ComboFix 11-04-03.03 - Andrzej 2011-04-09  13:23:50.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1250.48.1045.18.4095.2649 [GMT 2:00]
Uruchomiony z: c:\users\Andrzej\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-03-09 do 2011-04-09  )))))))))))))))))))))))))))))))
.
.
2011-04-09 11:27 . 2011-04-09 11:27	--------	d-----w-	c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2011-04-09 11:27 . 2011-04-09 11:27	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-04-09 06:44 . 2011-04-09 06:45	--------	d-----w-	c:\users\Andrzej\AppData\Local\{496DBD3E-16CA-4D64-85D3-0614A3BD5B0A}
2011-04-09 05:47 . 2011-04-09 05:47	--------	d-----w-	c:\users\Andrzej\AppData\Local\{C433028D-EC6A-4E06-9A2F-5A863C27B2C3}
2011-04-08 15:08 . 2011-04-08 15:09	--------	d-----w-	c:\users\Andrzej\AppData\Local\{7952DA7C-A1FA-4B5B-AEA4-8EC20924588A}
2011-04-08 14:36 . 2011-03-15 05:17	8424784	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{458FBB0C-FB13-47D2-B869-508128F978BB}\mpengine.dll
2011-04-06 16:18 . 2011-04-06 16:18	--------	d-----w-	c:\users\Andrzej\AppData\Local\{3FEADBF3-FF53-4B76-A3B6-D8D2B4182E6C}
2011-04-05 18:02 . 2011-04-05 18:03	--------	d-----w-	c:\users\Andrzej\AppData\Local\{8ABE9569-C481-446D-A830-66E8957445CC}
2011-04-04 16:41 . 2011-04-04 16:42	--------	d-----w-	c:\users\Andrzej\AppData\Local\{935415D6-A5B4-4F68-95CC-22EE5AE4F63F}
2011-04-03 18:30 . 2011-04-03 18:30	--------	d-----w-	c:\users\Andrzej\Tracing
2011-04-03 18:30 . 2011-04-03 18:30	--------	d-----w-	c:\programdata\Messenger Plus!
2011-04-03 18:29 . 2011-04-03 18:29	--------	d-----w-	c:\program files (x86)\BabylonToolbar
2011-04-03 18:29 . 2011-04-03 18:29	--------	d-----w-	c:\program files (x86)\Yuna Software
2011-04-03 09:48 . 2011-04-03 09:48	--------	d-----w-	c:\users\Andrzej\AppData\Local\{BFE47F84-5BCD-4A4E-B7CA-78FC4D73C486}
2011-04-02 23:04 . 2011-04-02 23:04	--------	d-----w-	c:\users\Andrzej\AppData\Local\Softonic-Polska
2011-04-02 23:02 . 2011-04-02 23:04	--------	d-----w-	c:\program files (x86)\Softonic-Polska
2011-04-02 23:02 . 2011-04-09 08:31	--------	d-----w-	c:\users\AppData
2011-04-02 22:31 . 2011-04-02 23:04	--------	d-----w-	c:\users\Andrzej\AppData\Local\Conduit
2011-04-02 20:18 . 2011-04-02 20:18	--------	d-----w-	c:\users\Andrzej\AppData\Local\{FBB6070D-16D4-4C31-A405-B9A11712A5BE}
2011-04-02 08:17 . 2011-04-02 08:17	--------	d-----w-	c:\users\Andrzej\AppData\Local\{07C7DBE2-5626-4565-98AF-B70539494CC0}
2011-04-01 17:20 . 2011-04-01 17:20	--------	d-----w-	c:\program files\3dGirlz
2011-03-30 20:08 . 2011-03-30 20:08	98816	----a-w-	c:\windows\system32\Vxdif.dll
2011-03-30 20:08 . 2011-03-30 20:08	250928	----a-w-	c:\windows\system32\drivers\Apfiltr.sys
2011-03-30 20:08 . 2011-03-30 20:08	1490656	----a-w-	c:\windows\system32\WdfCoinstaller01007.dll
2011-03-30 19:54 . 2011-03-30 19:54	285280	----a-w-	c:\windows\system32\drivers\afcdp.sys
2011-03-30 19:54 . 2011-03-30 19:54	--------	d-----w-	c:\users\Andrzej\AppData\Roaming\053DED5C-DA95-44E3-9155-1900BAA0264F
2011-03-30 19:54 . 2011-03-30 19:54	--------	d-----w-	c:\users\Andrzej\AppData\Roaming\F7CACEE6-8CAC-423D-9DA2-57C6144961C3
2011-03-30 19:53 . 2011-03-30 19:53	970336	----a-w-	c:\windows\system32\drivers\timntr.sys
2011-03-30 19:26 . 2011-03-30 19:53	277088	----a-w-	c:\windows\system32\drivers\snapman.sys
2011-03-30 19:26 . 2011-03-30 19:26	--------	d-----w-	c:\program files (x86)\Acronis
2011-03-30 19:05 . 2011-01-17 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-03-30 19:05 . 2011-01-17 05:38	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-03-30 18:47 . 2011-03-30 18:47	--------	dc-h--w-	c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-03-30 18:21 . 2011-03-31 09:13	--------	d-----w-	c:\users\Andrzej\AppData\Roaming\vlc
2011-03-19 08:24 . 2011-03-19 08:24	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-03-19 08:23 . 2011-03-19 08:23	--------	d-----w-	c:\programdata\McAfee
2011-03-13 14:41 . 2011-03-13 14:41	--------	d-----w-	c:\program files (x86)\MyAshampoo
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-30 19:53 . 2010-11-07 06:28	1263200	----a-w-	c:\windows\system32\drivers\tdrpm273.sys
2011-03-30 19:26 . 2010-12-08 17:51	1477728	----a-w-	c:\windows\system32\drivers\tdrpm258.sys
2011-03-18 16:01 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-19 06:37 . 2011-03-09 16:22	1135104	----a-w-	c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 16:22	1540608	----a-w-	c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 16:22	902656	----a-w-	c:\windows\system32\d2d1.dll
2011-02-19 05:32 . 2011-03-09 16:22	1074176	----a-w-	c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 16:22	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2011-02-16 16:19 . 2010-11-21 15:48	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-02-12 15:19 . 2011-02-12 15:20	723981	----a-w-	c:\users\Andrzej\AppData\Local\unins000.exe
2011-02-02 20:40 . 2010-11-14 21:13	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-02-02 17:11 . 2010-11-06 16:09	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-02-02 16:36 . 2010-12-07 16:41	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-02-02 16:36 . 2010-12-11 06:36	686400	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-01-28 17:12 . 2010-11-21 15:48	686400	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-26 06:53 . 2011-02-10 05:30	265088	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:53 . 2011-02-10 05:30	982912	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:31 . 2011-02-10 05:30	144384	----a-w-	c:\windows\system32\cdd.dll
2011-01-21 05:36 . 2011-01-21 05:36	74272	----a-w-	c:\windows\system32\RtNicProp64.dll
2011-01-21 05:36 . 2011-01-21 05:36	413800	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2011-01-15 13:45 . 2011-01-15 13:45	40960	----a-r-	c:\users\Andrzej\AppData\Roaming\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-04-09_08.29.52   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-06 18:06 . 2011-04-09 08:36	54112              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-04-09 08:36	41282              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-04-09 05:42	41282              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-06 16:04 . 2011-04-09 08:36	14540              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1002880902-2352898690-1588009375-1000_UserData.bin
- 2010-11-06 16:04 . 2011-04-09 05:42	14540              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1002880902-2352898690-1588009375-1000_UserData.bin
+ 2010-11-06 14:13 . 2011-04-09 09:51	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-06 14:13 . 2011-04-08 19:26	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-06 14:13 . 2011-04-08 19:26	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-11-06 14:13 . 2011-04-09 09:51	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-04-09 09:51	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-04-08 19:26	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-06 15:04 . 2011-04-09 11:11	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-06 15:04 . 2011-04-09 08:08	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-06 15:04 . 2011-04-09 11:11	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-06 15:04 . 2011-04-09 08:08	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-04-09 05:39 . 2011-04-09 05:39	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-09 08:34 . 2011-04-09 08:34	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-09 08:34 . 2011-04-09 08:34	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-09 05:39 . 2011-04-09 05:39	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 17:55 . 2011-04-09 07:10	697674              c:\windows\system32\perfh015.dat
+ 2009-07-14 17:55 . 2011-04-09 08:38	697674              c:\windows\system32\perfh015.dat
+ 2009-07-14 02:36 . 2011-04-09 08:38	615810              c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-04-09 07:10	615810              c:\windows\system32\perfh009.dat
- 2009-07-14 17:55 . 2011-04-09 07:10	134784              c:\windows\system32\perfc015.dat
+ 2009-07-14 17:55 . 2011-04-09 08:38	134784              c:\windows\system32\perfc015.dat
- 2009-07-14 02:36 . 2011-04-09 07:10	106190              c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-04-09 08:38	106190              c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2011-04-08 20:59	382920              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-04-09 08:33	382920              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-11-06 17:58 . 2011-04-09 08:33	4499318              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1002880902-2352898690-1588009375-1000-8192.dat
- 2009-07-14 02:34 . 2011-04-08 14:46	10223616              c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-04-09 09:34	10223616              c:\windows\system32\SMI\Store\Machine\schema.dat
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c:\program files (x86)\Softonic-Polska\tbSoft.dll" [2010-11-13 3913000]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\tbMyAs.dll" [2010-11-29 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 11:58	333192	----a-w-	c:\program files (x86)\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-13 19:58	3913000	----a-w-	c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2010-11-29 14:26	3908192	----a-w-	c:\program files (x86)\MyAshampoo\tbMyAs.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
2010-11-13 19:58	3913000	----a-w-	c:\program files (x86)\Softonic-Polska\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files (x86)\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-11-13 3913000]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\tbMyAs.dll" [2010-11-29 3908192]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c:\program files (x86)\Softonic-Polska\tbSoft.dll" [2010-11-13 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Nero MediaHome 4"="c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2009-03-05 4695336]
"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2011-01-21 67960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-06 352976]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-12-21 5575224]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-16 2536752]
"BabylonToolbar"="c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Usługa Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 136176]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S2 afcdpsrv;Usługa Acronis Nonstop Backup;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-03-30 3246040]
S2 BsMobileCS;BsMobileCS;c:\program files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2010-08-31 147563]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-04-09 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-03-30 11:30]
.
2011-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 17:18]
.
2011-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 17:18]
.
2011-04-09 c:\windows\Tasks\RegistryBooster.job
- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 15:31]
.
2011-04-09 c:\windows\Tasks\SpeedUpMyPC.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-03-30 13:40]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-21 390760]
"Usługa Acronis Scheduler2"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-21 390760]
"Apoint"="%ProgramFiles%\Apoint\Apoint.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_Dlls"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=e6118fe2000000000000485b39c1ea40&tlver=1.4.19.19&affID=17159
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&ksport do programu Microsoft Excel - c:\progra~2\MICROS~4\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\7e8y2qq0.default\
FF - prefs.js: browser.startup.homepage - hxxp://michalkiewicz.pl/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
WebBrowser-{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1002880902-2352898690-1588009375-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1002880902-2352898690-1588009375-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2011-04-09  13:30:01
ComboFix-quarantined-files.txt  2011-04-09 11:30
ComboFix2.txt  2011-04-09 08:31
.
Przed: 155 438 030 848 bajtów wolnych
Po: 155 382 972 416 bajtów wolnych
.
- - End Of File - - 256C9ECE6BDBEBFA0F1426CFFFBC2335