ComboFix 13-01-08.01 - Administrator 2013-01-10  10:38:27.2.2 - x86 NETWORK
Uruchomiony z: c:\documents and settings\Administrator\Pulpit\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-12-10 do 2013-01-10  )))))))))))))))))))))))))))))))
.
.
2013-01-10 15:59 . 2008-10-31 14:53	49262	----a-w-	c:\windows\system32\jpicpl32.cpl
2013-01-10 07:33 . 2013-01-10 07:33	--------	d-sh--w-	c:\documents and settings\Administrator\PrivacIE
2013-01-10 07:07 . 2013-01-10 07:07	--------	d-----w-	c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla
2013-01-10 07:07 . 2013-01-10 07:07	--------	d-sh--w-	c:\documents and settings\Administrator\IETldCache
2013-01-10 06:46 . 2013-01-10 06:46	2949	----a-w-	c:\documents and settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.js
2013-01-09 20:55 . 2013-01-09 20:55	65536	---hatw-	C:\~28112008TMAFS.pst.tmp
2013-01-09 12:51 . 2013-01-09 12:51	16369160	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
2013-01-08 21:37 . 2012-10-17 12:53	19072	----a-w-	c:\windows\system32\drivers\pccsmcfd.sys
2013-01-08 21:37 . 2013-01-08 21:37	--------	d-----w-	c:\program files\PC Connectivity Solution
2013-01-08 21:36 . 2012-11-09 14:33	8192	----a-w-	c:\windows\system32\drivers\usbser_lowerfltj.sys
2013-01-08 21:36 . 2012-11-09 14:33	8192	----a-w-	c:\windows\system32\drivers\usbser_lowerflt.sys
2013-01-08 21:36 . 2012-11-09 14:33	23168	----a-w-	c:\windows\system32\drivers\ccdcmbo.sys
2013-01-08 21:36 . 2012-11-09 14:33	18560	----a-w-	c:\windows\system32\drivers\ccdcmb.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 12:51 . 2012-07-24 14:41	697864	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-01-09 12:51 . 2012-07-24 14:41	74248	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23 . 2008-10-31 22:31	290560	----a-w-	c:\windows\system32\atmfd.dll
2012-11-26 16:38 . 2012-11-26 16:38	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-11-26 16:38 . 2012-07-24 14:13	143872	----a-w-	c:\windows\system32\javacpl.cpl
2012-11-26 16:37 . 2012-07-24 14:13	821736	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-11-26 16:37 . 2010-04-26 18:28	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-11-13 11:55 . 2008-10-31 22:31	1866624	----a-w-	c:\windows\system32\win32k.sys
2012-11-09 14:33 . 2008-11-28 20:55	75264	----a-w-	c:\windows\system32\nmwcdcls.dll
2012-11-06 02:00 . 2008-10-31 22:31	1371648	----a-w-	c:\windows\system32\msxml6.dll
2012-11-02 02:03 . 2008-10-31 22:31	375296	----a-w-	c:\windows\system32\dpnet.dll
2012-11-01 12:13 . 2008-10-31 22:31	916992	----a-w-	c:\windows\system32\wininet.dll
2012-11-01 12:13 . 2008-10-31 22:31	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-11-01 12:13 . 2008-10-31 22:31	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2008-10-31 22:31	385024	----a-w-	c:\windows\system32\html.iec
2012-10-30 22:51 . 2012-07-24 14:17	738504	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2010-12-05 20:11	361032	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2010-12-05 20:11	35928	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2010-12-05 20:11	54232	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2010-12-05 20:11	97608	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2012-10-30 22:51 . 2010-12-05 20:11	89752	----a-w-	c:\windows\system32\drivers\aswmon.sys
2012-10-30 22:51 . 2010-12-05 20:11	21256	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2010-12-05 20:11	25256	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2012-10-30 22:51 . 2010-12-05 20:10	41224	----a-w-	c:\windows\avastSS.scr
2012-10-30 22:50 . 2010-12-05 20:10	227648	----a-w-	c:\windows\system32\aswBoot.exe
2010-04-06 18:38 . 2008-11-28 12:28	3414528	----a-w-	c:\program files\BESTplayer.exe
2006-10-12 13:19 . 2008-11-28 22:20	720482	----a-w-	c:\program files\mxClock.exe
2012-12-20 07:27 . 2012-12-20 07:27	262112	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50	121528	----a-w-	c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EDS"="c:\program files\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-20 659456]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480]
"DMHotKey"="c:\program files\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944]
"BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-10-20 2768896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-18 137752]
"ACU"="c:\program files\Atheros WLAN Client\ACU.exe" [2008-09-29 450648]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
.
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16	39792	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 23:20	57344	----a-w-	c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicKeyboard]
2006-05-14 18:00	151552	----a-w-	c:\program files\Samsung\MagicKBD\PreMKbd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-08-26 20:51	16851456	----a-w-	c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Spik\\Spik.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Nokia\\Phoenix\\phoenix.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Fuse\\FuseService.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Fuse\\fuse.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"63938:TCP"= 63938:TCP:EMule
"63948:UDP"= 63948:UDP:EMule UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 xlkfs;xlkfs;c:\windows\system32\DRIVERS\xlkfs.sys [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ADDMEM;ADDMEM;c:\docume~1\TMA72\USTAWI~1\Temp\__Samsung_Update\ADDMEM.SYS [x]
R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 hspamdfl;SAMSUNG HSPA Modem Filter;c:\windows\system32\DRIVERS\hspamdfl.sys [x]
R3 hspamdm;SAMSUNG HSPA Modem Drivers;c:\windows\system32\DRIVERS\hspamdm.sys [x]
R3 hspaserd;SAMSUNG HSPA Modem Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\hspaserd.sys [x]
R3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\DRIVERS\SUE_PD.sys [x]
R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\Drivers\VMC326.sys [x]
S3 hspabus;SAMSUNG HSPA USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\hspabus.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 14:25	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2007-07-28 13:53	1230848	----a-w-	c:\program files\Windows Sidebar\sidebar.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-01-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-24 12:51]
.
2013-01-10 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-24 22:50]
.
2013-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-09 08:12]
.
2013-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-09 08:12]
.
2013-01-09 c:\windows\Tasks\User_Feed_Synchronization-{F604D5FC-DC2D-4664-B2E9-3B72037DB154}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.plus.pl/
mStart Page = about:blank
TCP: DhcpNameServer = 192.168.1.1
Handler: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - c:\program files\Spik\url_wpmsg.dll
FF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\sfhuvfp2.default\
FF - ExtSQL: 2012-12-20 08:27; {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF - ExtSQL: 2012-12-20 08:27; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF - ExtSQL: 2012-12-20 08:27; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-10 10:45
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2031393981-2624961115-777813318-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,e7,cf,8c,8a,f0,1f,4c,82,a0,af,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,e7,cf,8c,8a,f0,1f,4c,82,a0,af,\
.
Czas ukończenia: 2013-01-10  10:47:44
ComboFix-quarantined-files.txt  2013-01-10 09:47
ComboFix2.txt  2013-01-10 09:27
.
Przed: 20 325 109 760 bajtów wolnych
Po: 20 406 857 728 bajtów wolnych
.
- - End Of File - - 0C0787B6E5D55569EAC37F9ED2333E8E