ComboFix 12-03-18.04 - Włochaty flet 2012-03-20  13:06:59.1.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1250.48.1045.18.3070.1748 [GMT 1:00]
Uruchomiony z: d:\ftp\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\IsUn0415.exe
c:\windows\SysWow64\tmp546E.tmp
c:\windows\SysWow64\tmp6FE4.tmp
c:\windows\SysWow64\tmp6FE5.tmp
c:\windows\SysWow64\tmp83C0.tmp
c:\windows\SysWow64\tmpA3E1.tmp
c:\windows\SysWow64\tmpA3F1.tmp
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-02-20 do 2012-03-20  )))))))))))))))))))))))))))))))
.
.
2012-03-20 12:14 . 2012-03-20 12:14	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-03-20 12:12 . 2012-03-20 12:12	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1FB77BFA-20B9-4CF8-A7E8-4B07848F4233}\offreg.dll
2012-03-20 07:52 . 2012-02-08 07:13	8643640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1FB77BFA-20B9-4CF8-A7E8-4B07848F4233}\mpengine.dll
2012-03-19 10:53 . 2012-03-19 10:53	592824	----a-w-	c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-19 10:53 . 2012-03-19 10:53	44472	----a-w-	c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-15 08:34 . 2011-11-19 15:20	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-15 08:34 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 08:34 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 19:41 . 2012-02-03 04:34	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 19:41 . 2012-02-10 06:36	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 19:41 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-14 08:38 . 2012-01-25 06:38	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 08:38 . 2012-01-25 06:38	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 08:38 . 2012-01-25 06:33	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-14 08:38 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 08:38 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-03-14 08:38 . 2012-02-17 04:58	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-14 08:38 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-13 22:10 . 2012-03-13 22:10	--------	d-----w-	C:\MITSI 2012 Temporary Files
2012-03-13 22:09 . 2012-03-13 22:09	--------	d-----w-	c:\program files\Autodesk
2012-03-13 22:09 . 2012-03-13 22:09	--------	d-----w-	c:\program files (x86)\Microsoft Chart Controls
2012-03-13 22:08 . 2012-03-13 22:08	--------	d-----w-	c:\program files (x86)\Microsoft WSE
2012-03-13 22:08 . 2009-09-04 16:29	5501792	----a-w-	c:\windows\SysWow64\d3dcsx_42.dll
2012-03-13 22:08 . 2009-09-04 16:29	5554512	----a-w-	c:\windows\system32\d3dcsx_42.dll
2012-03-13 22:06 . 2012-03-13 22:25	--------	d-----w-	c:\program files (x86)\Common Files\Autodesk Shared
2012-03-13 16:00 . 2012-03-13 16:21	--------	d-----w-	c:\users\Włochaty flet\AppData\Local\DassaultSystemes
2012-03-13 16:00 . 2012-03-13 16:21	--------	d-----w-	c:\users\Włochaty flet\AppData\Roaming\DassaultSystemes
2012-03-13 16:00 . 2012-03-13 16:00	--------	d-----w-	c:\programdata\DassaultSystemes
2012-03-08 18:44 . 2012-03-13 21:20	--------	d-----w-	c:\users\Włochaty flet\.gstreamer-0.10
2012-03-08 18:43 . 2012-03-13 21:21	--------	d-----w-	c:\users\Włochaty flet\AppData\Local\ChomikBox
2012-03-07 13:45 . 2012-03-19 22:46	--------	d-----w-	c:\users\Administrator
2012-03-07 12:40 . 2012-03-07 13:20	--------	d-----w-	c:\program files\ANSYS Inc
2012-03-06 21:33 . 2012-03-06 21:33	--------	d-----w-	c:\users\Włochaty flet\AppData\Roaming\PTC
2012-03-06 21:15 . 2012-03-06 21:15	--------	d-----w-	c:\programdata\PTC
2012-03-01 15:04 . 2012-03-01 15:04	--------	d-----w-	c:\users\Włochaty flet\AppData\Local\ProjectDirectory
2012-03-01 15:04 . 2012-03-01 15:04	--------	d-----w-	c:\programdata\IsolatedStorage
2012-03-01 14:06 . 2012-03-01 14:06	--------	d-----w-	c:\programdata\FNP
2012-03-01 13:56 . 2012-03-01 13:56	--------	d-----w-chaty flet	c:\users\WOCHAT~3
2012-03-01 09:43 . 2012-03-01 15:03	--------	d-----w-	c:\users\Włochaty flet\AppData\Roaming\Ansys
2012-02-22 23:20 . 2012-02-22 23:20	327432	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VSA\9.0\VsaEnv\vsaenv.exe
2012-02-21 17:51 . 2012-03-14 08:35	--------	d-----w-	c:\users\UpdatusUser
2012-02-21 17:49 . 2012-02-21 17:51	--------	d-----w-	c:\program files (x86)\NVIDIA Corporation
2012-02-20 17:17 . 2012-03-19 10:53	97208	----a-w-	c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-15 08:31 . 2011-11-30 00:42	852896	----a-w-	c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2012-02-23 08:18 . 2011-03-04 15:33	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-14 12:52 . 2012-02-11 15:54	280	----a-w-	c:\windows\wininit.tmp
2012-02-10 04:13 . 2011-12-01 18:36	7713088	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2012-02-10 04:13 . 2011-12-01 18:36	2660160	----a-w-	c:\windows\system32\nvapi64.dll
2012-02-10 04:13 . 2011-12-01 18:36	2301248	----a-w-	c:\windows\SysWow64\nvapi.dll
2012-02-10 04:13 . 2011-12-01 18:36	1737536	----a-w-	c:\windows\system32\nvdispco64.dll
2012-02-10 04:13 . 2011-12-01 18:36	15009600	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2012-02-10 04:13 . 2011-12-01 18:36	1466176	----a-w-	c:\windows\system32\nvgenco64.dll
2012-02-10 03:14 . 2011-12-01 18:43	6074176	----a-w-	c:\windows\system32\nvcpl.dll
2012-02-10 03:14 . 2011-12-01 18:43	3089728	----a-w-	c:\windows\system32\nvsvc64.dll
2012-02-10 03:07 . 2011-12-01 18:43	2561856	----a-w-	c:\windows\system32\nvsvcr.dll
2012-02-10 03:07 . 2011-12-01 18:43	63296	----a-w-	c:\windows\system32\nvshext.dll
2012-02-10 03:07 . 2011-12-01 18:43	889664	----a-w-	c:\windows\system32\nvvsvc.exe
2012-02-10 03:07 . 2011-12-01 18:43	118080	----a-w-	c:\windows\system32\nvmctray.dll
2012-01-04 10:44 . 2012-02-15 14:02	509952	----a-w-	c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-15 14:02	442880	----a-w-	c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-15 14:02	515584	----a-w-	c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-15 14:02	478720	----a-w-	c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-15 14:02	498688	----a-w-	c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NetLimiter"="c:\program files\NetLimiter 3\NLClientApp.exe" [2011-03-21 2910208]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-12-02 74752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-26 1431888]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2005-09-23 4476096]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2011-03-21 88200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager;c:\program files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [2011-10-17 4954112]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager;d:\programy\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [2010-12-07 848184]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
S3 netw5v64;Sterownik karty Intel(R) Wireless WiFi Link 5000 Series dla systemu Windows Vista w wersji 64-bitowej;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Wyślij obraz do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyślij stronę do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 62.179.1.62 62.179.1.63
FF - ProfilePath - c:\users\Włochaty flet\AppData\Roaming\Mozilla\Firefox\Profiles\b0c2v3ix.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
HKLM-Run-(domyślny) - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2012-03-20  13:19:35
ComboFix-quarantined-files.txt  2012-03-20 12:19
.
Przed: 19 735 695 360 bajtów wolnych
Po: 19 992 485 888 bajtów wolnych
.
- - End Of File - - 5D8A509240D5D9FBF3B108BDB1FA691F