ComboFix 11-08-13.02 - AviK 2011-08-13 16:26:20.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.1250.48.1045.18.2047.1035 [GMT 2:00] Uruchomiony z: c:\users\AviK\Downloads\ComboFix.exe AV: ESET Smart Security 4.2 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: Zapora osobista *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.2 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Rezydentny antywirus jest aktywny . . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\My applications\Windows Live Control.exe c:\users\AviK\AppData\Roaming\EurekaLog c:\users\AviK\AppData\Roaming\EurekaLog\EurekaLog.ini c:\windows\system32\BDSShellRes.dllBDSShellRes.dll c:\windows\system32\BDSShellRes140.dllBDSShellRes140.dll I:\install.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2011-07-13 do 2011-08-13 ))))))))))))))))))))))))))))))) . . 2011-08-13 14:31 . 2011-08-13 14:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-13 12:23 . 2011-08-13 12:23 -------- d-----w- c:\programdata\ashampoo 2011-08-13 10:42 . 2011-08-13 10:42 -------- d-----w- c:\programdata\Malwarebytes 2011-08-13 10:42 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-08-13 10:42 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-13 09:59 . 2009-09-21 09:22 1227264 ----a-w- c:\windows\system32\dx8vb.dll 2011-08-13 08:47 . 2011-08-13 08:47 -------- d-----w- c:\windows\system32\URTTEMP 2011-08-13 08:28 . 2011-08-13 08:28 -------- d-----w- c:\program files\Common Files\InstallShield 2011-08-13 08:27 . 2011-08-13 08:27 -------- d-----w- c:\program files\San Andreas Mod Installer 2011-08-13 08:27 . 2011-08-13 08:27 -------- d-----w- c:\windows\San Andreas Mod Installer 2011-08-12 20:55 . 2011-02-23 14:50 16184 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys 2011-08-12 20:55 . 2011-02-23 14:50 29008 ----a-w- c:\windows\system32\SmartDefragBootTime.exe 2011-08-12 20:55 . 2011-08-12 20:55 -------- d-----w- c:\program files\IObit 2011-08-12 17:48 . 2011-08-12 17:49 -------- d-----w- c:\users\Pawełek 2011-08-12 17:45 . 2011-08-13 08:29 -------- d--h--w- c:\program files\InstallShield Installation Information 2011-08-12 17:36 . 2011-08-12 17:36 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-08-12 17:36 . 2011-08-12 17:36 -------- d-----w- c:\program files\DAEMON Tools Lite 2011-08-12 17:35 . 2011-08-12 17:35 -------- d-----w- c:\programdata\DAEMON Tools Lite 2011-08-12 16:10 . 2011-08-12 20:59 -------- d-----w- C:\Reseter Ustawień Odkurzacza 2011-08-12 14:55 . 2011-08-12 14:55 -------- d-----w- c:\program files\EurekaLab 2011-08-12 08:08 . 2011-08-13 14:30 -------- d-----w- c:\program files\My applications 2011-08-12 08:08 . 2011-08-12 08:08 -------- d-----w- c:\program files\Temp 2011-08-11 19:08 . 2011-08-12 21:04 -------- d-----w- c:\program files\Odkurzacz 2011-08-11 14:16 . 2011-08-11 14:16 -------- d-----w- c:\program files\Common Files\CodeGear Shared 2011-08-11 14:16 . 2011-08-11 14:16 -------- d-----w- c:\program files\Common Files\Borland Shared 2011-08-11 13:58 . 2011-08-11 13:58 -------- d-----w- c:\program files\BitTorrent 2011-08-11 13:48 . 2011-08-11 13:48 -------- d-----w- c:\program files\uTorrent 2011-08-11 12:57 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-08-11 12:57 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2011-08-11 12:57 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll 2011-08-11 12:57 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll 2011-08-11 12:57 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll 2011-08-11 12:45 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe 2011-08-11 12:40 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys 2011-08-11 12:40 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll 2011-08-11 12:38 . 2011-06-21 05:34 860672 ----a-w- c:\program files\Internet Explorer\iedvtool.dll 2011-08-11 12:38 . 2011-06-21 05:36 981504 ----a-w- c:\windows\system32\wininet.dll 2011-08-11 12:38 . 2011-06-21 05:37 673040 ----a-w- c:\program files\Internet Explorer\iexplore.exe 2011-08-11 12:38 . 2011-06-21 05:35 44544 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-11 12:36 . 2011-06-23 04:38 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-08-11 12:35 . 2010-11-02 04:41 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll 2011-08-11 12:34 . 2010-03-04 07:33 1619968 ----a-w- c:\program files\Windows Mail\msoe.dll 2011-08-11 12:33 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll 2011-08-11 12:33 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax 2011-08-11 12:33 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-08-11 12:33 . 2011-07-16 04:34 290816 ----a-w- c:\windows\system32\KernelBase.dll 2011-08-11 12:33 . 2011-07-16 04:31 271360 ----a-w- c:\windows\system32\conhost.exe 2011-08-11 12:31 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll 2011-08-11 12:30 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll 2011-08-11 12:30 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll 2011-08-11 12:30 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll 2011-08-11 12:30 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll 2011-08-11 12:30 . 2011-03-12 11:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll 2011-08-11 12:30 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll 2011-08-11 12:30 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe 2011-08-11 12:30 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll 2011-08-11 12:30 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe 2011-08-11 12:30 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-08-11 12:30 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-08-11 12:30 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\explorer.exe 2011-08-11 12:30 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-08-11 12:29 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2011-08-11 12:29 . 2011-04-29 05:08 759296 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2011-08-11 12:29 . 2010-10-16 04:41 101760 ----a-w- c:\windows\system32\consent.exe 2011-08-11 12:29 . 2011-04-22 19:36 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-08-11 12:29 . 2010-10-16 04:36 314368 ----a-w- c:\windows\system32\webio.dll 2011-08-11 12:29 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll 2011-08-11 12:29 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll 2011-08-11 12:29 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll 2011-08-11 12:26 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll 2011-08-11 12:26 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll 2011-08-11 12:24 . 2010-11-02 04:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-08-11 12:24 . 2011-02-03 05:45 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2011-08-11 12:24 . 2010-11-02 04:23 107520 ----a-w- c:\windows\system32\cdd.dll 2011-08-11 12:13 . 2011-08-11 12:13 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-11 12:13 . 2011-08-11 12:13 -------- d-----w- c:\windows\system32\Macromed 2011-08-11 12:07 . 2011-08-11 11:16 -------- d-----w- c:\windows\Panther 2011-08-11 12:06 . 2011-08-11 12:06 -------- d-----w- C:\Boot 2011-08-11 12:04 . 2011-08-11 12:04 -------- d-----w- c:\program files\K2T 2011-08-11 11:58 . 2011-08-11 11:58 -------- d-----w- c:\program files\ESET 2011-08-11 11:52 . 2011-08-11 11:52 -------- d-----w- c:\windows\system32\Wat 2011-08-11 11:45 . 2011-08-11 11:46 -------- d-----w- c:\programdata\TuneUp Software 2011-08-11 11:45 . 2011-08-13 08:48 -------- d-sh--w- c:\windows\Installer 2011-08-11 11:45 . 2011-08-11 11:45 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2011-08-11 11:44 . 2011-07-20 07:44 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D79CDE67-8440-464F-9541-3A8B3D5AED82}\mpengine.dll 2011-08-11 11:18 . 2011-08-13 11:14 -------- d-----w- c:\windows\system32\wbem\Performance . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-11 11:52 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll 2011-08-11 11:52 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll 2011-07-08 07:50 . 2011-08-11 11:42 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2011-08-11 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll [7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2011-08-11 402808] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2011-02-20 370688] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912] "Advanced SystemCare 4"="d:\advanced systemcare 4\ASCTray.exe" [2011-05-28 412560] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2145000] "Malwarebytes' Anti-Malware"="d:\malwarebytes' anti-malware\mbamgui.exe" [2011-07-06 449584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" /MINIMIZED . R3 vista;vista;c:\program files\My applications\vista.sys [x] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-11 1343400] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984] S2 AdvancedSystemCareService;Advanced SystemCare Service;d:\advanced systemcare 4\ASCService.exe [2011-05-28 353168] S2 BlackfishSQL;BlackfishSQL;d:\embarcadero\RAD Studio\7.0\Bin\BSQLServer.exe [2009-09-01 65536] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312] S2 MBAMService;MBAMService;d:\malwarebytes' anti-malware\mbamservice.exe [2011-07-06 366640] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-12 232512] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712] . . . ------- Skan uzupełniający ------- . uStart Page = google.pl TCP: Interfaces\{31B25C7F-7AC3-4060-91A0-EC627ED314B4}: NameServer = 217.30.129.149 217.30.137.200 FF - ProfilePath - c:\users\AviK\AppData\Roaming\Mozilla\Firefox\Profiles\9dy4pnmc.default\ FF - prefs.js: network.proxy.type - 0 FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: browser.xul.error_pages.enabled - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 3000000 FF - user.js: content.maxtextrun - 8191 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 32 FF - user.js: network.http.max-connections-per-server - 8 FF - user.js: network.http.max-persistent-connections-per-proxy - 8 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2011-08-13 16:35:42 ComboFix-quarantined-files.txt 2011-08-13 14:35 . Przed: 12 114 853 888 bajtów wolnych Po: 11 802 144 768 bajtów wolnych . - - End Of File - - 9B988DC908A53F252F4C3063F98124CF