ComboFix 11-06-17.04 - Marta 2011-06-19  18:06:42.1.2 - x86
Microsoft® Windows Vista™ Home Basic   6.0.6000.0.1250.48.1045.18.1014.248 [GMT 2:00]
Uruchomiony z: c:\users\Marta\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marta\AppData\Roaming\.#
c:\windows\IsUn0415.exe
c:\windows\Temp\log.txt
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-05-19 do 2011-06-19  )))))))))))))))))))))))))))))))
.
.
2011-06-19 16:13 . 2011-06-19 16:13	--------	d-----w-	c:\users\Marta\AppData\Local\temp
2011-06-19 16:13 . 2011-06-19 16:13	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-06-19 12:16 . 2011-06-19 12:16	4096	----a-w-	c:\windows\system32\06603.tmp
2011-06-19 08:24 . 2011-06-19 08:24	4096	----a-w-	c:\windows\system32\04A0A.tmp
2011-06-19 06:43 . 2011-06-19 06:43	4096	----a-w-	c:\windows\system32\06799.tmp
2011-06-18 22:04 . 2011-06-18 22:04	4096	----a-w-	c:\windows\system32\087F4.tmp
2011-06-18 20:36 . 2011-06-18 20:36	4096	----a-w-	c:\windows\system32\04970.tmp
2011-06-18 12:58 . 2011-06-18 12:58	4096	----a-w-	c:\windows\system32\04BC0.tmp
2011-06-18 09:20 . 2011-06-18 09:20	4096	----a-w-	c:\windows\system32\048D3.tmp
2011-06-17 17:23 . 2011-06-17 17:23	4096	----a-w-	c:\windows\system32\04A59.tmp
2011-06-16 04:50 . 2011-06-16 04:50	4096	----a-w-	c:\windows\system32\06BAF.tmp
2011-06-15 19:43 . 2011-06-15 19:43	4096	----a-w-	c:\windows\system32\047E9.tmp
2011-06-15 12:53 . 2011-06-15 12:53	4096	----a-w-	c:\windows\system32\04A1C.tmp
2011-06-14 14:51 . 2011-06-14 14:51	4096	----a-w-	c:\windows\system32\0D8A2.tmp
2011-06-14 09:21 . 2011-06-14 09:21	4096	----a-w-	c:\windows\system32\06D33.tmp
2011-06-13 18:25 . 2011-06-13 18:25	4096	----a-w-	c:\windows\system32\04A3D.tmp
2011-06-13 08:19 . 2011-06-13 08:19	4096	----a-w-	c:\windows\system32\069FA.tmp
2011-06-12 18:08 . 2011-06-12 18:08	4096	----a-w-	c:\windows\system32\049B1.tmp
2011-06-12 08:51 . 2011-06-12 08:51	4096	----a-w-	c:\windows\system32\04877.tmp
2011-06-11 15:14 . 2011-06-11 15:14	4096	----a-w-	c:\windows\system32\0483B.tmp
2011-06-10 18:00 . 2011-06-10 18:00	4096	----a-w-	c:\windows\system32\0669E.tmp
2011-06-10 06:02 . 2011-06-10 06:02	4096	----a-w-	c:\windows\system32\08999.tmp
2011-06-09 15:12 . 2011-06-09 15:12	4096	----a-w-	c:\windows\system32\04C3D.tmp
2011-06-08 18:17 . 2011-06-08 18:17	4096	----a-w-	c:\windows\system32\06826.tmp
2011-06-08 05:59 . 2011-06-08 05:59	4096	----a-w-	c:\windows\system32\0B94F.tmp
2011-06-07 17:00 . 2011-06-07 17:00	4096	----a-w-	c:\windows\system32\0D152.tmp
2011-06-07 15:46 . 2011-06-07 15:46	4096	----a-w-	c:\windows\system32\0483A.tmp
2011-06-06 21:59 . 2011-06-06 21:59	4096	----a-w-	c:\windows\system32\0896C.tmp
2011-06-06 15:41 . 2011-06-06 15:41	4096	----a-w-	c:\windows\system32\04C9A.tmp
2011-06-05 14:19 . 2011-06-05 14:19	4096	----a-w-	c:\windows\system32\04A69.tmp
2011-06-05 07:45 . 2007-11-30 08:45	644400	----a-w-	c:\windows\system32\MSCOMCT2.OCX
2011-06-05 06:49 . 2011-06-05 06:49	4096	----a-w-	c:\windows\system32\0B03B.tmp
2011-06-04 20:10 . 2011-06-04 20:10	4096	----a-w-	c:\windows\system32\04AC6.tmp
2011-06-04 12:02 . 2011-06-04 12:02	4096	----a-w-	c:\windows\system32\0893B.tmp
2011-06-03 18:05 . 2011-06-03 18:05	4096	----a-w-	c:\windows\system32\07001.tmp
2011-06-03 09:45 . 2011-06-03 09:45	4096	----a-w-	c:\windows\system32\04CF8.tmp
2011-06-02 14:41 . 2011-06-02 14:41	4096	----a-w-	c:\windows\system32\04B16.tmp
2011-06-01 17:31 . 2011-06-01 17:31	4096	----a-w-	c:\windows\system32\04EFA.tmp
2011-05-31 17:40 . 2011-05-31 17:40	4096	----a-w-	c:\windows\system32\04BB0.tmp
2011-05-30 17:16 . 2011-05-30 17:16	4096	----a-w-	c:\windows\system32\04A3C.tmp
2011-05-30 13:31 . 2011-05-30 13:31	4096	----a-w-	c:\windows\system32\04B23.tmp
2011-05-29 06:47 . 2011-05-29 06:47	4096	----a-w-	c:\windows\system32\04F77.tmp
2011-05-28 15:25 . 2011-05-28 15:25	4096	----a-w-	c:\windows\system32\08BBB.tmp
2011-05-28 09:40 . 2011-05-28 09:40	4096	----a-w-	c:\windows\system32\04A1B.tmp
2011-05-27 21:12 . 2011-05-27 21:12	4096	----a-w-	c:\windows\system32\08C86.tmp
2011-05-26 13:55 . 2011-05-26 13:55	4096	----a-w-	c:\windows\system32\04921.tmp
2011-05-26 06:16 . 2011-05-26 06:16	4096	----a-w-	c:\windows\system32\04F76.tmp
2011-05-25 20:18 . 2011-05-25 20:18	4096	----a-w-	c:\windows\system32\069F9.tmp
2011-05-25 14:35 . 2011-05-25 14:35	4096	----a-w-	c:\windows\system32\06D90.tmp
2011-05-24 06:59 . 2011-05-24 06:59	4096	----a-w-	c:\windows\system32\087B5.tmp
2011-05-23 17:19 . 2011-05-23 17:19	4096	----a-w-	c:\windows\system32\08690.tmp
2011-05-23 12:48 . 2011-05-23 12:48	4096	----a-w-	c:\windows\system32\06F56.tmp
2011-05-22 11:08 . 2011-05-22 11:08	11776	----a-w-	c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-05-22 11:08 . 2011-05-22 11:08	--------	d-----w-	c:\program files\Common Files\xing shared
2011-05-22 11:08 . 2011-05-22 11:08	150712	----a-w-	c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-05-22 11:08 . 2011-05-22 11:08	105472	----a-w-	c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-05-22 10:34 . 2011-05-22 10:34	4096	----a-w-	c:\windows\system32\06E7B.tmp
2011-05-21 19:29 . 2011-05-21 19:29	4096	----a-w-	c:\windows\system32\069AA.tmp
2011-05-21 07:25 . 2011-05-21 07:25	4096	----a-w-	c:\windows\system32\0B3E3.tmp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-22 11:07 . 2007-07-16 08:58	499712	----a-w-	c:\windows\system32\msvcp71.dll
2011-05-22 11:07 . 2007-07-16 08:58	348160	----a-w-	c:\windows\system32\msvcr71.dll
2011-05-19 16:24 . 2011-05-19 16:24	4096	----a-w-	c:\windows\system32\06B6E.tmp
2011-05-18 11:38 . 2011-05-18 11:38	4096	----a-w-	c:\windows\system32\04AB7.tmp
2011-05-17 06:59 . 2011-05-17 06:59	4096	----a-w-	c:\windows\system32\06A1A.tmp
2011-05-16 15:51 . 2011-05-16 15:51	4096	----a-w-	c:\windows\system32\06D15.tmp
2011-05-15 20:47 . 2011-05-15 20:47	4096	----a-w-	c:\windows\system32\04C6D.tmp
2011-05-15 10:15 . 2011-05-15 10:15	4096	----a-w-	c:\windows\system32\04CB9.tmp
2011-05-13 17:19 . 2011-05-13 17:19	4096	----a-w-	c:\windows\system32\06C58.tmp
2011-05-13 12:53 . 2011-05-13 12:53	4096	----a-w-	c:\windows\system32\06FC2.tmp
2011-05-12 18:19 . 2011-05-12 18:19	4096	----a-w-	c:\windows\system32\04F95.tmp
2011-05-11 20:56 . 2011-05-11 20:56	4096	----a-w-	c:\windows\system32\06A94.tmp
2011-05-11 13:21 . 2011-05-11 13:21	4096	----a-w-	c:\windows\system32\0D4DB.tmp
2011-05-10 18:01 . 2011-05-10 18:01	4096	----a-w-	c:\windows\system32\04C8E.tmp
2011-05-10 14:30 . 2011-05-10 14:30	4096	----a-w-	c:\windows\system32\0E0FB.tmp
2011-05-09 07:22 . 2011-05-09 07:22	4096	----a-w-	c:\windows\system32\04E10.tmp
2011-05-08 17:28 . 2011-05-08 17:28	4096	----a-w-	c:\windows\system32\08A83.tmp
2011-05-08 13:50 . 2011-05-08 13:50	4096	----a-w-	c:\windows\system32\0704F.tmp
2011-05-08 10:18 . 2011-05-08 10:18	4096	----a-w-	c:\windows\system32\088BE.tmp
2011-05-08 07:52 . 2011-05-08 07:52	4096	----a-w-	c:\windows\system32\04C5B.tmp
2011-05-07 21:54 . 2011-05-07 21:54	4096	----a-w-	c:\windows\system32\052B1.tmp
2011-05-07 20:17 . 2011-05-07 20:17	4096	----a-w-	c:\windows\system32\052C0.tmp
2011-05-06 13:23 . 2011-05-06 13:23	4096	----a-w-	c:\windows\system32\04B51.tmp
2011-05-06 06:47 . 2011-05-06 06:47	4096	----a-w-	c:\windows\system32\04F47.tmp
2011-05-05 07:49 . 2011-05-05 07:49	4096	----a-w-	c:\windows\system32\08B9B.tmp
2011-05-04 06:53 . 2011-05-04 06:53	4096	----a-w-	c:\windows\system32\05023.tmp
2011-05-03 20:56 . 2011-05-03 20:56	4096	----a-w-	c:\windows\system32\06A37.tmp
2011-05-03 09:33 . 2011-05-03 09:33	4096	----a-w-	c:\windows\system32\04B81.tmp
2011-05-02 19:46 . 2011-05-02 19:46	4096	----a-w-	c:\windows\system32\0895A.tmp
2011-05-02 11:29 . 2011-05-02 11:29	4096	----a-w-	c:\windows\system32\04C8D.tmp
2011-05-01 18:47 . 2011-05-01 18:47	4096	----a-w-	c:\windows\system32\04DD3.tmp
2011-05-01 08:21 . 2011-05-01 08:21	4096	----a-w-	c:\windows\system32\068F1.tmp
2011-04-30 13:35 . 2011-04-30 13:35	4096	----a-w-	c:\windows\system32\06E4C.tmp
2011-04-29 17:55 . 2011-04-29 17:55	4096	----a-w-	c:\windows\system32\06D81.tmp
2011-04-28 19:09 . 2011-04-28 19:09	4096	----a-w-	c:\windows\system32\04B15.tmp
2011-04-28 13:20 . 2011-04-28 13:20	4096	----a-w-	c:\windows\system32\0C4B5.tmp
2011-04-27 17:05 . 2011-04-27 17:05	4096	----a-w-	c:\windows\system32\04D44.tmp
2011-04-26 16:53 . 2011-04-26 16:53	4096	----a-w-	c:\windows\system32\08870.tmp
2011-04-26 12:47 . 2011-04-26 12:47	4096	----a-w-	c:\windows\system32\04C99.tmp
2011-04-25 09:23 . 2011-04-25 09:23	4096	----a-w-	c:\windows\system32\0698E.tmp
2011-04-24 20:27 . 2011-04-24 20:27	4096	----a-w-	c:\windows\system32\04A8A.tmp
2011-04-24 06:08 . 2011-04-24 06:08	4096	----a-w-	c:\windows\system32\08AD1.tmp
2011-04-23 17:54 . 2011-04-23 17:54	4096	----a-w-	c:\windows\system32\04C6C.tmp
2011-04-23 14:54 . 2011-04-23 14:54	4096	----a-w-	c:\windows\system32\08A75.tmp
2011-04-23 12:51 . 2011-04-23 12:51	4096	----a-w-	c:\windows\system32\08834.tmp
2011-04-22 09:16 . 2011-04-22 09:16	4096	----a-w-	c:\windows\system32\04DB2.tmp
2011-04-21 18:20 . 2011-04-21 18:20	4096	----a-w-	c:\windows\system32\04CF7.tmp
2011-04-21 07:27 . 2011-04-21 07:27	4096	----a-w-	c:\windows\system32\06BCD.tmp
2011-04-20 18:24 . 2011-04-20 18:24	4096	----a-w-	c:\windows\system32\08BAB.tmp
2011-04-20 14:26 . 2011-04-20 14:26	4096	----a-w-	c:\windows\system32\08AB2.tmp
2011-04-20 10:38 . 2011-04-20 10:38	4096	----a-w-	c:\windows\system32\088FE.tmp
2011-04-20 06:58 . 2011-04-20 06:58	4096	----a-w-	c:\windows\system32\08C47.tmp
2011-04-19 16:18 . 2011-04-19 16:18	4096	----a-w-	c:\windows\system32\06BFB.tmp
2011-04-19 12:49 . 2011-04-19 12:49	4096	----a-w-	c:\windows\system32\08A58.tmp
2011-04-19 06:51 . 2011-04-19 06:51	4096	----a-w-	c:\windows\system32\04FB5.tmp
2011-04-18 17:52 . 2011-04-18 17:52	4096	----a-w-	c:\windows\system32\06B9D.tmp
2011-04-18 13:23 . 2011-04-18 13:23	4096	----a-w-	c:\windows\system32\04C2F.tmp
2011-04-17 10:20 . 2011-04-17 10:20	4096	----a-w-	c:\windows\system32\068D0.tmp
2011-04-16 16:09 . 2011-04-16 16:09	4096	----a-w-	c:\windows\system32\0897A.tmp
2011-04-15 18:41 . 2011-04-15 18:41	4096	----a-w-	c:\windows\system32\06FB3.tmp
2011-04-15 14:25 . 2011-04-15 14:25	4096	----a-w-	c:\windows\system32\0892C.tmp
2011-04-14 13:17 . 2011-04-14 13:17	4096	----a-w-	c:\windows\system32\06BDC.tmp
2011-04-13 20:31 . 2011-04-13 20:31	4096	----a-w-	c:\windows\system32\06DA0.tmp
2011-04-13 13:42 . 2011-04-13 13:42	4096	----a-w-	c:\windows\system32\06A19.tmp
2011-04-13 11:25 . 2011-04-13 11:25	4096	----a-w-	c:\windows\system32\0A42A.tmp
2011-04-12 07:16 . 2011-04-12 07:16	4096	----a-w-	c:\windows\system32\04BBF.tmp
2011-04-11 17:06 . 2011-04-11 17:06	4096	----a-w-	c:\windows\system32\06893.tmp
2011-04-11 12:48 . 2011-04-11 12:48	4096	----a-w-	c:\windows\system32\068A2.tmp
2011-04-10 20:11 . 2011-04-10 20:11	4096	----a-w-	c:\windows\system32\06E0D.tmp
2011-04-10 17:19 . 2011-04-10 17:19	4096	----a-w-	c:\windows\system32\069CA.tmp
2011-04-10 12:50 . 2011-04-10 12:50	4096	----a-w-	c:\windows\system32\06B50.tmp
2011-04-09 21:52 . 2011-04-09 21:52	4096	----a-w-	c:\windows\system32\08BCA.tmp
2011-04-08 20:47 . 2011-04-08 20:47	4096	----a-w-	c:\windows\system32\089F8.tmp
2011-04-08 17:47 . 2011-04-08 17:47	4096	----a-w-	c:\windows\system32\06E1D.tmp
2011-04-08 06:00 . 2011-04-08 06:00	4096	----a-w-	c:\windows\system32\06892.tmp
2011-04-07 15:35 . 2011-04-07 15:35	4096	----a-w-	c:\windows\system32\088AF.tmp
2011-04-07 11:41 . 2011-04-07 11:41	4096	----a-w-	c:\windows\system32\04C3C.tmp
2011-04-06 18:27 . 2011-04-06 18:27	4096	----a-w-	c:\windows\system32\064E9.tmp
2011-04-06 15:40 . 2011-04-06 15:40	4096	----a-w-	c:\windows\system32\087D5.tmp
2011-04-06 13:12 . 2011-04-06 13:12	4096	----a-w-	c:\windows\system32\06D04.tmp
2011-04-05 17:41 . 2011-04-05 17:41	4096	----a-w-	c:\windows\system32\06891.tmp
2011-04-05 08:16 . 2011-04-05 08:16	4096	----a-w-	c:\windows\system32\04BA1.tmp
2011-04-04 11:29 . 2011-04-04 11:29	4096	----a-w-	c:\windows\system32\049DD.tmp
2011-04-03 21:14 . 2011-04-03 21:14	4096	----a-w-	c:\windows\system32\0B106.tmp
2011-04-01 19:13 . 2011-04-01 19:13	4096	----a-w-	c:\windows\system32\087F3.tmp
2011-04-01 07:45 . 2011-04-01 07:45	4096	----a-w-	c:\windows\system32\04D17.tmp
2011-03-31 16:00 . 2011-03-31 16:00	4096	----a-w-	c:\windows\system32\08A38.tmp
2011-03-31 11:59 . 2011-03-31 11:59	4096	----a-w-	c:\windows\system32\08A57.tmp
2011-03-30 17:33 . 2011-03-30 17:33	4096	----a-w-	c:\windows\system32\06B7E.tmp
2011-03-29 19:03 . 2011-03-29 19:03	4096	----a-w-	c:\windows\system32\06AE2.tmp
2011-03-29 15:29 . 2011-03-29 15:29	4096	----a-w-	c:\windows\system32\04C8C.tmp
2011-03-28 17:02 . 2011-03-28 17:02	4096	----a-w-	c:\windows\system32\08796.tmp
2011-03-28 08:41 . 2011-03-28 08:41	4096	----a-w-	c:\windows\system32\09156.tmp
2011-03-28 07:06 . 2011-03-28 07:06	4096	----a-w-	c:\windows\system32\04819.tmp
2011-03-27 23:07 . 2011-03-27 23:07	4096	----a-w-	c:\windows\system32\04C1E.tmp
2011-03-27 20:06 . 2011-03-27 20:06	4096	----a-w-	c:\windows\system32\0693D.tmp
2011-03-27 15:02 . 2011-03-27 15:02	4096	----a-w-	c:\windows\system32\049B0.tmp
2011-03-27 14:12 . 2011-03-27 14:12	4096	----a-w-	c:\windows\system32\04BA0.tmp
2011-03-26 21:50 . 2011-03-26 21:50	4096	----a-w-	c:\windows\system32\067AA.tmp
2011-03-25 20:13 . 2011-03-25 20:13	4096	----a-w-	c:\windows\system32\069E8.tmp
2011-04-14 16:59 . 2011-04-29 19:47	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WITaj!"="c:\program files\WITaj!\Wit2000.exe" [2004-01-01 901120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-29 4472832]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-07 1021224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-28 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-28 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-28 137752]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 858632]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-10-28 72736]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"TkBellExe"="c:\program files\Real\realplayer\update\realsched.exe" [2011-05-22 273544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [x]
R2 ygoodusy;Installer Server;c:\windows\system32\svchost.exe [2006-11-02 22016]
R3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-07-06 717296]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2010-11-09 299984]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-03 5120]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 RegKill;RegKill;c:\windows\system32\Drivers\RegKill.sys [2002-11-27 6400]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
bthsvcs	REG_MULTI_SZ   	BthServ
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ygoodusy
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://pl.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.67.142.1 212.67.142.2
FF - ProfilePath - c:\users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\l7tr0jjb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/webhp?rls=ig
FF - prefs.js: network.proxy.type - 2
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKCU-Run-Acer Tour Reminder - (no file)
HKCU-Run-ALLUpdate - c:\program files\ALLPlayer\ALLUpdate.exe
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe
MSConfigStartUp-KBKalendarz - c:\users\Marta\Desktop\dystryb\kal.exe
AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9b.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-19 18:13
Windows 6.0.6000  NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ygoodusy]
"ServiceDll"="c:\windows\system32\hbmzyxmo.dll"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2040273155-2484960576-1299746552-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F58B0A0-A8A5-40AE-0860-C2E91E955CB6}*]
"haoioflmnjghnhio"=hex:6b,61,69,64,62,6d,6b,6b,6c,69,6a,66,6f,68,6a,6d,64,6b,
   65,6d,62,6c,00,00
"iamjamefoeopigloab"=hex:6b,61,69,64,62,6d,6b,6b,6c,69,6a,66,6f,68,6a,6d,64,6b,
   65,6d,62,6c,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Czas ukończenia: 2011-06-19  18:16:27
ComboFix-quarantined-files.txt  2011-06-19 16:16
.
Przed: 23 752 597 504 bajtów wolnych
Po: 23 918 202 880 bajtów wolnych
.
- - End Of File - - 646A511FFC2A3128BAE64F6D733C76B6