ComboFix 12-09-09.02 - HP 2012-09-09  19:14:40.1.2 - x86
Microsoft Windows 7 Starter   6.1.7601.1.1250.48.1045.18.2036.400 [GMT 2:00]
Uruchomiony z: c:\users\HP\Desktop\ComboFix.exe
AV: McAfee  Anti-Virus i Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee  Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee  Anti-Virus i Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\users\HP\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
c:\windows\DPINST.LOG
c:\windows\system32\muzapp.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-08-09 do 2012-09-09  )))))))))))))))))))))))))))))))
.
.
2012-09-09 18:23 . 2012-09-09 18:23	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-09 13:12 . 2012-09-09 13:44	--------	d-----w-	C:\Temp
2012-09-09 12:24 . 2012-06-27 08:37	10344	----a-w-	c:\windows\system32\drivers\ssadwhnt.sys
2012-09-09 12:24 . 2012-06-27 08:37	136808	----a-w-	c:\windows\system32\drivers\ssadmdm.sys
2012-09-09 12:24 . 2012-06-27 08:37	12776	----a-w-	c:\windows\system32\drivers\ssadmdfl.sys
2012-09-09 12:24 . 2012-06-27 08:37	121064	----a-w-	c:\windows\system32\drivers\ssadbus.sys
2012-09-09 12:24 . 2012-06-27 08:37	10472	----a-w-	c:\windows\system32\drivers\ssadcmnt.sys
2012-09-09 12:19 . 2012-06-27 08:37	14920	----a-w-	c:\windows\system32\drivers\sscdmdfl.sys
2012-09-09 12:19 . 2012-06-27 08:37	132424	----a-w-	c:\windows\system32\drivers\sscdmdm.sys
2012-09-09 12:19 . 2012-06-27 08:37	12488	----a-w-	c:\windows\system32\drivers\sscdwhnt.sys
2012-09-09 12:19 . 2012-06-27 08:37	12488	----a-w-	c:\windows\system32\drivers\sscdwh.sys
2012-09-09 12:19 . 2012-06-27 08:37	12616	----a-w-	c:\windows\system32\drivers\sscdcmnt.sys
2012-09-09 12:19 . 2012-06-27 08:37	12616	----a-w-	c:\windows\system32\drivers\sscdcm.sys
2012-09-09 12:19 . 2012-06-27 08:37	104648	----a-w-	c:\windows\system32\drivers\sscdbus.sys
2012-09-09 11:40 . 2012-09-09 11:40	--------	d-----w-	c:\users\HP\AppData\Local\Samsung
2012-09-09 11:39 . 2012-09-09 11:39	--------	d-----w-	c:\users\HP\AppData\Roaming\Samsung
2012-09-09 11:21 . 2012-08-28 08:05	4659712	----a-w-	c:\windows\system32\Redemption.dll
2012-09-09 11:19 . 2012-09-09 11:19	--------	d-----w-	c:\program files\MarkAny
2012-09-09 11:19 . 2012-08-28 08:04	821824	----a-w-	c:\windows\system32\dgderapi.dll
2012-08-30 08:33 . 2012-08-30 20:09	--------	d-----w-	c:\users\HP\AppData\Roaming\AVI ReComp
2012-08-30 08:33 . 2012-08-30 08:33	--------	d-----w-	c:\program files\Gabest
2012-08-30 08:32 . 2011-05-23 09:52	153088	----a-w-	c:\windows\system32\xvid.ax
2012-08-30 08:32 . 2011-05-23 07:46	645632	----a-w-	c:\windows\system32\xvidcore.dll
2012-08-30 08:32 . 2011-05-30 13:42	240640	----a-w-	c:\windows\system32\xvidvfw.dll
2012-08-30 08:32 . 2012-08-30 08:32	--------	d-----w-	c:\program files\Xvid
2012-08-30 08:30 . 2012-08-30 08:30	--------	d-----w-	c:\program files\AviSynth 2.5
2012-08-30 08:29 . 2012-08-30 08:33	--------	d-----w-	c:\program files\AVI ReComp
2012-08-29 08:25 . 2012-08-29 08:25	--------	d-----w-	c:\users\HP\AppData\Roaming\NapiProjekt
2012-08-29 06:25 . 2012-08-29 06:26	--------	d-----w-	c:\program files\NapiProjekt
2012-08-29 06:25 . 2012-08-29 06:25	--------	d-----w-	c:\users\HP\AppData\Local\ALLMediaServer
2012-08-29 06:25 . 2012-08-29 06:25	--------	d-----w-	c:\program files\ALLMediaServer
2012-08-29 06:25 . 2009-09-27 22:02	797184	----a-w-	c:\windows\system32\ac3filter.ax
2012-08-29 06:25 . 2007-10-07 13:36	258048	----a-w-	c:\windows\system32\libFLAC.dll
2012-08-29 06:24 . 2012-08-30 07:23	--------	d-----w-	c:\users\HP\AppData\Local\ALLPlayer
2012-08-29 06:24 . 2012-08-29 06:25	--------	d-----w-	c:\program files\ALLPlayer
2012-08-26 13:41 . 2010-04-13 18:10	54776	----a-w-	c:\windows\system32\drivers\MOBK.sys
2012-08-26 13:41 . 2012-08-26 13:41	--------	d-----w-	c:\program files\McAfee Online Backup
2012-08-26 13:40 . 2012-06-15 10:04	64832	----a-w-	c:\windows\system32\drivers\McPvDrv.sys
2012-08-26 13:40 . 2012-04-20 14:40	146872	----a-w-	c:\windows\system32\drivers\HipShieldK.sys
2012-08-26 13:39 . 2012-06-22 05:53	9648	----a-w-	c:\windows\system32\drivers\mfeclnk.sys
2012-08-26 13:39 . 2012-06-22 05:58	60480	----a-w-	c:\windows\system32\drivers\cfwids.sys
2012-08-26 13:39 . 2012-06-22 05:53	92192	----a-w-	c:\windows\system32\drivers\mferkdet.sys
2012-08-26 13:39 . 2012-06-22 05:51	360792	----a-w-	c:\windows\system32\drivers\mfefirek.sys
2012-08-26 13:39 . 2012-06-22 05:51	61912	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2012-08-26 13:39 . 2012-06-22 05:50	230224	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2012-08-26 13:39 . 2012-08-26 13:40	--------	d-----w-	c:\program files\Common Files\Mcafee
2012-08-26 13:39 . 2012-09-01 16:01	--------	d-----w-	c:\program files\McAfee
2012-08-26 13:25 . 2012-06-22 05:55	166320	----a-w-	c:\windows\system32\mfevtps.exe
2012-08-26 13:25 . 2012-08-26 16:40	--------	d-----w-	c:\programdata\McAfee
2012-08-21 11:04 . 2012-08-21 11:04	--------	d-----w-	c:\program files\Microsoft IntelliPoint
2012-08-18 10:15 . 2012-07-06 19:23	393728	----a-w-	c:\windows\system32\drivers\bthport.sys
2012-08-15 08:00 . 2012-05-05 07:46	400896	----a-w-	c:\windows\system32\srcore.dll
2012-08-15 08:00 . 2012-07-18 17:47	2345984	----a-w-	c:\windows\system32\win32k.sys
2012-08-15 08:00 . 2012-02-11 05:43	492032	----a-w-	c:\windows\system32\win32spl.dll
2012-08-15 08:00 . 2012-02-11 05:37	317440	----a-w-	c:\windows\system32\spoolsv.exe
2012-08-15 07:59 . 2012-07-04 21:14	102912	----a-w-	c:\windows\system32\browser.dll
2012-08-15 07:59 . 2012-07-04 21:14	41984	----a-w-	c:\windows\system32\browcli.dll
2012-08-15 07:59 . 2012-05-14 04:33	769024	----a-w-	c:\windows\system32\localspl.dll
2012-08-14 06:22 . 2012-08-14 06:22	25200	----a-w-	c:\windows\system32\drivers\ggsemc.sys
2012-08-14 06:22 . 2012-08-14 06:22	12400	----a-w-	c:\windows\system32\drivers\ggflt.sys
2012-08-14 06:21 . 2012-08-14 06:21	--------	d-----w-	c:\programdata\Sony Ericsson
2012-08-14 06:20 . 2012-08-14 06:20	--------	d-----w-	c:\program files\Sony Ericsson
2012-08-14 05:58 . 2012-08-14 05:58	--------	d-----w-	c:\programdata\Sony
2012-08-14 05:58 . 2012-08-14 05:58	--------	d-----w-	c:\program files\Sony
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 18:24 . 2012-07-07 07:44	477168	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-08-28 18:24 . 2010-08-23 09:54	473072	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-15 07:47 . 2012-04-08 15:25	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-15 07:47 . 2011-08-05 21:44	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-26 20:17 . 2012-06-26 20:17	249856	------w-	c:\windows\Setup1.exe
2012-06-26 20:17 . 2012-06-26 20:17	73216	----a-w-	c:\windows\ST6UNST.EXE
2012-06-22 05:55 . 2012-06-22 05:55	206784	----a-w-	c:\windows\system32\drivers\mfewfpk.sys
2012-06-22 05:52 . 2012-06-22 05:52	554048	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2012-06-22 05:50 . 2012-06-22 05:50	127992	----a-w-	c:\windows\system32\drivers\mfeapfk.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-03-28 22:22	718848	----a-w-	c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-03-28 22:22	718848	----a-w-	c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-03-28 22:22	718848	----a-w-	c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-03-28 22:22	718848	----a-w-	c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-03-28 22:22	718848	----a-w-	c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 18:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 18:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 18:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2011-08-16 1379840]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-08-31 964024]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-31 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-28 1778984]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2010-06-17 237568]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-06-18 495708]
"Skyhook Wireless XPS Service"="c:\program files\Skyhook Wireless\XPS\xpscontrolpanel.exe" [2010-06-28 671048]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-06-29 602168]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-06 8192]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-14 150552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-06-21 1271968]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-08-31 3524536]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 836896]
HP Media Suite.lnk - c:\program files\Hewlett-Packard\HP Media Suite\Home\ArcStart.exe [2010-4-1 91648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"ZumoDrive"="c:\program files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 qcfilterhp2k;Gobi 2000 USB Composite Device Filter Driver(03F0-251D);c:\windows\system32\DRIVERS\qcfilterhp2k.sys [x]
R3 qcusbnethp2k;Gobi 2000 USB-NDIS miniport(03F0-251D);c:\windows\system32\DRIVERS\qcusbnethp2k.sys [x]
R3 qcusbserhp2k;Gobi 2000 USB Device for Legacy Serial Communication(03F0-251D);c:\windows\system32\DRIVERS\qcusbserhp2k.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [x]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [x]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 MOBKbackup;1%;c:\program files\McAfee Online Backup\MOBKbackup.exe [x]
S2 QDLService2kHP;Qualcomm Gobi 2000 Download Service (HP);c:\program files\QUALCOMM\QDLService2k\QDLService2kHP.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SMManager;HP Connection Manager Service;c:\program files\Hewlett-Packard\HP Connection Manager\SMManager.exe [x]
S2 xpssvc;Skyhook Wireless XPS Service;c:\program files\Skyhook Wireless\XPS\xpssvc.exe [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 XPSVCOM;XPSVCOM;c:\windows\system32\DRIVERS\XPSVCOM.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4FB2407C-C8E4-BBC8-BB1C-FCCB2EF5914B}]
2010-06-23 17:47	687104	----a-w-	c:\program files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4FB2AA7C-C8E4-BBC8-BB1C-FAAB2EF5914B}]
2009-07-14 01:14	141824	----a-w-	c:\windows\System32\wscript.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-09-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 07:47]
.
2012-09-09 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-05-13 06:46]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1298139438-1526120971-1083998760-1000Core.job
- c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-17 09:39]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1298139438-1526120971-1083998760-1000UA.job
- c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-17 09:39]
.
2012-08-26 c:\windows\Tasks\HPCeeScheduleForHP.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 02:22]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
mStart Page = hxxp://www.bing.com
uInternet Settings,ProxyOverride = *.local
IE: &P&obierz &za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Wyślij obraz do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyślij stronę do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B2058088-BA1B-4EC9-8B10-038E238B4EF0}: NameServer = 89.108.195.20 217.17.34.10
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKCU-Run-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
HKLM-Run-HP Connection Manager.exe - (no file)
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'Explorer.exe'(3492)
c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
c:\program files\McAfee Online Backup\MOBKshell.dll
c:\program files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Common Files\McAfee\SystemCore\mfefire.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\vssvc.exe
c:\progra~1\mcafee.com\agent\mcagent.exe
c:\program files\McAfee\MAT\McPvTray.exe
c:\windows\system32\RunDll32.exe
.
**************************************************************************
.
Czas ukończenia: 2012-09-09  20:39:23 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2012-09-09 18:39
.
Przed: 38 083 960 832 bajtów wolnych
Po: 39 217 733 632 bajtów wolnych
.
- - End Of File - - FBEF8F2609E3C46530A3EFD159A40160