ComboFix 10-08-28.02 - Damian 2010-08-30  10:54:29.2.4 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.48.1045.18.3326.2192 [GMT 2:00]
Uruchomiony z: e:\users\Damian\Downloads\ComboFix.exe
Użyto następujących komend :: e:\users\Damian\Desktop\CFScript.txt

FILE ::
"c:\program files\My applications\Windows Defender Apps Control.exe"
"c:\program files\My applications\Windows Live Control.exe"
"e:\users\Damian\AppData\Roaming\TuneUp Software\TuneUp Utilities\StartUp Manager\Wyłącz obiekty\win.exe"
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\My applications\Windows Live Control.exe
e:\users\Damian\AppData\Local\Temp\Creative_ALchemy_AL6_Cleanup.0001.dir.0002\~df394b.tmp
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\auth.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\burnlib.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\dsp_sps.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\enc_aacplus.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\enc_flac.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\enc_lame.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\enc_vorbis.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\enc_wav.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\enc_wma.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\gen_crasher.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\gen_ff.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\gen_hotkeys.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\gen_ml.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\gen_orgler.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\gen_tray.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_avi.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_cdda.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_dshow.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_flac.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_flv.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_linein.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_midi.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_mkv.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_mod.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_mp3.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_mp4.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_nsv.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_swf.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_vorbis.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_wav.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_wave.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_wm.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\in_wv.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_addons.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_autotag.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_bookmarks.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_disc.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_history.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_impex.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_local.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_nowplaying.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_online.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_orb.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_playlists.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_plg.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_pmp.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_rg.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_transcode.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ml_wire.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\ombrowser.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\out_disk.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\out_ds.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\out_wave.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\playlist.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\pmp_activesync.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\pmp_ipod.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\pmp_njb.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\pmp_p4s.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\pmp_usb.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\tagz.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\vis_avs.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\vis_milk2.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\vis_nsfs.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\winamp.lng
e:\users\Damian\AppData\Local\Temp\WLZ3004.tmp\winampa.lng
e:\users\Damian\AppData\Roaming\TuneUp Software\TuneUp Utilities\StartUp Manager\Wyłącz obiekty\win.exe

.
(((((((((((((((((((((((((   Pliki utworzone od 2010-07-28 do 2010-08-30  )))))))))))))))))))))))))))))))
.

2010-08-30 08:59 . 2010-08-30 08:59	--------	d-----w-	e:\users\Public\AppData\Local\temp
2010-08-30 08:59 . 2010-08-30 08:59	--------	d-----w-	e:\users\Default\AppData\Local\temp
2010-08-29 21:17 . 2010-08-30 09:01	--------	d-----w-	e:\users\Damian\AppData\Local\temp
2010-08-29 13:19 . 2010-08-29 13:31	--------	d-----w-	E:\Hellgate London
2010-08-29 13:05 . 2010-08-29 13:05	--------	d-----w-	E:\Hellgate.London.PL.Qpl
2010-08-29 12:25 . 2010-08-29 12:46	--------	d-----w-	E:\PoP2
2010-08-29 12:25 . 2010-08-29 12:46	--------	d-----w-	E:\PoP1
2010-08-18 13:08 . 2010-08-18 13:08	8192	----a-w-	e:\windows\d3dx.dat
2010-08-17 16:13 . 2010-08-17 16:45	49006544	----a-w-	e:\programdata\Creative\Software Update\cache\Creative Sound Blaster X-Fi series driver 2.18.0015__\SBXF_PCDRV_LB_2_18_0015.exe
2010-08-17 16:12 . 2010-07-29 06:30	197632	----a-w-	e:\windows\system32\ir32_32.dll
2010-08-17 16:12 . 2010-07-29 06:30	82944	----a-w-	e:\windows\system32\iccvid.dll
2010-08-17 16:12 . 2010-06-22 02:47	310784	----a-w-	e:\windows\system32\drivers\srv.sys
2010-08-17 16:12 . 2010-06-22 02:47	307200	----a-w-	e:\windows\system32\drivers\srv2.sys
2010-08-17 16:12 . 2010-06-22 02:47	113664	----a-w-	e:\windows\system32\drivers\srvnet.sys
2010-08-17 16:12 . 2010-06-19 06:33	3955080	----a-w-	e:\windows\system32\ntkrnlpa.exe
2010-08-17 16:12 . 2010-06-19 06:33	3899784	----a-w-	e:\windows\system32\ntoskrnl.exe
2010-08-17 16:12 . 2010-06-14 06:12	1286016	----a-w-	e:\windows\system32\drivers\tcpip.sys
2010-08-17 16:11 . 2010-06-19 06:23	37376	----a-w-	e:\windows\system32\rtutils.dll
2010-08-17 16:11 . 2010-06-08 06:02	1233920	----a-w-	e:\windows\system32\msxml3.dll
2010-08-17 16:11 . 2010-06-16 05:48	224256	----a-w-	e:\windows\system32\schannel.dll
2010-08-17 16:11 . 2010-06-19 04:07	2326016	----a-w-	e:\windows\system32\win32k.sys
2010-08-14 08:17 . 2010-08-14 08:17	--------	d-----w-	e:\programdata\ATI
2010-07-31 10:41 . 2010-02-04 08:01	74072	----a-w-	e:\windows\system32\XAPOFX1_4.dll
2010-07-31 10:41 . 2010-02-04 08:01	528216	----a-w-	e:\windows\system32\XAudio2_6.dll
2010-07-31 10:41 . 2010-02-04 08:01	238936	----a-w-	e:\windows\system32\xactengine3_6.dll
2010-07-31 10:41 . 2010-02-04 08:01	22360	----a-w-	e:\windows\system32\X3DAudio1_7.dll

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-30 09:02 . 2010-06-07 17:10	--------	d-----w-	e:\program files\cFosSpeed
2010-08-29 21:46 . 2009-07-14 08:07	687590	----a-w-	e:\windows\system32\perfh015.dat
2010-08-29 21:46 . 2009-07-14 08:07	131176	----a-w-	e:\windows\system32\perfc015.dat
2010-08-29 13:26 . 2010-06-12 19:21	--------	d-----w-	e:\programdata\Media Center Programs
2010-08-29 12:50 . 2010-06-08 14:26	--------	d-----w-	e:\program files\Ubisoft
2010-08-29 12:49 . 2010-06-05 13:11	--------	d--h--w-	e:\program files\InstallShield Installation Information
2010-08-26 15:51 . 2010-07-22 13:08	--------	d-----w-	e:\program files\JDownloader
2010-08-20 13:34 . 2010-06-05 13:10	--------	d-----w-	e:\program files\Common Files\InstallShield
2010-08-18 11:22 . 2010-06-05 14:31	--------	d-----w-	e:\programdata\Creative
2010-08-17 16:56 . 2010-06-05 13:25	--------	d-----w-	e:\program files\Creative
2010-08-17 16:55 . 2010-06-05 14:31	445016	----a-w-	e:\windows\system32\wrap_oal.dll
2010-08-17 16:55 . 2010-06-05 14:31	109144	----a-w-	e:\windows\system32\OpenAL32.dll
2010-08-17 16:16 . 2010-06-06 16:53	--------	d-----w-	e:\programdata\Microsoft Help
2010-08-14 08:17 . 2010-06-05 14:21	--------	d-----w-	e:\program files\ATI Technologies
2010-08-12 13:45 . 2010-06-05 13:08	109392	----a-w-	e:\users\Damian\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-28 17:03 . 2010-07-28 17:03	180224	----a-r-	e:\users\Damian\AppData\Roaming\Microsoft\Installer\{AD281A87-2AD3-4CEB-AF85-468FD84698D8}\LostPlanetDx9.exe_AD281A872AD34CEBAF85468FD84698D8.exe
2010-07-28 17:03 . 2010-07-28 17:03	180224	----a-r-	e:\users\Damian\AppData\Roaming\Microsoft\Installer\{AD281A87-2AD3-4CEB-AF85-468FD84698D8}\LostPlanetDx10.exe_AD281A872AD34CEBAF85468FD84698D8.exe
2010-07-28 17:03 . 2010-07-28 17:03	139102	----a-r-	e:\users\Damian\AppData\Roaming\Microsoft\Installer\{AD281A87-2AD3-4CEB-AF85-468FD84698D8}\ARPPRODUCTICON.exe
2010-07-28 16:52 . 2010-07-20 14:21	--------	d-----w-	e:\program files\Sony Ericsson
2010-07-28 16:51 . 2010-06-08 14:48	--------	d-----w-	e:\programdata\Ubisoft
2010-07-22 13:08 . 2010-07-22 13:08	411368	----a-w-	e:\windows\system32\deploytk.dll
2010-07-22 13:08 . 2010-07-22 13:08	--------	d-----w-	e:\program files\Java
2010-07-20 14:28 . 2010-07-20 14:28	0	---ha-w-	e:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2010-07-20 14:09 . 2010-07-20 14:09	0	---ha-w-	e:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-07-07 02:29 . 2010-07-07 02:29	5882368	----a-w-	e:\windows\system32\drivers\atikmdag.sys
2010-07-07 01:55 . 2010-07-07 01:55	15461888	----a-w-	e:\windows\system32\atioglxx.dll
2010-07-07 01:54 . 2010-07-07 01:54	143360	----a-w-	e:\windows\system32\atiapfxx.exe
2010-07-07 01:54 . 2010-05-05 02:19	513024	----a-w-	e:\windows\system32\aticfx32.dll
2010-07-07 01:51 . 2010-07-07 01:51	446464	----a-w-	e:\windows\system32\ATIDEMGX.dll
2010-07-07 01:51 . 2010-07-07 01:51	380928	----a-w-	e:\windows\system32\atieclxx.exe
2010-07-07 01:50 . 2010-07-07 01:50	176128	----a-w-	e:\windows\system32\atiesrxx.exe
2010-07-07 01:49 . 2010-07-07 01:49	159744	----a-w-	e:\windows\system32\atitmmxx.dll
2010-07-07 01:49 . 2010-05-05 02:13	356352	----a-w-	e:\windows\system32\atipdlxx.dll
2010-07-07 01:49 . 2010-07-07 01:49	278528	----a-w-	e:\windows\system32\Oemdspif.dll
2010-07-07 01:49 . 2010-07-07 01:49	11776	----a-w-	e:\windows\system32\atimuixx.dll
2010-07-07 01:49 . 2010-07-07 01:49	43520	----a-w-	e:\windows\system32\ati2edxx.dll
2010-07-07 01:46 . 2009-07-13 22:09	3826688	----a-w-	e:\windows\system32\atidxx32.dll
2010-07-07 01:29 . 2010-07-07 01:29	46080	----a-w-	e:\windows\system32\aticalrt.dll
2010-07-07 01:29 . 2010-07-07 01:29	44032	----a-w-	e:\windows\system32\aticalcl.dll
2010-07-07 01:28 . 2010-07-07 01:28	3975680	----a-w-	e:\windows\system32\atiumdag.dll
2010-07-07 01:27 . 2010-07-07 01:27	4323840	----a-w-	e:\windows\system32\aticaldd.dll
2010-07-07 01:24 . 2010-05-05 01:34	50176	----a-w-	e:\windows\system32\coinst.dll
2010-07-07 01:23 . 2010-07-07 01:23	3058688	----a-w-	e:\windows\system32\atiumdva.dll
2010-07-07 01:16 . 2010-05-05 01:23	237568	----a-w-	e:\windows\system32\atiadlxx.dll
2010-07-07 01:15 . 2010-07-07 01:15	12800	----a-w-	e:\windows\system32\atiglpxx.dll
2010-07-07 01:15 . 2010-07-07 01:15	16896	----a-w-	e:\windows\system32\atigktxx.dll
2010-07-07 01:15 . 2010-07-07 01:15	210944	----a-w-	e:\windows\system32\drivers\atikmpag.sys
2010-07-07 01:14 . 2010-05-05 01:22	30208	----a-w-	e:\windows\system32\atiuxpag.dll
2010-07-07 01:14 . 2010-07-07 01:14	22528	----a-w-	e:\windows\system32\atiu9pag.dll
2010-07-07 01:14 . 2010-07-07 01:14	53248	----a-w-	e:\windows\system32\drivers\ati2erec.dll
2010-07-07 01:11 . 2010-07-07 01:11	52736	----a-w-	e:\windows\system32\atimpc32.dll
2010-07-07 01:11 . 2010-07-07 01:11	52736	----a-w-	e:\windows\system32\amdpcom32.dll
2010-07-02 20:11 . 2010-07-02 20:11	--------	d-----w-	e:\programdata\Trymedia
2010-07-02 17:35 . 2010-07-02 17:35	--------	d-----w-	e:\program files\Machinarium
2010-07-01 17:50 . 2010-06-24 17:25	--------	d-----w-	e:\program files\Sierra
2010-06-28 20:57 . 2010-06-29 08:20	38848	----a-w-	e:\windows\avastSS.scr
2010-06-28 20:57 . 2010-06-07 18:16	165032	----a-w-	e:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-06-07 18:16	46672	----a-w-	e:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-06-07 18:16	165456	----a-w-	e:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-06-07 18:16	23376	----a-w-	e:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-06-07 18:16	50256	----a-w-	e:\windows\system32\drivers\aswMonFlt.sys
2010-06-28 20:32 . 2010-06-07 18:16	17744	----a-w-	e:\windows\system32\drivers\aswFsBlk.sys
2010-06-15 22:28 . 2010-06-15 22:28	2857	----a-w-	e:\windows\system32\atipblag.dat
2010-06-12 17:44 . 2010-06-12 17:44	108144	----a-w-	e:\windows\system32\CmdLineExt.dll
2010-06-06 18:15 . 2010-06-06 18:11	8512328	----a-w-	e:\programdata\Creative\Software Update\cache\Creative ALchemy 1.25.10__\ALMY_PCVTAPP_LB_1_25_10.exe
2010-06-05 14:14 . 2010-06-05 14:14	53248	----a-r-	e:\users\Damian\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-06-05 14:14 . 2010-06-05 14:14	16400	----a-w-	e:\windows\system32\drivers\LNonPnP.sys
2010-06-05 14:13 . 2010-06-06 07:41	8944	----a-w-	e:\windows\system32\drivers\USBSCAN.SYS
2010-06-05 14:06 . 2010-06-05 14:06	16608	----a-w-	e:\windows\gdrv.sys
2010-06-05 13:00 . 2010-06-05 13:00	0	----a-w-	e:\windows\ativpsrm.bin
2010-06-02 08:00 . 2010-06-06 17:17	108032	----a-w-	e:\windows\system32\ff_vfw.dll
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	e:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	e:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2010-02-28 00:20	561552	----a-w-	e:\progra~1\MICROS~2\Office14\URLREDIR.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="e:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
"Launch LgDeviceAgent"="e:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-02-18 357448]
"Launch LCDMon"="e:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-02-18 1573448]
"Launch LGDCore"="e:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-02-18 3203144]
"avast5"="e:\program files\Alwil Software\Avast5\avastUI.exe" [2010-06-28 2837864]
"cFosSpeed"="e:\program files\cFosSpeed\cFosSpeed.exe" [2010-05-31 801496]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CtxfiReg"="CTXFIREG.exe" [2010-05-05 47104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17	64592	----a-w-	e:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2010-02-08 14:51	1015808	----a-w-	d:\program files\Ares\Ares.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ares"="d:\program files\Ares\Ares.exe" -h

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="e:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"BCSSync"="e:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;e:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-06-06 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;e:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-06-05 79360]
R3 CT20XUT;CT20XUT;e:\windows\system32\drivers\CT20XUT.SYS [2010-05-05 171096]
R3 CTEXFIFX;CTEXFIFX;e:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1324120]
R3 CTHWIUT;CTHWIUT;e:\windows\system32\drivers\CTHWIUT.SYS [2010-05-05 72792]
R3 ggflt;SEMC USB Flash Driver Filter;e:\windows\system32\DRIVERS\ggflt.sys [2008-09-24 10976]
R3 osppsvc;Office Software Protection Platform;e:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RTL8167;Sterownik Realtek 8167 NT Driver;e:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 vista;vista;e:\windows\system32\vista.sys [x]
R4 sptd;sptd;e:\windows\system32\Drivers\sptd.sys [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;e:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;e:\windows\system32\atiesrxx.exe [2010-07-07 176128]
S2 AMD_RAIDXpert;AMD RAIDXpert;e:\program files\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-09-19 122880]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;e:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;e:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S3 amdkmdag;amdkmdag;e:\windows\system32\DRIVERS\atikmdag.sys [2010-07-07 5882368]
S3 amdkmdap;amdkmdap;e:\windows\system32\DRIVERS\atikmpag.sys [2010-07-07 210944]
S3 CT20XUT.SYS;CT20XUT.SYS;e:\windows\System32\drivers\CT20XUT.SYS [2010-05-05 171096]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;e:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1324120]
S3 CTHWIUT.SYS;CTHWIUT.SYS;e:\windows\System32\drivers\CTHWIUT.SYS [2010-05-05 72792]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;e:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;e:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
S3 rt61x86;RT61 Extensible Wireless Driver;e:\windows\system32\DRIVERS\netr61.sys [2010-04-07 376160]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;e:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;e:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
.
------- Skan uzupełniający -------
.
IE: E&ksportuj do programu Microsoft Excel - e:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - e:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - e:\users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\e7g3kxii.default\
FF - plugin: e:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: e:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.max-connections-per-server - 8
e:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1423682541-2776285307-3550199315-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:06,38,8a,53,ff,33,57,b3,e0,0f,1c,06,6e,9f,b4,7c,63,56,82,88,b5,7d,49,
   e0,0f,cb,f8,76,1a,e0,f2,01,65,d7,1b,93,57,45,84,2a,c5,d1,78,4f,9e,06,09,bd,\
"??"=hex:f2,76,96,20,f7,83,59,56,18,14,07,6a,bd,c3,5e,76

[HKEY_USERS\S-1-5-21-1423682541-2776285307-3550199315-1000\Software\SecuROM\License information*]
"datasecu"=hex:0f,67,bd,b4,10,ec,d3,54,35,89,ab,86,44,48,8f,3f,9c,af,2a,2b,a5,
   25,97,fc,7a,52,a2,b7,6f,cf,06,37,26,0e,bc,0f,71,8e,2c,23,4d,8e,f9,47,2d,a6,\
"rkeysecu"=hex:8c,dc,1c,3e,e5,ba,0c,16,ac,c0,30,47,78,74,07,2c

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
e:\program files\Creative\Shared Files\CTAudSvc.exe
e:\windows\system32\WUDFHost.exe
e:\windows\system32\atieclxx.exe
e:\windows\system32\WUDFHost.exe
e:\program files\Alwil Software\Avast5\AvastSvc.exe
e:\windows\system32\WLANExt.exe
e:\windows\system32\conhost.exe
e:\windows\system32\conhost.exe
e:\windows\System32\Ctxfihlp.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\Logitech\GamePanel Software\Applets\LCDClock.exe
e:\program files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
e:\program files\Logitech\GamePanel Software\Applets\LCDMedia.exe
e:\program files\Logitech\GamePanel Software\Applets\LCDRSS.exe
e:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
e:\program files\Logitech\SetPointG\SetPointII.exe
e:\windows\system32\taskhost.exe
e:\program files\AMD\RAIDXpert\bin\RAIDXpert.exe
e:\program files\cFosSpeed\spd.exe
e:\windows\system32\conhost.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
e:\program files\GIGABYTE\Common\RaRegistry.exe
e:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
e:\windows\system32\taskhost.exe
e:\windows\SYSTEM32\CTXFISPI.EXE
.
**************************************************************************
.
Czas ukończenia: 2010-08-30  11:04:03 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2010-08-30 09:04
ComboFix2.txt  2010-08-29 21:22

Przed: 10 471 256 064 bajtów wolnych
Po: 10 397 081 600 bajtów wolnych

- - End Of File - - C86738165EDA40BB00AC959AF647D716