ComboFix 12-09-09.02 - Jakub 2012-09-09  18:30:28.1.8 - x64 MINIMAL
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.4010.3327 [GMT 2:00]
Uruchomiony z: H:\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\rbufuhtl.exe
c:\users\Jakub\ms.exe
c:\windows\SysWow64\pt
c:\windows\SysWow64\pt\AuthFWSnapIn.Resources.dll
c:\windows\SysWow64\pt\AuthFWWizFwk.Resources.dll
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-08-09 do 2012-09-09  )))))))))))))))))))))))))))))))
.
.
2012-09-09 16:34 . 2012-09-09 16:34	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-09-09 16:34 . 2012-09-09 16:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-09 15:41 . 2012-09-09 15:41	--------	d-----w-	c:\programdata\umsdiqfljwnwlgj
2012-09-09 12:36 . 2012-09-09 15:49	--------	d-----w-	c:\windows\system32\drivers\NISx64\1207010.003
2012-09-09 09:13 . 2005-05-26 13:34	3767504	----a-w-	c:\windows\system32\d3dx9_26.dll
2012-09-09 09:13 . 2005-05-26 13:34	2297552	----a-w-	c:\windows\SysWow64\d3dx9_26.dll
2012-09-09 08:21 . 2012-09-09 08:21	--------	d-----w-	c:\program files\WinRAR
2012-09-09 07:46 . 2012-06-09 17:21	178688	----a-w-	c:\windows\SysWow64\unrar.dll
2012-09-09 07:46 . 2012-09-09 07:46	--------	d-----w-	c:\program files (x86)\K-Lite Codec Pack
2012-09-09 07:11 . 2012-09-09 07:11	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2012-09-09 07:11 . 2012-09-09 07:11	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2012-09-09 07:10 . 2012-09-09 07:20	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2012-09-09 07:04 . 2012-09-09 07:04	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-09-09 07:04 . 2012-09-09 07:03	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-09 07:03 . 2012-09-09 07:03	--------	d-----w-	c:\program files (x86)\Java
2012-09-09 06:58 . 2012-09-09 06:58	--------	d-----w-	c:\program files (x86)\Common Files\Symantec Shared
2012-09-09 06:57 . 2012-09-09 06:57	73416	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-09 06:57 . 2012-09-09 06:57	696520	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-09 06:50 . 2012-09-09 06:50	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2012-09-08 20:38 . 2012-09-08 20:38	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2012-09-08 20:23 . 2012-09-08 20:23	--------	d-----w-	c:\program files (x86)\Microsoft Application Virtualization Client
2012-09-08 20:23 . 2012-09-08 20:23	--------	d-----w-	c:\program files\Microsoft Office
2012-09-08 14:25 . 2012-09-09 14:06	--------	d-----w-	c:\program files (x86)\Common Files\Onet.pl
2012-09-08 11:46 . 2012-09-08 11:46	--------	d-----w-	c:\windows\SysWow64\Wat
2012-09-08 11:46 . 2012-09-08 11:46	--------	d-----w-	c:\windows\system32\Wat
2012-09-08 11:34 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2012-09-08 11:30 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-09-08 11:30 . 2012-03-01 06:38	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-09-08 11:30 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-09-08 11:30 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-09-08 11:30 . 2012-03-01 05:37	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-09-08 11:30 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-09-08 11:30 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-09-08 11:05 . 2012-09-08 11:05	--------	d-----w-	c:\windows\system32\Macromed
2012-09-08 10:55 . 2011-07-09 02:46	288768	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2012-09-08 10:52 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-09-08 10:52 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-09-08 10:48 . 2011-04-29 03:06	467456	----a-w-	c:\windows\system32\drivers\srv.sys
2012-09-08 10:48 . 2011-04-29 03:05	410112	----a-w-	c:\windows\system32\drivers\srv2.sys
2012-09-08 10:48 . 2011-04-29 03:05	168448	----a-w-	c:\windows\system32\drivers\srvnet.sys
2012-09-08 10:46 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-09-08 10:45 . 2012-09-09 07:03	746984	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-09-08 10:44 . 2011-11-05 05:32	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-08 09:51 . 2012-09-08 09:51	--------	d--h--w-	c:\programdata\Common Files
2012-09-08 08:34 . 2012-09-08 08:34	--------	d-----w-	c:\users\Gość
2012-09-07 19:36 . 2012-09-07 19:36	--------	d-----w-	c:\users\Public\CyberLink
2012-09-07 15:10 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-09-07 15:10 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-09-07 15:10 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-09-07 15:07 . 2012-09-07 15:07	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-09-07 15:07 . 2012-09-07 15:07	--------	d-----r-	c:\program files (x86)\Skype
2012-09-07 15:07 . 2012-09-07 15:07	--------	d-----w-	c:\programdata\Skype
2012-09-07 15:07 . 2012-09-07 15:07	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2012-09-07 15:06 . 2012-09-07 15:06	--------	d-----w-	c:\program files\Elantech
2012-09-07 15:05 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-09-07 15:05 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-09-07 15:05 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-09-07 15:05 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-09-07 15:05 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-09-07 15:05 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-09-07 15:05 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-09-07 15:04 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-09-07 15:04 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-09-07 14:58 . 2012-09-09 16:34	--------	d-----w-	c:\users\Jakub
2012-09-07 14:57 . 2012-09-07 14:57	--------	d-----w-	C:\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-08 12:14 . 2011-06-24 15:14	174200	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-09-07 14:59 . 2010-06-24 02:33	19720	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120905.001\BHDrvx64.sys [2012-09-04 1385120]
R1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120907.001\IDSvia64.sys [2012-09-07 513184]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS [2011-01-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS [2011-04-21 386168]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe [2011-04-17 130008]
R2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-07 2009704]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-04-14 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-08 138912]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-08-09 166704]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-08 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-03-07 25960]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS [2011-03-15 912504]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-09 283200]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-19 11855976]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\fo1hnmzk.default\
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-rbufuhtljlgfskg - c:\programdata\rbufuhtl.exe
Wow6432Node-HKLM-Run-ROC_roc_ssl_v12 - c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe
Wow6432Node-HKLM-Run-Onet.pl AutoUpdate - c:\program files (x86)\Common Files\Onet.pl\NewAutoUpdate.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\diMaster.dll\" /prefetch:1"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2012-09-09  18:37:28
ComboFix-quarantined-files.txt  2012-09-09 16:37
.
Przed: 142 837 526 528 bajtów wolnych
Po: 144 054 005 760 bajtów wolnych
.
- - End Of File - - A71DCE6ECB0FC63F70089B99B3430FBF