ComboFix 12-08-31.08 - Administrator 2012-09-02 10:03:26.3.2 - x86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1823 [GMT 2:00] Uruchomiony z: C:\ComboFix.exe . UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Dane aplikacji\BKomx0QL.exe_ c:\documents and settings\All Users\Dane aplikacji\kiayblgw.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2012-08-02 do 2012-09-02 ))))))))))))))))))))))))))))))) . . 2012-09-01 20:21 . 2012-09-01 20:21 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\rfeynukiwptbvyt 2012-09-01 08:28 . 2012-09-01 09:38 -------- d-----w- c:\program files\Aurora 2012-08-03 09:49 . 2012-08-03 09:49 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Merscom . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-09 11:05 . 2012-07-09 11:24 594944 ----a-w- C:\OTL.exe 2012-07-06 13:58 . 2008-04-15 12:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05 . 2012-01-13 12:22 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 18:22 . 2008-04-15 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:38 . 2008-04-15 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:38 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-07-02 17:38 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec 2012-06-05 15:49 . 2008-04-15 12:00 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2008-04-15 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-05_15.14.40 ))))))))))))))))))))))))))))))))))))))))) . + 2008-04-15 12:00 . 2012-08-12 09:37 49492 c:\windows\system32\perfc015.dat + 2008-04-15 12:00 . 2012-08-12 09:37 39992 c:\windows\system32\perfc009.dat - 2008-04-15 12:00 . 2012-05-11 14:44 67072 c:\windows\system32\mshtmled.dll + 2008-04-15 12:00 . 2012-07-02 17:38 67072 c:\windows\system32\mshtmled.dll - 2009-03-08 03:31 . 2012-05-11 14:44 55296 c:\windows\system32\msfeedsbs.dll + 2009-03-08 03:31 . 2012-07-02 17:38 55296 c:\windows\system32\msfeedsbs.dll - 2008-04-15 12:00 . 2012-05-11 14:44 25600 c:\windows\system32\jsproxy.dll + 2008-04-15 12:00 . 2012-07-02 17:38 25600 c:\windows\system32\jsproxy.dll - 2012-01-13 20:38 . 2012-05-11 14:44 12800 c:\windows\system32\dllcache\xpshims.dll + 2012-01-13 20:38 . 2012-07-02 17:38 12800 c:\windows\system32\dllcache\xpshims.dll + 2008-04-15 12:00 . 2012-07-02 17:38 67072 c:\windows\system32\dllcache\mshtmled.dll - 2008-04-15 12:00 . 2012-05-11 14:44 67072 c:\windows\system32\dllcache\mshtmled.dll - 2012-01-13 20:38 . 2012-05-11 14:44 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2012-01-13 20:38 . 2012-07-02 17:38 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2008-04-15 12:00 . 2012-07-02 17:38 43520 c:\windows\system32\dllcache\licmgr10.dll - 2008-04-15 12:00 . 2012-05-11 14:44 43520 c:\windows\system32\dllcache\licmgr10.dll + 2008-04-15 12:00 . 2012-07-02 17:38 25600 c:\windows\system32\dllcache\jsproxy.dll - 2008-04-15 12:00 . 2012-05-11 14:44 25600 c:\windows\system32\dllcache\jsproxy.dll + 2008-04-15 12:00 . 2012-07-06 13:58 78336 c:\windows\system32\dllcache\browser.dll + 2012-08-16 11:47 . 2012-05-11 14:44 12800 c:\windows\ie8updates\KB2722913-IE8\xpshims.dll + 2012-08-16 11:47 . 2012-05-11 14:44 67072 c:\windows\ie8updates\KB2722913-IE8\mshtmled.dll + 2012-08-16 11:47 . 2012-05-11 14:44 55296 c:\windows\ie8updates\KB2722913-IE8\msfeedsbs.dll + 2012-08-16 11:47 . 2012-05-11 14:44 43520 c:\windows\ie8updates\KB2722913-IE8\licmgr10.dll + 2012-08-16 11:47 . 2012-05-11 14:44 25600 c:\windows\ie8updates\KB2722913-IE8\jsproxy.dll + 2012-07-11 09:45 . 2010-07-05 13:34 26488 c:\windows\$hf_mig$\KB2719985\update\spcustom.dll + 2012-07-11 09:45 . 2010-07-05 13:34 19320 c:\windows\$hf_mig$\KB2719985\spmsg.dll + 2012-07-11 09:45 . 2010-07-05 13:34 26488 c:\windows\$hf_mig$\KB2718523\update\spcustom.dll + 2012-07-11 09:45 . 2010-07-05 13:34 19320 c:\windows\$hf_mig$\KB2718523\spmsg.dll + 2012-07-11 09:43 . 2010-07-05 13:34 26488 c:\windows\$hf_mig$\KB2698365\update\spcustom.dll + 2012-07-11 09:43 . 2010-07-05 13:34 19320 c:\windows\$hf_mig$\KB2698365\spmsg.dll + 2012-07-11 06:56 . 2012-05-28 18:15 57344 c:\windows\$hf_mig$\KB2698365\SP3QFE\msador15.dll + 2012-07-11 09:45 . 2010-07-05 13:34 26488 c:\windows\$hf_mig$\KB2691442\update\spcustom.dll + 2012-07-11 09:45 . 2010-07-05 13:34 19320 c:\windows\$hf_mig$\KB2691442\spmsg.dll + 2012-07-11 09:45 . 2010-07-05 13:34 26488 c:\windows\$hf_mig$\KB2655992\update\spcustom.dll + 2012-07-11 09:45 . 2010-07-05 13:34 19320 c:\windows\$hf_mig$\KB2655992\spmsg.dll + 2008-04-15 12:00 . 2012-07-02 17:38 105984 c:\windows\system32\url.dll - 2008-04-15 12:00 . 2012-05-11 14:44 105984 c:\windows\system32\url.dll + 2008-04-15 12:00 . 2012-06-04 04:32 152576 c:\windows\system32\schannel.dll + 2012-04-08 14:34 . 2012-07-30 15:33 301336 c:\windows\system32\Restore\rstrlog.dat + 2008-04-15 12:00 . 2012-08-12 09:37 355486 c:\windows\system32\perfh015.dat + 2008-04-15 12:00 . 2012-08-12 09:37 311604 c:\windows\system32\perfh009.dat - 2008-04-15 12:00 . 2012-05-11 14:44 206848 c:\windows\system32\occache.dll + 2008-04-15 12:00 . 2012-07-02 17:38 206848 c:\windows\system32\occache.dll - 2012-01-13 12:47 . 2012-07-01 12:14 285788 c:\windows\system32\nvdrsdb1.bin + 2012-01-13 12:47 . 2012-08-26 06:01 285788 c:\windows\system32\nvdrsdb1.bin - 2012-01-13 12:47 . 2012-07-01 12:14 285788 c:\windows\system32\nvdrsdb0.bin + 2012-01-13 12:47 . 2012-09-01 19:22 285788 c:\windows\system32\nvdrsdb0.bin + 2008-04-15 12:00 . 2012-07-06 13:58 337920 c:\windows\system32\netapi32.dll - 2008-04-15 12:00 . 2012-05-11 14:44 611840 c:\windows\system32\mstime.dll + 2008-04-15 12:00 . 2012-07-02 17:38 611840 c:\windows\system32\mstime.dll + 2009-03-08 03:32 . 2012-07-02 17:38 629760 c:\windows\system32\msfeeds.dll - 2009-03-08 03:32 . 2012-05-11 14:44 629760 c:\windows\system32\msfeeds.dll - 2008-04-15 12:00 . 2009-05-07 15:34 347648 c:\windows\system32\localspl.dll + 2008-04-15 12:00 . 2012-05-14 09:23 347648 c:\windows\system32\localspl.dll - 2008-04-15 12:00 . 2012-05-11 14:44 184320 c:\windows\system32\iepeers.dll + 2008-04-15 12:00 . 2012-07-02 17:38 184320 c:\windows\system32\iepeers.dll + 2008-04-15 12:00 . 2012-07-02 17:38 387584 c:\windows\system32\iedkcs32.dll - 2008-04-15 12:00 . 2012-05-11 14:44 387584 c:\windows\system32\iedkcs32.dll - 2008-04-15 12:00 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe + 2008-04-15 12:00 . 2012-07-02 12:05 174080 c:\windows\system32\ie4uinit.exe + 2012-07-05 15:16 . 2012-08-16 13:06 120544 c:\windows\system32\FNTCACHE.DAT + 2008-04-15 12:00 . 2012-07-02 17:38 916992 c:\windows\system32\dllcache\wininet.dll - 2008-04-15 12:00 . 2012-05-16 15:09 916992 c:\windows\system32\dllcache\wininet.dll + 2008-04-15 12:00 . 2012-07-02 17:38 105984 c:\windows\system32\dllcache\url.dll - 2008-04-15 12:00 . 2012-05-11 14:44 105984 c:\windows\system32\dllcache\url.dll + 2008-04-15 12:00 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll + 2012-01-13 12:22 . 2012-07-04 14:05 139784 c:\windows\system32\dllcache\rdpwd.sys + 2008-04-15 12:00 . 2012-07-02 17:38 206848 c:\windows\system32\dllcache\occache.dll - 2008-04-15 12:00 . 2012-05-11 14:44 206848 c:\windows\system32\dllcache\occache.dll + 2008-04-15 12:00 . 2012-07-06 13:58 337920 c:\windows\system32\dllcache\netapi32.dll - 2008-04-15 12:00 . 2012-05-11 14:44 611840 c:\windows\system32\dllcache\mstime.dll + 2008-04-15 12:00 . 2012-07-02 17:38 611840 c:\windows\system32\dllcache\mstime.dll - 2012-01-13 20:38 . 2012-05-11 14:44 629760 c:\windows\system32\dllcache\msfeeds.dll + 2012-01-13 20:38 . 2012-07-02 17:38 629760 c:\windows\system32\dllcache\msfeeds.dll + 2012-01-13 12:23 . 2012-05-28 18:17 536576 c:\windows\system32\dllcache\msado15.dll - 2012-01-13 12:23 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll + 2008-04-15 12:00 . 2012-05-14 09:23 347648 c:\windows\system32\dllcache\localspl.dll - 2008-04-15 12:00 . 2009-05-07 15:34 347648 c:\windows\system32\dllcache\localspl.dll - 2012-06-14 16:51 . 2012-05-11 14:44 521728 c:\windows\system32\dllcache\jsdbgui.dll + 2012-06-14 16:51 . 2012-07-02 17:38 521728 c:\windows\system32\dllcache\jsdbgui.dll + 2012-01-13 20:38 . 2012-07-02 17:38 247808 c:\windows\system32\dllcache\ieproxy.dll - 2012-01-13 20:38 . 2012-05-11 14:44 247808 c:\windows\system32\dllcache\ieproxy.dll - 2008-04-15 12:00 . 2012-05-11 14:44 184320 c:\windows\system32\dllcache\iepeers.dll + 2008-04-15 12:00 . 2012-07-02 17:38 184320 c:\windows\system32\dllcache\iepeers.dll - 2012-01-13 20:38 . 2012-05-11 14:44 743424 c:\windows\system32\dllcache\iedvtool.dll + 2012-01-13 20:38 . 2012-07-02 17:38 743424 c:\windows\system32\dllcache\iedvtool.dll - 2008-04-15 12:00 . 2012-05-11 14:44 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2008-04-15 12:00 . 2012-07-02 17:38 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2008-04-15 12:00 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2008-04-15 12:00 . 2012-07-02 12:05 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2012-08-16 11:47 . 2012-05-16 15:09 916992 c:\windows\ie8updates\KB2722913-IE8\wininet.dll + 2012-08-16 11:47 . 2012-05-11 14:44 105984 c:\windows\ie8updates\KB2722913-IE8\url.dll + 2012-08-16 11:47 . 2010-07-05 13:34 398200 c:\windows\ie8updates\KB2722913-IE8\spuninst\updspapi.dll + 2012-08-16 11:47 . 2010-07-05 13:34 234360 c:\windows\ie8updates\KB2722913-IE8\spuninst\spuninst.exe + 2012-08-16 11:47 . 2012-05-11 14:44 206848 c:\windows\ie8updates\KB2722913-IE8\occache.dll + 2012-08-16 11:47 . 2012-05-11 14:44 611840 c:\windows\ie8updates\KB2722913-IE8\mstime.dll + 2012-08-16 11:47 . 2012-05-11 14:44 629760 c:\windows\ie8updates\KB2722913-IE8\msfeeds.dll + 2012-08-16 11:47 . 2012-05-11 14:44 521728 c:\windows\ie8updates\KB2722913-IE8\jsdbgui.dll + 2012-08-16 11:47 . 2012-05-11 14:44 247808 c:\windows\ie8updates\KB2722913-IE8\ieproxy.dll + 2012-08-16 11:47 . 2012-05-11 14:44 184320 c:\windows\ie8updates\KB2722913-IE8\iepeers.dll + 2012-08-16 11:47 . 2012-05-11 14:44 743424 c:\windows\ie8updates\KB2722913-IE8\iedvtool.dll + 2012-08-16 11:47 . 2012-05-11 14:44 387584 c:\windows\ie8updates\KB2722913-IE8\iedkcs32.dll + 2012-08-16 11:47 . 2012-05-11 11:38 174080 c:\windows\ie8updates\KB2722913-IE8\ie4uinit.exe + 2012-07-11 09:45 . 2010-07-05 13:34 398200 c:\windows\$NtUninstallKB2719985$\spuninst\updspapi.dll + 2012-07-11 09:45 . 2010-07-05 13:34 234360 c:\windows\$NtUninstallKB2719985$\spuninst\spuninst.exe + 2012-07-11 09:45 . 2010-07-05 13:34 398200 c:\windows\$NtUninstallKB2718523$\spuninst\updspapi.dll + 2012-07-11 09:45 . 2010-07-05 13:34 234360 c:\windows\$NtUninstallKB2718523$\spuninst\spuninst.exe + 2012-07-11 09:43 . 2010-07-05 13:34 398200 c:\windows\$NtUninstallKB2698365$\spuninst\updspapi.dll + 2012-07-11 09:43 . 2010-07-05 13:34 234360 c:\windows\$NtUninstallKB2698365$\spuninst\spuninst.exe + 2012-07-11 09:43 . 2010-11-09 14:52 536576 c:\windows\$NtUninstallKB2698365$\msado15.dll + 2012-07-11 09:45 . 2010-07-05 13:34 398200 c:\windows\$NtUninstallKB2691442$\spuninst\updspapi.dll + 2012-07-11 09:45 . 2010-07-05 13:34 234360 c:\windows\$NtUninstallKB2691442$\spuninst\spuninst.exe + 2012-07-11 09:45 . 2010-07-05 13:34 398200 c:\windows\$NtUninstallKB2655992$\spuninst\updspapi.dll + 2012-07-11 09:45 . 2010-07-05 13:34 234360 c:\windows\$NtUninstallKB2655992$\spuninst\spuninst.exe + 2012-07-11 09:45 . 2011-11-16 14:21 152064 c:\windows\$NtUninstallKB2655992$\schannel.dll + 2012-07-11 09:45 . 2010-07-05 13:34 398200 c:\windows\$hf_mig$\KB2719985\update\updspapi.dll + 2012-07-11 09:45 . 2010-07-05 13:34 763256 c:\windows\$hf_mig$\KB2719985\update\update.exe + 2012-07-11 09:45 . 2010-07-05 13:34 234360 c:\windows\$hf_mig$\KB2719985\spuninst.exe + 2012-07-11 09:45 . 2010-07-05 13:34 398200 c:\windows\$hf_mig$\KB2718523\update\updspapi.dll + 2012-07-11 09:45 . 2010-07-05 13:34 763256 c:\windows\$hf_mig$\KB2718523\update\update.exe + 2012-07-11 09:45 . 2010-07-05 13:34 234360 c:\windows\$hf_mig$\KB2718523\spuninst.exe + 2012-07-11 09:43 . 2010-07-05 13:34 398200 c:\windows\$hf_mig$\KB2698365\update\updspapi.dll + 2012-07-11 09:43 . 2010-07-05 13:34 763256 c:\windows\$hf_mig$\KB2698365\update\update.exe + 2012-07-11 09:43 . 2010-07-05 13:34 234360 c:\windows\$hf_mig$\KB2698365\spuninst.exe + 2012-07-11 06:56 . 2012-05-28 18:15 102400 c:\windows\$hf_mig$\KB2698365\SP3QFE\msjro.dll + 2012-07-11 06:56 . 2012-05-28 18:15 200704 c:\windows\$hf_mig$\KB2698365\SP3QFE\msadox.dll + 2012-07-11 06:56 . 2012-05-28 18:15 180224 c:\windows\$hf_mig$\KB2698365\SP3QFE\msadomd.dll + 2012-07-11 06:56 . 2012-05-28 18:15 565248 c:\windows\$hf_mig$\KB2698365\SP3QFE\msado15.dll + 2012-07-11 06:56 . 2012-05-28 18:15 143360 c:\windows\$hf_mig$\KB2698365\SP3QFE\msadco.dll + 2012-07-11 09:45 . 2010-07-05 13:34 398200 c:\windows\$hf_mig$\KB2691442\update\updspapi.dll + 2012-07-11 09:45 . 2010-07-05 13:34 763256 c:\windows\$hf_mig$\KB2691442\update\update.exe + 2012-07-11 09:45 . 2010-07-05 13:34 234360 c:\windows\$hf_mig$\KB2691442\spuninst.exe + 2012-07-11 09:45 . 2010-07-05 13:34 398200 c:\windows\$hf_mig$\KB2655992\update\updspapi.dll + 2012-07-11 09:45 . 2010-07-05 13:34 763256 c:\windows\$hf_mig$\KB2655992\update\update.exe + 2012-07-11 09:45 . 2010-07-05 13:34 234360 c:\windows\$hf_mig$\KB2655992\spuninst.exe + 2012-06-04 04:31 . 2012-06-04 04:31 153088 c:\windows\$hf_mig$\KB2655992\SP3QFE\schannel.dll - 2008-04-15 12:00 . 2012-05-11 14:44 1212416 c:\windows\system32\urlmon.dll + 2008-04-15 12:00 . 2012-07-02 17:38 1212416 c:\windows\system32\urlmon.dll + 2008-04-15 12:00 . 2012-06-08 14:25 8491520 c:\windows\system32\shell32.dll + 2008-04-15 12:00 . 2012-07-02 17:38 6008320 c:\windows\system32\mshtml.dll - 2009-03-08 03:32 . 2012-05-11 14:44 2000384 c:\windows\system32\iertutil.dll + 2009-03-08 03:32 . 2012-07-02 17:38 2000384 c:\windows\system32\iertutil.dll + 2008-04-15 12:00 . 2012-07-03 18:22 1866368 c:\windows\system32\dllcache\win32k.sys + 2008-04-15 12:00 . 2012-07-02 17:38 1212416 c:\windows\system32\dllcache\urlmon.dll - 2008-04-15 12:00 . 2012-05-11 14:44 1212416 c:\windows\system32\dllcache\urlmon.dll + 2008-04-15 12:00 . 2012-06-08 14:25 8491520 c:\windows\system32\dllcache\shell32.dll - 2008-04-15 12:00 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll + 2008-04-15 12:00 . 2012-06-05 15:49 1372672 c:\windows\system32\dllcache\msxml6.dll - 2008-04-15 12:00 . 2010-06-14 07:43 1172480 c:\windows\system32\dllcache\msxml3.dll + 2008-04-15 12:00 . 2012-06-05 15:49 1172480 c:\windows\system32\dllcache\msxml3.dll + 2008-04-15 12:00 . 2012-07-02 17:38 6008320 c:\windows\system32\dllcache\mshtml.dll + 2012-01-13 20:38 . 2012-07-02 17:38 2000384 c:\windows\system32\dllcache\iertutil.dll - 2012-01-13 20:38 . 2012-05-11 14:44 2000384 c:\windows\system32\dllcache\iertutil.dll + 2012-08-16 11:47 . 2012-05-11 14:44 1212416 c:\windows\ie8updates\KB2722913-IE8\urlmon.dll + 2012-08-16 11:47 . 2012-05-11 14:44 6007808 c:\windows\ie8updates\KB2722913-IE8\mshtml.dll + 2012-08-16 11:47 . 2012-05-11 14:44 2000384 c:\windows\ie8updates\KB2722913-IE8\iertutil.dll + 2012-07-11 09:45 . 2009-07-31 09:05 1372672 c:\windows\$NtUninstallKB2719985$\msxml6.dll + 2012-07-11 09:45 . 2010-06-14 07:43 1172480 c:\windows\$NtUninstallKB2719985$\msxml3.dll + 2012-07-11 09:45 . 2012-05-15 13:55 1863424 c:\windows\$NtUninstallKB2718523$\win32k.sys + 2012-07-11 09:45 . 2011-01-21 14:44 8491008 c:\windows\$NtUninstallKB2691442$\shell32.dll + 2012-06-05 15:48 . 2012-06-05 15:48 1447936 c:\windows\$hf_mig$\KB2719985\SP3QFE\msxml6.dll + 2012-06-05 15:48 . 2012-06-05 15:48 1172480 c:\windows\$hf_mig$\KB2719985\SP3QFE\msxml3.dll + 2012-07-11 06:56 . 2012-06-13 13:55 1875328 c:\windows\$hf_mig$\KB2718523\SP3QFE\win32k.sys + 2012-06-08 14:24 . 2012-06-08 14:24 8492544 c:\windows\$hf_mig$\KB2691442\SP3QFE\shell32.dll + 2012-01-13 18:08 . 2012-08-16 11:47 59884088 c:\windows\system32\MRT.exe - 2009-03-08 03:39 . 2012-05-11 18:14 11111424 c:\windows\system32\ieframe.dll + 2009-03-08 03:39 . 2012-07-02 21:08 11111424 c:\windows\system32\ieframe.dll - 2012-01-13 20:38 . 2012-05-11 18:14 11111424 c:\windows\system32\dllcache\ieframe.dll + 2012-01-13 20:38 . 2012-07-02 21:08 11111424 c:\windows\system32\dllcache\ieframe.dll + 2012-08-16 11:47 . 2012-05-11 18:14 11111424 c:\windows\ie8updates\KB2722913-IE8\ieframe.dll . -- Migawka wyzerowana -- . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2011-01-21 20026472] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-12-15 103720] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-04-20 222504] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Start^Programy^Autostart^OpenOffice.org 3.3.lnk] path=c:\documents and settings\user\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk backup=c:\windows\pss\OpenOffice.org 3.3.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 21:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid] 2011-06-02 00:15 6123032 ----a-w- c:\program files\Logitech\Vid HD\Vid.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 14:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2011-10-08 04:50 203072 ----a-w- c:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2011-10-08 04:50 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"= "c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "7349:TCP"= 7349:TCP:skype . S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-01-16 2253120] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-01-13 1691480] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-02-08 115184] . . ------- Skan uzupełniający ------- . uStart Page = about:blank mStart Page = about:blank TCP: DhcpNameServer = 192.168.1.1 0.0.0.0 FF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\mhmclsol.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-09-02 10:09 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . Czas ukończenia: 2012-09-02 10:10:41 ComboFix-quarantined-files.txt 2012-09-02 08:10 ComboFix2.txt 2012-07-05 15:15 . Przed: 41 481 236 480 bajtów wolnych Po: 45 156 642 816 bajtów wolnych . - - End Of File - - 7A8208EDBC61A053A83644C1F7D7770B