 2007-12-04 19:34 <DIR> d-------- C:\Documents and Settings\Dom\Dane aplikacji\Microsoft Web Folders
2007-12-04 19:34 . 2007-12-04 22:24 <DIR> dr-h----- C:\Documents and Settings\Dom\Dane aplikacji
2007-12-04 19:33 . 2007-12-06 16:36 <DIR> d--h----- C:\Documents and Settings\Dom\Ustawienia lokalne
2007-12-04 19:33 . 2007-12-04 19:33 <DIR> d--h----- C:\Documents and Settings\Dom\Szablony
2007-12-04 19:33 . 2007-12-06 16:38 <DIR> d-------- C:\Documents and Settings\Dom\Pulpit
2007-12-04 18:58 . 2007-12-04 19:33 <DIR> d-------- C:\Documents and Settings\Dom(2)\Ustawienia lokalne(2)
2007-12-04 18:58 . 2007-12-04 19:02 <DIR> dr------- C:\Documents and Settings\Dom(2)\Ulubione
2007-12-04 18:58 . 2007-12-04 19:33 <DIR> d-------- C:\Documents and Settings\Dom(2)\Szablony(2)
2007-12-04 18:58 . 2007-12-04 19:02 <DIR> dr------- C:\Documents and Settings\Dom(2)\Moje dokumenty
2007-12-04 18:58 . 2007-12-04 19:33 <DIR> d-------- C:\Documents and Settings\Dom(2)\Dane aplikacji(2)
2007-12-04 18:45 . 2007-12-04 19:34 <DIR> d-------- C:\Documents and Settings\Administrator.DOM-8LTV3J0QPXP\Ustawienia lokalne
2007-12-04 18:45 . 2007-12-04 19:34 <DIR> d-------- C:\Documents and Settings\Administrator.DOM-8LTV3J0QPXP\Szablony
2007-12-04 18:45 . 2007-12-04 19:34 <DIR> d-------- C:\Documents and Settings\Administrator.DOM-8LTV3J0QPXP\Dane aplikacji
2007-12-04 17:50 . 2007-12-04 17:51 1,158 --a------ C:\WINDOWS\mozver.dat
2007-12-03 20:22 . 2007-12-04 19:34 <DIR> d-------- C:\Program Files\Bezpieczny Internet
2007-12-03 20:21 . 2007-12-03 20:31 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\F-Secure
2007-12-03 20:09 . 2007-12-03 20:09 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\fssg
2007-12-03 20:00 . 2007-12-03 19:18 261 --a------ C:\WINDOWS\system32\$winnt$.inf
2007-12-03 20:00 . 2007-12-03 19:11 194 ---hs---- C:\boot.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-05 19:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-04 18:34 --------- d-----w C:\Program Files\Mozilla Firefox(2)
2007-12-03 18:49 --------- d-----w C:\Program Files\Neostrada TP
2007-12-03 18:45 --------- d-----w C:\Program Files\microsoft frontpage
2007-12-03 18:44 548,864 ----a-w C:\WINDOWS\system32\Syst3m32.exe
2007-12-03 18:39 471,040 ----a-w C:\WINDOWS\system32\load.exe
2007-12-03 18:36 --------- d-----w C:\Program Files\Thomson
2007-12-03 18:36 --------- d-----w C:\Program Files\Java Web Start
2007-12-03 18:36 --------- d-----w C:\Program Files\Java
2007-12-03 18:36 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-03 18:21 --------- d-----w C:\Program Files\Netia
2007-12-03 18:13 --------- d-----w C:\Program Files\Usługi online
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 21:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-10-26 18:29]
"Windows Secure Update"="load.exe" [2007-12-03 19:39 C:\WINDOWS\system32\load.exe]
"MicroSoft Legal Syst3m32"="Syst3m32.exe" [2007-12-03 19:44 C:\WINDOWS\system32\Syst3m32.exe]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-11-14 11:54]
"MicroSoft Legal Service"="Srb0ty.exe" [2007-12-04 22:08 C:\WINDOWS\system32\Srb0ty.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Windows Secure Update"="load.exe" [2007-12-03 19:39 C:\WINDOWS\system32\load.exe]
"MicroSoft Legal Syst3m32"="Syst3m32.exe" [2007-12-03 19:44 C:\WINDOWS\system32\Syst3m32.exe]
"MicroSoft Legal Service"="Srb0ty.exe" [2007-12-04 22:08 C:\WINDOWS\system32\Srb0ty.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NETIANET"="C:\Program Files\Netia\Net\netianet.exe" [2007-12-01 18:08]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]
"Windows Secure Update"="load.exe" [2007-12-03 19:39 C:\WINDOWS\system32\load.exe]
"MicroSoft Legal Syst3m32"="Syst3m32.exe" [2007-12-03 19:44 C:\WINDOWS\system32\Syst3m32.exe]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-11-02 17:24]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 06:28]
"MicroSoft Legal Service"="Srb0ty.exe" [2007-12-04 22:08 C:\WINDOWS\system32\Srb0ty.exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-05-13 02:28]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-05-13 02:28]
"WinDLL (Wseclayer.exe)"="C:\WINDOWS\System32\Wseclayer.exe" [2007-12-05 21:09]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-11 18:26]
"combofix"="C:\WINDOWS\system32\cmd.exe" [2001-10-26 18:29]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"combofix"="C:\WINDOWS\system32\cmd.exe" [2001-10-26 18:29]
"Windows Secure Update"="load.exe" [2007-12-03 19:39 C:\WINDOWS\system32\load.exe]
"MicroSoft Legal Syst3m32"="Syst3m32.exe" [2007-12-03 19:44 C:\WINDOWS\system32\Syst3m32.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Windows Secure Update"="load.exe" [2007-12-03 19:39 C:\WINDOWS\system32\load.exe]
"MicroSoft Legal Syst3m32"="Syst3m32.exe" [2007-12-03 19:44 C:\WINDOWS\system32\Syst3m32.exe]
"MicroSoft Legal Service"="Srb0ty.exe" [2007-12-04 22:08 C:\WINDOWS\system32\Srb0ty.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-10-26 18:29]
"Windows Secure Update"="load.exe" [2007-12-03 19:39 C:\WINDOWS\system32\load.exe]
"MicroSoft Legal Syst3m32"="Syst3m32.exe" [2007-12-03 19:44 C:\WINDOWS\system32\Syst3m32.exe]
"MicroSoft Legal Service"="Srb0ty.exe" [2007-12-04 22:08 C:\WINDOWS\system32\Srb0ty.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Windows Secure Update"="load.exe" [2007-12-03 19:39 C:\WINDOWS\system32\load.exe]
"MicroSoft Legal Syst3m32"="Syst3m32.exe" [2007-12-03 19:44 C:\WINDOWS\system32\Syst3m32.exe]
"MicroSoft Legal Service"="Srb0ty.exe" [2007-12-04 22:08 C:\WINDOWS\system32\Srb0ty.exe]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"E404Helper"= {171ba14b-e43e-46c4-9773-aed92b95fd57} - e404d.dll [ ]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

R2 Distributed Allocated Memory Unit;Distributed Allocated Memory Unit;"C:\WINDOWS\system32\dllcache\mravsc32.exe"
R2 Windows Internet Connection Sharing;Windows Internet Connection Sharing Service;"C:\WINDOWS\system32\dllcache\msfav32.exe"
R3 PAC207;VideoCAM GE111;C:\WINDOWS\System32\DRIVERS\pfc027.sys
R4 flys.q8pilots.net;Windows Secure Update;"C:\WINDOWS\System32\load.exe" -netsvcs
R4 System.microsoft.com;MicroSoft Legal Syst3m32;"C:\WINDOWS\System32\Syst3m32.exe" -netsvcs
S2 FSIHS;F-Secure Installer restarter;"C:\DOCUME~1\Dom\USTAWI~1\Temp\Installer\00000001\bootstrap\fsihs.exe"

*Newly Created Service* - ALG
*Newly Created Service* - IPNAT
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-06 16:38:24
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-06 16:39:11 - machine was rebooted
.
--- E O F -
Proszę o pomoc znowu ten sam problem z zawirusowaniem i nic nie chce usunąć tego świństwa

[pp3088]

Weź przeskanuj jakimś antywirem, albo skanerem, bo tego się normalnie nie da czytac. Same wiry.

[optimus9292]

Skanowałem Nortonem i Spyware Doctor i nic nie daje, nie usuwa Trojan.Mailbot a chwile po skanowaniu znowu inne wirusy wchodzą,a zaczęło się to od czasu zmiany Neostrady na Netie=)

[Leon$]

Przeskanuj tym http://www.kaspersky.pl/virusscanner.html

Zainstaluj jakąś zaporę