ComboFix 14-05-05.01 - Piotr 2014-05-05  13:18:52.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.6143.4075 [GMT 2:00]
Uruchomiony z: c:\users\Piotr\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SaveSenseLive
c:\programdata\SaveSenseLive\Update\Log\SaveSenseLive.log
c:\users\Piotr\AppData\Roaming\SaveSense
c:\users\Piotr\AppData\Roaming\SaveSense\UpdateProc\config.dat
c:\users\Piotr\AppData\Roaming\SaveSense\UpdateProc\STTL.DAT
c:\users\Piotr\AppData\Roaming\SaveSense\UpdateProc\TTL.DAT
c:\users\Piotr\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe
c:\windows\wininit.ini
c:\windows\XSxS
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2014-04-05 do 2014-05-05  )))))))))))))))))))))))))))))))
.
.
2014-05-05 11:22 . 2014-05-05 11:22	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-05 10:58 . 2014-05-05 10:58	--------	d-----w-	c:\users\Piotr\Logitech
2014-05-05 10:58 . 2014-05-05 10:58	--------	d-----w-	c:\program files (x86)\Common Files\Remote Control Software Common
2014-05-05 10:58 . 2014-05-05 10:58	--------	d-----w-	c:\program files (x86)\Logitech
2014-05-05 10:58 . 2014-05-05 10:58	--------	d-----w-	c:\program files (x86)\Common Files\Remote Control USB Driver
2014-05-05 10:58 . 2014-05-05 10:58	--------	d-----w-	c:\program files (x86)\Common Files\InstallShield
2014-05-04 15:11 . 2014-05-04 15:11	--------	d-----w-	c:\users\Piotr\AppData\Local\Razer_Inc
2014-05-04 15:10 . 2014-05-04 15:10	--------	d-----w-	c:\program files (x86)\Razer
2014-05-04 14:09 . 2014-05-04 14:09	--------	d-----w-	c:\users\Piotr\AppData\Roaming\CPUControl
2014-05-03 20:23 . 2014-05-03 20:23	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-03 20:23 . 2014-05-03 20:23	--------	d-----w-	c:\program files\iTunes
2014-05-03 20:23 . 2014-05-03 20:23	--------	d-----w-	c:\program files (x86)\iTunes
2014-05-03 20:23 . 2014-05-03 20:23	--------	d-----w-	c:\program files\iPod
2014-05-02 10:30 . 2014-04-29 14:01	23547904	----a-w-	c:\windows\system32\mshtml.dll
2014-05-02 10:30 . 2014-04-29 13:40	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-02 10:30 . 2014-04-29 12:34	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-04-30 23:21 . 2014-04-30 23:21	--------	d-----w-	c:\programdata\ATI
2014-04-30 10:57 . 2014-05-05 11:05	--------	d-----r-	c:\users\Piotr\Dropbox
2014-04-30 10:56 . 2014-05-05 11:05	--------	d-----w-	c:\users\Piotr\AppData\Roaming\Dropbox
2014-04-28 12:07 . 2014-05-03 09:59	--------	d-----w-	c:\users\Piotr\temp
2014-04-28 12:07 . 2014-05-03 08:11	--------	d-----w-	c:\users\Piotr\AppData\Local\Pinnacle
2014-04-28 12:03 . 2014-04-28 12:03	--------	d-----w-	c:\program files (x86)\Common Files\Pegasus Imaging
2014-04-28 12:00 . 2014-04-28 12:01	--------	d-----w-	c:\program files (x86)\Pinnacle
2014-04-28 11:57 . 2014-04-28 12:00	--------	d-----w-	c:\programdata\Pinnacle
2014-04-28 06:27 . 2014-04-28 06:27	--------	d-s---w-	c:\windows\system32\CompatTel
2014-04-28 06:27 . 2014-04-14 02:24	465408	----a-w-	c:\windows\system32\aepdu.dll
2014-04-28 06:27 . 2014-04-14 02:19	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-04-22 23:01 . 2014-04-22 23:01	--------	d-----w-	c:\users\dub_cm_auto
2014-04-21 08:26 . 2014-04-21 08:26	--------	d-----w-	c:\users\Piotr\AppData\Local\Caphyon
2014-04-20 07:06 . 2008-10-15 04:22	519000	----a-w-	c:\windows\system32\d3dx10_40.dll
2014-04-20 07:06 . 2008-10-15 04:22	452440	----a-w-	c:\windows\SysWow64\d3dx10_40.dll
2014-04-20 07:06 . 2008-10-15 04:22	2605920	----a-w-	c:\windows\system32\D3DCompiler_40.dll
2014-04-20 07:06 . 2008-10-15 04:22	2036576	----a-w-	c:\windows\SysWow64\D3DCompiler_40.dll
2014-04-20 07:06 . 2008-10-15 04:22	5631312	----a-w-	c:\windows\system32\D3DX9_40.dll
2014-04-20 07:06 . 2008-10-15 04:22	4379984	----a-w-	c:\windows\SysWow64\D3DX9_40.dll
2014-04-20 07:06 . 2014-04-20 07:06	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2014-04-20 06:34 . 2014-05-04 15:56	--------	d-----w-	c:\users\Piotr\AppData\Roaming\BoL
2014-04-18 02:43 . 2014-04-18 02:43	78432	----a-w-	c:\windows\system32\atimpc64.dll
2014-04-18 02:43 . 2014-04-18 02:43	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2014-04-18 02:43 . 2014-04-18 02:43	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2014-04-18 02:43 . 2014-04-18 02:43	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2014-04-18 02:42 . 2014-04-18 02:42	126336	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2014-04-18 02:42 . 2014-04-18 02:42	8866928	----a-w-	c:\windows\SysWow64\atidxx32.dll
2014-04-18 02:39 . 2014-04-18 02:39	274656	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2014-04-18 02:36 . 2014-04-18 02:36	15376384	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2014-04-18 02:23 . 2014-04-18 02:23	231424	----a-w-	c:\windows\system32\clinfo.exe
2014-04-18 02:22 . 2014-04-18 02:22	98816	----a-w-	c:\windows\system32\OpenVideo64.dll
2014-04-18 02:22 . 2014-04-18 02:22	83456	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2014-04-18 02:22 . 2014-04-18 02:22	86528	----a-w-	c:\windows\system32\OVDecode64.dll
2014-04-18 02:22 . 2014-04-18 02:22	73216	----a-w-	c:\windows\SysWow64\OVDecode.dll
2014-04-18 02:22 . 2014-04-18 02:22	28685824	----a-w-	c:\windows\system32\amdocl64.dll
2014-04-18 02:19 . 2014-04-18 02:19	24107520	----a-w-	c:\windows\SysWow64\amdocl.dll
2014-04-18 02:17 . 2014-04-18 02:17	65024	----a-w-	c:\windows\system32\OpenCL.dll
2014-04-18 02:17 . 2014-04-18 02:17	58880	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-04-18 02:13 . 2014-04-18 02:13	127488	----a-w-	c:\windows\system32\mantle64.dll
2014-04-18 02:13 . 2014-04-18 02:13	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2014-04-18 02:12 . 2014-04-18 02:12	27907584	----a-w-	c:\windows\system32\atio6axx.dll
2014-04-18 02:12 . 2014-04-18 02:12	5442048	----a-w-	c:\windows\system32\amdmantle64.dll
2014-04-18 01:58 . 2014-04-18 01:58	4358656	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2014-04-18 01:51 . 2014-04-18 01:51	23409152	----a-w-	c:\windows\SysWow64\atioglxx.dll
2014-04-18 01:46 . 2014-04-18 01:46	368128	----a-w-	c:\windows\system32\atiapfxx.exe
2014-04-18 01:46 . 2014-04-18 01:46	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2014-04-18 01:46 . 2014-04-18 01:46	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2014-04-18 01:46 . 2014-04-18 01:46	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2014-04-18 01:46 . 2014-04-18 01:46	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2014-04-18 01:46 . 2014-04-18 01:46	15716352	----a-w-	c:\windows\system32\aticaldd64.dll
2014-04-18 01:45 . 2014-04-18 01:45	91136	----a-w-	c:\windows\system32\mantleaxl64.dll
2014-04-18 01:45 . 2014-04-18 01:45	85504	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2014-04-18 01:42 . 2014-04-18 01:42	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2014-04-18 01:33 . 2014-04-18 01:33	48128	----a-w-	c:\windows\system32\amdmmcl6.dll
2014-04-18 01:33 . 2014-04-18 01:33	37888	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2014-04-18 01:30 . 2014-04-18 01:30	31232	----a-w-	c:\windows\system32\atimuixx.dll
2014-04-18 01:29 . 2014-04-18 01:29	586240	----a-w-	c:\windows\system32\atieclxx.exe
2014-04-18 01:29 . 2014-04-18 01:29	239616	----a-w-	c:\windows\system32\atiesrxx.exe
2014-04-18 01:28 . 2014-04-18 01:28	190976	----a-w-	c:\windows\system32\atitmm64.dll
2014-04-18 01:21 . 2014-04-18 01:21	806912	----a-w-	c:\windows\system32\coinst_14.100.dll
2014-04-18 01:09 . 2014-04-18 01:09	848896	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2014-04-18 01:07 . 2014-04-18 01:07	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2014-04-18 01:07 . 2014-04-18 01:07	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07	146944	----a-w-	c:\windows\system32\atig6txx.dll
2014-04-18 01:07 . 2014-04-18 01:07	133632	----a-w-	c:\windows\SysWow64\atigktxx.dll
2014-04-18 01:07 . 2014-04-18 01:07	638976	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2014-04-18 01:04 . 2014-04-18 01:04	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2014-04-11 13:35 . 2014-04-11 13:35	--------	d-----w-	c:\users\Piotr\AppData\Roaming\DAEMON Tools Pro
2014-04-11 13:35 . 2014-04-11 13:35	--------	d-----w-	c:\programdata\DAEMON Tools Pro
2014-04-10 11:48 . 2014-04-10 11:48	--------	d-sh--w-	c:\users\Piotr\AppData\Local\EmieUserList
2014-04-10 11:48 . 2014-04-10 11:48	--------	d-sh--w-	c:\users\Piotr\AppData\Local\EmieSiteList
2014-04-09 21:00 . 2014-03-06 07:11	2043904	----a-w-	c:\windows\system32\inetcpl.cpl
2014-04-09 21:00 . 2014-03-06 06:53	13551104	----a-w-	c:\windows\system32\ieframe.dll
2014-04-09 21:00 . 2014-03-06 08:11	5784064	----a-w-	c:\windows\system32\jscript9.dll
2014-04-09 21:00 . 2014-03-06 07:46	4254720	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-04-06 10:38 . 2014-04-06 10:38	--------	d-----w-	c:\users\Piotr\AppData\Roaming\Skip-Bo
2014-04-06 10:37 . 2014-04-09 21:08	--------	d-----w-	c:\programdata\Trymedia
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-21 08:19 . 2013-12-21 09:15	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-21 08:19 . 2013-12-21 09:15	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-19 18:40 . 2013-12-22 12:47	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2014-04-18 02:43 . 2013-12-06 22:04	143304	----a-w-	c:\windows\system32\atiuxp64.dll
2014-04-18 02:42 . 2013-12-06 22:03	117584	----a-w-	c:\windows\system32\atiu9p64.dll
2014-04-18 02:42 . 2013-12-06 22:02	99520	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2014-04-18 02:42 . 2013-12-06 22:01	1343272	----a-w-	c:\windows\system32\aticfx64.dll
2014-04-18 02:42 . 2013-12-06 22:01	1117184	----a-w-	c:\windows\SysWow64\aticfx32.dll
2014-04-18 02:42 . 2013-12-06 22:00	10335208	----a-w-	c:\windows\system32\atidxx64.dll
2014-04-18 02:42 . 2013-12-06 21:59	6796592	----a-w-	c:\windows\SysWow64\atiumdva.dll
2014-04-18 02:42 . 2013-12-06 21:58	6799688	----a-w-	c:\windows\SysWow64\atiumdag.dll
2014-04-18 02:42 . 2013-12-06 21:57	7520200	----a-w-	c:\windows\system32\atiumd6a.dll
2014-04-18 02:42 . 2013-12-06 21:56	8010968	----a-w-	c:\windows\system32\atiumd64.dll
2014-04-18 01:30 . 2013-12-06 20:53	442368	----a-w-	c:\windows\system32\atidemgy.dll
2014-04-18 01:09 . 2013-12-06 20:22	1177600	----a-w-	c:\windows\system32\atiadlxx.dll
2014-04-09 21:00 . 2013-12-21 13:19	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-03-30 16:46 . 2014-03-30 16:46	312744	----a-w-	c:\windows\system32\javaws.exe
2014-03-30 16:46 . 2014-03-30 16:46	189352	----a-w-	c:\windows\system32\javaw.exe
2014-03-30 16:46 . 2014-03-30 16:46	189352	----a-w-	c:\windows\system32\java.exe
2014-03-30 16:46 . 2014-03-30 16:46	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-03-23 14:32 . 2014-03-23 14:32	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2014-03-04 09:17 . 2014-04-09 20:59	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-02-20 17:14 . 2014-02-20 17:14	15453904	----a-w-	c:\windows\SysWow64\xlive.dll
2014-02-20 17:14 . 2014-02-20 17:14	13642960	----a-w-	c:\windows\SysWow64\xlivefnt.dll
2014-02-07 01:23 . 2014-03-21 21:14	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 15:07 . 2014-02-04 14:14	164880	---ha-w-	c:\users\Piotr\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Piotr\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Piotr\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Piotr\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Piotr\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-17 767200]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
.
c:\users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Piotr\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-4-30 33604728]
Samsung Magician.lnk - c:\program files (x86)\Samsung\Samsung Magician\Samsung Magician.exe  /AUTOHIDE [2014-2-1 4580256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;c:\windows\system32\DRIVERS\SamsungRapidDiskFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidDiskFltr.sys [x]
S0 SamsungRapidFSFltr;SamsungRapidFSFltr;c:\windows\system32\DRIVERS\SamsungRapidFSFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidFSFltr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 MSSQL$ELISOFT;SQL Server (ELISOFT);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 SamsungRapidSvc;Samsung RAPID Mode Service;c:\windows\system32\RAPID\SamsungRapidSvc.exe;c:\windows\SYSNATIVE\RAPID\SamsungRapidSvc.exe [x]
S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\DRIVERS\hidusbf.sys;c:\windows\SYSNATIVE\DRIVERS\hidusbf.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-28 17:24	1078088	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2014-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-21 08:19]
.
2014-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20 17:31]
.
2014-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20 17:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Piotr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Piotr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Piotr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Piotr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SamsungRapidApp"="c:\program files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe" [2013-07-29 109280]
"snp2std"="c:\windows\vsnp2std.exe" [2006-12-04 675840]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3879791031-1829465358-1483038374-1001\Software\SecuROM\License information*]
"datasecu"=hex:aa,c1,e0,4a,f2,a9,68,74,f5,a1,98,67,86,ee,6b,46,a9,f7,96,20,f1,
   df,ce,01,b7,0c,6c,f0,51,08,d1,cd,10,8b,c6,cc,1d,10,89,ab,a3,5e,f1,4b,ea,38,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2014-05-05  13:23:15
ComboFix-quarantined-files.txt  2014-05-05 11:23
.
Przed: 59 065 507 840 bajtów wolnych
Po: 58 908 684 288 bajtów wolnych
.
- - End Of File - - A4E7B937A35415A9AC59959258A9BFE2
A36C5E4F47E84449FF07ED3517B43A31