ComboFix 12-11-15.01 - Tomek 2012-11-15  20:16:07.1.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Premium   6.0.6002.3.1250.48.1045.18.1915.1449 [GMT 1:00]
Uruchomiony z: D:\ComboFix.exe
AV: Bezpieczny Internet INEA 9.13 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Bezpieczny Internet INEA 9.13 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Bezpieczny Internet INEA 9.13 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\DealPly
c:\program files\DealPly\DealPly.crx
c:\program files\DealPly\DealPly.xpi
c:\program files\DealPly\DealPlyIE.dll
c:\program files\DealPly\DealPlyTune.dll
c:\program files\DealPly\DealPlyUpdate.exe
c:\program files\DealPly\DealPlyUpdate.log
c:\program files\DealPly\DealPlyUpdateRun.exe
c:\program files\DealPly\icon.ico
c:\program files\DealPly\uninst.exe
c:\programdata\Windows
c:\programdata\Windows\dsdd.dat
c:\programdata\windows\nudr.dat
c:\users\Tomek\AppData\Roaming\msconfig.dat
c:\users\Tomek\AppData\Roaming\msconfig.ini
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\pt
c:\windows\system32\pt\toscdspd.cpl.mui
c:\windows\UA000106.DLL
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-10-15 do 2012-11-15  )))))))))))))))))))))))))))))))
.
.
2012-11-15 19:25 . 2012-11-15 19:27	--------	d-----w-	c:\users\Tomek\AppData\Local\temp
2012-11-15 19:25 . 2012-11-15 19:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-11-15 18:56 . 2012-11-15 18:56	9310	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-11-15 18:56 . 2012-11-15 18:56	8646	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-11-15 18:56 . 2012-11-15 18:56	8613	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2012-11-15 18:56 . 2012-11-15 18:56	6910	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2012-11-15 18:56 . 2012-11-15 18:56	6429	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-11-15 18:56 . 2012-11-15 18:56	63115	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-11-15 18:56 . 2012-11-15 18:56	5927	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2012-11-15 18:56 . 2012-11-15 18:56	4599	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-11-15 18:56 . 2012-11-15 18:56	1651	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2012-11-15 18:56 . 2012-11-15 18:56	8288	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2012-11-15 18:56 . 2012-11-15 18:56	6208	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2012-11-15 18:56 . 2012-11-15 18:56	18541	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2012-11-15 18:55 . 2012-11-15 18:55	8782	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2012-11-15 18:55 . 2012-11-15 18:55	7271	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2012-11-15 18:55 . 2012-11-15 18:55	51852	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2012-11-15 18:55 . 2012-11-15 18:55	23327	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2012-11-15 18:55 . 2012-11-15 18:55	20719	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2012-11-05 18:01 . 2012-11-05 18:17	44240	----a-w-	c:\windows\system32\drivers\fsbts.sys
2012-11-05 17:52 . 2012-11-05 18:50	41552	----a-w-	c:\windows\system32\drivers\fses.sys
2012-11-05 17:52 . 2010-04-07 15:38	71120	----a-w-	c:\windows\system32\drivers\fsdfw.sys
2012-11-05 17:52 . 2010-04-07 15:40	572592	----a-w-	c:\windows\system32\msvcp50.dll
2012-11-05 17:50 . 2012-11-05 18:50	--------	d-----w-	c:\program files\Bezpieczny Internet INEA
2012-11-05 17:14 . 2012-11-05 17:48	--------	d-----w-	c:\programdata\fssg
2012-11-05 17:12 . 2012-11-05 17:52	--------	d-----w-	c:\programdata\f-secure
2012-11-02 18:46 . 2012-10-17 00:32	6918632	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0304DC7C-E6D3-4FEC-8A9B-F57C9416D8A8}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-08 20:58 . 2012-08-11 16:17	696760	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-10-08 20:58 . 2011-06-07 13:04	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-13 13:28 . 2012-10-10 17:15	2048	----a-w-	c:\windows\system32\tzres.dll
2012-08-29 11:27 . 2012-10-10 17:15	3602816	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-10-10 17:15	3550080	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-24 15:53 . 2012-10-10 17:15	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-08-24 06:59 . 2012-09-23 08:24	1800704	----a-w-	c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-23 08:24	1129472	----a-w-	c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-23 08:24	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 08:24	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 08:24	420864	----a-w-	c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-23 08:24	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-08-09 23:38 . 2012-06-28 22:35	136672	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2010-06-25 20:24 . 2009-11-14 08:49	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 15:31	1514152	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Tomek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Tomek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Tomek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2010-10-07 12661344]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2011-02-07 1362944]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-18 149280]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"NDSTray.exe"="NDSTray.exe" [BU]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-25 30192]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-06-24 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-05-09 716800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-12-09 74752]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"F-Secure Manager"="c:\program files\Bezpieczny Internet INEA\Common\FSM32.EXE" [2010-04-07 199344]
"F-Secure TNB"="c:\program files\Bezpieczny Internet INEA\FSGUI\TNBUtil.exe" [2010-04-07 1653424]
.
c:\users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Tomek\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GOEC62~1.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
2012-01-03 15:31	1391272	----a-w-	c:\program files\Ask.com\Updater\Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
2009-09-24 12:39	2768696	----a-w-	c:\program files\BitComet\BitComet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57	369200	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS12 Preload]
2008-06-09 09:03	397456	----a-w-	c:\program files\Corel\Corel VideoStudio 12\uvPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-11 20:58]
.
2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 22:16]
.
2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 22:16]
.
2012-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3262461205-3182432896-2895882836-1000Core.job
- c:\users\Tomek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-29 19:18]
.
2012-11-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3262461205-3182432896-2895882836-1000UA.job
- c:\users\Tomek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-29 19:18]
.
2012-11-06 c:\windows\Tasks\SpeedMaxPc Registration3.job
- c:\program files\Common Files\SpeedMaxPc\UUS3\UUS3.dll [2011-12-12 22:43]
.
2012-10-25 c:\windows\Tasks\SpeedMaxPc Update3.job
- c:\program files\Common Files\SpeedMaxPc\UUS3\Update3.exe [2011-12-12 22:43]
.
2012-10-24 c:\windows\Tasks\SpeedMaxPc.job
- c:\program files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe [2012-08-16 19:39]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://onet.pl/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pobierz wszystkie VIdeo za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Pobierz za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
LSP: c:\program files\Bezpieczny Internet INEA\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\dg6g8yx9.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=100478&babsrc=adbartrp&mntrId=3c2c01360000000000000024d2d45159&q=
FF - ExtSQL: 2012-11-05 18:51; litmus-ff@f-secure.com; c:\program files\Bezpieczny Internet INEA\NRS\litmus-ff@f-secure.com
FF - ExtSQL: !HIDDEN! 2009-10-28 11:08; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
user_pref('extensions.dealply.partner', 'iron');
user_pref('extensions.dealply.channel', 'iron3');
user_pref('extensions.dealply.installId', 'v23600234082744968726212012032721094421');
user_pref('extensions.dealply.installIdSource', 'inst');
user_pref('extensions.dealply.sampleGroup', '1');
.
.
------- Skojarzenia plików -------
.
.scr=AutoCADScriptFile
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-jswtrayutil - c:\program files\Jumpstart\jswtrayutil.exe
MSConfigStartUp-ptrlfmdfrhlxavv - c:\programdata\ptrlfmdf.exe
MSConfigStartUp-RGSC - e:\tomek\Gry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe
MSConfigStartUp-Uniblue RegistryBooster 2 - c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
MSConfigStartUp-zocarqjwdxgfkyg - c:\programdata\zocarqjw.exe
AddRemove-DealPly - c:\program files\DealPly\uninst.exe
AddRemove-FoxTab Media Player - c:\program files\FoxTabFLVPlayer\Uninstall\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-15 20:27
Windows 6.0.6002 Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
.
c:\users\Tomek\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
skanowanie pomyślnie ukończone
ukryte pliki: 1
.
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'Explorer.exe'(1840)
c:\users\Tomek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
Czas ukończenia: 2012-11-15  20:29:38
ComboFix-quarantined-files.txt  2012-11-15 19:29
.
Przed: 81 517 297 664 bajtów wolnych
Po: 83 712 364 544 bajtów wolnych
.
- - End Of File - - F5CC6817D17195A1F0CC6C208131D707