ComboFix 13-06-08.02 - uzytkownik 2013-06-11 20:45:17.1.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.8098.4088 [GMT 2:00] Uruchomiony z: c:\users\uzytkownik\Downloads\ComboFix.exe AV: Microsoft Forefront Endpoint Protection *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Forefront Endpoint Protection *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Utworzono nowy punkt przywracania . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\users\uzytkownik\DefaultCaptureOutput.tmp c:\users\uzytkownik\g2mdlhlpx.exe c:\windows\~GLH0008.TMP c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\SysWow64\~GLH0009.TMP c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_npf . . ((((((((((((((((((((((((( Pliki utworzone od 2013-05-11 do 2013-06-11 ))))))))))))))))))))))))))))))) . . 2013-06-11 18:54 . 2013-06-11 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-06-11 07:11 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{38155AD5-CD89-4408-A30B-2AE2EE49DD86}\mpengine.dll 2013-06-10 07:28 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-05-28 18:25 . 2013-05-28 18:25 -------- d-----w- C:\Mozilla 2013-05-28 09:15 . 2013-05-28 09:15 -------- d-----w- c:\program files (x86)\7-Zip 2013-05-24 14:52 . 2013-05-29 07:12 -------- d-----w- c:\users\uzytkownik\AppData\Roaming\Ryelip 2013-05-24 14:52 . 2013-05-24 14:53 -------- d-----w- c:\users\uzytkownik\AppData\Roaming\Ihonnyl 2013-05-21 10:24 . 2013-05-21 10:24 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F043346E-AFFA-4FEF-9841-1D5A7F91239E}\gapaengine.dll 2013-05-18 12:45 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll 2013-05-14 11:12 . 2013-05-14 11:12 -------- d-----w- c:\programdata\ISM 2013-05-14 10:34 . 2013-05-15 11:59 -------- d-----w- c:\users\uzytkownik\Webtools 2013-05-14 10:25 . 2000-10-17 09:08 77878 ----a-w- c:\windows\SysWow64\temp.003 2013-05-14 10:25 . 2000-10-17 09:08 295000 ----a-w- c:\windows\SysWow64\temp.002 2013-05-13 15:07 . 2013-05-14 08:01 -------- d-----w- c:\program files (x86)\teraterm 2013-05-13 15:02 . 2000-10-17 09:08 295000 ----a-w- c:\windows\SysWow64\temp.001 2013-05-13 15:02 . 2000-08-22 07:24 149504 ----a-w- c:\windows\SysWow64\UNWISE32.EXE 2013-05-13 15:02 . 2001-06-27 11:15 475136 ----a-w- c:\program files (x86)\Windows NT\HyperTerminal\Hypertrm.dll 2013-05-13 15:02 . 2001-06-13 11:34 61440 ----a-w- c:\program files (x86)\Windows NT\HyperTerminal\Hticons.dll 2013-05-13 15:02 . 2000-10-17 09:08 77878 ----a-w- c:\windows\SysWow64\temp.000 2013-05-13 15:02 . 2001-06-27 11:15 45056 ----a-w- c:\program files (x86)\Windows NT\HyperTerminal\HyperTrm.exe 2013-05-13 15:02 . 2000-09-19 06:56 113236 ----a-w- c:\program files (x86)\Windows NT\HyperTerminal\Purchase Private Edition.exe 2013-05-13 15:02 . 2000-08-22 07:24 117390 ----a-w- c:\program files (x86)\Windows NT\HyperTerminal\register.exe . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-11 18:14 . 2011-12-18 16:08 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2013-06-05 15:03 . 2012-04-05 06:57 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-06-05 15:03 . 2011-12-03 11:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-23 13:30 . 2013-01-18 12:00 54 ----a-w- C:\aaa.bat 2013-05-18 12:52 . 2011-12-16 19:38 75016696 ----a-w- c:\windows\system32\MRT.exe 2013-05-06 12:10 . 2013-05-06 12:10 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-05-06 12:10 . 2012-11-28 14:48 311200 ----a-w- c:\windows\system32\javaws.exe 2013-05-06 12:10 . 2011-12-03 11:47 188832 ----a-w- c:\windows\system32\javaw.exe 2013-05-06 12:10 . 2011-12-03 11:47 188320 ----a-w- c:\windows\system32\java.exe 2013-05-06 12:10 . 2012-11-28 14:48 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-05-06 12:10 . 2011-12-03 11:47 971680 ----a-w- c:\windows\system32\deployJava1.dll 2013-05-02 15:29 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-27 18:19 . 2012-02-10 13:52 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-04-13 05:49 . 2013-05-18 12:45 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49 . 2013-05-18 12:45 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49 . 2013-05-18 12:45 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49 . 2013-05-18 12:45 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45 . 2013-05-18 12:45 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45 . 2013-05-18 12:45 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-04-12 14:45 . 2013-04-27 18:18 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-04 03:35 . 2013-05-06 13:13 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-20 08:20 . 2013-03-20 08:20 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-03-20 08:20 . 2013-03-20 08:20 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-03-20 08:20 . 2013-03-20 08:20 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-03-20 08:20 . 2013-03-20 08:20 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-03-20 08:20 . 2013-03-20 08:20 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-03-20 08:20 . 2013-03-20 08:20 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-03-20 08:20 . 2013-03-20 08:20 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-03-20 08:20 . 2013-03-20 08:20 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-03-20 08:20 . 2013-03-20 08:20 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-03-20 08:20 . 2013-03-20 08:20 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-03-20 08:20 . 2013-03-20 08:20 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-03-20 08:20 . 2013-03-20 08:20 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-03-20 08:20 . 2013-03-20 08:20 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-03-20 08:20 . 2013-03-20 08:20 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-03-20 08:20 . 2013-03-20 08:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-03-20 08:20 . 2013-03-20 08:20 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-03-20 08:20 . 2013-03-20 08:20 441856 ----a-w- c:\windows\system32\html.iec 2013-03-20 08:20 . 2013-03-20 08:20 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-03-20 08:20 . 2013-03-20 08:20 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-03-20 08:20 . 2013-03-20 08:20 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-03-20 08:20 . 2013-03-20 08:20 216064 ----a-w- c:\windows\system32\msls31.dll 2013-03-20 08:20 . 2013-03-20 08:20 197120 ----a-w- c:\windows\system32\msrating.dll 2013-03-20 08:20 . 2013-03-20 08:20 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-03-20 08:20 . 2013-03-20 08:20 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-03-20 08:20 . 2013-03-20 08:20 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-03-20 08:20 . 2013-03-20 08:20 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-03-20 08:20 . 2013-03-20 08:20 81408 ----a-w- c:\windows\system32\icardie.dll 2013-03-20 08:20 . 2013-03-20 08:20 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-03-20 08:20 . 2013-03-20 08:20 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-03-20 08:20 . 2013-03-20 08:20 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-03-20 08:20 . 2013-03-20 08:20 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-03-20 08:20 . 2013-03-20 08:20 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-03-20 08:20 . 2013-03-20 08:20 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-03-20 08:20 . 2013-03-20 08:20 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-03-20 08:20 . 2013-03-20 08:20 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-03-20 08:20 . 2013-03-20 08:20 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-03-20 08:20 . 2013-03-20 08:20 235008 ----a-w- c:\windows\system32\url.dll 2013-03-20 08:20 . 2013-03-20 08:20 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-03-20 08:20 . 2013-03-20 08:20 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-03-20 08:20 . 2013-03-20 08:20 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-03-20 08:20 . 2013-03-20 08:20 149504 ----a-w- c:\windows\system32\occache.dll 2013-03-20 08:20 . 2013-03-20 08:20 144896 ----a-w- c:\windows\system32\wextract.exe 2013-03-20 08:20 . 2013-03-20 08:20 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-03-20 08:20 . 2013-03-20 08:20 13824 ----a-w- c:\windows\system32\mshta.exe 2013-03-20 08:20 . 2013-03-20 08:20 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-03-20 08:20 . 2013-03-20 08:20 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-03-20 08:20 . 2013-03-20 08:20 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-03-20 08:20 . 2013-03-20 08:20 102912 ----a-w- c:\windows\system32\inseng.dll 2013-03-20 08:20 . 2013-03-20 08:20 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-03-20 08:19 . 2013-03-20 08:19 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 648192 ----a-w- c:\windows\system32\d3d10level9.dll 2013-03-20 08:19 . 2013-03-20 08:19 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2013-03-20 08:19 . 2013-03-20 08:19 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2013-03-20 08:19 . 2013-03-20 08:19 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2013-03-20 08:19 . 2013-03-20 08:19 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-03-20 08:19 . 2013-03-20 08:19 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 3928064 ----a-w- c:\windows\system32\d2d1.dll 2013-03-20 08:19 . 2013-03-20 08:19 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2013-03-20 08:19 . 2013-03-20 08:19 363008 ----a-w- c:\windows\system32\dxgi.dll 2013-03-20 08:19 . 2013-03-20 08:19 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll 2013-03-20 08:19 . 2013-03-20 08:19 333312 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-03-20 08:19 . 2013-03-20 08:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 296960 ----a-w- c:\windows\system32\d3d10core.dll 2013-03-20 08:19 . 2013-03-20 08:19 293376 ----a-w- c:\windows\SysWow64\dxgi.dll 2013-03-20 08:19 . 2013-03-20 08:19 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2013-03-20 08:19 . 2013-03-20 08:19 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2013-03-20 08:19 . 2013-03-20 08:19 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-03-20 08:19 . 2013-03-20 08:19 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WirelessManager"="c:\program files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2011-09-19 20480] "TrueCrypt"="c:\program files\TrueCrypt\TrueCrypt.exe" [2012-04-26 1516496] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264] "vmware-tray.exe"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2013-02-26 104528] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2013-02-26 104528] . c:\users\uzytkownik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2013-4-10 576000] taskmgr.lnk - c:\windows\System32\taskmgr.exe [2010-11-21 257024] Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2013-1-8 228448] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ DPPassFilter scecli Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u wsauth . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-5604814-1096987149-2402934779-1303\Scripts\Logon\0\0] "Script"=domenaLogonScript.vbs . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-5604814-1096987149-2402934779-2229\Scripts\Logon\0\0] "Script"=domenaLogonScript.vbs . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 AMPPALP;Protok?3 Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x] R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandbus64.sys [x] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lganddiag64.sys [x] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandgps64.sys [x] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandmodem64.sys [x] R3 cpuz130;cpuz130;c:\users\ZBIGNI~1.KOT\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\ZBIGNI~1.KOT\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x] R3 cxbu0x64;OMNIKEY 6121;c:\windows\system32\DRIVERS\cxbu0x64.sys;c:\windows\SYSNATIVE\DRIVERS\cxbu0x64.sys [x] R3 dcdbas;System Management Driver;c:\windows\system32\DRIVERS\dcdbas64.sys;c:\windows\SYSNATIVE\DRIVERS\dcdbas64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Inspekcja sieci firmy Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 pflt;Shrew Soft Miniport Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x] R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS;c:\windows\SYSNATIVE\Drivers\PROCEXP151.SYS [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x] R3 vmwvusb;VMware View Generic USB Driver;c:\windows\system32\Drivers\vmwvusb.sys;c:\windows\SYSNATIVE\Drivers\vmwvusb.sys [x] R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys;c:\windows\SYSNATIVE\DRIVERS\virtualnet.sys [x] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\RealTemp\WinRing0x64.sys;c:\program files\RealTemp\WinRing0x64.sys [x] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x] S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x] S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x] S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x] S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x] S2 CxUtilSvc;Conexant Utility Service;c:\program files\Conexant\SA3\CxUtilSvc.exe;c:\program files\Conexant\SA3\CxUtilSvc.exe [x] S2 dtpd;ShrewSoft DNS Proxy Daemon;c:\program files\ShrewSoft\VPN Client\dtpd.exe;c:\program files\ShrewSoft\VPN Client\dtpd.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 iked;ShrewSoft IKE Daemon;c:\program files\ShrewSoft\VPN Client\iked.exe;c:\program files\ShrewSoft\VPN Client\iked.exe [x] S2 ipsecd;ShrewSoft IPSEC Daemon;c:\program files\ShrewSoft\VPN Client\ipsecd.exe;c:\program files\ShrewSoft\VPN Client\ipsecd.exe [x] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x] S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x] S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x] S2 vmware-view-usbd;VMware View USB;c:\program files\VMware\VMware View\Client\bin\vmware-view-usbd.exe;c:\program files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [x] S2 VMware WSX;VMware WSX Service;c:\programdata\VMware\VMware WSX\vmware-wsx-server.exe;c:\programdata\VMware\VMware WSX\vmware-wsx-server.exe [x] S2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x] S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys;SysWOW64\drivers\vstor2-mntapi10-shared.sys [x] S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [x] S2 wsnm;VMware View Client;c:\program files\VMware\VMware View\Client\bin\wsnm.exe;c:\program files\VMware\VMware View\Client\bin\wsnm.exe [x] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x] S3 AMPPAL;Karta wirtualna Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x] S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x] S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x] S3 d554scard;Dell Wireless HSPA Mini-Card USIM Port;c:\windows\system32\DRIVERS\d554scard.sys;c:\windows\SYSNATIVE\DRIVERS\d554scard.sys [x] S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys;c:\windows\SYSNATIVE\Drivers\wwuss64.sys [x] S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys;c:\windows\SYSNATIVE\Drivers\wwussf64.sys [x] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x] S3 IntcDAud;Intel(R) Audio dla ekranów;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x] S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x] S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x] S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x] S3 Mbm3CBus;Dell Wireless 5550 HSPA+ Mini-Card Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3CBus.sys [x] S3 Mbm3DevMt;Dell Wireless HSPA Mini-Card Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3DevMt.sys [x] S3 Mbm3mdfl;Dell Wireless HSPA Mini-Card Modem Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3mdfl.sys [x] S3 Mbm3Mdm;Dell Wireless HSPA Mini-Card Modem Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3Mdm.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x] S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x] S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys;c:\windows\SYSNATIVE\DRIVERS\WwanUsbMp64.sys [x] . . Zawartość folderu 'Zaplanowane zadania' . 2013-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:03] . 2013-06-08 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-03-22 17:20] . 2013-06-11 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\pcdrcui.exe [2011-03-22 17:20] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2013-03-19 19:30 2328760 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2013-03-19 19:30 2328760 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2013-03-19 19:30 2328760 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-20 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-20 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-20 416024] "SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2011-06-24 1573504] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://mail02.domena.pl/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail02.domena.pl%2fowa%2f mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Wyślij &do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 62.179.1.60 62.179.1.61 TCP: Interfaces\{05A5439A-F2C5-46F7-9773-668F5B5851C3}: NameServer = 10.217.6.9,10.217.6.10 TCP: Interfaces\{469C762D-8CA6-4FA0-B9FC-F2925B3A1D33}: NameServer = 213.158.199.1 213.158.199.5 TCP: Interfaces\{7C68FFB5-E3B4-4B1C-83CE-9298199D6C12}: NameServer = 10.217.6.9,10.217.6.10 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL DPF: iLO 2 Remote Console Applet - hxxps://10.88.1.235/dvc.cab DPF: {380BBEC2-4CAE-4ECE-8AFF-36CDE7916386} - hxxps://vlab.demoemc.com/URA/URA/lib/srdp.cab FF - ProfilePath - c:\users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\yqhp3wfe.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl FF - prefs.js: network.proxy.ftp - 81.219.253.2 FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.http - 81.219.253.2 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - 81.219.253.2 FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - 81.219.253.2 FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-05-08 12:00; mediahint@jetpack; c:\users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Profiles\yqhp3wfe.default\extensions\mediahint@jetpack.xpi . . ------- Skojarzenia plików ------- . .txt=Notepad++_file . - - - - USUNIĘTO PUSTE WPISY - - - - . HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-HTPE3 - c:\windows\System32\Unwise32.exe . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\windows\SysWOW64\vmnat.exe c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe c:\windows\SysWOW64\vmnetdhcp.exe c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Czas ukończenia: 2013-06-11 21:05:41 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2013-06-11 19:05 . Przed: 166 924 337 152 bajtów wolnych Po: 175 917 084 672 bajtów wolnych . - - End Of File - - 74A5FDA63366DD88F7A10EABB4F35E9C D41D8CD98F00B204E9800998ECF8427E