ComboFix 12-07-08.01 - graczkowski 2012-07-09   0:35.1.2 - x86 NETWORK
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.2972.2272 [GMT 2:00]
Uruchomiony z: c:\documents and settings\graczkowski\Moje dokumenty\Pobieranie\ComboFix.exe
AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\graczkowski\Ustawienia lokalne\Dane aplikacji\unins000.exe
c:\windows\EventSystem.log
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-06-08 do 2012-07-08  )))))))))))))))))))))))))))))))
.
.
2012-07-08 22:03 . 2012-07-03 16:21	353688	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-07-08 22:03 . 2012-07-03 16:21	21256	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-07-08 22:03 . 2012-07-03 16:21	54232	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-07-08 22:03 . 2012-07-03 16:21	97608	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2012-07-08 22:03 . 2012-07-03 16:21	89624	----a-w-	c:\windows\system32\drivers\aswmon.sys
2012-07-08 22:03 . 2012-07-03 16:21	721000	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-07-08 22:03 . 2012-07-03 16:21	35928	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2012-07-08 22:03 . 2012-07-03 16:21	25256	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2012-07-08 22:03 . 2012-07-03 16:21	41224	----a-w-	c:\windows\avastSS.scr
2012-07-08 22:03 . 2012-07-03 16:21	227648	----a-w-	c:\windows\system32\aswBoot.exe
2012-07-08 22:02 . 2012-07-08 22:02	--------	d-----w-	c:\program files\AVAST Software
2012-07-08 22:02 . 2012-07-08 22:02	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\AVAST Software
2012-07-08 20:39 . 2012-07-08 20:39	--------	d-----w-	c:\documents and settings\graczkowski\Dane aplikacji\hellomoto
2012-07-02 19:32 . 2012-07-02 19:32	--------	d-----w-	c:\documents and settings\graczkowski\Ustawienia lokalne\Dane aplikacji\Identities
2012-06-30 23:36 . 2012-06-30 23:46	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\SweetIM
2012-06-30 23:36 . 2012-06-30 23:36	--------	d-----w-	c:\program files\SweetIM
2012-06-30 17:44 . 2012-06-30 17:44	--------	d-----w-	c:\documents and settings\NetworkService\Dane aplikacji\Apple Computer
2012-06-18 05:21 . 2012-06-18 05:21	21472	----a-w-	c:\program files\Mozilla Firefox\plc4.dll
2012-06-18 05:21 . 2012-06-18 05:21	20960	----a-w-	c:\program files\Mozilla Firefox\plds4.dll
2012-06-18 05:21 . 2012-06-18 05:21	16864	----a-w-	c:\program files\Mozilla Firefox\plugin-container.exe
2012-06-18 05:21 . 2012-06-18 05:21	91104	----a-w-	c:\program files\Mozilla Firefox\smime3.dll
2012-06-18 05:21 . 2012-06-18 05:21	155104	----a-w-	c:\program files\Mozilla Firefox\softokn3.dll
2012-06-18 05:21 . 2012-06-18 05:21	145376	----a-w-	c:\program files\Mozilla Firefox\ssl3.dll
2012-06-18 05:21 . 2012-06-18 05:21	868344	----a-w-	c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-06-18 05:21 . 2012-06-18 05:21	265184	----a-w-	c:\program files\Mozilla Firefox\updater.exe
2012-06-18 05:21 . 2012-06-18 05:21	19424	----a-w-	c:\program files\Mozilla Firefox\xpcom.dll
2012-06-18 05:21 . 2012-06-18 05:21	15757792	----a-w-	c:\program files\Mozilla Firefox\xul.dll
2012-06-13 10:33 . 2012-05-11 14:44	521728	-c----w-	c:\windows\system32\dllcache\jsdbgui.dll
2012-06-09 20:32 . 2012-06-09 20:32	--------	d-----w-	c:\documents and settings\NetworkService\Ustawienia lokalne\Dane aplikacji\uTorrentControl2
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-02 13:19 . 2009-08-06 18:24	15896	----a-w-	c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2009-08-06 18:24	24088	----a-w-	c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 1979-12-31 23:53	329240	----a-w-	c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 1979-12-31 23:53	210968	----a-w-	c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 1979-12-31 23:53	219160	----a-w-	c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2009-08-06 18:24	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2008-04-15 17:00	97304	----a-w-	c:\windows\system32\cdm.dll
2012-06-02 13:19 . 1979-12-31 23:53	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 1979-12-31 23:53	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-02 13:19 . 2009-08-06 18:24	16408	----a-w-	c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 1979-12-31 23:53	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2009-08-06 18:23	18968	----a-w-	c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 1979-12-31 23:53	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-05-31 13:22 . 2008-04-15 17:00	602624	----a-w-	c:\windows\system32\crypt32.dll
2012-05-25 16:29 . 2012-05-25 16:29	29184	----a-r-	c:\documents and settings\graczkowski\Dane aplikacji\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
2012-05-16 15:09 . 2008-04-15 17:00	916992	----a-w-	c:\windows\system32\wininet.dll
2012-05-15 13:55 . 2008-04-15 17:00	1863424	----a-w-	c:\windows\system32\win32k.sys
2012-05-11 14:44 . 2008-04-15 17:00	43520	------w-	c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2008-04-15 17:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2012-05-11 11:39 . 2008-04-15 17:00	385024	------w-	c:\windows\system32\html.iec
2012-05-05 03:14 . 2008-04-15 17:00	2149888	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2008-04-14 21:59	2028032	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:47 . 1979-12-31 23:51	139656	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-18 05:22 . 2012-06-18 05:22	85472	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2012-06-04 130904]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49	176936	----a-w-	c:\program files\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-06-04 14:12	1310040	----a-w-	c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-06-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{687578B9-7132-4A7A-80E4-30EE31099E03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-06-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21	121528	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2007-04-17 2113536]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-05-24 880496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [1980-01-01 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [1980-01-01 170008]
"Persistence"="c:\windows\system32\igfxpers.exe" [1980-01-01 145432]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [1980-01-01 1791272]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [1980-01-01 1044480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"CardDetectorICON225"="c:\program files\CardDetector\ICON225\CardDetector.exe" [2007-11-13 278528]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Communicator"="c:\program files\Microsoft Lync\communicator.exe" [2012-05-16 12098648]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-02-26 295728]
"secproc_ssp"="c:\documents and settings\graczkowski\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\1587\secproc_ssp.exe" [2012-07-08 49664]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-3-31 576104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ackpbsc]
2009-06-03 14:14	113152	----a-w-	c:\program files\ActivIdentity\ActivClient\ackpbsc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\acunlock]
2009-06-03 14:13	299520	----a-w-	c:\program files\ActivIdentity\ActivClient\acunlock.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-323157550-59690136-3293079595-16459\Scripts\Logon\0\0]
"Script"=addZones.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-323157550-59690136-3293079595-16459\Scripts\Logon\0\1]
"Script"=delZones.vbs
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^VPN Client.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
2009-06-03 14:13	400936	----a-w-	c:\program files\ActivIdentity\ActivClient\accrdsub.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents]
2009-06-03 14:16	153640	----a-w-	c:\program files\ActivIdentity\ActivClient\acevents.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37	843712	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 05:22	59240	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BEWINTERNET-PLSessionManager]
2008-01-08 17:29	107248	----a-w-	c:\program files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2011-08-01 12:15	115560	----a-w-	c:\program files\Common Files\Symantec Shared\ccApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Communicator]
2012-05-16 14:02	12098648	----a-w-	c:\program files\Microsoft Lync\communicator.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-01-13 22:39	137536	----atw-	c:\documents and settings\graczkowski\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-11-12 23:24	421736	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
2012-01-16 20:39	1868	----a-w-	c:\program files\Przyspiesz Komputer\PCSpeedUp.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-05-24 05:19	880496	----a-w-	c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"=
"c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"=
"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\OrangeBS\\BEWInternet-PL\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Microsoft Lync\\communicator.exe"=
"c:\\Documents and Settings\\graczkowski\\Ustawienia lokalne\\Dane aplikacji\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Oracle\\Middleware\\jdeveloper\\jdeveloper.exe"=
"c:\\Oracle\\Middleware\\jdk160_24\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*:Disabled:Zdalne zarządzanie systemem Windows 
.
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [1980-01-01 24064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-01-16 239168]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2011-08-08 98928]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-07-09 721000]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-07-09 353688]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-07-09 21256]
S2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-05-07 116648]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-31 92216]
S2 Lotus Notes Diagnostics;Procedury diagnostyczne programu Lotus Notes;c:\lotus\Notes\nsd.exe -svcinvoke -ini "c:\lotus\Notes\notes.ini" --> c:\lotus\Notes\nsd.exe -svcinvoke -ini c:\lotus\Notes\notes.ini [?]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2010-08-17 1542560]
S2 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE --> c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [?]
S2 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE [2011-08-27 512000]
S2 PCSUService;PC Speed Up Service;c:\program files\Przyspiesz Komputer\PCSUService.exe [2012-01-16 235232]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-08-21 665200]
S2 XwpXSetSrvWinaXe;XwpXSetSrvWinaXe service;c:\program files\LabF.com\WinaXe\xsetsrv.exe [2012-03-21 106496]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [1980-01-01 482176]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2009-06-01 23888]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [1980-01-01 227896]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-30 106656]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2011-10-18 95744]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2011-10-18 51968]
S3 gupdatem;Usługa Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-05-07 116648]
S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [1980-01-01 44800]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 113120]
S3 Smcinst;Symantec Auto-upgrade Agent;c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe --> c:\program files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe [?]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe XE --> c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [?]
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - AAVMKER4
*NewlyCreated* - ASWFSBLK
*NewlyCreated* - ASWMON2
*NewlyCreated* - ASWSP
*NewlyCreated* - ASWTDI
*NewlyCreated* - AVAST!_ANTIVIRUS
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-06-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2012-07-08 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-08 16:21]
.
2012-07-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-323157550-59690136-3293079595-16459Core.job
- c:\documents and settings\graczkowski\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [2012-01-13 22:39]
.
2012-07-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-323157550-59690136-3293079595-16459UA.job
- c:\documents and settings\graczkowski\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [2012-01-13 22:39]
.
2012-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-07 11:09]
.
2012-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-07 11:09]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid={7B4B4BE0-D2EF-45A6-894C-491D2A47F5D4}
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid={7B4B4BE0-D2EF-45A6-894C-491D2A47F5D4}
IE: Wyślij do interfejsu Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Wyślij do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
FF - ProfilePath - c:\documents and settings\graczkowski\Dane aplikacji\Mozilla\Firefox\Profiles\fp0rbje3.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - uTorrentControl2 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111434
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 9497820a00000000000000f1d000f1d0
FF - user.js: extensions.BabylonToolbar_i.hardId - 9497820a00000000000000f1d000f1d0
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15433
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:26
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
SafeBoot-Symantec Antvirus
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
AddRemove-{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1 - c:\documents and settings\graczkowski\Ustawienia lokalne\Dane aplikacji\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-09 00:39
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'winlogon.exe'(1372)
c:\program files\ActivIdentity\ActivClient\ackpbsc.dll
c:\program files\ActivIdentity\ActivClient\aclog.dll
c:\program files\ActivIdentity\ActivClient\accrypto.dll
c:\program files\ActivIdentity\ActivClient\ACLIBEAY.dll
c:\program files\ActivIdentity\ActivClient\acunlock.dll
c:\program files\ActivIdentity\ActivClient\aipingui.dll
c:\program files\ActivIdentity\ActivClient\acevtsub.dll
c:\program files\ActivIdentity\ActivClient\asphat32.dll
c:\program files\ActivIdentity\ActivClient\acerrmes.dll
c:\program files\ActivIdentity\ActivClient\aiwinext.dll
c:\program files\ActivIdentity\ActivClient\aspcom.dll
c:\program files\ActivIdentity\ActivClient\aicext.dll
c:\program files\ActivIdentity\ActivClient\Resources\acerrmrc.dll
c:\program files\ActivIdentity\ActivClient\Resources\asphatrc.dll
c:\program files\ActivIdentity\ActivClient\Resources\aipinguirc.dll
c:\program files\ActivIdentity\ActivClient\resources\acCobAPIrc.dll
c:\program files\ActivIdentity\ActivClient\resources\acCobAPIlrc.dll
c:\program files\ActivIdentity\ActivClient\Resources\acunlockrc.dll
.
Czas ukończenia: 2012-07-09  00:40:31
ComboFix-quarantined-files.txt  2012-07-08 22:40
.
Przed: 76 526 891 008 bajtów wolnych
Po: 78 036 664 320 bajtów wolnych
.
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 9A65614ECBCD2FEC93F5CBD56F0A1C62