ComboFix 13-07-13.01 - Maka 2013-07-13  22:41:30.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.4085.2230 [GMT 2:00]
Uruchomiony z: c:\users\Maka\Desktop\ComboFix.exe
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: COMODO Antivirus *Disabled/Outdated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1373097216.bdinstall.bin
c:\programdata\1373097706.bdinstall.bin
c:\programdata\1373101495.bdinstall.bin
c:\programdata\1373101943.5308.bin
c:\programdata\1373101943.5972.bin
c:\programdata\1373102189.bdinstall.bin
c:\programdata\Roaming
c:\users\Maka\AppData\Local\Temp\RarSFX2\additional.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\avcheck.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\bdardrv.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\bdmetrics.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\bdnc.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\core\bdcore.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\gzflt.sys . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\gzfltum.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\htmlayout.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\Installer.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\installerpackage.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\lang\en-US.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\lang\ro-RO.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\npcomm.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\setuplauncher.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\ThreatScanner.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\trufos.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\trufos.sys . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\unrar64.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\WPFKickstarter.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\WPFKickstarter4.exe . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\wslib.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\wspack.dll . . . . nie udało się usunąć
c:\users\Maka\AppData\Local\Temp\RarSFX2\wsutils.dll . . . . nie udało się usunąć
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-06-13 do 2013-07-13  )))))))))))))))))))))))))))))))
.
.
2013-07-13 18:16 . 2013-07-13 18:31	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-07-13 16:13 . 2013-07-13 16:13	--------	d-----w-	C:\TDSSKiller_Quarantine
2013-07-13 15:59 . 2013-07-13 15:59	--------	d-----w-	c:\users\Maka\AppData\Roaming\Malwarebytes
2013-07-13 15:59 . 2013-07-13 15:59	--------	d-----w-	c:\programdata\Malwarebytes
2013-07-13 15:59 . 2013-07-13 15:59	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-13 15:59 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-07-13 15:45 . 2013-06-17 00:10	9552976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{87F3410D-946B-46E1-B17E-8814744CB9AC}\mpengine.dll
2013-07-13 03:00 . 2013-07-13 14:38	--------	d-----w-	c:\users\Maka\Ntvdohtr
2013-07-13 02:34 . 2013-07-13 02:35	--------	d-----w-	c:\programdata\Freemake
2013-07-13 02:34 . 2013-07-13 02:34	--------	d-----w-	c:\program files (x86)\Freemake
2013-07-13 02:27 . 2013-07-13 02:28	--------	d-----w-	c:\program files (x86)\Video to Video
2013-07-11 04:18 . 2013-07-11 04:18	--------	d-----w-	c:\users\Maka\AppData\Roaming\Process Hacker 2
2013-07-11 03:22 . 2013-07-13 06:40	--------	d-----w-	c:\program files (x86)\AnVir Task Manager Pro
2013-07-11 03:12 . 2013-07-11 03:31	--------	d-----w-	c:\program files (x86)\AnVir Task Manager
2013-07-11 03:06 . 2013-07-13 06:54	--------	d-----w-	c:\users\Maka\AppData\Local\AnVir
2013-07-11 02:28 . 2013-07-11 02:28	--------	d-----w-	c:\programdata\TaskManager
2013-07-11 02:15 . 2013-07-11 02:15	--------	d-----w-	c:\program files\Process Hacker 2
2013-07-10 17:39 . 2010-09-07 13:39	150392	----a-w-	C:\junction.exe
2013-07-10 17:38 . 2013-07-10 17:38	--------	d-----w-	C:\Junction
2013-07-10 17:24 . 2013-07-10 17:24	47616	----a-w-	C:\Win32kDiag.exe
2013-07-10 10:10 . 2013-07-10 10:10	12872	----a-w-	c:\windows\system32\bootdelete.exe
2013-07-10 06:16 . 2013-04-10 05:48	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 06:15 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-07-10 06:15 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-07-10 04:05 . 2013-07-10 09:45	--------	d-----w-	c:\program files (x86)\Wise
2013-07-09 21:34 . 2013-07-09 21:35	--------	d-----w-	c:\users\Maka\AppData\Local\CrashDumps
2013-07-08 09:18 . 2013-07-10 03:32	--------	d-----w-	C:\FFOutput
2013-07-08 09:17 . 2013-07-08 09:17	--------	d-----w-	c:\program files (x86)\FreeTime
2013-07-07 21:35 . 2013-07-07 21:35	--------	d-----w-	c:\users\Maka\AppData\Roaming\NVIDIA
2013-07-07 21:34 . 2013-07-07 21:34	--------	d-----w-	c:\users\Maka\AppData\Roaming\CUDA
2013-07-07 21:32 . 2013-07-07 21:33	--------	d-----w-	c:\program files (x86)\Free CUDA Video Converter 6
2013-07-07 20:57 . 2013-07-07 20:57	--------	d-----w-	C:\Konwersja MeGui
2013-07-07 01:21 . 2013-07-07 01:21	--------	d-----w-	c:\programdata\bdch
2013-07-06 17:11 . 2013-07-06 17:13	--------	d-----w-	c:\program files\HitmanPro
2013-07-06 17:11 . 2013-07-10 10:10	--------	d-----w-	c:\programdata\HitmanPro
2013-07-06 17:04 . 2013-07-10 20:33	--------	d-----w-	c:\users\Maka\AppData\Local\NPE
2013-07-06 17:04 . 2013-07-06 17:05	--------	d-----w-	c:\programdata\Norton
2013-07-06 09:22 . 2013-07-06 09:22	261056	----a-w-	c:\windows\system32\drivers\avchv.sys
2013-07-06 09:19 . 2013-04-17 12:59	593144	----a-w-	c:\windows\system32\drivers\avckf.sys
2013-07-06 09:19 . 2013-04-17 12:59	718840	----a-w-	c:\windows\system32\drivers\avc3.sys
2013-07-06 09:17 . 2013-07-13 04:46	--------	d-----w-	c:\users\Maka\AppData\Roaming\QuickScan
2013-07-06 09:17 . 2013-07-06 09:20	--------	d-----w-	c:\program files\Bitdefender
2013-07-06 09:16 . 2013-04-22 11:21	148696	----a-w-	c:\windows\system32\drivers\gzflt.sys
2013-07-06 09:16 . 2013-05-28 10:12	382536	----a-w-	c:\windows\system32\drivers\trufos.sys
2013-07-06 08:40 . 2013-07-06 08:40	--------	d-----w-	c:\users\Maka\AppData\Local\Secunia PSI
2013-07-06 08:40 . 2013-07-06 08:40	--------	d-----w-	c:\program files (x86)\Secunia
2013-07-06 00:49 . 2013-07-06 00:50	--------	d-----w-	c:\program files (x86)\Emsisoft HiJackFree
2013-07-06 00:07 . 2013-07-06 00:07	388096	----a-r-	c:\users\Maka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-06 00:07 . 2013-07-06 00:07	--------	d-----w-	c:\program files (x86)\Trend Micro
2013-07-05 20:13 . 2013-07-06 08:01	--------	d-----w-	c:\programdata\Avira
2013-07-05 19:08 . 2013-07-05 19:08	--------	dc----w-	c:\users\Maka\AppData\Local\MigWiz
2013-07-05 17:08 . 2013-07-05 17:08	--------	d-----w-	c:\programdata\BlueSprig
2013-07-05 15:16 . 2013-07-12 23:35	--------	d-----w-	c:\program files (x86)\TimeLeft3
2013-07-05 15:16 . 2013-07-05 15:16	--------	d-----w-	c:\users\Maka\AppData\Roaming\NesterSoft
2013-07-05 15:02 . 2013-07-05 15:02	--------	d-----w-	c:\users\Maka\AppData\Roaming\BlueSprig
2013-07-05 15:02 . 2013-07-05 17:08	--------	d-----w-	c:\program files (x86)\BlueSprig
2013-07-05 14:19 . 2013-07-05 14:29	--------	d-----w-	c:\users\Maka\AppData\Roaming\Comodo
2013-07-05 13:24 . 2013-07-05 13:42	--------	d-----w-	c:\programdata\SystemExplorer
2013-07-05 13:24 . 2013-07-05 13:24	--------	d-----w-	c:\program files (x86)\System Explorer
2013-07-05 13:18 . 2013-07-05 13:18	--------	d-----w-	c:\users\Maka\AppData\Local\ElevatedDiagnostics
2013-07-05 12:44 . 2000-01-01 00:00	58880	----a-w-	c:\windows\system32\drivers\L1C62x64.sys
2013-07-05 12:40 . 2010-05-07 15:18	80384	----a-w-	c:\windows\system32\drivers\risdpe64.sys
2013-07-05 12:40 . 2009-05-28 16:24	196608	----a-w-	c:\windows\system32\RiSDIcon.dll
2013-07-05 12:40 . 2009-05-28 16:24	188416	----a-w-	c:\windows\system32\RiMMCIcon.dll
2013-07-05 12:36 . 2013-07-05 12:36	--------	d-----w-	C:\VTRoot
2013-07-04 21:07 . 2013-07-04 21:07	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 11:14 . 2013-07-08 06:19	--------	d-----w-	C:\Zdjęcia Vi
2013-06-24 07:06 . 2013-06-24 07:06	--------	d-----w-	c:\programdata\IObit
2013-06-24 07:06 . 2013-06-24 07:06	--------	d-----w-	c:\program files (x86)\IObit
2013-06-22 12:17 . 2013-06-22 12:17	--------	d-----w-	c:\users\Maka\AppData\Roaming\IrfanView
2013-06-22 12:17 . 2013-06-22 12:17	--------	d-----w-	c:\program files (x86)\IrfanView
2013-06-22 09:51 . 2013-06-22 09:51	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-22 09:51 . 2013-06-22 09:51	--------	d-----w-	c:\program files (x86)\Java
2013-06-21 05:49 . 2013-06-21 05:49	--------	d-----w-	c:\programdata\NCH Software
2013-06-21 05:48 . 2013-06-21 05:48	--------	d-----w-	c:\program files (x86)\NCH Software
2013-06-21 05:48 . 2013-06-21 10:11	--------	d-----w-	c:\users\Maka\AppData\Roaming\NCH Software
2013-06-20 03:55 . 2013-07-08 14:37	--------	d-----w-	c:\windows\rescache
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-10 17:37 . 2013-07-10 17:37	79623	----a-w-	C:\Junction.zip
2013-07-10 06:25 . 2013-06-04 13:47	78185248	----a-w-	c:\windows\system32\MRT.exe
2013-07-05 02:48 . 2013-06-10 08:40	45056	----a-w-	c:\windows\system32\acovcnt.exe
2013-06-22 09:51 . 2013-06-06 01:44	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-06-22 09:51 . 2013-06-06 01:44	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-18 15:16 . 2013-01-16 17:51	96800	----a-w-	c:\windows\system32\drivers\inspect.sys
2013-06-18 15:16 . 2013-01-16 17:51	48360	----a-w-	c:\windows\system32\drivers\cmdhlp.sys
2013-06-18 15:16 . 2013-01-16 17:51	708632	----a-w-	c:\windows\system32\drivers\cmdguard.sys
2013-06-18 15:16 . 2013-01-16 17:51	23168	----a-w-	c:\windows\system32\drivers\cmderd.sys
2013-06-18 15:15 . 2013-01-24 20:43	43216	----a-w-	c:\windows\system32\cmdcsr.dll
2013-06-18 15:15 . 2013-01-24 20:43	348584	----a-w-	c:\windows\SysWow64\guard32.dll
2013-06-18 15:15 . 2013-01-24 20:43	437688	----a-w-	c:\windows\system32\guard64.dll
2013-06-18 15:15 . 2013-01-24 20:42	45784	----a-w-	c:\windows\system32\cmdkbd64.dll
2013-06-18 15:15 . 2013-01-24 20:42	344792	----a-w-	c:\windows\system32\cmdvrt64.dll
2013-06-18 15:15 . 2013-01-24 20:42	278232	----a-w-	c:\windows\SysWow64\cmdvrt32.dll
2013-06-18 15:15 . 2013-01-24 20:42	40664	----a-w-	c:\windows\SysWow64\cmdkbd32.dll
2013-06-12 10:31 . 2013-03-27 10:42	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 10:31 . 2013-03-27 10:42	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-04 07:15 . 2013-06-04 07:15	708168	----a-w-	c:\windows\system32\WinUSBCoInstaller.dll
2013-06-04 07:15 . 2013-06-04 07:15	103448	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2013-06-04 07:15 . 2013-06-04 07:15	203672	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2013-06-04 07:15 . 2013-06-04 07:15	1490656	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2013-05-19 10:54 . 2013-05-19 10:54	97176	----a-w-	c:\windows\SysWow64\ElbyCDIO.dll
2013-05-13 05:51 . 2013-06-12 16:34	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 16:34	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 16:34	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 16:34	52224	----a-w-	c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 16:34	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 16:34	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 16:34	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 16:34	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 16:34	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 16:34	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-05-13 01:06 . 2013-05-13 01:06	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-05-13 01:06 . 2013-05-13 01:06	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-05-13 01:06 . 2013-05-13 01:06	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-05-13 01:06 . 2013-05-13 01:06	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-05-13 01:06 . 2013-05-13 01:06	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-13 01:06 . 2013-05-13 01:06	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-05-13 01:06 . 2013-05-13 01:06	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-05-13 01:06 . 2013-05-13 01:06	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-13 01:06 . 2013-05-13 01:06	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-05-13 01:06 . 2013-05-13 01:06	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-05-13 01:06 . 2013-05-13 01:06	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-13 01:06 . 2013-05-13 01:06	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-05-13 01:06 . 2013-05-13 01:06	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-05-13 01:06 . 2013-05-13 01:06	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-05-13 01:06 . 2013-05-13 01:06	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-13 01:06 . 2013-05-13 01:06	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-05-13 01:06 . 2013-05-13 01:06	1175552	----a-w-	c:\windows\system32\FntCache.dll
2013-05-13 01:06 . 2013-05-13 01:06	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2013-05-13 01:06 . 2013-05-13 01:06	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-05-13 01:06 . 2013-05-13 01:06	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-05-13 01:06 . 2013-05-13 01:06	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-05-13 01:06 . 2013-05-13 01:06	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-05-13 01:06 . 2013-05-13 01:06	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-05-13 01:06 . 2013-05-13 01:06	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2013-05-13 01:06 . 2013-05-13 01:06	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-05-13 01:06 . 2013-05-13 01:06	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2013-05-13 01:06 . 2013-05-13 01:06	1988096	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-05-13 01:06 . 2013-05-13 01:06	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2013-05-13 01:06 . 2013-05-13 01:06	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2013-05-13 01:06 . 2013-05-13 01:06	1238528	----a-w-	c:\windows\system32\d3d10.dll
2013-05-11 01:14 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2013-05-11 01:14 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2013-05-10 05:49 . 2013-06-12 16:34	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 16:34	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-12 16:34	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-05-02 00:06 . 2013-03-27 10:22	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-26 05:51 . 2013-06-12 16:34	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-04-26 04:55 . 2013-06-12 16:34	492544	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-04-25 23:30 . 2013-06-12 16:34	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-04-25 01:37 . 2013-04-25 01:37	129944	----a-w-	c:\windows\SysWow64\ElbyVCD.dll
2013-04-18 17:08 . 2013-06-05 17:22	4659712	----a-w-	c:\windows\SysWow64\Redemption.dll
2013-04-18 17:07 . 2013-04-18 17:07	90112	----a-w-	c:\windows\MAMCityDownload.ocx
2013-04-18 17:07 . 2013-04-18 17:07	330240	----a-w-	c:\windows\MASetupCaller.dll
2013-04-18 17:07 . 2013-04-18 17:07	30568	----a-w-	c:\windows\MusiccityDownload.exe
2013-04-18 17:06 . 2013-04-18 17:06	974848	----a-w-	c:\windows\SysWow64\cis-2.4.dll
2013-04-18 17:06 . 2013-04-18 17:06	81920	----a-w-	c:\windows\SysWow64\issacapi_bs-2.3.dll
2013-04-18 17:06 . 2013-04-18 17:06	65536	----a-w-	c:\windows\SysWow64\issacapi_pe-2.3.dll
2013-04-18 17:06 . 2013-04-18 17:06	57344	----a-w-	c:\windows\SysWow64\MTXSYNCICON.dll
2013-04-18 17:06 . 2013-04-18 17:06	57344	----a-w-	c:\windows\SysWow64\MK_Lyric.dll
2013-04-18 17:06 . 2013-04-18 17:06	57344	----a-w-	c:\windows\SysWow64\issacapi_se-2.3.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08	143360	----a-w-	c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
.
c:\users\Maka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TimeLeft.lnk - c:\program files (x86)\TimeLeft3\TimeLeft.exe [2013-7-5 2050224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Maka\AppData\Local\Temp\ALSysIO64.sys;c:\users\Maka\AppData\Local\Temp\ALSysIO64.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IAStorDataMgrSvc;Technologia pamięci Intel® Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw1v64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R4 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\rixdpe64.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 09:35	1173456	----a-w-	c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-27 10:31]
.
2013-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-17 05:53]
.
2013-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-17 05:53]
.
2013-07-05 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-06-21 08:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52	159744	----a-w-	c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:42	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:42	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:42	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:42	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-06-18 1497816]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: LG Air Sync (R-Click) - Save as Mobile Image - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Wyślij obraz do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyślij stronę do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{B38CCA00-B2EB-48E6-802A-09C5869085EB}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{D1BDAE02-F399-4F46-9E84-E979D4EA6263}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\
FF - ExtSQL: 2013-05-15 11:53; netvideohunter@netvideohunter.com; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\netvideohunter@netvideohunter.com
FF - ExtSQL: 2013-06-05 19:39; jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi
FF - ExtSQL: 2013-06-08 21:27; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - ExtSQL: 2013-07-05 14:54; noverflow@sdrocking.com; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\noverflow@sdrocking.com.xpi
FF - ExtSQL: 2013-07-05 15:02; jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
FF - ExtSQL: 2013-07-05 15:04; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2013-07-05 15:04; {cd617375-6743-4ee8-bac4-fbf10f35729e}; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF - ExtSQL: 2013-07-05 15:04; {E6C1199F-E687-42da-8C24-E7770CC3AE66}; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF - ExtSQL: 2013-07-05 15:04; {AA6F0803-145A-4200-8E5E-68898D02B5B3}; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\{AA6F0803-145A-4200-8E5E-68898D02B5B3}.xpi
FF - ExtSQL: 2013-07-05 15:04; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-07-05 15:12; tabrestore@plugin; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\tabrestore@plugin.xpi
FF - ExtSQL: 2013-07-05 15:12; memoryrestart@teamextension.com; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\memoryrestart@teamextension.com.xpi
FF - ExtSQL: 2013-07-06 10:34; trafficlight@bitdefender.com; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\trafficlight@bitdefender.com.xpi
FF - ExtSQL: 2013-07-07 01:12; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\Maka\AppData\Roaming\Mozilla\Firefox\Profiles\538sp7j8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-ASUS_ScreenSaver_GSeries - c:\windows\system32\ASUS_ScreenSaver_GSeries.scr
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
.
**************************************************************************
.
Czas ukończenia: 2013-07-13  23:10:48 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2013-07-13 21:10
.
Przed: 1 195 200 512 bajtów wolnych
Po: 1 537 622 016 bajtów wolnych
.
- - End Of File - - B4927489E6BB7B68DE242695E369DE7C
A36C5E4F47E84449FF07ED3517B43A31