ComboFix 13-06-08.02 - Jedenasty 2013-06-09  20:43:16.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.8086.6224 [GMT 2:00]
Uruchomiony z: s:\instalki\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: Zapora osobista *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.2 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6261\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
c:\programdata\PCDr\6261\AddOnDownloaded\1e512ef2-01fb-49fb-b09b-71de0eac4612.dll
c:\programdata\PCDr\6261\AddOnDownloaded\27ada864-54d8-46c9-a6e3-8334fa39b525.dll
c:\programdata\PCDr\6261\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6261\AddOnDownloaded\3e0b29b2-9809-4050-abfc-ef8aff73ceab.dll
c:\programdata\PCDr\6261\AddOnDownloaded\5f2ce3e8-3c56-40bb-86d6-a1a41867000b.dll
c:\programdata\PCDr\6261\AddOnDownloaded\b69d9551-76e9-4872-95f8-075916f82d74.dll
c:\users\Jedenasty\AppData\Local\unins000.exe
c:\windows\IsUn0415.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-05-09 do 2013-06-09  )))))))))))))))))))))))))))))))
.
.
2013-06-09 18:48 . 2013-06-09 18:48	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-06-09 18:48 . 2013-06-09 18:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-07 22:50 . 2013-06-07 22:50	--------	d-----w-	c:\users\Jedenasty\AppData\Roaming\Malwarebytes
2013-06-07 22:50 . 2013-06-07 22:50	--------	d-----w-	c:\programdata\Malwarebytes
2013-06-07 22:50 . 2013-06-07 22:50	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-07 22:50 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-06-07 21:08 . 2012-06-22 10:01	22704	----a-w-	c:\windows\system32\drivers\EsgScanner.sys
2013-06-07 21:08 . 2013-06-07 21:08	110080	----a-r-	c:\users\Jedenasty\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\IconF7A21AF7.exe
2013-06-07 21:08 . 2013-06-07 21:08	110080	----a-r-	c:\users\Jedenasty\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\IconD7F16134.exe
2013-06-07 21:08 . 2013-06-07 21:08	110080	----a-r-	c:\users\Jedenasty\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\Icon1226A4C5.exe
2013-06-07 21:08 . 2013-06-07 21:08	--------	d-----w-	C:\sh4ldr
2013-06-07 21:08 . 2013-06-07 21:08	--------	d-----w-	c:\program files\Enigma Software Group
2013-06-07 21:07 . 2013-06-07 21:08	--------	d-----w-	c:\windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-07 21:07 . 2013-06-07 21:07	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-06-07 20:14 . 2013-06-07 20:14	388096	----a-r-	c:\users\Jedenasty\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-07 20:14 . 2013-06-07 20:14	--------	d-----w-	c:\program files (x86)\Trend Micro
2013-06-07 19:06 . 2013-05-13 23:48	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{234F027F-9C59-4673-A1A5-2280F843FE4C}\mpengine.dll
2013-06-03 20:33 . 2013-06-03 20:33	--------	d-----w-	c:\programdata\CPA_VA
2013-06-03 20:27 . 2013-06-03 23:48	--------	d-----w-	c:\programdata\Comodo
2013-06-03 20:26 . 2013-06-03 20:26	--------	d-----w-	c:\users\Jedenasty\AppData\Local\Comodo
2013-06-03 20:26 . 2013-06-03 20:45	--------	d-----w-	c:\program files (x86)\Comodo
2013-06-03 19:44 . 2013-06-07 18:58	--------	d-----w-	c:\users\Jedenasty\AppData\Local\Downloaded Installations
2013-06-03 19:33 . 2013-06-03 19:33	--------	d-----w-	c:\program files (x86)\Bioware
2013-05-23 15:07 . 2013-05-23 15:07	--------	d-----w-	c:\programdata\PC-Doctor for Windows
2013-05-23 15:06 . 2013-05-23 15:07	--------	d-----w-	c:\program files\My Dell
2013-05-16 09:11 . 2013-04-05 06:50	2647552	----a-w-	c:\windows\system32\iertutil.dll
2013-05-16 09:01 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 10:55 . 2013-01-07 13:57	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 10:55 . 2012-12-11 20:26	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-16 09:17 . 2011-09-29 19:09	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-11 17:07 . 2010-06-24 16:33	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2011-09-29 15:16	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-16 09:01	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 09:01	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 09:01	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 09:01	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 09:01	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 09:01	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 13:35	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-01 22:43 . 2013-04-01 22:43	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-01 22:43 . 2013-04-01 22:43	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-01 22:43 . 2013-04-01 22:43	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-01 22:43 . 2013-04-01 22:43	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-01 22:43 . 2013-04-01 22:43	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-01 22:43 . 2013-04-01 22:43	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-01 22:43 . 2013-04-01 22:43	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-01 22:43 . 2013-04-01 22:43	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-01 22:43 . 2013-04-01 22:43	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-01 22:43 . 2013-04-01 22:43	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-01 22:43 . 2013-04-01 22:43	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-01 22:43 . 2013-04-01 22:43	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-01 22:43 . 2013-04-01 22:43	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-01 22:43 . 2013-04-01 22:43	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-01 22:43 . 2013-04-01 22:43	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-01 22:43 . 2013-04-01 22:43	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-01 22:43 . 2013-04-01 22:43	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-01 22:43 . 2013-04-01 22:43	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-01 22:43 . 2013-04-01 22:43	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-01 22:43 . 2013-04-01 22:43	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-01 22:43 . 2013-04-01 22:43	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-01 22:43 . 2013-04-01 22:43	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-01 22:43 . 2013-04-01 22:43	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-01 22:43 . 2013-04-01 22:43	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-01 22:43 . 2013-04-01 22:43	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-01 22:43 . 2013-04-01 22:43	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-01 22:43 . 2013-04-01 22:43	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-01 22:43 . 2013-04-01 22:43	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-01 22:43 . 2013-04-01 22:43	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-01 22:43 . 2013-04-01 22:43	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-01 22:43 . 2013-04-01 22:43	441856	----a-w-	c:\windows\system32\html.iec
2013-04-01 22:43 . 2013-04-01 22:43	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-01 22:43 . 2013-04-01 22:43	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-01 22:43 . 2013-04-01 22:43	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-01 22:43 . 2013-04-01 22:43	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-01 22:43 . 2013-04-01 22:43	235008	----a-w-	c:\windows\system32\url.dll
2013-04-01 22:43 . 2013-04-01 22:43	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-01 22:43 . 2013-04-01 22:43	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-01 22:43 . 2013-04-01 22:43	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-01 22:43 . 2013-04-01 22:43	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-01 22:43 . 2013-04-01 22:43	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-01 22:43 . 2013-04-01 22:43	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-01 22:43 . 2013-04-01 22:43	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-01 22:43 . 2013-04-01 22:43	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-01 22:43 . 2013-04-01 22:43	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-01 22:43 . 2013-04-01 22:43	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-01 22:43 . 2013-04-01 22:43	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-01 22:43 . 2013-04-01 22:43	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-01 22:43 . 2013-04-01 22:43	102912	----a-w-	c:\windows\system32\inseng.dll
2013-03-19 06:04 . 2013-04-10 10:33	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 10:33	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 10:33	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 10:33	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 10:33	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 10:33	112640	----a-w-	c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2011-06-10 06:24	165256	----a-w-	c:\program files (x86)\SFR\Kit\SFRNavErrorHelper.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="" [BU]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-28 74752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
R2 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe;c:\windows\reset.exe [x]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
R2 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R2 EnsSrv;Easy Net Switch Engine;c:\program files (x86)\Easy Net Switch\enssvc.exe;c:\program files (x86)\Easy Net Switch\enssvc.exe [x]
R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
R2 Steganos AntiTheft;Steganos AntiTheft;c:\windows\system32\\SatSrv.exe;c:\windows\SYSNATIVE\\SatSrv.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEusbnet.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 18:50	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-07 10:55]
.
2013-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-08 13:35]
.
2013-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-08 13:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2839840]
"pdfFactory Pro Dispatcher v3"="c:\windows\system32\spool\DRIVERS\x64\3\fppdis3a.exe" [2009-06-12 745984]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-01-05 592240]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-05-25 7214696]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-18 391704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 89.22.39.252 8.8.8.8
FF - ProfilePath - c:\users\Jedenasty\AppData\Roaming\Mozilla\Firefox\Profiles\ypd1an8z.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)
Toolbar-Locked - (no file)
AddRemove-{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1 - c:\users\Jedenasty\AppData\Local\unins000.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET Smart Security\\"
"DataDir"="ESET\\ESET Smart Security\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\"
"LanguageId"=dword:00000415
"PackageTag"=dword:00000000
"ProductBase"=dword:00000001
"ProductCode"="{FA8CBD22-FF6A-4BDB-BD74-714401B13F10}"
"ProductName"="ESET Smart Security"
"ProductType"="ess"
"ProductVersion"="4.2.40.10"
"UniqueId"="000579E04E83916E"
"ScannerBuild"=dword:00001aeb
"ScannerVersionId"=dword:00001390
"ScannerVersion"="Open window for status."
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2013-06-09  20:50:20
ComboFix-quarantined-files.txt  2013-06-09 18:50
ComboFix2.txt  2013-06-06 15:22
ComboFix3.txt  2013-06-02 22:51
.
Przed: 231 393 488 896 bajtów wolnych
Po: 230 893 707 264 bajtów wolnych
.
- - End Of File - - 3B6DE461CC3F20F7DD5D2E1F91875A7D
D41D8CD98F00B204E9800998ECF8427E