ComboFix 12-10-16.02 - UZYTKOWNIK 2012-10-16  17:02:33.1.4 - x64
Uruchomiony z: c:\users\UZYTKOWNIK\Downloads\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\PCFix
c:\programdata\EECFA72B8C.sys
c:\users\UZYTKOWNIK\AppData\Local\unins000.exe
c:\users\UZYTKOWNIK\AppData\Roaming\Microsoft\~DFK716366.tmp
c:\users\UZYTKOWNIK\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\UZYTKOWNIK\AppData\Roaming\Microsoft\bass.dll
c:\users\UZYTKOWNIK\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\UZYTKOWNIK\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\UZYTKOWNIK\AppData\Roaming\Microsoft\peaadje.dll
c:\users\UZYTKOWNIK\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\UZYTKOWNIK\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\UZYTKOWNIK\AppData\Roaming\PCFix
c:\users\UZYTKOWNIK\AppData\Roaming\PCFix\log.dat
c:\users\UZYTKOWNIK\AppData\Roaming\PCFix\unresolvederrors.dat
c:\windows\DPINST.LOG
c:\windows\IsUn0415.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\GoogleEarth-Win-Bundle-5.2.1.1547.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nvsvc
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-09-16 do 2012-10-16  )))))))))))))))))))))))))))))))
.
.
2012-10-16 15:12 . 2012-10-16 15:15	--------	d-----w-	c:\users\UZYTKOWNIK\AppData\Local\temp
2012-10-16 09:39 . 2012-10-16 09:39	--------	d-----r-	c:\users\UZYTKOWNIK\Dropbox
2012-10-16 09:35 . 2012-10-16 09:36	--------	d-----w-	c:\users\UZYTKOWNIK\AppData\Roaming\Dropbox
2012-10-14 15:34 . 2012-10-14 15:34	--------	d-----w-	c:\programdata\audiozilla.vb
2012-10-14 15:33 . 2005-09-01 13:13	245408	----a-w-	c:\windows\SysWow64\unicows.dll
2012-10-14 15:33 . 2012-10-14 15:40	--------	d-----w-	c:\program files (x86)\AUDIOzilla
2012-10-13 13:12 . 2012-10-13 15:04	--------	d-----w-	c:\program files (x86)\Premium Booster
2012-10-11 16:30 . 2012-10-11 16:33	--------	d-----w-	c:\program files (x86)\Common Files\Nero
2012-10-11 16:23 . 2012-10-11 16:23	--------	d-----w-	c:\program files (x86)\Common Files\LightScribe
2012-10-10 14:26 . 2012-08-31 18:19	1659760	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-10-10 14:24 . 2012-06-02 05:41	1464320	----a-w-	c:\windows\system32\crypt32.dll
2012-10-10 14:24 . 2012-06-02 04:36	1159680	----a-w-	c:\windows\SysWow64\crypt32.dll
2012-10-10 14:24 . 2012-06-02 05:41	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2012-10-10 14:24 . 2012-06-02 05:41	140288	----a-w-	c:\windows\system32\cryptnet.dll
2012-10-10 14:24 . 2012-06-02 04:36	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2012-10-10 14:24 . 2012-06-02 04:36	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2012-10-09 08:13 . 2012-10-09 08:13	--------	d-----w-	C:\3ComAura
2012-10-08 19:35 . 2012-10-09 07:41	--------	d-----w-	C:\Flashtool
2012-10-08 17:41 . 2012-10-08 17:41	--------	d-----w-	c:\programdata\Sony
2012-10-08 17:41 . 2012-10-08 17:41	--------	d-----w-	c:\program files (x86)\Sony
2012-09-29 12:16 . 2012-09-29 12:24	--------	d-----w-	c:\users\UZYTKOWNIK\AppData\Roaming\vlc
2012-09-29 12:15 . 2012-09-29 12:15	--------	d-----w-	c:\program files (x86)\VideoLAN
2012-09-27 15:11 . 2012-08-21 21:01	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-09-24 17:05 . 2012-08-21 11:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-24 17:05 . 2012-09-24 17:05	--------	d-----w-	c:\program files\iPod
2012-09-24 17:05 . 2012-09-24 17:05	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-24 17:05 . 2012-09-24 17:05	--------	d-----w-	c:\program files\iTunes
2012-09-23 12:40 . 2012-09-23 12:40	--------	d-----w-	c:\users\UZYTKOWNIK\AppData\Local\Apps
2012-09-23 12:16 . 2012-09-23 12:16	--------	d-----w-	c:\windows\ehome
2012-09-23 12:15 . 2012-09-23 12:15	--------	d-----w-	c:\users\Default\AppData\Roaming\Media Center Programs
2012-09-23 11:44 . 2012-09-23 11:44	--------	d-----w-	c:\program files (x86)\FLAC
2012-09-22 11:46 . 2012-09-23 11:21	--------	d-----w-	c:\windows\system32\config\systemprofile\AppData\Roaming\Hear
2012-09-22 11:37 . 2012-09-22 11:42	--------	d-----w-	c:\users\UZYTKOWNIK\AppData\Roaming\Hear
2012-09-22 11:37 . 2012-09-22 11:37	--------	d-----w-	c:\program files\Hear
2012-09-22 11:37 . 2011-11-07 14:18	46728	----a-w-	c:\windows\system32\drivers\ren2cap.sys
2012-09-16 16:37 . 2012-09-16 16:38	--------	d-----w-	c:\users\UZYTKOWNIK\AppData\Local\NPE
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 18:11 . 2010-08-26 14:46	65309168	----a-w-	c:\windows\system32\MRT.exe
2012-09-16 12:49 . 2012-09-16 12:29	177312	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-08-23 08:26 . 2012-09-14 05:58	9310152	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{CF8F78A5-1A0C-4DE0-99BA-86B96C97311C}\mpengine.dll
2012-08-22 18:12 . 2012-09-12 14:28	1913200	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 14:28	950128	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 14:28	376688	----a-w-	c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 14:28	288624	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 11:01 . 2012-06-05 16:50	125872	----a-w-	c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-06-05 16:50	106928	----a-w-	c:\windows\SysWow64\GEARAspi.dll
2012-08-20 17:38 . 2012-10-10 14:25	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-08-18 01:48 . 2012-08-18 01:48	830976	----a-w-	c:\windows\system32\ncs2dmix.dll
2012-08-18 01:27 . 2012-08-18 01:27	788992	----a-w-	c:\windows\system32\accesor.dll
2012-08-18 01:15 . 2012-08-18 01:15	211968	----a-w-	c:\windows\system32\ncs2instutility.dll
2012-08-18 01:09 . 2012-08-18 01:09	3154432	----a-w-	c:\windows\system32\ncscolib.dll
2012-08-15 08:57 . 2012-08-15 08:57	33616	----a-w-	c:\windows\system32\drivers\iqvw64e.sys
2012-08-10 17:26 . 2012-09-16 12:48	776352	----a-r-	c:\windows\system32\drivers\NISx64\1401010.002\srtsp64.sys
2012-08-10 00:00 . 2012-08-10 00:00	316736	----a-w-	c:\windows\system32\PRONtObj.dll
2012-08-09 05:42 . 2012-08-09 05:42	204288	----a-w-	c:\windows\system32\Ncs2Setp.dll
2012-08-07 21:18 . 2012-09-16 12:48	1132192	----a-r-	c:\windows\system32\drivers\NISx64\1401010.002\SymEFA64.sys
2012-08-07 10:43 . 2012-09-16 12:48	168096	----a-r-	c:\windows\system32\drivers\NISx64\1401010.002\ccSetx64.sys
2012-08-02 17:58 . 2012-09-12 14:28	574464	----a-w-	c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 14:28	490496	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2012-08-02 10:45 . 2011-12-13 15:34	56472	----a-w-	c:\windows\system32\iolobtdfg.exe
2012-08-02 10:45 . 2011-12-13 15:34	25072	----a-w-	c:\windows\system32\smrgdf.exe
2012-08-02 09:27 . 2012-01-23 15:06	2154576	----a-w-	c:\windows\system32\Incinerator64.dll
2012-08-02 09:27 . 2011-12-13 15:34	2096360	----a-w-	c:\windows\SysWow64\Incinerator32.dll
2012-08-01 01:02 . 2012-08-01 01:02	162960	----a-w-	c:\windows\system32\drivers\iANSW60e.sys
2012-07-27 20:47 . 2012-07-27 20:47	187392	----a-w-	c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47	75776	----a-w-	c:\windows\system32\OpenVideo64.dll
2012-07-27 20:47 . 2012-07-27 20:47	65024	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47	63488	----a-w-	c:\windows\system32\OVDecode64.dll
2012-07-27 20:47 . 2012-07-27 20:47	56320	----a-w-	c:\windows\SysWow64\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46	16464896	----a-w-	c:\windows\system32\amdocl64.dll
2012-07-27 20:46 . 2012-07-27 20:46	13013504	----a-w-	c:\windows\SysWow64\amdocl.dll
2012-07-27 19:25 . 2012-09-16 12:48	493216	----a-r-	c:\windows\system32\drivers\NISx64\1401010.002\SymDS64.sys
2012-07-27 19:05 . 2012-09-16 12:48	224416	----a-r-	c:\windows\system32\drivers\NISx64\1401010.002\Ironx64.sys
2012-07-27 11:35 . 2012-07-27 11:35	74703	----a-w-	c:\windows\SysWow64\mfc45.dat
2012-07-27 00:30 . 2012-07-27 00:30	170824	----a-w-	c:\windows\system32\IPROSetMonitor.exe
2012-07-26 08:01 . 2012-07-27 11:36	82160	----a-w-	c:\windows\system32\drivers\PDFsFilter.sys
2012-07-25 06:54 . 2010-09-13 08:55	538496	----a-w-	c:\windows\system32\PROUnstl.exe
2012-07-22 17:34 . 2012-09-16 12:48	432800	----a-r-	c:\windows\system32\drivers\NISx64\1401010.002\symnets.sys
2012-07-18 18:15 . 2012-08-15 14:45	3148800	----a-w-	c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nexus"="d:\program files (x86)\Winstep\Nexus.exe" [2012-03-28 16957056]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="d:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"PWRISOVM.EXE"=d:\program files (x86)\PowerISO\PWRISOVM.EXE
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 HookCentre;HookCentre; [x]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
R2 AVKProxy;G Data AntiVirus Proxy; [x]
R2 AVKService;G Data Scheduler; [x]
R2 AVKWCtl;G Data Strażnik systemu plików; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NAUpdate;NAUpdate; [x]
R2 SRSHDAudioService;SRS HDAudio Lab Service; [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; [x]
R2 vmci;VMware vmci; [x]
R2 VMUSBArbService;VMware USB Arbitration Service; [x]
R2 Winstep Xtreme Service;Winstep Xtreme Service; [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [2011-07-27 29576]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [2011-07-27 25352]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 30088]
R3 esihdrv;esihdrv; [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-02 1436424]
R3 GDFwSvc;G Data Personal Firewall; [x]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2010-10-20 57288]
R3 GDScan;G Data Scanner; [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-01-15 13352]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 27016]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 vpcuxd;Usługa procedury wejścia wirtualizacji USB;c:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-26 1255736]
R4 KMService;KMService; [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2011-07-27 24456]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2010-10-20 40392]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1401010.002\SYMDS64.SYS [2012-07-27 493216]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1401010.002\SYMEFA64.SYS [2012-08-07 1132192]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [2012-08-31 1385120]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1401010.002\ccSetx64.sys [2012-08-07 168096]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2010-10-20 85448]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [2010-10-20 48584]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2010-10-20 106224]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20121013.001\IDSvia64.sys [2012-09-14 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1401010.002\Ironx64.SYS [2012-07-27 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1401010.002\SYMNETS.SYS [2012-07-22 432800]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.1.1.2\ccSvcHst.exe [2012-08-29 143928]
S2 SBSDWSCService;SBSD Security Center Service;d:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-14 2072896]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-18 138912]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-06-10 1192448]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
S3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys [2011-11-07 46728]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_amd64.sys [2010-11-15 533280]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\UZYTKOWNIK\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\UZYTKOWNIK\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\UZYTKOWNIK\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\UZYTKOWNIK\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&ksportuj do programu Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Wyślij &do programu OneNote - d:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
.
.
------- Skojarzenia plików -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1 - c:\users\UZYTKOWNIK\AppData\Local\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.1.1.2\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.1.1.2\diMaster.dll\" /prefetch:1"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-438159112-1867072182-2848345102-1000\console_combofixbackup]
@DACL=(02 0000)
@SACL=
"ColorTable00"=dword:00000000
"ColorTable01"=dword:00800000
"ColorTable02"=dword:00008000
"ColorTable03"=dword:00808000
"ColorTable04"=dword:00000080
"ColorTable05"=dword:00800080
"ColorTable06"=dword:00008080
"ColorTable07"=dword:00c0c0c0
"ColorTable08"=dword:00808080
"ColorTable09"=dword:00ff0000
"ColorTable10"=dword:0000ff00
"ColorTable11"=dword:00ffff00
"ColorTable12"=dword:000000ff
"ColorTable13"=dword:00ff00ff
"ColorTable14"=dword:0000ffff
"ColorTable15"=dword:00ffffff
"CursorSize"=dword:00000019
"EnableColorSelection"=dword:00000000
"ExtendedEditKey"=dword:00000000
"ExtendedEditKeyCustom"=dword:00000000
"FontFamily"=dword:00000000
"FontSize"=dword:00000000
"FontWeight"=dword:00000000
"FullScreen"=dword:00000000
"HistoryBufferSize"=dword:00000032
"HistoryNoDup"=dword:00000000
"InsertMode"=dword:00000001
"LoadConIme"=dword:00000001
"NumberOfHistoryBuffers"=dword:00000004
"PopupColors"=dword:000000f5
"QuickEdit"=dword:00000000
"ScreenBufferSize"=dword:012c0050
"ScreenColors"=dword:00000007
"TrimLeadingZeros"=dword:00000000
"WindowSize"=dword:00190050
"WordDelimiters"=dword:00000000
.
[HKEY_USERS\S-1-5-21-438159112-1867072182-2848345102-1000_Classes\Wow6432Node\CLSID\{1742ef3a-a60f-483a-85db-0949e94d301b}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000009c
"Therad"=dword:0000000e
.
[HKEY_USERS\S-1-5-21-438159112-1867072182-2848345102-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):67,3d,65,c0,67,85,e5,67,8d,1b,3e,6b,dd,f9,5c,b8,40,a0,66,e3,63,
   74,07,d6,3a,19,30,0d,80,c8,4b,ce,9b,ba,e7,4f,d3,70,32,eb,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
.
**************************************************************************
.
Czas ukończenia: 2012-10-16  17:22:11 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2012-10-16 15:22
.
Przed: 9 989 984 256 bajtów wolnych
Po: 11 898 003 456 bajtów wolnych
.
- - End Of File - - D51EAE54CF3B2DFEEDF48730EC41ABAE