ComboFix 13-06-13.01 - A&A 2013-06-14  21:45:10.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.8103.6389 [GMT 2:00]
Uruchomiony z: c:\users\A&A\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\A&A\AppData\Local\unins000.exe
c:\windows\msvcr71.dll
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-05-14 do 2013-06-14  )))))))))))))))))))))))))))))))
.
.
2013-06-14 20:05 . 2013-06-14 20:05	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-06-14 20:05 . 2013-06-14 20:05	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-14 19:39 . 2013-06-14 19:39	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF5C21F8-C591-4143-A1DC-0B598EBB3126}\offreg.dll
2013-06-14 19:31 . 2013-06-14 19:31	--------	d-----w-	c:\users\A&A\AppData\Roaming\DivX
2013-06-14 19:21 . 2013-06-14 19:22	--------	d-----w-	c:\program files\DivX
2013-06-14 19:20 . 2013-06-14 19:22	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2013-06-14 19:19 . 2011-05-30 13:42	240640	----a-w-	c:\windows\SysWow64\xvidvfw.dll
2013-06-14 19:19 . 2011-05-30 13:42	255488	----a-w-	c:\windows\system32\xvidvfw.dll
2013-06-14 19:19 . 2011-05-23 09:52	153088	----a-w-	c:\windows\SysWow64\xvid.ax
2013-06-14 19:19 . 2011-05-23 07:49	173568	----a-w-	c:\windows\system32\xvid.ax
2013-06-14 19:19 . 2011-05-23 07:46	645632	----a-w-	c:\windows\SysWow64\xvidcore.dll
2013-06-14 19:15 . 2013-06-14 19:15	--------	d-----w-	c:\users\A&A\AppData\Roaming\LavFilters
2013-06-14 19:15 . 2013-06-14 19:15	--------	d-----w-	c:\users\A&A\AppData\Roaming\CDXReader
2013-06-14 19:15 . 2013-06-14 19:15	--------	d-----w-	c:\program files (x86)\Haali
2013-06-14 19:15 . 2013-06-14 19:15	--------	d-----w-	c:\program files (x86)\DSP-worx
2013-06-14 19:15 . 2013-06-14 19:15	--------	d-----w-	c:\program files (x86)\OpenSource Flash Video Splitter
2013-06-14 19:15 . 2013-06-14 19:15	--------	d-----w-	c:\users\A&A\AppData\Roaming\DSite
2013-06-14 18:59 . 2013-06-14 18:59	--------	d-----w-	c:\program files\CCleaner
2013-06-14 18:08 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF5C21F8-C591-4143-A1DC-0B598EBB3126}\mpengine.dll
2013-06-13 05:42 . 2013-06-13 05:42	--------	d-----w-	c:\users\A&A\AppData\Roaming\SynthMaker
2013-06-13 05:42 . 2013-06-13 05:42	--------	d-----w-	c:\users\A&A\AppData\Roaming\Acoustica
2013-06-13 05:39 . 2013-06-13 05:39	--------	d-----w-	c:\program files (x86)\VST
2013-06-13 05:39 . 2013-06-13 05:39	--------	d-----w-	c:\programdata\Acoustica
2013-06-13 05:16 . 2013-06-13 05:16	--------	d-----w-	c:\users\Public\CyberLink
2013-06-11 17:51 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-11 17:51 . 2013-04-26 05:51	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-06-11 17:51 . 2013-04-26 04:55	492544	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-06-11 17:51 . 2013-05-10 05:49	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-06-11 17:51 . 2013-05-10 03:20	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-06-11 17:51 . 2013-04-17 07:02	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2013-06-11 17:51 . 2013-04-17 06:24	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-06-11 17:50 . 2013-05-13 03:43	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-06-11 17:50 . 2013-05-13 03:08	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-06-11 17:50 . 2013-05-13 05:51	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-06-11 17:50 . 2013-05-13 04:45	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-06-11 17:50 . 2013-05-13 05:51	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-06-11 17:50 . 2013-05-13 05:51	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-06-11 17:50 . 2013-05-13 05:50	52224	----a-w-	c:\windows\system32\certenc.dll
2013-06-11 17:50 . 2013-05-13 04:45	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-06-11 17:50 . 2013-05-13 04:45	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-06-11 17:50 . 2013-05-13 03:08	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-06-11 17:50 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-06-11 17:50 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-05-19 17:53 . 2013-05-19 17:53	262552	----a-w-	c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-14 19:26 . 2011-10-12 19:11	45056	----a-w-	c:\windows\system32\acovcnt.exe
2013-06-11 20:31 . 2012-02-24 19:55	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-11 19:53 . 2012-03-30 15:11	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 19:53 . 2012-02-27 19:38	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 05:03 . 2012-02-29 18:27	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2013-02-24 20:14	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-30 22:05 . 2013-04-30 22:05	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-30 22:05 . 2013-04-30 22:05	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 22:05 . 2013-04-30 22:05	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-30 22:05 . 2013-04-30 22:05	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-30 22:05 . 2013-04-30 22:05	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-30 22:05 . 2013-04-30 22:05	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-30 22:05 . 2013-04-30 22:05	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-30 22:05 . 2013-04-30 22:05	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-30 22:05 . 2013-04-30 22:05	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-30 22:05 . 2013-04-30 22:05	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-30 22:05 . 2013-04-30 22:05	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-30 22:05 . 2013-04-30 22:05	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-30 22:05 . 2013-04-30 22:05	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-30 22:05 . 2013-04-30 22:05	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-30 22:05 . 2013-04-30 22:05	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-30 22:05 . 2013-04-30 22:05	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-30 22:05 . 2013-04-30 22:05	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-30 22:05 . 2013-04-30 22:05	441856	----a-w-	c:\windows\system32\html.iec
2013-04-30 22:05 . 2013-04-30 22:05	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-30 22:05 . 2013-04-30 22:05	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-30 22:05 . 2013-04-30 22:05	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-30 22:05 . 2013-04-30 22:05	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-30 22:05 . 2013-04-30 22:05	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-30 22:05 . 2013-04-30 22:05	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-30 22:05 . 2013-04-30 22:05	235008	----a-w-	c:\windows\system32\url.dll
2013-04-30 22:05 . 2013-04-30 22:05	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-30 22:05 . 2013-04-30 22:05	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-30 22:05 . 2013-04-30 22:05	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-30 22:05 . 2013-04-30 22:05	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-30 22:05 . 2013-04-30 22:05	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-30 22:05 . 2013-04-30 22:05	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-30 22:05 . 2013-04-30 22:05	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-30 22:05 . 2013-04-30 22:05	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-30 22:05 . 2013-04-30 22:05	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-30 22:05 . 2013-04-30 22:05	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-30 22:05 . 2013-04-30 22:05	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-30 22:05 . 2013-04-30 22:05	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-30 22:05 . 2013-04-30 22:05	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-30 22:05 . 2013-04-30 22:05	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-30 22:05 . 2013-04-30 22:05	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-30 22:05 . 2013-04-30 22:05	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-30 22:05 . 2013-04-30 22:05	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-30 22:05 . 2013-04-30 22:05	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-30 22:05 . 2013-04-30 22:05	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-30 22:05 . 2013-04-30 22:05	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-30 22:05 . 2013-04-30 22:05	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-30 22:05 . 2013-04-30 22:05	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-30 22:05 . 2013-04-30 22:05	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 22:05 . 2013-04-30 22:05	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-25 19:17 . 2013-04-25 19:17	69632	----a-r-	c:\users\A&A\AppData\Roaming\Microsoft\Installer\{84178AE8-C22D-48CB-A6BA-D116FD3FE469}\ARPPRODUCTICON.exe
2013-04-25 19:17 . 2013-04-25 19:17	49152	----a-r-	c:\users\A&A\AppData\Roaming\Microsoft\Installer\{84178AE8-C22D-48CB-A6BA-D116FD3FE469}\UNINST_Uninstall_Q_336D8C9DB2424DE5BC518E574B25652F.exe
2013-04-13 05:49 . 2013-05-15 18:51	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 18:51	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 18:51	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 18:51	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 18:51	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 18:51	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-23 17:34	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 18:51	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 18:51	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 18:51	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-03-23 01:09 . 2013-03-23 01:09	354656	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2013-03-19 06:04 . 2013-04-10 17:32	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:53 . 2013-05-15 18:51	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-03-19 05:53 . 2013-05-15 18:51	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-03-19 05:46 . 2013-04-10 17:32	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 17:32	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 17:32	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 17:32	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 17:32	112640	----a-w-	c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-04-01 08:58	433648	----a-w-	c:\programdata\Partner\Partner.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"Akamai NetSession Interface"="c:\users\A&A\AppData\Local\Akamai\netsession_win.exe" [2012-08-10 4440896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-1 549040]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2011-10-12 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Internet Mobilny. RunOuc;Internet Mobilny. OUC;c:\program files (x86)\Internet Mobilny\UpdateDog\ouc.exe;c:\program files (x86)\Internet Mobilny\UpdateDog\ouc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe;c:\programdata\Partner\Partner.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 ogmservice;Online Games Manager;c:\program files (x86)\Online Games Manager\ogmservice.exe;c:\program files (x86)\Online Games Manager\ogmservice.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 19:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-04-01 08:58	750064	----a-w-	c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-10 418328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-05-17 2226280]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119357&babsrc=HP_ss&mntrId=2484742F68D4A884
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: google.pl\www
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
TCP: Interfaces\{87D22CF8-45EC-4E71-BD46-EF0B83A4C9B0}: NameServer = 89.108.202.20 89.108.195.20
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\A&A\AppData\Roaming\Mozilla\Firefox\Profiles\xc7o19rb.default\
FF - prefs.js: browser.startup.homepage - 
FF - ExtSQL: 2013-06-14 21:15; ffxtlbr@delta.com; c:\users\A&A\AppData\Roaming\Mozilla\Firefox\Profiles\xc7o19rb.default\extensions\ffxtlbr@delta.com
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=2484ebdd000000000000742f68d4a884&q=
FF - user.js: extensions.BabylonToolbar.id - 2484ebdd000000000000742f68d4a884
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15820
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.11.10
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.11.10
FF - user.js: extensions.BabylonToolbar.vrsnTs - 1.8.11.1021:17
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.ffxUnstlRst - true
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=121845
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar.newTab - false
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 2484ebdd000000000000742f68d4a884
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15870
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:15
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119357
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1 - c:\users\A&A\AppData\Local\unins000.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2013-06-14  22:07:43
ComboFix-quarantined-files.txt  2013-06-14 20:07
.
Przed: 126 866 915 328 bajtów wolnych
Po: 126 687 776 768 bajtów wolnych
.
- - End Of File - - C3D57BD8E9D236AE25060CC9F1502D14
D41D8CD98F00B204E9800998ECF8427E