ComboFix 12-12-13.02 - Rataj 2012-12-13  18:23:06.1.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.48.1045.18.3327.2286 [GMT 1:00]
Uruchomiony z: c:\users\Rataj\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Rataj\AppData\Roaming\chrtmp
c:\windows\apppatch\AppLoc.exe
c:\windows\apppatch\AppLocA.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\apppatch\unins000.dat
c:\windows\apppatch\unins000.exe
c:\windows\DPINST.LOG
c:\windows\Installer\{8beca11c-7353-d1b6-1416-62692e8a01a2}\@
c:\windows\Installer\{8beca11c-7353-d1b6-1416-62692e8a01a2}\U\00000001.@
c:\windows\system32\AutoRun.inf
c:\windows\system32\settings.ini
c:\windows\system32\tmp233A.tmp
c:\windows\system32\tmp235A.tmp
D:\bud3mkqr.exe
D:\cbbw88s.exe
D:\et3ypes.exe
D:\yveqsh93.exe
.
Zainfekowana kopia c:\windows\system32\services.exe została znaleziona. Problem naprawiono 
Plik odzyskano z - c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe 
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-11-13 do 2012-12-13  )))))))))))))))))))))))))))))))
.
.
2012-12-13 17:29 . 2012-12-13 17:29	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-13 17:18 . 2012-11-07 08:00	46672	----a-w-	c:\windows\system32\drivers\PSKMAD.sys
2012-12-13 16:08 . 2012-12-13 16:32	--------	d-----w-	c:\users\Rataj\AppData\Local\panda4_0dn
2012-12-13 07:57 . 2012-12-13 07:57	--------	d-----w-	c:\programdata\blekko toolbars
2012-12-13 07:57 . 2012-12-13 07:57	--------	d-----w-	c:\program files\pandasecuritytb
2012-12-11 21:22 . 2012-12-11 21:24	--------	d-----w-	C:\Dolphin
2012-11-29 22:42 . 2012-11-29 22:42	--------	d-----w-	c:\users\Rataj\AppData\Roaming\2K Sports
2012-11-29 22:32 . 2012-11-29 22:32	--------	d-----w-	c:\program files\2K Sports
2012-11-27 09:25 . 2012-11-27 09:25	--------	d-----w-	c:\programdata\RELOADED
2012-11-27 09:23 . 2012-11-27 09:24	--------	d-----w-	c:\program files\The Walking Dead
2012-11-23 19:26 . 2012-11-23 19:27	--------	d-----w-	c:\windows\MRLH
2012-11-16 17:51 . 2012-11-16 17:51	--------	d-----w-	c:\users\Rataj\AppData\Local\Focus Home Interactive
2012-11-16 17:51 . 2012-11-16 17:51	--------	d-----w-	c:\program files\Focus Home Interactive
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-18 14:21 . 2012-04-03 15:44	697272	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-11-18 14:21 . 2011-05-24 14:47	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-09 18:01 . 2012-11-09 18:01	123944	----a-w-	c:\windows\system32\drivers\PSINProt.sys
2012-11-09 18:01 . 2012-11-09 18:01	114216	----a-w-	c:\windows\system32\drivers\PSINProc.sys
2012-11-09 18:01 . 2012-11-09 18:01	174632	----a-w-	c:\windows\system32\drivers\PSINKNC.sys
2012-11-09 18:00 . 2012-11-09 18:00	149544	----a-w-	c:\windows\system32\drivers\PSINAflt.sys
2012-11-09 18:00 . 2012-11-09 18:00	104488	----a-w-	c:\windows\system32\drivers\PSINFile.sys
2012-11-09 10:23 . 2012-11-09 10:23	276520	----a-w-	c:\windows\system32\drivers\NNSStrm.sys
2012-11-09 10:23 . 2012-11-09 10:23	133928	----a-w-	c:\windows\system32\drivers\NNStlsc.sys
2012-11-09 10:23 . 2012-11-09 10:23	370216	----a-w-	c:\windows\system32\drivers\NNSProt.sys
2012-11-09 10:23 . 2012-11-09 10:23	191528	----a-w-	c:\windows\system32\drivers\NNSPrv.sys
2012-11-09 10:23 . 2012-11-09 10:23	128040	----a-w-	c:\windows\system32\drivers\NNSSmtp.sys
2012-11-09 10:23 . 2012-11-09 10:23	74792	----a-w-	c:\windows\system32\drivers\NNSPihsw.sys
2012-11-09 10:23 . 2012-11-09 10:23	125480	----a-w-	c:\windows\system32\drivers\NNSPop3.sys
2012-11-09 10:23 . 2012-11-09 10:23	163112	----a-w-	c:\windows\system32\drivers\NNSIds.sys
2012-11-09 10:23 . 2012-11-09 10:23	139176	----a-w-	c:\windows\system32\drivers\NNSHttp.sys
2012-11-09 10:23 . 2012-11-09 10:23	133544	----a-w-	c:\windows\system32\drivers\NNSpicc.sys
2012-11-09 10:23 . 2012-11-09 10:23	119208	----a-w-	c:\windows\system32\drivers\NNSAlpc.sys
2012-10-25 02:12 . 2012-10-25 02:12	94208	----a-w-	c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12	69632	----a-w-	c:\windows\system32\QuickTime.qts
2012-10-22 11:08 . 2012-10-22 11:08	29224	----a-w-	c:\windows\system32\drivers\NNSNAHSL.sys
2012-09-28 14:36 . 2012-09-28 14:36	180224	----a-w-	c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36	65536	----a-w-	c:\windows\system32\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36	56320	----a-w-	c:\windows\system32\OVDecode.dll
2012-09-28 14:32 . 2012-09-28 14:32	27341824	----a-w-	c:\windows\system32\amdocl.dll
2012-09-28 02:22 . 2009-11-11 04:37	5557928	----a-w-	c:\windows\system32\atiumdag.dll
2012-09-28 02:20 . 2012-09-28 02:20	9107968	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05	58880	----a-w-	c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03	163840	----a-w-	c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02	46080	----a-w-	c:\windows\system32\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02	44032	----a-w-	c:\windows\system32\aticalcl.dll
2012-09-28 01:57 . 2012-09-28 01:57	13703168	----a-w-	c:\windows\system32\aticaldd.dll
2012-09-28 01:43 . 2010-11-26 02:58	935424	----a-w-	c:\windows\system32\aticfx32.dll
2012-09-28 01:41 . 2012-09-28 01:41	19624960	----a-w-	c:\windows\system32\atioglxx.dll
2012-09-28 01:39 . 2009-11-11 04:53	6536192	----a-w-	c:\windows\system32\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39	442368	----a-w-	c:\windows\system32\atidemgy.dll
2012-09-28 01:38 . 2012-09-28 01:38	473088	----a-w-	c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38	217600	----a-w-	c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36	163840	----a-w-	c:\windows\system32\atitmmxx.dll
2012-09-28 01:36 . 2012-09-28 01:36	20992	----a-w-	c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36	43520	----a-w-	c:\windows\system32\ati2edxx.dll
2012-09-28 01:22 . 2009-11-11 04:19	2691584	----a-w-	c:\windows\system32\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13	405504	----a-w-	c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13	33280	----a-w-	c:\windows\system32\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12	56832	----a-w-	c:\windows\system32\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12	56832	----a-w-	c:\windows\system32\amdpcom32.dll
2012-09-28 01:12 . 2012-09-28 01:12	370176	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:11 . 2010-11-26 02:15	109568	----a-w-	c:\windows\system32\atiuxpag.dll
2012-09-28 01:10 . 2010-11-26 02:15	82944	----a-w-	c:\windows\system32\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-12-07 21:59 . 2012-12-07 21:58	262112	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyœlne, prawidłowe wpisy nie sš pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2012-10-15 13:02	87176	----a-w-	c:\program files\pandasecuritytb\pandasecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files\pandasecuritytb\pandasecurityDx.dll" [2012-10-15 87176]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-22 7514656]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BRMFCWND.EXE" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 734264]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"PSUAMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2012-11-14 32032]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn" [X]
"panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn" [X]
"panda4_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn" [X]
"panda4_0dn_XP"="reg.exe delete HKCU\Software\panda4_0dn" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Rataj^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]
path=c:\users\Rataj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
backup=c:\windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
2011-08-16 18:30	1379840	----a-w-	c:\program files\ALLPlayer\ALLUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56	59280	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-09-09 21:30	421776	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Panda Security URL Filtering]
2012-10-15 12:52	221832	----a-w-	c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
2012-09-12 10:17	445624	----a-w-	c:\program files\Sony\Sony PC Companion\PCCompanion.exe
.
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 s1029bus;Sony Ericsson Device 1029 driver (WDM);c:\windows\system32\DRIVERS\s1029bus.sys [x]
R3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1029mdfl.sys [x]
R3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1029mdm.sys [x]
R3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1029mgmt.sys [x]
R3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1029nd5.sys [x]
R3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1029obex.sys [x]
R3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1029unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [x]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [x]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [x]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [x]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [x]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [x]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [x]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [x]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [x]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 inpout32;inpout32;c:\windows\system32\Drivers\inpout32.sys [x]
S2 KinoniSvc;Kinoni Service;c:\program files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [x]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [x]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 PSUAService;Panda Product Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSUAService.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 KINONI_Wave;Kinoni Audio Source;c:\windows\system32\drivers\kinonivad.sys [x]
S3 kinonivd;Kinoni Video Source;c:\windows\system32\DRIVERS\kinonivd.sys [x]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [x]
.
.
Zawartoœć folderu 'Zaplanowane zadania'
.
2012-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 14:21]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-29 10:07]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-29 10:07]
.
.
------- Skan uzupełniajšcy -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Rataj\AppData\Roaming\Mozilla\Firefox\Profiles\8pqg951r.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.pl/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rlz=1V2IPYX&ie=utf-8&q=
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
AddRemove-××?????????2 - g:\kiss\????2\Installer.exe
AddRemove-‚Š‚ˇ‚˝‚ŢƒAƒCƒhƒƒCƒh‚`‚‰ - c:\illusion\AIDROID\IHS.exe
AddRemove-??????~?????????~ - c:\illusion\MUSUME3D\IHS.EXE
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-481205827-3571293035-3921890925-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):f9,97,84,ea,d6,dd,7c,5c,aa,a7,9d,ce,41,18,d8,25,ff,12,a0,70,0f,
   a1,9d,6f,53,5d,44,68,ec,21,8a,59,5e,45,0f,4e,20,7c,5d,42,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-481205827-3571293035-3921890925-1000_Classes\CLSID\{abe711ed-5cb4-4c20-95c0-e9aaeef6e266}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000140
"Therad"=dword:00000009
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\taskhost.exe
c:\program files\ASUS\EPU-4 Engine\FourEngine.exe
c:\windows\system32\conhost.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\program files\Brother\Brmfcmon\BrMfimon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\taskhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\wbem\WmiApSrv.exe
.
**************************************************************************
.
Czas ukończenia: 2012-12-13  18:34:04 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2012-12-13 17:34
.
Przed: 208 903 979 008 bajtów wolnych
Po: 209 275 715 584 bajtów wolnych
.
- - End Of File - - FE65ADC38D18E2252F5A223971A33E1E