ComboFix 11-11-26.01 - dav 2011-11-26  15:29:25.2.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.1014.352 [GMT 1:00]
Uruchomiony z: c:\documents and settings\dav\Pulpit\ComboFix.exe
AV: avast! Antivirus *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-10-26 do 2011-11-26  )))))))))))))))))))))))))))))))
.
.
2070-01-01 00:00 . 2070-01-01 00:00	--------	d-----w-	c:\program files\ENGLISH_3 swiat
2070-01-01 00:00 . 2070-01-01 00:00	--------	d-----w-	c:\program files\English_2mój dom i okolica
2011-11-25 19:50 . 2011-02-23 14:56	301528	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-11-25 19:50 . 2011-02-23 14:54	19544	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-11-25 19:50 . 2011-02-23 14:55	25432	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-11-25 19:50 . 2011-02-23 14:56	371544	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-11-25 19:50 . 2011-02-23 14:55	49240	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-11-25 19:50 . 2011-02-23 14:55	102232	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2011-11-25 19:50 . 2011-02-23 14:55	96344	----a-w-	c:\windows\system32\drivers\aswmon.sys
2011-11-25 19:50 . 2011-02-23 14:54	30680	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2011-11-25 19:50 . 2011-02-23 15:04	40648	----a-w-	c:\windows\avastSS.scr
2011-11-25 19:50 . 2011-02-23 15:04	190016	----a-w-	c:\windows\system32\aswBoot.exe
2011-11-25 18:31 . 2011-11-25 18:31	--------	d-----w-	c:\documents and settings\All Users\Ulubione
2011-11-25 16:52 . 2011-11-25 16:52	--------	d-----r-	c:\documents and settings\LocalService\Ulubione
2011-11-24 19:30 . 2011-11-25 18:30	--------	d-----w-	c:\documents and settings\dav\Ustawienia lokalne\Dane aplikacji\fb22e160
2011-11-24 19:23 . 2011-11-24 19:23	--------	d-----w-	c:\documents and settings\dav\Dane aplikacji\MediaBox
2011-11-24 19:23 . 2011-11-24 19:23	--------	d-----w-	c:\documents and settings\dav\Ustawienia lokalne\Dane aplikacji\MediaBox
2011-11-24 18:44 . 1998-10-29 15:45	306688	----a-w-	c:\windows\IsUninst.exe
2011-11-24 18:10 . 2011-11-24 19:10	--------	d-----w-	c:\program files\PowerISO
2011-11-17 19:18 . 2011-11-24 20:53	--------	d-----w-	c:\documents and settings\dav\Dane aplikacji\FileHunter
2011-11-17 19:15 . 2008-10-23 00:22	198144	------w-	c:\windows\system32\_psisdecd.dll
2011-11-17 18:56 . 2011-11-17 19:03	--------	d-----w-	c:\documents and settings\dav\Ustawienia lokalne\Dane aplikacji\TVEnhance
2011-11-17 18:53 . 2008-10-23 00:22	95232	----a-w-	c:\windows\system32\oCLWatson.exe
2011-11-17 18:53 . 2008-10-23 00:22	44544	----a-w-	c:\windows\system32\msxml4a.dll
2011-11-17 18:47 . 2011-11-17 19:15	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\CyberLink
2011-11-17 09:24 . 2011-11-17 09:24	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\BlazeVideo
2011-11-17 09:24 . 2011-11-17 09:24	--------	d-----w-	c:\program files\BlazeVideo
2011-11-15 03:50 . 2011-11-15 03:50	112096	----a-w-	c:\windows\system32\drivers\scdemu.sys
2011-11-13 10:14 . 2006-09-15 20:32	122880	----a-w-	c:\windows\system32\dsnet.ax
2011-11-12 22:00 . 2011-11-12 22:00	--------	d-----w-	c:\program files\MySQL
2011-11-12 22:00 . 2011-11-12 22:00	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\MySQL
2011-11-12 21:52 . 2007-10-12 14:14	1374232	----a-w-	c:\windows\system32\D3DCompiler_36.dll
2011-11-12 21:51 . 2011-11-12 22:38	--------	d-----w-	c:\windows\Logs
2011-11-12 21:17 . 2011-11-12 21:17	--------	d-----w-	c:\program files\Microsoft.NET
2011-11-12 20:30 . 2011-11-12 22:38	--------	d-----w-	c:\program files\KM Wakeup
2011-11-12 20:17 . 2011-11-13 07:57	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Mirillis
2011-11-12 17:56 . 2011-11-12 17:56	--------	d-----w-	c:\program files\MSBuild
2011-11-12 17:56 . 2011-11-12 19:38	--------	d-----w-	c:\windows\system32\XPSViewer
2011-11-12 13:07 . 2011-11-12 17:21	--------	d-----w-	c:\windows\system32\URTTemp
2011-11-12 12:54 . 2011-11-12 12:54	--------	d-----w-	c:\documents and settings\dav\Ustawienia lokalne\Dane aplikacji\Sun
2011-11-12 12:33 . 2011-11-12 12:33	--------	d-----w-	c:\program files\Common Files\Java
2011-11-12 11:46 . 2011-11-12 13:14	--------	d-----w-	c:\documents and settings\dav\Ustawienia lokalne\Dane aplikacji\Windows Live Writer
2011-11-12 11:46 . 2011-11-12 11:46	--------	d-----w-	c:\documents and settings\dav\Dane aplikacji\Windows Live Writer
2011-11-10 20:24 . 2011-11-10 20:24	--------	d-----w-	c:\documents and settings\dav\Dane aplikacji\Media Player Classic
2011-11-08 12:21 . 2008-04-14 20:50	14720	-c--a-w-	c:\windows\system32\dllcache\kbdhid.sys
2011-11-08 12:21 . 2008-04-14 20:50	14720	----a-w-	c:\windows\system32\drivers\kbdhid.sys
2011-11-08 12:21 . 2008-04-13 23:16	15232	-c--a-w-	c:\windows\system32\dllcache\mpe.sys
2011-11-08 12:21 . 2008-04-13 23:16	15232	----a-w-	c:\windows\system32\drivers\MPE.sys
2011-11-08 12:20 . 2008-04-14 21:51	18432	----a-w-	c:\windows\system32\BdaPlgIn.ax
2011-11-08 12:20 . 2008-04-13 23:16	11776	-c--a-w-	c:\windows\system32\dllcache\bdasup.sys
2011-11-08 12:20 . 2008-04-13 23:16	11776	----a-w-	c:\windows\system32\drivers\BdaSup.sys
2011-11-08 12:19 . 2011-11-08 12:19	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Plugins
2011-11-08 12:12 . 2008-04-14 21:51	56832	----a-w-	c:\windows\system32\msdvbnp.ax
2011-11-08 12:12 . 2008-04-14 21:51	33280	----a-w-	c:\windows\system32\psisrndr.ax
2011-11-08 12:12 . 2008-04-14 21:50	363520	-c--a-w-	c:\windows\system32\dllcache\psisdecd.dll
2011-11-08 12:12 . 2008-04-14 21:50	363520	----a-w-	c:\windows\system32\psisdecd.dll
2011-11-08 12:10 . 2011-11-08 12:10	94336	----a-w-	c:\windows\system32\drivers\IT9135BDA.SYS
2011-11-08 12:10 . 2010-09-20 07:17	356	----a-w-	c:\windows\system32\AF15IRTBL.bin
2011-11-04 09:26 . 2009-08-06 18:23	215920	----a-w-	c:\windows\system32\muweb.dll
2011-11-04 09:26 . 2009-08-06 18:23	274288	----a-w-	c:\windows\system32\mucltui.dll
2011-11-03 09:46 . 2011-11-03 09:50	--------	d-----w-	c:\documents and settings\dav\Dane aplikacji\NapiProjekt
2011-11-03 06:47 . 2011-11-03 06:47	--------	d-----w-	c:\program files\Movie Subtitles Searcher
2011-11-01 10:30 . 2011-11-24 15:32	--------	d-----w-	C:\Mistrz Klawiatury II
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-12 12:34 . 2011-05-12 08:28	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2011-11-12 12:33 . 2011-03-06 20:20	128000	----a-w-	c:\windows\system32\javacpl.cpl
2011-11-12 12:33 . 2011-03-06 20:20	544656	----a-w-	c:\windows\system32\deployJava1.dll
2011-11-12 12:32 . 2011-07-24 15:39	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2009-06-30 00:14	692736	----a-w-	c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2009-06-30 01:58	602624	----a-w-	c:\windows\system32\crypt32.dll
2011-09-26 10:41 . 2011-09-26 10:41	614400	------w-	c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2009-06-30 01:58	23040	----a-w-	c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2009-06-30 01:58	220160	----a-w-	c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2009-06-30 01:58	1859200	----a-w-	c:\windows\system32\win32k.sys
2011-11-10 11:17 . 2011-10-08 14:47	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04	122512	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-11-07 00:07	297808	----a-w-	c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-11-07 00:07	297808	----a-w-	c:\windows\system32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-06-16 397312]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-05-19 3417336]
"F.lux"="c:\documents and settings\dav\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-11 17881600]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-06-30 3054136]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-07-06 354840]
"PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-07-06 96792]
"LiveUpdate"="c:\program files\Asus\LiveUpdate\LiveUpdate.exe" [2009-06-25 712704]
"EeeStorageBackup"="c:\program files\ASUS\Eee Storage\BackupService.exe" [2009-07-14 935184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-04-09 1512744]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-04-09 79144]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-12-11 994216]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-05-08 98304]
"HTC Sync"="c:\program files\HTC\HTC Sync for BrewMP\AutoDetect.exe" [2010-04-16 180224]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
.
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
 SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-6-30 376832]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igdlogin]
2009-06-24 23:13	65536	----a-w-	c:\windows\system32\igdlogin.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0aswBoot.exe /A:* /L:1045 /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Zdalne zarządzanie systemem Windows 
"3306:TCP"= 3306:TCP:MySQL
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-11-25 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-11-25 301528]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-11-25 19544]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [2009-08-13 5097632]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-04-29 38912]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [2009-06-30 233512]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Secunia Update Agent;Secunia Update Agent;"c:\program files\Secunia\PSI\sua.exe" --start-service --> c:\program files\Secunia\PSI\sua.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-06-30 1684736]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.SYS [2011-11-08 94336]
S3 qcserxp;HTC Diagnostic Port;c:\windows\system32\drivers\qcserxp.sys [2011-03-06 103424]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [2009-04-21 39040]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2009-06-30 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - 27834716
*Deregistered* - 27834716
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM	REG_MULTI_SZ   	WINRM
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-11-26 c:\windows\Tasks\User_Feed_Synchronization-{A853BD8A-E399-459D-973A-8E536DF6D2AA}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.wp.pl/
TCP: DhcpNameServer = 192.168.101.254 213.199.225.14
TCP: Interfaces\{81816D76-B8F9-4A6F-BF8E-7B77163F2D7C}: NameServer = 213.199.255.14,192.168.101.254
DPF: {41ACD49D-791A-1974-0981-AA9872721044} - hxxp://cached.gamedesire.com/g_bin/pl/boards_2_0_0_39.cab
FF - ProfilePath - c:\documents and settings\dav\Dane aplikacji\Mozilla\Firefox\Profiles\xr5tvu9t.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.wp.pl/
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com//web?src=ffb&appid=0&systemid=411&sr=0&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-26 15:43
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
Czas ukończenia: 2011-11-26  15:47:46
ComboFix-quarantined-files.txt  2011-11-26 14:47
ComboFix2.txt  2011-11-25 17:54
.
Przed: 58 809 651 200 bajtów wolnych
Po: 58 799 144 960 bajtów wolnych
.
- - End Of File - - E040714C78500C3C791FB50269460BB9