ComboFix 12-01-19.02 - Marcin 2012-01-21  15:16:20.15.2 - x86
Microsoft Windows 7 Starter   6.1.7601.1.1250.48.1045.18.1014.359 [GMT 1:00]
Uruchomiony z: c:\users\Marcin\Desktop\ComboFix.exe
AV: Emsisoft Anti-Malware *Disabled/Updated* {0ADC9F7D-20C1-240F-01E2-43466EBA893A}
SP: Emsisoft Anti-Malware *Disabled/Updated* {B1BD7E99-06FB-2B81-3B52-7834153DC387}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marcin\AppData\Local\promo.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-12-21 do 2012-01-21  )))))))))))))))))))))))))))))))
.
.
2012-01-21 14:36 . 2012-01-21 14:37	--------	d-----w-	c:\users\Marcin\AppData\Local\temp
2012-01-21 14:36 . 2012-01-21 14:36	--------	d-----w-	c:\users\Public\AppData\Local\temp
2012-01-21 14:36 . 2012-01-21 14:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-01-21 14:18 . 2012-01-21 14:18	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C0EC491-75DE-457D-B40D-3E6CE0039E34}\offreg.dll
2012-01-20 14:01 . 2012-01-06 04:19	6557240	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C0EC491-75DE-457D-B40D-3E6CE0039E34}\mpengine.dll
2012-01-17 07:37 . 2011-11-17 05:34	224768	----a-w-	c:\windows\system32\schannel.dll
2012-01-17 07:37 . 2011-11-17 05:41	134000	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-01-17 07:37 . 2011-11-17 05:32	1038848	----a-w-	c:\windows\system32\lsasrv.dll
2012-01-17 07:37 . 2011-11-17 05:39	369352	----a-w-	c:\windows\system32\drivers\cng.sys
2012-01-17 07:37 . 2011-11-17 05:41	67440	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-01-17 07:37 . 2011-11-17 05:29	22528	----a-w-	c:\windows\system32\lsass.exe
2012-01-17 07:37 . 2011-11-17 05:35	314880	----a-w-	c:\windows\system32\webio.dll
2012-01-17 07:37 . 2011-11-17 05:34	100352	----a-w-	c:\windows\system32\sspicli.dll
2012-01-17 07:37 . 2011-11-17 05:34	22016	----a-w-	c:\windows\system32\secur32.dll
2012-01-17 07:37 . 2011-11-17 05:34	15872	----a-w-	c:\windows\system32\sspisrv.dll
2012-01-15 19:49 . 2012-01-15 19:49	43992	----a-w-	c:\program files\Mozilla Firefox\mozutils.dll
2012-01-15 19:49 . 2012-01-15 19:49	479232	----a-w-	c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-15 19:49 . 2012-01-15 19:49	548864	----a-w-	c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-15 19:49 . 2012-01-15 19:49	626688	----a-w-	c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-13 08:19 . 2012-01-13 08:19	--------	d-----w-	c:\programdata\Slate Digital
2012-01-11 03:33 . 2012-01-11 03:33	--------	d-----w-	c:\programdata\xml_param
2012-01-11 03:25 . 2010-04-13 17:45	25704	----a-w-	c:\windows\system32\drivers\WsAudio_DeviceS(1).sys
2012-01-11 03:24 . 2010-07-30 08:24	153600	----a-w-	c:\windows\system32\WS_ATLMovie.dll
2012-01-11 03:24 . 2012-01-11 03:24	--------	d-----w-	c:\program files\Aimersoft
2012-01-11 03:06 . 2012-01-11 03:07	--------	d-----w-	c:\program files\Free WMA to MP3 Converter
2012-01-10 21:08 . 2011-11-19 14:01	67072	----a-w-	c:\windows\system32\packager.dll
2012-01-10 21:05 . 2011-11-17 05:38	1288472	----a-w-	c:\windows\system32\ntdll.dll
2012-01-10 21:00 . 2011-10-26 04:32	1328128	----a-w-	c:\windows\system32\quartz.dll
2012-01-10 21:00 . 2011-10-26 04:32	514560	----a-w-	c:\windows\system32\qdvd.dll
2011-12-28 10:52 . 2012-01-21 14:09	--------	d-----w-	c:\program files\Emsisoft Anti-Malware
2011-12-27 03:59 . 2011-12-27 03:59	--------	d-----w-	c:\program files\JoWood
2011-12-27 03:58 . 2005-04-03 22:02	69714	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-12-27 03:58 . 2005-04-03 22:01	274432	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-12-27 03:58 . 2005-04-03 22:00	184320	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-12-27 03:58 . 2005-04-03 22:02	753664	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-12-27 03:58 . 2011-12-27 03:58	200836	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-12-27 03:58 . 2011-12-27 03:58	331908	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-12-27 03:32 . 2005-04-03 21:59	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-12-23 00:53 . 2011-12-23 00:53	--------	d-----w-	c:\windows\smFile
2011-12-23 00:53 . 2009-10-06 19:07	180480	----a-w-	c:\windows\system32\drivers\SMIksdrv.sys
2011-12-23 00:53 . 2009-09-29 15:09	937984	----a-w-	c:\windows\system32\RemoveSM37X.exe
2011-12-23 00:53 . 2009-09-14 14:08	163840	----a-w-	c:\windows\system32\SM37XCoInst.dll
2011-12-23 00:53 . 2008-01-16 17:06	2532864	----a-w-	c:\windows\system32\drivers\SMIexp.sys
2011-12-23 00:53 . 2009-08-28 17:07	274432	----a-w-	c:\windows\system32\370prop.ax
2011-12-23 00:53 . 2011-12-23 00:53	--------	d-----w-	c:\program files\USB2.0 UVC WebCam
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-24 04:25 . 2011-12-13 20:47	2342912	----a-w-	c:\windows\system32\win32k.sys
2011-11-23 22:10 . 2011-11-23 22:30	18776	----a-w-	c:\windows\system32\mksidsf.sys
2011-11-15 13:29 . 2010-10-29 05:58	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-11-05 04:26 . 2011-12-13 20:46	2048	----a-w-	c:\windows\system32\tzres.dll
2011-11-03 22:47 . 2011-12-14 02:19	1798144	----a-w-	c:\windows\system32\jscript9.dll
2011-11-03 22:40 . 2011-12-14 02:19	1427456	----a-w-	c:\windows\system32\inetcpl.cpl
2011-11-03 22:39 . 2011-12-14 02:19	1127424	----a-w-	c:\windows\system32\wininet.dll
2011-11-03 22:31 . 2011-12-14 02:19	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-10-26 04:47 . 2011-12-13 20:44	3912560	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-10-26 04:47 . 2011-12-13 20:44	3967856	----a-w-	c:\windows\system32\ntkrnlpa.exe
2011-10-26 04:28 . 2011-12-13 20:44	38912	----a-w-	c:\windows\system32\csrsrv.dll
2012-01-15 19:49 . 2011-10-09 15:43	121816	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2011-01-12 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-01-12 10:07	3911776	----a-w-	c:\program files\uTorrentBar\tbuTo1.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2011-01-12 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2011-01-12 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MountOverlayIcon]
@="{0F49CF41-FD97-4942-9F2A-35E8B489E7FB}"
[HKEY_CLASSES_ROOT\CLSID\{0F49CF41-FD97-4942-9F2A-35E8B489E7FB}]
2010-08-18 15:42	204800	----a-w-	c:\program files\WinMount\WinMTExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StarterBackgroundChanger"="c:\program files\StarterBackgroundChanger\StarterBackgroundChangerTask.exe" [2011-01-16 286208]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-19 8546848]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-29 415920]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-04-30 2018032]
"LiveUpdate"="AsusSender.exe" [2011-07-13 34728]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-25 150552]
"OOBESetup"="c:\program files\asus\OOBERegBackup\OOBERegBackup.exe" [2009-12-11 334848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-25 141848]
"HotkeyService"="AsusSender.exe" [2011-07-13 34728]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-25 173592]
"SuperHybridEngine"="AsusSender.exe" [2011-07-13 34728]
"HotkeyMon"="AsusSender.exe" [2011-07-13 34728]
"CapsHook"="AsusSender.exe" [2011-07-13 34728]
"emsisoft anti-malware"="c:\program files\emsisoft anti-malware\a2guard.exe" [2012-01-18 3356048]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-2 795936]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisableThumbnails"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
backup=c:\windows\pss\AsusVibeLauncher.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^STIMON.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\STIMON.lnk
backup=c:\windows\pss\STIMON.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Marcin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]
path=c:\users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
backup=c:\windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Marcin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^wkcalrem.LNK]
path=c:\users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK
backup=c:\windows\pss\wkcalrem.LNK.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
2011-02-07 23:44	1362944	----a-w-	c:\program files\ALLPlayer\ALLUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2010-04-30 20:41	3058304	----a-w-	c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
2011-07-29 09:43	737104	----a-w-	c:\program files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
2005-05-11 00:46	200069	----a-w-	c:\program files\Syncrosoft\POS\H2O\cledx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 15:13	54576	----a-w-	c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
2010-11-05 22:54	283160	----a-w-	c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mega Manager]
2011-09-08 11:07	2116608	----a-w-	c:\program files\Megaupload\Mega Manager\MegaManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAM Idle Professional]
2006-01-17 04:38	135168	----a-w-	c:\program files\RAM Idle LE\RAM_XP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17	1174016	----a-w-	c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44	248552	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncables]
2010-04-05 18:10	370480	----a-w-	c:\program files\syncables\syncables desktop\syncables.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2009-05-19 20:16	222504	------w-	c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-15 136176]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-19 43944]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-04-19 29472]
R3 gupdatem;Usługa Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-15 136176]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 usbsmi;USB2.0 UVC WebCam;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-06 180480]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-04-13 25704]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\Emsisoft Anti-Malware\a2ddax86.sys [2011-05-19 17904]
S1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [2011-11-02 34768]
S1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [2010-05-05 11776]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-02-09 11832]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S1 WMDrive;WMDrive;c:\windows\system32\drivers\WMDrive.sys [2010-09-02 65856]
S2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2012-01-18 3024600]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2011-07-13 224680]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2011-11-02 51632]
S3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 109960]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2010-04-19 51712]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-15 00:06]
.
2012-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-15 00:06]
.
2012-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885151583-1021550536-293033202-1000Core.job
- c:\users\Marcin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16 10:16]
.
2012-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885151583-1021550536-293033202-1000UA.job
- c:\users\Marcin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16 10:16]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://asus.msn.com
uInternet Settings,ProxyServer = 127.0.0.1:9050
IE: Download all by FlashGet3 - c:\users\Marcin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Marcin\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: ????3?? - c:\users\Marcin\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Marcin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\pk827njk.default\
FF - prefs.js: browser.startup.homepage - hxxp://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\ConduitEngine\ConduitEngin0.dll
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\ConduitEngine\ConduitEngin0.dll
MSConfigStartUp-SSDMonitor - c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
AddRemove-conduitEngine - c:\program files\ConduitEngine\ConduitEngineUninstall.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1885151583-1021550536-293033202-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\Marcin\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-1885151583-1021550536-293033202-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\Marcin\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_USERS\S-1-5-21-1885151583-1021550536-293033202-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1885151583-1021550536-293033202-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2012-01-21  15:45:15
ComboFix-quarantined-files.txt  2012-01-21 14:45
ComboFix2.txt  2011-10-11 22:47
.
Przed: 3 594 080 256 bajtów wolnych
Po: 3 675 783 168 bajtów wolnych
.
- - End Of File - - 2B0794B2B83CF8331A54CD9E0F1D4ECF