ComboFix 14-09-05.01 - Rysiek 2014-09-07  18:40:26.13.2 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.2039.1209 [GMT 2:00]
Uruchomiony z: c:\users\Rysiek\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2014-08-07 do 2014-09-07  )))))))))))))))))))))))))))))))
.
.
2014-09-07 16:50 . 2014-09-07 16:50	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-09-07 16:50 . 2014-09-07 16:50	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-09-07 16:29 . 2013-09-20 08:49	18968	----a-w-	c:\windows\system32\sdnclean.exe
2014-09-07 13:24 . 2014-09-07 13:23	24184	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-09-07 13:23 . 2014-09-07 13:23	43152	----a-w-	c:\windows\avastSS.scr
2014-09-07 12:26 . 2014-09-07 12:26	--------	d-----w-	c:\users\Rysiek\AppData\Roaming\AVAST Software
2014-09-07 12:26 . 2014-09-07 13:23	71944	----a-w-	c:\windows\system32\drivers\aswStm.sys
2014-09-07 12:26 . 2014-09-07 13:23	192352	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-09-07 12:26 . 2014-09-07 13:24	414520	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-09-07 12:26 . 2014-09-07 13:23	779536	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-09-07 12:26 . 2014-09-07 13:23	49944	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-09-07 12:26 . 2014-09-07 13:23	67824	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-09-07 12:26 . 2014-09-07 13:23	81768	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-09-07 12:26 . 2014-09-07 13:23	276432	----a-w-	c:\windows\system32\aswBoot.exe
2014-09-07 12:24 . 2014-09-07 12:24	--------	d-----w-	c:\program files\AVAST Software
2014-09-06 18:28 . 2014-09-07 16:50	--------	d-----w-	c:\users\Rysiek\AppData\Local\temp
2014-09-06 15:53 . 2014-09-06 16:47	--------	d-----w-	c:\users\Rysiek\AppData\Roaming\PhotoScape
2014-09-06 15:53 . 2014-09-06 15:53	--------	d-----w-	c:\program files\PhotoScape
2014-09-06 15:47 . 2014-09-06 15:55	--------	d-----w-	c:\users\Rysiek\AppData\Roaming\Opera Software
2014-09-06 15:47 . 2014-09-06 15:55	--------	d-----w-	c:\users\Rysiek\AppData\Local\Opera Software
2014-09-06 15:46 . 2014-09-06 15:55	--------	d-----w-	c:\program files\Opera
2014-09-06 15:46 . 2014-09-06 04:48	52368	----a-w-	c:\windows\system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw.sys
2014-09-06 15:43 . 2014-09-07 16:26	--------	d-----w-	c:\program files\ClearThink
2014-09-06 10:01 . 2014-08-21 02:44	8581864	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2468DA1F-DC73-4096-A796-CE691DC818CC}\mpengine.dll
2014-09-01 16:44 . 2014-09-01 16:44	--------	d-----w-	c:\programdata\RoboForm
2014-08-28 15:14 . 2014-08-23 01:46	305152	----a-w-	c:\windows\system32\gdi32.dll
2014-08-28 15:14 . 2014-08-23 00:42	2352640	----a-w-	c:\windows\system32\win32k.sys
2014-08-22 04:03 . 2014-05-14 16:23	45536	----a-w-	c:\windows\system32\wups2.dll
2014-08-22 04:03 . 2014-05-14 16:23	54240	----a-w-	c:\windows\system32\wuauclt.exe
2014-08-22 04:03 . 2014-05-14 16:17	2425856	----a-w-	c:\windows\system32\wucltux.dll
2014-08-22 04:03 . 2014-05-14 16:23	1973728	----a-w-	c:\windows\system32\wuaueng.dll
2014-08-22 04:03 . 2014-05-14 16:23	36320	----a-w-	c:\windows\system32\wups.dll
2014-08-22 04:03 . 2014-05-14 16:23	581600	----a-w-	c:\windows\system32\wuapi.dll
2014-08-22 04:03 . 2014-05-14 16:17	92672	----a-w-	c:\windows\system32\wudriver.dll
2014-08-22 04:02 . 2014-05-14 07:23	179656	----a-w-	c:\windows\system32\wuwebv.dll
2014-08-22 04:02 . 2014-05-14 07:17	33792	----a-w-	c:\windows\system32\wuapp.exe
2014-08-17 15:23 . 2014-08-17 15:23	--------	d-----w-	c:\program files\Common Files\Skype
2014-08-15 09:05 . 2014-03-09 21:47	99480	----a-w-	c:\windows\system32\infocardapi.dll
2014-08-15 09:05 . 2014-06-30 22:14	8856	----a-w-	c:\windows\system32\icardres.dll
2014-08-15 09:05 . 2014-03-09 21:47	619672	----a-w-	c:\windows\system32\icardagt.exe
2014-08-15 09:05 . 2014-06-06 06:16	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2014-08-15 07:46 . 2014-06-03 09:29	2363392	----a-w-	c:\windows\system32\msi.dll
2014-08-15 07:46 . 2014-06-03 09:29	1805824	----a-w-	c:\windows\system32\authui.dll
2014-08-15 07:46 . 2014-06-03 09:30	101824	----a-w-	c:\windows\system32\consent.exe
2014-08-15 07:46 . 2014-06-03 09:29	337408	----a-w-	c:\windows\system32\msihnd.dll
2014-08-15 06:16 . 2014-07-14 01:42	654336	----a-w-	c:\windows\system32\rpcrt4.dll
2014-08-15 06:16 . 2014-06-16 01:44	730048	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2014-08-15 06:16 . 2014-06-16 01:44	219072	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2014-08-15 06:16 . 2014-06-16 01:40	107520	----a-w-	c:\windows\system32\cdd.dll
2014-08-15 06:06 . 2014-07-16 02:46	2048	----a-w-	c:\windows\system32\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-25 17:08 . 2010-06-26 09:41	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-08-25 17:08 . 2010-07-20 08:51	686416	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-08-22 16:45 . 2010-06-25 19:28	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-08-21 17:14 . 2010-06-25 19:28	686416	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-08-05 07:20 . 2010-04-17 11:15	231584	------w-	c:\windows\system32\MpSigStub.exe
2014-07-26 17:05 . 2014-07-26 12:39	87608	----a-w-	c:\users\Rysiek\AppData\Roaming\inst.exe
2014-07-26 17:05 . 2014-07-26 12:39	47360	----a-w-	c:\users\Rysiek\AppData\Roaming\pcouffin.sys
2014-07-04 19:15 . 2013-03-26 18:49	699056	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-07-04 19:15 . 2011-09-18 13:29	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-06-18 01:51 . 2014-07-09 16:36	646144	----a-w-	c:\windows\system32\osk.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-09-07 13:23	578240	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreeRAM XP"="c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2009-03-15 1591808]
"Mobile Partner"="c:\program files\PLAY ONLINE\PLAY ONLINE.exe" [2010-12-24 114688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-07 4085896]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-03-19 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SDWinLogon]
SDWinLogon.dll [BU]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
2009-06-04 21:56	869888	----a-w-	c:\program files\ALLPlayer\ALLUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57	153136	----a-w-	c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-09-07 71944]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-07-25 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw;{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw;c:\windows\system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw.sys [2014-09-06 52368]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-09-07 779536]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-09-07 414520]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-09-07 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-09-07 67824]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S2 Update ClearThink;Update ClearThink;c:\program files\ClearThink\updateClearThink.exe [2014-09-07 323312]
S2 Util ClearThink;Util ClearThink;c:\program files\ClearThink\bin\utilClearThink.exe [2014-09-07 323312]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-03 15:03	1096520	----a-w-	c:\program files\Google\Chrome\Application\37.0.2062.103\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2014-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-13 18:07]
.
2014-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-13 18:07]
.
.
------- Skan uzupełniający -------
.
uStart Page = www.wp.pl/?src01=dp120140907
mStart Page = www.wp.pl/?src01=dp120140907
uInternet Settings,ProxyServer = localhost:8080
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: Interfaces\{EC1996F7-EFC8-4110-9A83-09E8B463C20F}: NameServer = 89.108.202.20 89.108.195.20
FF - ProfilePath - c:\users\Rysiek\AppData\Roaming\Mozilla\Firefox\Profiles\unbrg0ns.default\
FF - prefs.js: browser.startup.homepage - www.wp.pl/?src01=dp120140907
user_pref(extensions.autoDisableScopes,14);
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.032"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ANI\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ani"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bay"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bmp"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bw"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CR2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cr2"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CRW\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.crw"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cs1"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cur"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcr"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DCX\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcx"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dib"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djv"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DJVU\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djvu"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dng"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.emf"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EPS\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.eps"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.erf"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fff"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FPX\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fpx"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gif"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icn"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.IFF\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iff"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ilbm"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.int"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.inta"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iw4"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2c"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.J2K\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2k"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jfif"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jif"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JP2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jp2"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPC\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpc"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpe"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpeg"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1180907031-1715803540-624890359-1000)
@Denied: (2) (LocalSystem)
"Progid"="IrfanView.JPG"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpk"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpx"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.LBM\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.lbm"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mos"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mrw"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.nef"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.orf"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PBM\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pbm"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PCD\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcd"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pct"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PCX\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcx"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pef"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PGM\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pgm"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pic"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pict"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pix"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PPM\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ppm"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PSD\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psd"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PSP\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psp"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raf"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RAS\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ras"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RAW\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raw"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RGB\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgb"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgba"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rle"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rsb"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SGI\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sgi"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sr2"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.srf"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TGA\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tga"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.thm"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tif"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tiff"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttc"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttf"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbm"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WBMP\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbmp"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wmf"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.XBM\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xbm"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xif"
.
[HKEY_USERS\S-1-5-21-1180907031-1715803540-624890359-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.XPM\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xpm"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2014-09-07  18:52:25
ComboFix-quarantined-files.txt  2014-09-07 16:52
ComboFix2.txt  2014-09-07 12:09
ComboFix3.txt  2014-09-07 11:21
ComboFix4.txt  2014-09-06 18:28
ComboFix5.txt  2014-09-07 16:38
.
Przed: 5 452 824 576 bajtów wolnych
Po: 5 508 952 064 bajtów wolnych
.
- - End Of File - - BA160750D580DB6921D1812E9999E3B2
A36C5E4F47E84449FF07ED3517B43A31