ComboFix 12-06-28.03 - Marcin 2012-06-29 21:00:58.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.3583.2572 [GMT 2:00] Uruchomiony z: c:\users\Marcin\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Utworzono nowy punkt przywracania . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\facemoods.com c:\program files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll c:\program files\facemoods.com\facemoods\1.4.17.11\facemoods.crx c:\program files\facemoods.com\facemoods\1.4.17.11\facemoods.png c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll c:\program files\facemoods.com\facemoods\1.4.17.11\uninstall.exe c:\program files\facemoods.com\sqlite3.dll c:\programdata\DD8F1BB91F.sys c:\windows\UA000088.DLL . c:\windows\system32\userinit.exe . . . jest zainfekowany!! . . ((((((((((((((((((((((((( Pliki utworzone od 2012-05-28 do 2012-06-29 ))))))))))))))))))))))))))))))) . . 2012-06-29 19:19 . 2012-06-29 19:19 -------- d-----w- c:\users\Marcin\AppData\Local\temp 2012-06-29 19:19 . 2012-06-29 19:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-29 19:19 . 2012-06-29 19:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-29 18:51 . 2012-06-29 18:51 -------- d-----w- c:\program files\COMODO 2012-06-29 17:55 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\system32\userinit.exe 2012-06-29 17:51 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4564525D-49AE-41D9-B854-D2D6A922459B}\mpengine.dll 2012-06-29 07:05 . 2012-06-29 07:05 -------- d-----w- c:\users\Gość 2012-06-27 22:01 . 2012-06-27 22:01 -------- d-----w- C:\found.000 2012-06-25 05:59 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-25 05:59 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-25 05:59 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-25 05:59 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-25 05:59 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-25 05:59 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-25 05:59 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-25 05:59 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-25 05:59 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-13 07:09 . 2012-05-17 22:45 1800192 ----a-w- c:\windows\system32\jscript9.dll 2012-06-13 01:27 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll 2012-06-13 01:27 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 01:27 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys 2012-06-13 01:27 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-13 01:27 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-13 01:27 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-13 01:27 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll 2012-06-13 01:27 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-13 01:27 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-06-13 01:27 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-15 16:55 . 2010-01-31 11:17 139048 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-06-15 16:55 . 2010-01-31 11:16 76888 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-06-15 16:55 . 2010-02-17 09:51 282296 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-06-15 16:55 . 2010-01-31 11:16 282296 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-06-15 16:47 . 2010-01-31 11:16 215128 ----a-w- c:\windows\system32\PnkBstrB.ex0 2012-04-18 19:52 . 2012-04-17 20:12 59240 ----a-w- c:\windows\system32\GenSvcInst.exe 2012-04-18 19:52 . 2012-04-17 20:12 38944 ----a-w- c:\windows\system32\drivers\CDRBSDRV.SYS 2012-04-18 19:52 . 2012-04-17 20:12 139264 ----a-w- c:\windows\system32\bgsvcgen.exe 2012-04-03 17:16 . 2012-04-09 21:47 5981504 ----a-w- c:\windows\system32\nvcuda.dll 2012-04-03 17:16 . 2012-04-09 21:47 2524992 ----a-w- c:\windows\system32\nvcuvid.dll 2012-04-03 17:16 . 2012-04-09 21:47 2444608 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-04-03 17:16 . 2012-04-09 21:47 19584320 ----a-w- c:\windows\system32\nvoglv32.dll 2012-04-03 17:16 . 2012-04-09 21:47 17551680 ----a-w- c:\windows\system32\nvcompiler.dll 2012-04-03 17:16 . 2012-04-09 21:47 11348288 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-04-03 17:16 . 2011-12-07 15:56 881984 ----a-w- c:\windows\system32\nvgenco32.dll 2012-04-03 17:16 . 2011-12-07 15:56 61248 ----a-w- c:\windows\system32\OpenCL.dll 2012-04-03 17:16 . 2011-12-07 15:56 15279424 ----a-w- c:\windows\system32\nvd3dum.dll 2012-04-03 17:16 . 2011-12-07 15:56 1000256 ----a-w- c:\windows\system32\nvdispco32.dll 2012-04-03 17:16 . 2009-08-15 13:25 8029504 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-04-03 17:16 . 2009-08-15 13:25 2367808 ----a-w- c:\windows\system32\nvapi.dll 2012-04-03 15:03 . 2009-08-15 09:52 645440 ----a-w- c:\windows\system32\nvvsvc.exe 2012-04-03 15:03 . 2009-08-15 09:52 62272 ----a-w- c:\windows\system32\nvshext.dll 2012-04-03 15:03 . 2009-08-15 09:52 2561344 ----a-w- c:\windows\system32\nvsvcr.dll 2012-04-03 15:03 . 2009-08-15 09:52 108352 ----a-w- c:\windows\system32\nvmctray.dll 2012-04-03 15:01 . 2009-08-15 09:52 2759488 ----a-w- c:\windows\system32\nvsvc.dll 2012-04-03 15:01 . 2009-08-15 09:52 3914048 ----a-w- c:\windows\system32\nvcpl.dll 2012-04-03 05:16 . 2012-04-03 05:16 423744 ----a-w- c:\windows\system32\nvStreaming.exe . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-01 16:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2011-07-04 13374048] "Akamai NetSession Interface"="c:\users\Marcin\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 497024] "AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-08-12 233472] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-09-24 210216] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-03 198160] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-07 40376] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "MDS_Menu"="c:\program files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408] "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-08-02 87336] "BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-08-26 75048] "UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408] "LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-10-01 548864] "UpdatePSTShortCut"="c:\program files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" [2010-09-27 222504] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-11 7739936] "NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-11-18 1492264] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2008-04-02 87336] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2008-02-22 62760] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-11-28 3058304] "ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952] . c:\users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-11-28 12862] SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe [2009-11-28 156880] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="c:\windows\explorer.exe," . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\acaptuser32.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] R2 CLKMSVC10_E92D8507;CyberLink Product - 2011/08/11 22:41;c:\program files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x] R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [x] R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x] R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x] S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys [x] S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [x] S2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B17\intel_a\code\bin\CATSysDemon.exe [x] S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run [x] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x] . . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - WS2IFSL *Deregistered* - CLKMDRV10_E92D8507 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Zawartość folderu 'Zaplanowane zadania' . 2012-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-366723323-3451035930-601692653-1001Core.job - c:\users\Marcin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-26 17:14] . 2012-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-366723323-3451035930-601692653-1001UA.job - c:\users\Marcin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-26 17:14] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.fota.pl/ uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421; IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert link target to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 . . ------- Skojarzenia plików ------- . .txt= . - - - - USUNIĘTO PUSTE WPISY - - - - . HKCU-Run-AlcoholAutomount - d:\program files 2\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe HKCU-Run-AdobeBridge - (no file) HKLM-Run-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe AddRemove-Akamai - c:\program files\Common Files\Akamai\uninstall.exe AddRemove-Astroburn Toolbar - c:\program files\Astroburn Toolbar\uninst.exe AddRemove-Counter-Strike: Source Texture Pack 1.00 - c:\program files\Counter-Strike Source\Uninstall.exe AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.11\uninstall.exe AddRemove-PunkBusterSvc - d:\program files 2\Battlefield 3\pbsvc.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_80c2ffa.dll" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-366723323-3451035930-601692653-1001\Software\SecuROM\License information*] "datasecu"=hex:46,de,2a,ee,c1,36,12,70,f3,6d,d4,51,ab,b8,d7,86,50,5d,ef,06,b6, fc,54,ba,a4,a1,05,f3,3e,3c,70,51,31,68,60,5f,f2,26,1e,b1,fb,26,72,48,2d,78,\ "rkeysecu"=hex:65,7d,ea,3a,78,60,2f,e2,56,7f,e7,b7,1f,88,db,ed . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'lsass.exe'(596) c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.DLL . Czas ukończenia: 2012-06-29 21:21:48 ComboFix-quarantined-files.txt 2012-06-29 19:21 . Przed: 35 014 299 648 bajtów wolnych Po: 36 134 617 088 bajtów wolnych . - - End Of File - - 9FEE3B3B54B77788029221BE4C087EE5