ComboFix 11-03-23.04 - justyna 2011-03-29  14:09:40.1.1 - x86
Microsoft® Windows Vista™ Home Basic   6.0.6001.1.1250.48.1045.18.1525.959 [GMT 2:00]
Uruchomiony z: c:\users\justyna\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
- TRYB ZREDUKOWANEJ FUNKCJONALNOŚCI -
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-02-28 do 2011-03-29  )))))))))))))))))))))))))))))))
.
.
2011-03-29 12:11 . 2011-03-29 12:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-03-29 08:23 . 2011-03-15 04:05	6792528	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5CE11207-C786-4FA3-B346-C56D40267343}\mpengine.dll
2011-03-28 16:47 . 2011-03-28 16:49	--------	d-----w-	c:\program files\AskBarDis
2011-03-28 14:31 . 2011-03-28 14:31	--------	d-----w-	c:\program files\SkanerOnline
2011-03-27 20:49 . 2011-03-27 20:49	--------	d-----w-	c:\users\justyna\AppData\Roaming\CheckPoint
2011-03-27 20:48 . 2011-03-27 20:48	--------	d-----w-	c:\program files\Conduit
2011-03-27 20:48 . 2011-03-27 20:48	--------	d-----w-	c:\program files\ZoneAlarm_Security
2011-03-27 20:48 . 2011-03-27 20:48	--------	d-----w-	c:\program files\CheckPoint
2011-03-27 20:44 . 2008-02-23 04:38	170496	----a-w-	c:\windows\system32\tcpipcfg.dll
2011-03-27 20:44 . 2008-02-23 02:41	22528	----a-w-	c:\windows\system32\netiougc.exe
2011-03-27 20:43 . 2011-03-17 23:24	69120	----a-w-	c:\windows\system32\zlcomm.dll
2011-03-27 20:43 . 2011-03-17 23:24	104448	----a-w-	c:\windows\system32\zlcommdb.dll
2011-03-27 20:43 . 2011-03-17 23:24	1238528	----a-w-	c:\windows\system32\zpeng25.dll
2011-03-27 20:43 . 2011-03-27 20:49	--------	d-----w-	c:\windows\system32\ZoneLabs
2011-03-27 20:43 . 2010-05-15 14:30	457304	----a-w-	c:\windows\system32\drivers\vsdatant.sys
2011-03-27 20:43 . 2011-03-27 20:43	--------	d-----w-	c:\program files\Zone Labs
2011-03-27 20:42 . 2011-03-27 20:42	--------	d-----w-	c:\programdata\CheckPoint
2011-03-27 20:42 . 2011-03-29 12:04	--------	d-----w-	c:\windows\Internet Logs
2011-03-27 20:04 . 2011-03-27 20:04	--------	d-----w-	c:\users\justyna\AppData\Local\ESET
2011-03-24 08:33 . 2008-09-16 19:23	168448	----a-w-	c:\windows\system32\unrar.dll
2011-03-17 19:11 . 2011-03-27 20:35	--------	d-----w-	c:\users\justyna\AppData\Roaming\uTorrent
2011-03-12 10:28 . 2011-03-12 10:28	103864	----a-w-	c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-03-09 08:42 . 2010-12-29 17:41	323072	----a-w-	c:\windows\system32\sbe.dll
2011-03-09 08:42 . 2010-12-29 17:41	153088	----a-w-	c:\windows\system32\sbeio.dll
2011-03-09 08:42 . 2010-12-29 17:41	429056	----a-w-	c:\windows\system32\EncDec.dll
2011-03-09 08:42 . 2010-12-29 17:39	177664	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-09 08:42 . 2010-12-17 16:43	2067456	----a-w-	c:\windows\system32\mstscax.dll
2011-03-09 08:42 . 2010-12-17 15:06	677888	----a-w-	c:\windows\system32\mstsc.exe
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-04 09:37 . 2006-11-02 10:32	101888	----a-w-	c:\windows\system32\ifxcardm.dll
2011-02-04 09:37 . 2006-11-02 10:32	82432	----a-w-	c:\windows\system32\axaltocm.dll
2011-02-02 17:11 . 2011-01-13 19:57	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-01-18 08:37 . 2011-01-18 08:37	378368	----a-w-	c:\windows\system32\winhttp.dll
2011-01-18 08:37 . 2011-01-18 08:37	269312	----a-w-	c:\windows\system32\es.dll
2011-01-18 08:35 . 2011-01-18 08:35	1793536	----a-w-	c:\windows\system32\NlsLexicons0045.dll
2011-01-18 08:35 . 2011-01-18 08:35	1808896	----a-w-	c:\windows\system32\NlsLexicons0046.dll
2011-01-18 08:35 . 2011-01-18 08:35	1558016	----a-w-	c:\windows\system32\NlsLexicons0049.dll
2011-01-18 08:35 . 2011-01-18 08:35	1411072	----a-w-	c:\windows\system32\NlsLexicons0047.dll
2011-01-18 08:35 . 2011-01-18 08:35	2136064	----a-w-	c:\windows\system32\NlsLexicons0021.dll
2011-01-18 08:35 . 2011-01-18 08:35	1782272	----a-w-	c:\windows\system32\NlsLexicons0039.dll
2011-01-18 08:35 . 2011-01-18 08:35	1236992	----a-w-	c:\windows\system32\NlsLexicons0020.dll
2011-01-18 08:35 . 2011-01-18 08:35	5499904	----a-w-	c:\windows\system32\NlsLexicons0022.dll
2011-01-18 08:35 . 2011-01-18 08:35	7964672	----a-w-	c:\windows\system32\NlsLexicons0024.dll
2011-01-18 08:35 . 2011-01-18 08:35	5791232	----a-w-	c:\windows\system32\NlsLexicons0026.dll
2011-01-18 08:35 . 2011-01-18 08:35	6224896	----a-w-	c:\windows\system32\NlsLexicons0027.dll
2011-01-18 08:35 . 2011-01-18 08:35	4175872	----a-w-	c:\windows\system32\NlsLexicons0010.dll
2011-01-18 08:35 . 2011-01-18 08:35	2466816	----a-w-	c:\windows\system32\NlsLexicons0011.dll
2011-01-18 08:35 . 2011-01-18 08:35	4981248	----a-w-	c:\windows\system32\NlsLexicons0013.dll
2011-01-18 08:35 . 2011-01-18 08:35	3331072	----a-w-	c:\windows\system32\NlsLexicons0018.dll
2011-01-18 08:35 . 2011-01-18 08:35	6781440	----a-w-	c:\windows\system32\NlsLexicons0019.dll
2011-01-18 08:35 . 2011-01-18 08:35	11722752	----a-w-	c:\windows\system32\NlsLexicons0001.dll
2011-01-18 08:35 . 2011-01-18 08:35	4164096	----a-w-	c:\windows\system32\NlsLexicons0002.dll
2011-01-18 08:35 . 2011-01-18 08:35	1452544	----a-w-	c:\windows\system32\NlsLexicons0003.dll
2011-01-18 08:35 . 2011-01-18 08:35	12240896	----a-w-	c:\windows\system32\NlsLexicons0007.dll
2011-01-18 08:35 . 2011-01-18 08:35	2644480	----a-w-	c:\windows\system32\NlsLexicons0009.dll
2011-01-18 08:35 . 2011-01-18 08:35	3419136	----a-w-	c:\windows\system32\NlsLexicons004a.dll
2011-01-18 08:35 . 2011-01-18 08:35	1702912	----a-w-	c:\windows\system32\NlsLexicons004b.dll
2011-01-18 08:35 . 2011-01-18 08:35	4093440	----a-w-	c:\windows\system32\NlsLexicons004c.dll
2011-01-18 08:35 . 2011-01-18 08:35	1972736	----a-w-	c:\windows\system32\NlsLexicons004e.dll
2011-01-18 08:35 . 2011-01-18 08:35	4096	----a-w-	c:\windows\system32\NlsLexicons002a.dll
2011-01-18 08:35 . 2011-01-18 08:35	4045824	----a-w-	c:\windows\system32\NlsLexicons003e.dll
2011-01-18 08:35 . 2011-01-18 08:35	6585856	----a-w-	c:\windows\system32\NlsLexicons001b.dll
2011-01-18 08:35 . 2011-01-18 08:35	6014976	----a-w-	c:\windows\system32\NlsLexicons001a.dll
2011-01-18 08:35 . 2011-01-18 08:35	6346240	----a-w-	c:\windows\system32\NlsLexicons001d.dll
2011-01-18 08:35 . 2011-01-18 08:35	9892864	----a-w-	c:\windows\system32\NlsLexicons000a.dll
2011-01-18 08:35 . 2011-01-18 08:35	6237696	----a-w-	c:\windows\system32\NlsLexicons000c.dll
2011-01-18 08:35 . 2011-01-18 08:35	1722368	----a-w-	c:\windows\system32\NlsLexicons000d.dll
2011-01-18 08:35 . 2011-01-18 08:35	5654528	----a-w-	c:\windows\system32\NlsLexicons000f.dll
2011-01-18 08:35 . 2011-01-18 08:35	4616192	----a-w-	c:\windows\system32\NlsLexicons0414.dll
2011-01-18 08:35 . 2011-01-18 08:34	5090816	----a-w-	c:\windows\system32\NlsLexicons0416.dll
2011-01-18 08:34 . 2011-01-18 08:34	5031936	----a-w-	c:\windows\system32\NlsLexicons0816.dll
2011-01-18 08:34 . 2011-01-18 08:34	7042560	----a-w-	c:\windows\system32\NlsLexicons081a.dll
2011-01-18 08:34 . 2011-01-18 08:34	5071872	----a-w-	c:\windows\system32\NlsModels0011.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData0045.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData0046.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData0047.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData0049.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData0039.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData0020.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData0024.dll
2011-01-18 08:34 . 2011-01-18 08:34	1801216	----a-w-	c:\windows\system32\NlsData0022.dll
2011-01-18 08:34 . 2011-01-18 08:34	1801216	----a-w-	c:\windows\system32\NlsData0021.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData0026.dll
2011-01-18 08:34 . 2011-01-18 08:34	1966592	----a-w-	c:\windows\system32\NlsData0027.dll
2011-01-18 08:34 . 2011-01-18 08:34	4495360	----a-w-	c:\windows\system32\NlsData0010.dll
2011-01-18 08:34 . 2011-01-18 08:34	2657280	----a-w-	c:\windows\system32\NlsData0011.dll
2011-01-18 08:34 . 2011-01-18 08:34	3466752	----a-w-	c:\windows\system32\NlsData0013.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData0018.dll
2011-01-18 08:34 . 2011-01-18 08:34	1523712	----a-w-	c:\windows\system32\NlsData0000.dll
2011-01-18 08:34 . 2011-01-18 08:34	4497408	----a-w-	c:\windows\system32\NlsData0019.dll
2011-01-18 08:34 . 2011-01-18 08:34	2599936	----a-w-	c:\windows\system32\NlsData0001.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData0002.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData0003.dll
2011-01-18 08:34 . 2011-01-18 08:34	2243072	----a-w-	c:\windows\system32\NlsData0007.dll
2011-01-18 08:34 . 2011-01-18 08:34	4875776	----a-w-	c:\windows\system32\NlsData0009.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData004a.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData004b.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData004c.dll
2011-01-18 08:34 . 2011-01-18 08:34	3104768	----a-w-	c:\windows\system32\NlsData004e.dll
2011-01-18 08:34 . 2011-01-18 08:34	1801216	----a-w-	c:\windows\system32\NlsData003e.dll
2011-01-18 08:34 . 2011-01-18 08:34	1801216	----a-w-	c:\windows\system32\NlsData002a.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData001a.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData001b.dll
2011-01-18 08:34 . 2011-01-18 08:34	4495360	----a-w-	c:\windows\system32\NlsData001d.dll
2011-01-18 08:34 . 2011-01-18 08:34	9847296	----a-w-	c:\windows\system32\NlsData000a.dll
2011-01-18 08:34 . 2011-01-18 08:34	2643456	----a-w-	c:\windows\system32\NlsData000c.dll
2011-01-18 08:34 . 2011-01-18 08:34	2342912	----a-w-	c:\windows\system32\NlsData000d.dll
2011-01-18 08:34 . 2011-01-18 08:34	4495360	----a-w-	c:\windows\system32\NlsData0414.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData000f.dll
2011-01-18 08:34 . 2011-01-18 08:34	801280	----a-w-	c:\windows\system32\NaturalLanguage6.dll
2011-01-18 08:34 . 2011-01-18 08:34	4495360	----a-w-	c:\windows\system32\NlsData0416.dll
2011-01-18 08:34 . 2011-01-18 08:34	4495360	----a-w-	c:\windows\system32\NlsData0816.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData081a.dll
2011-01-18 08:34 . 2011-01-18 08:34	6917120	----a-w-	c:\windows\system32\NlsLexicons0c1a.dll
2011-01-18 08:34 . 2011-01-18 08:34	1965056	----a-w-	c:\windows\system32\NlsData0c1a.dll
2011-01-16 20:35 . 2011-01-16 20:35	45056	----a-w-	c:\windows\system32\drivers\pl-PL\http.sys.mui
2011-01-16 20:35 . 2011-01-16 20:35	411136	----a-w-	c:\windows\system32\drivers\http.sys
2011-01-16 20:35 . 2011-01-16 20:35	31232	----a-w-	c:\windows\system32\httpapi.dll
2011-01-16 20:35 . 2011-01-16 20:35	24064	----a-w-	c:\windows\system32\nshhttp.dll
2011-01-16 07:10 . 2011-01-16 07:10	97800	----a-w-	c:\windows\system32\infocardapi.dll
2011-01-16 07:10 . 2011-01-16 07:10	622080	----a-w-	c:\windows\system32\icardagt.exe
2011-01-16 07:10 . 2011-01-16 07:10	37384	----a-w-	c:\windows\system32\infocardcpl.cpl
2011-01-16 07:10 . 2011-01-16 07:10	11264	----a-w-	c:\windows\system32\icardres.dll
2011-01-16 07:10 . 2011-01-16 07:10	105016	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-01-16 07:10 . 2011-01-16 07:10	781344	----a-w-	c:\windows\system32\PresentationNative_v0300.dll
2011-01-15 21:33 . 2011-01-15 21:33	83968	----a-w-	c:\windows\system32\mscories.dll
2011-01-15 21:33 . 2011-01-15 21:33	158720	----a-w-	c:\windows\system32\mscorier.dll
2011-01-14 09:37 . 2011-01-14 09:37	23552	----a-w-	c:\windows\system32\lpk.dll
2011-01-14 09:37 . 2011-01-14 09:37	10240	----a-w-	c:\windows\system32\dciman32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\tbZone.dll" [2010-12-01 2735200]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-06 16:15	333192	----a-w-	c:\program files\AskBarDis\bar\bin\askBar1.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2010-12-01 10:27	2735200	----a-w-	c:\program files\ZoneAlarm_Security\tbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\tbZone.dll" [2010-12-01 2735200]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar1.dll" [2008-11-06 333192]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}"= "c:\program files\ZoneAlarm_Security\tbZone.dll" [2010-12-01 2735200]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar1.dll" [2008-11-06 333192]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2008-11-24 869888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-11-28 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-11-28 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-11-28 81920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 815104]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-04-10 37888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-02-15 738808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 22:07	932288	----a-r-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44	35760	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 12:26	484904	----a-w-	c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 vsdatant7;vsdatant7;c:\windows\system32\drivers\vsdatant.win7.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
S2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2008-11-06 464264]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-02-15 26872]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-02-15 488952]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 12:23	452136	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2645238
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\justyna\AppData\Roaming\Mozilla\Firefox\Profiles\s39dpnzz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: ZoneAlarm Security Engine: {FFB96CC1-7EB3-449D-B827-DB661701C6BB} - c:\program files\CheckPoint\ZAForceField\TrustChecker
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ZoneAlarm Community Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - %profile%\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-29 14:11
Windows 6.0.6001 Service Pack 1 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'lsass.exe'(624)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(2948)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Czas ukończenia: 2011-03-29  14:14:54
ComboFix-quarantined-files.txt  2011-03-29 12:14
.
Przed: 20 560 531 456 bajtów wolnych
Po: 20 699 324 416 bajtów wolnych
.
- - End Of File - - 59C44F3EFA295459BB99DBEA0320E75E