ComboFix 13-01-08.01 - Jarosław Dudek 2013-01-09  15:04:21.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.4078.2593 [GMT 1:00]
Uruchomiony z: c:\users\Jaros-aw Dudek\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\facemoods.com
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.crx
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.png
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe
c:\programdata\dsgsdgdsgdsgw.pad
c:\users\Jarosław Dudek\wgsdgsdgdsgsd.dll
c:\windows\IsUn0415.exe
c:\windows\PFRO.log
c:\windows\SysWow64\spool\prtprocs\w32x86\ppbiPr.dll
c:\windows\SysWow64\tmp61AD.tmp
c:\windows\SysWow64\tmp61AE.tmp
c:\windows\SysWow64\tmp8DDB.tmp
c:\windows\SysWow64\tmp8DDC.tmp
c:\windows\SysWow64\tmp97C9.tmp
c:\windows\SysWow64\tmp97CA.tmp
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-12-09 do 2013-01-09  )))))))))))))))))))))))))))))))
.
.
2013-01-09 14:10 . 2013-01-09 14:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-09 14:03 . 2013-01-09 14:03	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{D22B01C1-6EC7-4C17-9404-415E7DD3DACE}\offreg.dll
2013-01-09 13:57 . 2012-10-23 16:40	77144	----a-w-	c:\windows\system32\drivers\PCTBD64.sys
2013-01-09 13:57 . 2012-10-23 16:40	150648	----a-w-	c:\windows\SGDetectionTool.dll
2013-01-09 13:52 . 2012-11-01 14:35	253256	----a-w-	c:\windows\system32\drivers\PCTSD64.sys
2013-01-09 13:51 . 2013-01-09 13:56	--------	d-----w-	c:\programdata\PC Tools
2013-01-09 13:51 . 2013-01-09 13:51	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Roaming\TestApp
2013-01-09 12:44 . 2013-01-09 12:44	2959	----a-w-	c:\programdata\dsgsdgdsgdsgw.js
2013-01-08 07:14 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{D22B01C1-6EC7-4C17-9404-415E7DD3DACE}\mpengine.dll
2013-01-07 14:32 . 2013-01-07 14:35	--------	d-----w-	c:\program files (x86)\Moje pierwsze słówka
2013-01-07 14:25 . 2013-01-07 14:25	--------	d-----w-	c:\program files (x86)\My Words and Phrases
2013-01-03 09:42 . 2013-01-03 09:42	73696	----a-w-	c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2013-01-03 09:42 . 2013-01-03 09:42	770384	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2013-01-03 09:42 . 2013-01-03 09:42	421200	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2013-01-03 09:42 . 2013-01-03 09:42	96224	----a-w-	c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-01-03 09:42 . 2013-01-03 09:42	157272	----a-w-	c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-12-22 18:39 . 2012-12-22 18:39	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Roaming\Disney Interactive Studios
2012-12-22 18:30 . 2012-12-22 18:30	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Roaming\InstallShield
2012-12-22 18:25 . 2012-12-22 18:30	419840	----a-w-	c:\windows\system32\wrap_oal.dll
2012-12-22 18:25 . 2012-12-22 18:30	413696	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2012-12-22 18:25 . 2012-12-22 18:30	133632	----a-w-	c:\windows\system32\OpenAL32.dll
2012-12-22 18:25 . 2012-12-22 18:30	110592	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2012-12-22 18:25 . 2012-12-22 18:25	--------	d-----w-	c:\program files (x86)\OpenAL
2012-12-21 10:11 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-21 10:11 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-21 10:11 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-21 10:11 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-15 23:32 . 2012-12-15 23:32	--------	d-----w-	c:\windows\SysWow64\C2MP
2012-12-13 21:01 . 2012-12-26 23:38	--------	d-----w-	C:\Filmy
2012-12-12 19:09 . 2012-12-12 19:09	--------	d-----w-	c:\program files (x86)\SubEdit-Player
2012-12-12 19:07 . 2012-12-12 19:08	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Roaming\BESTplayer
2012-12-12 19:07 . 2012-12-12 19:07	1123840	----a-w-	c:\program files (x86)\Mozilla Firefox\BESTplayer.exe
2012-12-12 19:02 . 2012-12-12 19:02	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Local\{65AAFEC3-147B-4920-9667-B0CAD4657D75}
2012-12-12 19:00 . 2012-12-12 19:00	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Local\ALLMediaServer
2012-12-12 19:00 . 2012-12-12 19:00	--------	d-----w-	c:\program files (x86)\ALLMediaServer
2012-12-12 19:00 . 2009-09-27 23:02	797184	----a-w-	c:\windows\SysWow64\ac3filter.ax
2012-12-12 19:00 . 2007-10-07 14:36	258048	----a-w-	c:\windows\SysWow64\libFLAC.dll
2012-12-12 19:00 . 2012-12-19 22:53	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Local\ALLPlayer
2012-12-12 19:00 . 2012-12-12 19:00	--------	d-----w-	c:\program files (x86)\ALLPlayer
2012-12-12 18:59 . 2012-12-12 18:59	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Local\Programs
2012-12-12 18:52 . 2012-12-27 16:45	--------	d-----w-	c:\programdata\Microsoft Help
2012-12-12 18:52 . 2012-12-12 18:52	--------	d-----w-	c:\users\Jarosław Dudek\AppData\Local\Microsoft Help
2012-12-12 18:50 . 2012-12-12 18:59	35702192	----a-w-	c:\program files (x86)\Mozilla Firefox\ALLPlayerPL.exe
2012-12-11 12:37 . 2012-12-11 12:37	289768	----a-w-	c:\windows\system32\javaws.exe
2012-12-11 12:37 . 2012-12-11 12:37	1034216	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-12-11 12:37 . 2012-12-11 12:37	108008	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2012-12-11 12:28 . 2012-12-11 12:28	--------	d-----w-	c:\programdata\McAfee Security Scan
2012-12-11 12:28 . 2012-12-11 12:58	--------	d-----w-	c:\program files (x86)\McAfee Security Scan
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 06:54 . 2012-05-22 18:26	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-12-12 13:48 . 2012-05-22 18:42	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 13:48 . 2012-05-22 18:42	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 12:37 . 2011-09-09 19:21	916456	----a-w-	c:\windows\system32\deployJava1.dll
2012-12-11 12:37 . 2011-09-09 19:21	189416	----a-w-	c:\windows\system32\javaw.exe
2012-12-11 12:37 . 2011-09-09 19:21	188904	----a-w-	c:\windows\system32\java.exe
2012-10-23 15:30 . 2013-01-09 13:57	3488	----a-w-	c:\windows\UDB.zip
2012-10-23 15:30 . 2013-01-09 13:57	131	----a-w-	c:\windows\IDB.zip
2012-10-16 08:38 . 2012-11-28 11:23	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 11:23	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 11:23	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"="c:\program files (x86)\ALLPlayer\ALLUpdate.exe" [2012-10-08 2991616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PaperPort PTD"="c:\program files (x86)\Scansoft\PaperPort\pptd40nt.exe" [2003-05-20 45108]
"IndexSearch"="c:\program files (x86)\Scansoft\PaperPort\IndexSearch.exe" [2003-05-20 36864]
"PP8 Reminder"="c:\program files (x86)\Scansoft\PaperPort\WebEreg\NAVBrowser.exe" [2003-02-27 729088]
.
c:\users\Jarosław Dudek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
runctf.lnk - c:\windows\System32\rundll32.exe [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe [2012-9-5 271808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdAuxService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdCoreService]
@="Service"
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2012-10-22 413448]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2012-02-28 453896]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2012-11-01 253256]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-10-23 580728]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
R2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 SpPortEx;Samsung Port Exclusion;c:\windows\system32\Drivers\SpPortEx.sys [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-18 378472]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2011-04-29 51872]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-04-29 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-04-29 283296]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-04-29 288416]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2012-10-23 77144]
R3 pctplsm;pctplsm;c:\windows\System32\drivers\pctplsm64.sys [2012-11-01 87968]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-03-29 335464]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-10-31 403416]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe [2012-10-26 1286784]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-18 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2012-10-31 347016]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-04-29 29344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - PCTGNTDI
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-22 13:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:42	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:42	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:42	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:42	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.gazeta.pl/0,0.html?p=137
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Jarosław Dudek\AppData\Roaming\Mozilla\Firefox\Profiles\ign4gfb8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.gazeta.pl/0,0.html?p=137
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-12 20:00; IplextoALL@ALLPlayer.org; c:\users\JarosĂ…Â‚aw Dudek\AppData\Roaming\Mozilla\Firefox\Profiles\ign4gfb8.default\extensions\IplextoALL@ALLPlayer.org.xpi
FF - ExtSQL: 2013-01-04 21:36; jid1-dI8fdmjJFieAHg@jetpack; c:\users\JarosĂ…Â‚aw Dudek\AppData\Roaming\Mozilla\Firefox\Profiles\ign4gfb8.default\extensions\jid1-dI8fdmjJFieAHg@jetpack
FF - ExtSQL: 2013-01-09 14:57; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; c:\program files (x86)\PC Tools\PC Tools Security\BDT\Firefox
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=2ae3bb31000000000000a639e5c29bbf&q=
FF - user.js: extensions.BabylonToolbar.id - 2ae3bb31000000000000a639e5c29bbf
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15669
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.813:59
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
Wow6432Node-HKLM-Run-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe
AddRemove-SuperMemo World - Moje pierwsze słówka - c:\windows\IsUn0415.exe
AddRemove-Szkoła na miarę, klasa 2, semestr 2 - c:\windows\IsUn0415.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2013-01-09  15:12:53
ComboFix-quarantined-files.txt  2013-01-09 14:12
.
Przed: 188 982 513 664 bajtów wolnych
Po: 189 091 020 800 bajtów wolnych
.
- - End Of File - - 4E761090D657CA42DC9464C500CF0CB2