ComboFix 12-12-02.01 - krzyś 2012-12-03  22:58:09.1.4 - x64 NETWORK
Microsoft Windows 7 Professional   6.1.7601.1.1250.48.1045.18.8141.7240 [GMT 1:00]
Uruchomiony z: c:\users\krzyť\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SUI0JNAO\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\StartSearch plugin
c:\program files (x86)\StartSearch plugin\IEhelperActiveX.dll
c:\program files (x86)\StartSearch plugin\ssBarLcher.dll
c:\program files (x86)\StartSearch plugin\StartBar.dll
c:\program files (x86)\StartSearch plugin\uninst.exe
c:\program files (x86)\StartSearch plugin\vshareplg.crx
c:\programdata\dsgsdgdsgdsgw.pad
c:\users\Krzysio\AppData\Roaming\2YourFace
c:\users\Krzysio\AppData\Roaming\2YourFace\2YourFace.crx
c:\users\Krzysio\AppData\Roaming\2YourFace\bho.dll
c:\users\Krzysio\AppData\Roaming\2YourFace\FF8Installer.exe
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\chrome.manifest
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\chrome\content\ff-overlay.js
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\chrome\content\ff-overlay.xul
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\chrome\content\overlay.js
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\chrome\locale\en-US\overlay.dtd
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\chrome\locale\en-US\overlay.properties
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\chrome\skin\overlay.css
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\defaults\preferences\prefs.js
c:\users\Krzysio\AppData\Roaming\2YourFace\ffextension\install.rdf
c:\users\Krzysio\AppData\Roaming\2YourFace\uninst.exe
c:\users\Krzysio\AppData\Roaming\2YourFace\Updater.exe
c:\users\Krzysio\AppData\Roaming\2YourFace\version.exe
c:\users\Krzysio\wgsdgsdgdsgsd.exe
c:\windows\settings.reg
c:\windows\SysWow64\SET2CD5.tmp
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-11-03 do 2012-12-03  )))))))))))))))))))))))))))))))
.
.
2012-12-03 22:01 . 2012-12-03 22:01	--------	d-----w-	c:\users\Krzysio\AppData\Local\temp
2012-12-03 22:01 . 2012-12-03 22:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-03 21:41 . 2012-12-03 21:42	--------	d-----w-	c:\users\krzyś
2012-12-03 21:06 . 2012-12-03 21:06	--------	d-----w-	c:\program files\Recuva
2012-12-03 16:16 . 2012-12-03 21:59	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F8F9188-68E3-4A14-B60D-C293051C83F7}\offreg.dll
2012-11-25 20:12 . 2012-11-25 20:12	--------	d-----w-	c:\users\Krzysio\AppData\Roaming\Theta
2012-11-20 11:14 . 2012-11-20 11:14	--------	d-----w-	c:\users\Krzysio\AppData\Local\ESN
2012-11-18 09:54 . 2012-11-18 09:54	--------	d-----w-	c:\program files (x86)\ESET
2012-11-09 23:33 . 2012-11-09 23:33	--------	d-----w-	c:\users\Krzysio\AppData\Roaming\Claro
2012-11-09 23:33 . 2012-11-09 23:33	--------	d-----w-	c:\windows\SysWow64\searchplugins
2012-11-09 23:33 . 2012-11-09 23:33	--------	d-----w-	c:\windows\SysWow64\Extensions
2012-11-09 23:33 . 2012-11-09 23:33	--------	d-----w-	c:\programdata\Browser Manager
2012-11-09 23:33 . 2012-11-09 23:33	--------	d-----w-	c:\program files (x86)\Claro LTD
2012-11-09 23:33 . 2012-11-09 23:33	--------	d-----w-	c:\users\Krzysio\AppData\Roaming\Babylon
2012-11-09 23:33 . 2012-11-09 23:33	--------	d-----w-	c:\programdata\Babylon
2012-11-09 23:33 . 2012-11-23 17:11	--------	d-----w-	c:\users\Krzysio\AppData\Roaming\SenselessTV
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-03 21:44 . 2012-06-29 19:30	34752	----a-w-	c:\windows\system32\drivers\WPRO_41_2001.sys
2012-12-01 23:36 . 2012-09-18 21:42	281520	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-12-01 23:36 . 2012-06-30 13:58	281520	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-12-01 23:35 . 2012-06-30 13:58	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2012-11-30 12:29 . 2012-06-29 18:32	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-30 12:29 . 2012-06-29 18:32	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-24 04:27 . 2012-10-24 04:27	42440	----a-w-	c:\windows\SysWow64\xfcodec.dll
2012-10-24 04:27 . 2012-10-24 04:27	28104	----a-w-	c:\windows\system32\xfcodec64.dll
2012-10-03 08:07 . 2012-06-30 13:58	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2012-09-28 13:37 . 2012-09-28 13:37	221696	----a-w-	c:\windows\system32\clinfo.exe
2012-09-28 13:36 . 2012-09-28 13:36	75776	----a-w-	c:\windows\system32\OpenVideo64.dll
2012-09-28 13:36 . 2012-09-28 13:36	65536	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2012-09-28 13:36 . 2012-09-28 13:36	63488	----a-w-	c:\windows\system32\OVDecode64.dll
2012-09-28 13:36 . 2012-09-28 13:36	56320	----a-w-	c:\windows\SysWow64\OVDecode.dll
2012-09-28 13:36 . 2012-09-28 13:36	32635904	----a-w-	c:\windows\system32\amdocl64.dll
2012-09-28 13:32 . 2012-09-28 13:32	27341824	----a-w-	c:\windows\SysWow64\amdocl.dll
2012-09-28 02:23 . 2012-09-28 02:23	5557928	----a-w-	c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21	10697216	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05	70144	----a-w-	c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03	163840	----a-w-	c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02	16082432	----a-w-	c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59	23825920	----a-w-	c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57	13703168	----a-w-	c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2012-09-28 01:43	935424	----a-w-	c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2012-04-06 02:20	1120768	----a-w-	c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41	19624960	----a-w-	c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2012-09-28 01:39	6536192	----a-w-	c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39	442368	----a-w-	c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39	538112	----a-w-	c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38	239616	----a-w-	c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36	120320	----a-w-	c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36	21504	----a-w-	c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36	59392	----a-w-	c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31	3127296	----a-w-	c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25	6704640	----a-w-	c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2012-04-06 01:54	7167488	----a-w-	c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2012-09-28 01:22	2691584	----a-w-	c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13	595456	----a-w-	c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13	79360	----a-w-	c:\windows\system32\amdave64.dll
2012-09-28 01:13 . 2012-09-28 01:13	78336	----a-w-	c:\windows\SysWow64\amdave32.dll
2012-09-28 01:13 . 2012-09-28 01:13	405504	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13	74240	----a-w-	c:\windows\system32\atisamu64.dll
2012-09-28 01:13 . 2012-09-28 01:13	17920	----a-w-	c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13	71168	----a-w-	c:\windows\SysWow64\atisamu32.dll
2012-09-28 01:13 . 2012-09-28 01:13	14848	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13	41984	----a-w-	c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13	33280	----a-w-	c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12	56320	----a-w-	c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12	56320	----a-w-	c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12	460288	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12	56832	----a-w-	c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12	56832	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2012-04-06 01:09	129536	----a-w-	c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2012-09-28 01:11	109568	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11	103424	----a-w-	c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2012-04-06 01:09	82944	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-09-24 21:16 . 2012-09-04 11:38	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2010-11-21 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2012-06-29 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}]
2012-10-17 15:56	264160	----a-w-	c:\program files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{991D97B8-F0D8-4EA1-9100-7A65EA2D3A63}]
2012-08-28 06:53	84840	----a-w-	c:\users\Krzysio\AppData\Roaming\SenselessTV\bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{9E131A93-EED7-4BEB-B015-A0ADB30B5646}"= "c:\program files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll" [2012-10-17 338400]
.
[HKEY_CLASSES_ROOT\clsid\{9e131a93-eed7-4beb-b015-a0adb30b5646}]
[HKEY_CLASSES_ROOT\claro.clarodskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\claro.clarodskBnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"P17Helper"="P17.dll" [2005-05-03 64512]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-02-07 133400]
"Abyssus"="c:\program files (x86)\Razer\Abyssus\razerhid.exe" [2011-03-10 231936]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-08-30 979328]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
c:\users\krzyś\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.6.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2012-5-30 207400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\23796~1.11\{16CDF~1\browsemngr.dll
.
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-11 2312216]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-07 128280]
R2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-02-09 133632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2012-05-30 16168]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 P1764;Sound Blaster Audigy;c:\windows\system32\drivers\P1764.sys [2005-07-07 1579008]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;c:\program files\Intel\TurboBoost\TurboBoost.exe [2012-05-30 149544]
R3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [2010-09-30 13312]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-30 1255736]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys [2012-12-03 34752]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2011-09-21 49760]
S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-30 283200]
S3 Abyssus;Razer Abyssus;c:\windows\system32\drivers\Abyssus.sys [2009-10-30 10880]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys [2012-02-09 25536]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys [2012-02-09 25536]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys [2012-02-09 44992]
S3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]
S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-29 12:29]
.
2012-12-03 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
2012-12-01 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://startsear.ch/?aff=2&cf=61fbcb39-d82c-11e1-bbc5-bc5ff438cef3
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
BHO-{1185823F-F22F-4027-80E5-4F68ACD5DE5E} - c:\users\Krzysio\AppData\Roaming\2YourFace\bho.dll
BHO-{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - c:\program files (x86)\StartSearch plugin\ssBarLcher.dll
Toolbar-{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - c:\program files (x86)\StartSearch plugin\ssBarLcher.dll
AddRemove-2YourFace - c:\users\Krzysio\AppData\Roaming\2YourFace\uninst.exe
AddRemove-LiveVDO plugin - c:\program files (x86)\StartSearch plugin\uninst.exe
AddRemove-{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF} - c:\program files (x86)\InstallShield Installation Information\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}\setup.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:87,7a,d1,e3,22,12,14,91,74,9e,18,39,84,cb,76,fa,1c,36,5b,5b,a8,
   60,c4,ec,99,63,d6,51,e1,b1,b6,52,bd,3e,38,0a,32,fd,f0,71,57,42,9f,34,31,42,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:87,7a,d1,e3,22,12,14,91,74,9e,18,39,84,cb,76,fa,1c,36,5b,5b,a8,
   60,c4,ec,99,63,d6,51,e1,b1,b6,52,93,b7,bb,5f,04,55,ff,32,57,42,9f,34,31,42,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2012-12-03  23:02:11
ComboFix-quarantined-files.txt  2012-12-03 22:02
.
Przed: 21 413 634 048 bajtów wolnych
Po: 21 357 404 160 bajtów wolnych
.
- - End Of File - - 082180ADF504AD0DE2D3BDD96AA07340