ComboFix 12-07-21.01 - Dom 2012-07-22  21:21:44.1.2 - x86 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.2807.2244 [GMT 2:00]
Uruchomiony z: I:\ComboFix.exe
AV: avast! Antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\jzxucybe.exe
c:\programdata\lentdqlnhaeeebr
c:\users\Dom\0.0627127577670542.exe
c:\users\Dom\Documents\s
c:\windows\IsUn0415.exe
c:\windows\system32\tmp5225.tmp
c:\windows\system32\tmp5245.tmp
c:\windows\system32\tmpA871.tmp
c:\windows\system32\tmpA891.tmp
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-06-22 do 2012-07-22  )))))))))))))))))))))))))))))))
.
.
2012-07-22 19:25 . 2012-07-22 19:25	--------	d-----w-	c:\users\Dom\AppData\Local\temp
2012-07-22 19:25 . 2012-07-22 19:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-22 17:34 . 2012-07-22 17:34	--------	d-----w-	c:\programdata\imrcklniljzdjej
2012-07-11 13:44 . 2012-07-21 16:05	--------	d-----w-	c:\users\Dom\.gstreamer-0.10
2012-07-11 13:44 . 2012-07-11 13:44	--------	d-----w-	c:\program files\ChomikBox
2012-07-10 06:29 . 2012-07-10 06:50	--------	d-----w-	c:\users\Dom\AppData\Local\Smartbar
2012-07-09 20:25 . 2012-07-09 20:25	--------	d-----w-	c:\users\Dom\AppData\Roaming\dvdcss
2012-07-09 17:24 . 2012-07-09 17:24	--------	d-----w-	c:\users\Dom\AppData\Roaming\OpenCandy
2012-07-05 11:35 . 2012-07-05 11:35	--------	d-----w-	c:\programdata\Hi-Rez Studios
2012-07-04 17:27 . 2012-07-04 17:27	--------	d-----w-	c:\users\Dom\AppData\Roaming\InstallShield
2012-07-04 15:35 . 2012-07-04 15:35	--------	d-----w-	c:\program files\Rockstar Games
2012-07-03 18:12 . 2012-07-03 18:12	--------	d-----w-	c:\users\Dom\.IBot
2012-06-25 14:19 . 2004-09-08 20:40	22528	----a-w-	c:\windows\exeshl.dll
2012-06-24 08:47 . 2012-06-24 08:47	--------	d-----w-	c:\users\Dom\AppData\Local\fontconfig
2012-06-24 08:47 . 2012-07-13 09:21	--------	d-----w-	c:\users\Dom\.gimp-2.8
2012-06-24 08:47 . 2012-06-24 08:47	--------	d-----w-	c:\users\Dom\AppData\Local\gegl-0.2
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-05 15:46 . 2012-05-08 13:17	444952	----a-w-	c:\windows\system32\wrap_oal.dll
2012-06-05 15:46 . 2012-05-08 13:17	109080	----a-w-	c:\windows\system32\OpenAL32.dll
2012-05-21 13:04 . 2012-05-21 13:04	107888	----a-w-	c:\windows\system32\CmdLineExt.dll
2012-05-06 15:37 . 2009-08-18 09:30	564632	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-05-06 15:36 . 2009-08-18 09:24	19352	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-19 05:34 . 2012-02-27 09:16	136672	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2010-11-20 21:29	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2012-03-15 13:57	242384	----a-w-	c:\program files\Softonic\Softonic\1.5.21.0\bh\Softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll" [2012-03-15 250576]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2010-05-04 11981408]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2011-08-16 1379840]
"Browser Infrastructure Helper"="c:\users\Dom\AppData\Local\Smartbar\Application\Linkury.exe" [2012-07-08 19800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-10-19 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 aswSP;aswSP; [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\games\HiPatchService.exe [x]
R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=fa033f4e-4650-4259-a0bf-ad5b38b3f81c&affid=110774&searchtype=hp&babsrc=lnkry_nt
uSearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=fa033f4e-4650-4259-a0bf-ad5b38b3f81c&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE: E&ksportuj do programu Microsoft Excel - c:\program files\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 62.233.233.233 87.204.204.204
FF - ProfilePath - c:\users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\05kt9utb.default\
FF - prefs.js: browser.startup.homepage - hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=fa033f4e-4650-4259-a0bf-ad5b38b3f81c&affid=110774&searchtype=hp&babsrc=lnkry
FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=fa033f4e-4650-4259-a0bf-ad5b38b3f81c&affid=110774&searchtype=ds&babsrc=lnkry&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.newTab - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00084/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 6491c0c80000000000000011679c60fe
FF - user.js: extensions.Softonic.instlDay - 15465
FF - user.js: extensions.Softonic.vrsn - 1.5.21.0
FF - user.js: extensions.Softonic.vrsni - 1.5.21.0
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.21.09:23
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00084
FF - user.js: extensions.Softonic.dfltLng - pl
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKCU-Run-jzxucybelogaceo - c:\programdata\jzxucybe.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3088226209-2202245671-513170408-1000\Software\SecuROM\License information*]
"datasecu"=hex:b6,db,20,20,93,3d,47,b9,3d,8c,d1,b1,70,d5,97,1c,1f,51,2e,61,af,
   d0,1c,b0,5b,e8,e0,af,6f,3c,ac,f5,40,d5,07,6f,0f,88,53,e4,9c,b1,b5,f4,f6,1c,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2012-07-22  21:26:31
ComboFix-quarantined-files.txt  2012-07-22 19:26
.
Przed: 12 250 611 712 bajtów wolnych
Po: 12 151 058 432 bajtów wolnych
.
- - End Of File - - 389E62E2026A53C25DC264B95F4009B7