ComboFix 12-06-28.03 - Marcin 2012-07-02  19:46:58.6.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.3583.2553 [GMT 2:00]
Uruchomiony z: c:\users\Marcin\Desktop\ComboFix.exe
Użyto następujących komend :: c:\users\Marcin\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\tmp\userinit.exe --> c:\windows\System32\userinit.exe
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-06-02 do 2012-07-02  )))))))))))))))))))))))))))))))
.
.
2012-07-02 17:56 . 2012-07-02 17:56	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-07-02 17:56 . 2012-07-02 17:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-02 17:29 . 2012-07-02 17:42	--------	d-----w-	C:\Tmp
2012-07-01 16:55 . 2012-07-01 17:28	--------	d-----w-	c:\users\Marcin\DoctorWeb
2012-07-01 09:02 . 2012-07-01 09:02	--------	d-----w-	c:\users\Marcin\AppData\Roaming\Malwarebytes
2012-07-01 09:02 . 2012-07-01 09:02	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-07-01 09:02 . 2012-07-01 09:02	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-01 09:02 . 2012-04-04 13:56	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-30 11:03 . 2012-06-30 11:03	--------	d-----w-	C:\_OTL
2012-06-29 23:39 . 2012-05-04 09:59	514560	----a-w-	c:\windows\system32\qdvd.dll
2012-06-29 19:21 . 2012-07-02 17:56	--------	d-----w-	c:\users\Marcin\AppData\Local\temp
2012-06-29 19:21 . 2011-02-19 06:30	805376	----a-w-	c:\windows\system32\FntCache.dll
2012-06-29 19:21 . 2011-02-19 06:30	739840	----a-w-	c:\windows\system32\d2d1.dll
2012-06-29 18:51 . 2012-06-29 18:51	--------	d-----w-	c:\program files\COMODO
2012-06-29 17:55 . 2010-11-20 12:17	26624	----a-w-	c:\windows\system32\userinit.exe
2012-06-29 17:51 . 2012-05-31 03:41	6762896	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4564525D-49AE-41D9-B854-D2D6A922459B}\mpengine.dll
2012-06-29 07:05 . 2012-06-29 07:05	--------	d-----w-	c:\users\Gość
2012-06-25 05:59 . 2012-06-02 22:19	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-25 05:59 . 2012-06-02 22:19	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-25 05:59 . 2012-06-02 22:19	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-25 05:59 . 2012-06-02 22:12	2422272	----a-w-	c:\windows\system32\wucltux.dll
2012-06-25 05:59 . 2012-06-02 22:19	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-25 05:59 . 2012-06-02 22:19	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-25 05:59 . 2012-06-02 22:12	88576	----a-w-	c:\windows\system32\wudriver.dll
2012-06-25 05:59 . 2012-06-02 13:19	171904	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-25 05:59 . 2012-06-02 13:12	33792	----a-w-	c:\windows\system32\wuapp.exe
2012-06-13 07:09 . 2012-05-17 22:45	1800192	----a-w-	c:\windows\system32\jscript9.dll
2012-06-13 01:27 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\system32\msi.dll
2012-06-13 01:27 . 2012-04-28 03:17	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-13 01:27 . 2012-05-15 01:05	2343936	----a-w-	c:\windows\system32\win32k.sys
2012-06-13 01:27 . 2012-04-26 04:45	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-13 01:27 . 2012-04-26 04:45	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-13 01:27 . 2012-04-26 04:41	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-13 01:27 . 2012-05-01 04:44	164352	----a-w-	c:\windows\system32\profsvc.dll
2012-06-13 01:27 . 2012-04-24 04:36	140288	----a-w-	c:\windows\system32\cryptsvc.dll
2012-06-13 01:27 . 2012-04-24 04:36	1158656	----a-w-	c:\windows\system32\crypt32.dll
2012-06-13 01:27 . 2012-04-24 04:36	103936	----a-w-	c:\windows\system32\cryptnet.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-15 16:55 . 2010-01-31 11:17	139048	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2012-06-15 16:55 . 2010-01-31 11:16	76888	----a-w-	c:\windows\system32\PnkBstrA.exe
2012-06-15 16:55 . 2010-02-17 09:51	282296	----a-w-	c:\windows\system32\PnkBstrB.xtr
2012-06-15 16:55 . 2010-01-31 11:16	282296	----a-w-	c:\windows\system32\PnkBstrB.exe
2012-06-15 16:47 . 2010-01-31 11:16	215128	----a-w-	c:\windows\system32\PnkBstrB.ex0
2012-04-18 19:52 . 2012-04-17 20:12	59240	----a-w-	c:\windows\system32\GenSvcInst.exe
2012-04-18 19:52 . 2012-04-17 20:12	38944	----a-w-	c:\windows\system32\drivers\CDRBSDRV.SYS
2012-04-18 19:52 . 2012-04-17 20:12	139264	----a-w-	c:\windows\system32\bgsvcgen.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184]
"Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2011-07-04 13374048]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 497024]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-08-12 233472]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-09-24 210216]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-03 198160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-07 40376]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MDS_Menu"="c:\program files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-08-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-08-26 75048]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-10-01 548864]
"UpdatePSTShortCut"="c:\program files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" [2010-09-27 222504]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-11-18 1492264]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll" [2012-04-04 1082440]
.
c:\users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-11-28 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe [2009-11-28 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2009-06-24 11:30	272952	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-11-28 11:11	3058304	----a-w-	c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-18 18:52	104936	------w-	c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2008-04-02 18:09	87336	------w-	c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2009-09-11 12:54	7739936	------w-	c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
R2 CLKMSVC10_E92D8507;CyberLink Product - 2011/08/11 22:41;c:\program files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x]
R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys [x]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [x]
S2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B17\intel_a\code\bin\CATSysDemon.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe  -run [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*Deregistered* - CLKMDRV10_E92D8507
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-366723323-3451035930-601692653-1001Core.job
- c:\users\Marcin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-26 17:14]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-366723323-3451035930-601692653-1001UA.job
- c:\users\Marcin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-26 17:14]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.fota.pl/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_80c2ffa.dll"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-366723323-3451035930-601692653-1001\Software\SecuROM\License information*]
"datasecu"=hex:46,de,2a,ee,c1,36,12,70,f3,6d,d4,51,ab,b8,d7,86,50,5d,ef,06,b6,
   fc,54,ba,a4,a1,05,f3,3e,3c,70,51,31,68,60,5f,f2,26,1e,b1,fb,26,72,48,2d,78,\
"rkeysecu"=hex:65,7d,ea,3a,78,60,2f,e2,56,7f,e7,b7,1f,88,db,ed
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'lsass.exe'(600)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.DLL
.
- - - - - - - > 'Explorer.exe'(764)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
c:\users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
Czas ukończenia: 2012-07-02  19:58:41
ComboFix-quarantined-files.txt  2012-07-02 17:58
ComboFix2.txt  2012-07-01 19:51
.
Przed: 35 893 018 624 bajtów wolnych
Po: 35 802 140 672 bajtów wolnych
.
- - End Of File - - 5C0ACA3D2253A58434376B49C6101115