ComboFix 11-04-09.01 - Ola 2011-04-10  18:02:42.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1250.48.1045.18.2038.1213 [GMT 2:00]
Uruchomiony z: d:\users\Ola\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Search Toolbar
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\windows\system32\service
c:\windows\system32\service\08122009_TIS17_PccScan.log
c:\windows\system32\service\10012010_TIS17_SfFniAU.log
c:\windows\system32\service\17122009_TIS17_SfFniAU.log
c:\windows\system32\service\25012010_TIS17_PccScan.log
c:\windows\system32\service\25012010_TIS17_SfFniAU.log
c:\windows\system32\service\28012010_TIS17_SfFniAU.log
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-03-10 do 2011-04-10  )))))))))))))))))))))))))))))))
.
.
2011-04-10 16:27 . 2011-04-10 16:27	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-04-08 12:04 . 2011-03-15 04:05	6792528	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{73A88367-0590-408C-937C-F829FF60F1AF}\mpengine.dll
2011-04-03 21:33 . 2011-04-03 21:33	--------	d-----w-	c:\users\Ola\AppData\Roaming\inkscape
2011-04-03 21:02 . 2011-04-03 21:32	--------	d-----w-	c:\program files\Inkscape
2011-03-30 05:39 . 2009-03-18 15:35	26176	---ha-w-	c:\windows\system32\hamachi.sys
2011-03-28 21:55 . 2011-03-18 18:04	142296	----a-w-	c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-28 21:55 . 2011-03-18 18:04	16856	----a-w-	c:\program files\Mozilla Firefox\plugin-container.exe
2011-03-28 21:55 . 2011-03-18 18:04	781272	----a-w-	c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-28 21:55 . 2011-03-18 18:04	719832	----a-w-	c:\program files\Mozilla Firefox\mozcpp19.dll
2011-03-28 21:55 . 2011-03-18 18:04	1874904	----a-w-	c:\program files\Mozilla Firefox\mozjs.dll
2011-03-28 21:55 . 2011-03-18 18:04	15832	----a-w-	c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-28 21:55 . 2011-03-18 18:04	728024	----a-w-	c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-28 21:55 . 2011-03-18 18:04	1975768	----a-w-	c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-28 21:55 . 2011-03-18 18:04	1893336	----a-w-	c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-28 21:55 . 2011-03-18 18:04	142296	----a-w-	c:\program files\Mozilla Firefox\libEGL.dll
2011-03-12 09:11 . 2011-04-10 16:27	--------	d-----w-	c:\users\Ola\AppData\Local\LogMeIn Hamachi
2011-03-12 07:02 . 2003-09-03 01:26	192512	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-03-12 07:02 . 2003-09-03 01:28	724992	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-03-12 07:02 . 2003-09-03 01:27	69715	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-03-12 07:02 . 2003-09-03 01:26	266240	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-03-12 07:02 . 2003-09-03 01:25	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-03-12 07:02 . 2011-03-12 07:02	311428	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-03-12 07:02 . 2011-03-12 07:02	184452	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-19 05:33 . 2011-03-09 13:12	802304	----a-w-	c:\windows\system32\FntCache.dll
2011-02-19 05:32 . 2011-03-09 13:12	1074176	----a-w-	c:\windows\system32\DWrite.dll
2011-02-19 05:32 . 2011-03-09 13:12	739840	----a-w-	c:\windows\system32\d2d1.dll
2011-02-03 05:45 . 2011-02-09 15:49	219008	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 17:11 . 2010-01-21 09:49	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-03-18 18:04 . 2011-03-28 21:55	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2009-12-31 2349080]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-06-03 2736736]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
2010-06-03 17:24	2736736	----a-w-	c:\program files\Softonic-Polska\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2009-12-31 09:53	2349080	----a-w-	c:\program files\free-downloads.net\tbfree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2009-12-31 2349080]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-06-03 2736736]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2009-12-31 2349080]
"{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-06-03 2736736]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-11-25 10:47	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-11-25 10:47	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\Asus\Eee Docking\Eee Docking.exe" [2009-08-25 402608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyService"="AsusSender.exe" [2009-09-11 33768]
"SuperHybridEngine"="AsusSender.exe" [2009-09-11 33768]
"EeeStorageBackup"="c:\program files\ASUS\Asus WebStorage\BackupService.exe" [2009-07-31 947472]
"LiveUpdate"="AsusSender.exe" [2009-09-11 33768]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248]
"HotKeyMon"="AsusSender.exe" [2009-09-11 33768]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-15 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-15 354840]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"LogMeIn Hamachi Ui"="d:\hamachi\hamachi-2-ui.exe" [2011-03-28 1910152]
.
c:\users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
wkcalrem.LNK - c:\program files\Microsoft Works\WkCalRem.exe [2007-6-21 46432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-11-6 113664]
HotKeyMon.lnk - c:\program files\EeePC\HotkeyService\HotKeyMon.exe [2009-12-1 100328]
SRS Premium Sound.lnk - c:\windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe [2009-8-29 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-04-03 22:29	165784	----a-w-	c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57	369200	----a-w-	d:\deamon tols\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!]
2010-07-07 11:03	16222208	----a-w-	c:\program files\ipla\ipla.exe
.
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]
R2 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-01 204800]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2009-03-23 16384]
R3 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-29 1343400]
R3 zlportio;zlportio;c:\program files\UltraStar Deluxe\zlportio.sys [x]
R4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-10 691696]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\hamachi\hamachi-2.exe [2011-03-28 1242504]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S3 igd;igd;c:\windows\system32\DRIVERS\igdkmd32.sys [2009-10-10 635552]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\k7sndy5c.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - free-downloads.net Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&q=
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-MazurskiOT_is1 - d:\nowy folder\MazurskiOT\unins000.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2617050095-927467253-1458461005-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c1,4b,2d,44,7d,fe,38,8d,88,80,a5,a4,de,34,50,82,44,0c,b6,4a,49,0c,e5,
   69,c0,66,f9,19,c3,8e,31,69,62,fa,ec,c9,8e,ae,6f,21,48,c9,49,af,ad,74,37,72,\
"??"=hex:8f,5e,63,ed,b1,a9,a7,ee,87,e5,fe,09,19,c3,e4,14
.
[HKEY_USERS\S-1-5-21-2617050095-927467253-1458461005-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:76,12,e3,59,7d,d1,64,7c,35,8d,dc,2a,1b,91,7b,ab,cf,a7,b3,3b,16,
   d3,76,0b,9a,94,a1,fa,83,79,98,3c,d4,ff,5e,ab,ec,6b,e8,30,9d,80,22,ef,de,af,\
"rkeysecu"=hex:b1,3f,b2,b3,98,60,17,74,c5,c7,4e,c3,39,89,ef,6b
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2011-04-10  18:33:22
ComboFix-quarantined-files.txt  2011-04-10 16:33
.
Przed: 69 703 852 032 bajtów wolnych
Po: 69 647 003 648 bajtów wolnych
.
- - End Of File - - 5FF18A68519C0C6EA5731A2F7338C33D