ComboFix 12-05-03.02 - Kowal 2012-05-03  20:35:03.26.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.3575.2029 [GMT 2:00]
Uruchomiony z: c:\users\Kowal\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-04-03 do 2012-05-03  )))))))))))))))))))))))))))))))
.
.
2012-05-03 16:28 . 2012-05-03 16:28	--------	d-----w-	c:\program files\uTorrent
2012-05-03 16:26 . 2012-05-03 17:24	--------	d-----w-	c:\users\Kowal\AppData\Roaming\uTorrent
2012-04-27 13:00 . 2012-04-27 13:00	--------	d-----w-	c:\users\Kowal\AppData\Local\Wicked_Interactive_LTD
2012-04-26 17:36 . 2012-04-26 17:36	--------	d-----w-	c:\programdata\ATI
2012-04-26 17:36 . 2012-04-26 17:36	--------	d-----w-	c:\program files\AMD AVT
2012-04-26 17:36 . 2012-04-26 17:36	--------	d-----w-	c:\program files\AMD APP
2012-04-23 16:23 . 2012-04-23 16:25	--------	d-----w-	C:\Fraps
2012-04-23 15:12 . 2012-04-23 15:12	--------	d-----w-	c:\programdata\Premium
2012-04-23 15:11 . 2012-04-23 15:12	--------	d-----w-	c:\programdata\InstallMate
2012-04-21 11:43 . 2012-04-21 11:44	--------	d-----w-	c:\programdata\Battle.net
2012-04-17 20:29 . 2012-04-17 20:53	--------	d-----w-	c:\users\Kowal\AppData\Roaming\REAPER
2012-04-17 20:27 . 2012-04-17 20:27	--------	d-----w-	c:\program files\Common Files\Propellerhead Software
2012-04-14 23:02 . 2012-04-14 23:02	--------	d-----w-	c:\users\Kowal\AppData\Local\DDMSettings
2012-04-12 16:49 . 2002-11-28 08:22	505104	----a-r-	c:\windows\system32\msxml.dll
2012-04-12 16:49 . 2002-11-28 08:22	69632	----a-r-	c:\windows\system32\xmltok.dll
2012-04-12 16:49 . 2002-11-28 08:22	35840	----a-r-	c:\windows\system32\comdlg32.oca
2012-04-12 16:49 . 2002-11-28 08:22	89360	----a-r-	c:\windows\system32\VB5DB.DLL
2012-04-12 16:49 . 2002-11-28 08:22	36864	----a-r-	c:\windows\system32\xmlparse.dll
2012-04-12 16:49 . 2002-11-28 08:22	28432	----a-r-	c:\windows\system32\msxmlr.dll
2012-04-12 16:49 . 2002-11-28 08:22	26064	----a-r-	c:\windows\system32\xmlinst.exe
2012-04-12 16:49 . 2002-11-28 08:22	24576	----a-r-	c:\windows\system32\msxml3a.dll
2012-04-12 16:49 . 2002-11-28 08:22	29184	----a-r-	c:\windows\system32\MSINET.oca
2012-04-12 16:49 . 2012-04-12 16:49	--------	d-----w-	c:\program files\Ubisoft
2012-04-12 16:43 . 2004-07-15 22:20	69715	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2012-04-12 16:43 . 2004-07-15 22:19	266240	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2012-04-12 16:43 . 2004-07-15 22:18	172032	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2012-04-12 16:43 . 2012-04-12 16:43	180356	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2012-04-12 16:43 . 2004-07-15 22:20	733184	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2012-04-12 16:43 . 2004-07-15 22:18	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2012-04-12 16:43 . 2012-04-12 16:43	303236	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2012-04-07 21:26 . 2012-04-07 21:26	--------	d-----w-	c:\program files\Pando Networks
2012-04-06 22:58 . 2012-04-06 23:10	--------	d-----w-	c:\users\Kowal\AppData\Roaming\Teeworlds
2012-04-06 13:12 . 2012-04-06 13:12	--------	d-----w-	c:\program files\WinUAE
2012-04-06 05:21 . 2012-04-06 05:21	9334784	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-04-06 02:22 . 2012-04-06 02:22	159744	----a-w-	c:\windows\system32\atiapfxx.exe
2012-04-06 02:16 . 2012-04-06 02:16	442368	----a-w-	c:\windows\system32\ATIDEMGX.dll
2012-04-06 02:16 . 2012-04-06 02:16	451072	----a-w-	c:\windows\system32\atieclxx.exe
2012-04-06 02:15 . 2012-04-06 02:15	217600	----a-w-	c:\windows\system32\atiesrxx.exe
2012-04-06 02:14 . 2012-04-06 02:14	159744	----a-w-	c:\windows\system32\atitmmxx.dll
2012-04-06 02:14 . 2012-04-06 02:14	20992	----a-w-	c:\windows\system32\atimuixx.dll
2012-04-06 02:14 . 2012-04-06 02:14	43520	----a-w-	c:\windows\system32\ati2edxx.dll
2012-04-06 01:50 . 2012-04-06 01:50	19753984	----a-w-	c:\windows\system32\atioglxx.dll
2012-04-06 01:34 . 2012-04-06 01:34	1831424	----a-w-	c:\windows\system32\atiumdmv.dll
2012-04-06 01:30 . 2012-04-06 01:30	46080	----a-w-	c:\windows\system32\aticalrt.dll
2012-04-06 01:30 . 2012-04-06 01:30	44032	----a-w-	c:\windows\system32\aticalcl.dll
2012-04-06 01:25 . 2012-04-06 01:25	13764096	----a-w-	c:\windows\system32\aticaldd.dll
2012-04-06 01:11 . 2012-04-06 01:11	360448	----a-w-	c:\windows\system32\atiadlxx.dll
2012-04-06 01:11 . 2012-04-06 01:11	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2012-04-06 01:10 . 2012-04-06 01:10	33280	----a-w-	c:\windows\system32\atigktxx.dll
2012-04-06 01:10 . 2012-04-06 01:10	275968	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-04-06 01:09 . 2012-04-06 01:09	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-04-06 01:06 . 2012-04-06 01:06	53760	----a-w-	c:\windows\system32\atimpc32.dll
2012-04-06 01:06 . 2012-04-06 01:06	53760	----a-w-	c:\windows\system32\amdpcom32.dll
2012-04-05 21:03 . 2012-04-05 21:03	--------	d-----w-	c:\users\Kowal\AppData\Local\DOSBox
2012-04-05 21:03 . 2012-04-05 21:03	--------	d-----w-	c:\program files\DOSBox-0.74
2012-04-05 20:34 . 2012-04-05 20:34	159232	----a-w-	c:\windows\system32\clinfo.exe
2012-04-05 20:34 . 2012-04-05 20:34	64512	----a-w-	c:\windows\system32\OpenVideo.dll
2012-04-05 20:33 . 2012-04-05 20:33	56320	----a-w-	c:\windows\system32\OVDecode.dll
2012-04-05 20:32 . 2012-04-05 20:32	13007872	----a-w-	c:\windows\system32\amdocl.dll
2012-04-04 13:01 . 2012-04-26 08:01	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-03 12:57 . 2011-04-26 10:26	24944	----a-w-	c:\windows\system32\drivers\GVTDrv.sys
2012-05-03 12:57 . 2011-06-26 16:25	17488	----a-w-	c:\windows\gdrv.sys
2012-05-02 19:49 . 2011-05-22 17:15	140800	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2012-05-02 19:49 . 2011-05-22 17:21	283304	----a-w-	c:\windows\system32\PnkBstrB.xtr
2012-05-02 19:49 . 2011-05-22 17:14	283304	----a-w-	c:\windows\system32\PnkBstrB.exe
2012-05-02 19:49 . 2011-05-22 17:14	280904	----a-w-	c:\windows\system32\PnkBstrB.ex0
2012-05-01 13:21 . 2011-08-01 20:08	413696	----a-w-	c:\windows\system32\wrap_oal.dll
2012-05-01 13:21 . 2011-08-01 20:08	110592	----a-w-	c:\windows\system32\OpenAL32.dll
2012-04-28 14:08 . 2011-05-22 17:14	76888	----a-w-	c:\windows\system32\PnkBstrA.exe
2012-04-27 18:50 . 2011-05-22 17:15	138056	----a-w-	c:\users\Kowal\AppData\Roaming\PnkBstrK.sys
2012-04-26 08:01 . 2011-05-18 15:05	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-06 02:21 . 2010-09-29 01:55	909312	----a-w-	c:\windows\system32\aticfx32.dll
2012-04-06 02:13 . 2010-09-29 01:46	6800896	----a-w-	c:\windows\system32\atidxx32.dll
2012-04-06 02:00 . 2011-04-23 18:22	52736	----a-w-	c:\windows\system32\coinst.dll
2012-04-06 01:34 . 2011-05-14 17:56	6203392	----a-w-	c:\windows\system32\atiumdag.dll
2012-04-06 01:22 . 2011-05-14 17:52	4795904	----a-w-	c:\windows\system32\atiumdva.dll
2012-04-06 01:09 . 2010-09-29 01:14	41984	----a-w-	c:\windows\system32\atiuxpag.dll
2012-04-06 01:09 . 2010-09-29 01:13	32256	----a-w-	c:\windows\system32\atiu9pag.dll
2012-03-22 17:42 . 2012-03-22 17:42	446464	----a-w-	c:\windows\NEXON_EU_DownloaderUpdater.exe
2012-03-22 17:42 . 2012-03-22 17:42	235	----a-w-	c:\windows\system32\nxEuUninstall.bat
2012-03-09 12:06 . 2012-03-09 12:06	24576	----a-w-	c:\windows\system32\kdbsdk32.dll
2012-02-23 12:31 . 2012-02-23 12:31	86544	----a-w-	c:\windows\system32\drivers\AtihdW73.sys
2012-02-14 21:03 . 2012-02-14 21:03	48128	----a-w-	c:\windows\system32\OpenCL.dll
2012-02-04 12:33 . 2012-02-04 12:33	442	----a-w-	c:\windows\system32\drivers\etc\hosts.ics.vir
2012-03-17 21:51 . 2011-05-19 13:10	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2011-02-20 370688]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-01-04 10021480]
"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2010-08-24 1750528]
"EasyTuneVI"="c:\program files\GIGABYTE\ET6\ETCall.exe" [2007-07-26 20480]
.
c:\users\Kowal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rizone Memory Booster.lnk - c:\users\Kowal\Documents\MemBoost\MemBoost.exe [2011-4-28 577287]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-7-12 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R0 GVTDrv;GVTDrv; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 253088]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-10-23 17488]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-05 1343400]
R3 XDva387;XDva387;c:\windows\system32\XDva387.sys [x]
R4 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-09 136176]
R4 gupdatem;Usługa Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-09 136176]
R4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-02-08 4067472]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 18544]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2011-11-23 126216]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 217600]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-01-05 144136]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2011-04-28 99400]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2011-04-28 111176]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2011-11-30 112904]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 9334784]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 275968]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-02-23 86544]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-29 218688]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-01-26 32256]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-01-26 52224]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-12-24 327784]
S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2010-03-23 1812512]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*Deregistered* - fxldqfog
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-05-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 08:01]
.
2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-09 20:44]
.
2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-09 20:44]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://gazeta.hit.gemius.pl/hitredir/id=1_2aoau32zKrY2K8AzHtuKPMXfaG5wd126fPuctBzrP.67/stparam=loptipgnqn/url=http://www.gazeta.pl/0,0.html?promocja=pit2011_wyb01&utm_campaign=p_124
TCP: Interfaces\{937b8805-11a0-4dfc-8ef2-314c86692259}: NameServer = 62.233.233.233 87.204.204.204
FF - ProfilePath - c:\users\Kowal\AppData\Roaming\Mozilla\Firefox\Profiles\23zvl0js.Domyślny użytkownik\
FF - prefs.js: browser.startup.homepage - about:home
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3334711080-925264348-2331789564-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:eb,04,3d,6a,7e,8a,06,b1,80,23,da,6d,81,cd,39,d8,c0,7e,bc,e5,d2,08,6c,
   1b,45,c3,1b,89,6f,b8,d7,ee,c1,6d,84,7c,77,1a,79,97,9f,5e,66,94,a3,d1,83,a0,\
"??"=hex:2f,b6,6f,45,ee,e2,ec,0a,29,d5,69,d3,55,fd,2c,18
.
[HKEY_USERS\S-1-5-21-3334711080-925264348-2331789564-1000\Software\SecuROM\License information*]
"datasecu"=hex:4e,ab,b9,37,9f,a9,9f,7d,92,48,ad,01,87,6f,96,de,47,32,97,b9,ec,
   de,ce,45,7a,30,f4,ce,7b,52,a0,a6,bc,62,cd,c2,96,8f,4a,12,59,29,77,de,30,4d,\
"rkeysecu"=hex:9d,b2,f7,4a,dd,a9,2a,af,fa,b9,09,24,a4,dc,78,8d
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2012-05-03  20:38:54
ComboFix-quarantined-files.txt  2012-05-03 18:38
ComboFix2.txt  2012-05-03 17:38
.
Przed: 160 613 695 488 bajtów wolnych
Po: 160 559 849 472 bajtów wolnych
.
- - End Of File - - A9A5144405DEE3BC44E3159175674F0F