ComboFix 12-12-25.01 - mój-komputer 29/12/2012  14:16:47.38.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1033.18.2813.1850 [GMT 0:00]
Uruchomiony z: c:\users\mój-komputer\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-11-28 do 2012-12-29  )))))))))))))))))))))))))))))))
.
.
2012-12-29 14:25 . 2012-12-29 14:25	--------	d-----w-	c:\users\Public\AppData\Local\temp
2012-12-29 14:25 . 2012-12-29 14:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-29 12:07 . 2010-01-20 23:10	1102112	----a-w-	c:\windows\system32\drivers\netr28ux.sys
2012-12-29 12:07 . 2010-01-20 23:03	311072	----a-w-	c:\windows\system32\RaCoInstx.dll
2012-12-29 12:07 . 2012-12-29 12:07	--------	d-----w-	c:\programdata\TP-LINK Driver
2012-12-26 13:42 . 2008-09-09 11:14	2056192	----a-w-	c:\windows\system32\RaCertMgr.dll
2012-12-26 13:42 . 2008-09-09 11:12	1597440	----a-w-	c:\windows\SysWow64\RaCertMgr.dll
2012-12-26 13:42 . 2008-11-20 10:10	1051136	----a-w-	c:\windows\SysWow64\RAIHV.dll
2012-12-26 13:42 . 2008-08-28 17:23	104448	----a-w-	c:\windows\SysWow64\RAEXTUI.dll
2012-12-26 13:42 . 2008-08-28 17:23	104448	----a-w-	c:\windows\system32\RAEXTUI.dll
2012-12-26 13:42 . 2007-12-07 06:36	958464	----a-w-	c:\windows\SysWow64\CiscoEapFast.dll
2012-12-25 12:35 . 2012-12-25 12:35	--------	d-----w-	c:\users\mój-komputer\AppData\Local\Avg2013
2012-12-24 12:13 . 2012-12-24 12:26	--------	d-----w-	c:\programdata\Ralink
2012-12-24 12:13 . 2012-12-24 12:13	--------	d-----w-	c:\program files (x86)\Ralink
2012-12-24 09:06 . 2012-12-24 12:13	--------	d-----w-	c:\programdata\Ralink Driver
2012-12-23 18:16 . 2012-12-23 18:16	--------	d-----w-	c:\users\mój-komputer\AppData\Roaming\InstallShield
2012-12-23 16:12 . 2012-12-23 16:12	--------	d-----w-	c:\users\mój-komputer\AppData\Local\eSupport.com
2012-12-23 13:31 . 2012-12-23 13:31	--------	d-----w-	c:\users\mój-komputer\AppData\Local\ElevatedDiagnostics
2012-12-23 11:48 . 2012-12-24 09:06	--------	d-----w-	c:\program files (x86)\Cisco
2012-12-21 16:26 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-21 16:26 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-21 16:26 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-21 16:26 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-12 08:25 . 2012-11-09 05:45	2048	----a-w-	c:\windows\system32\tzres.dll
2012-12-10 23:00 . 2012-12-25 12:32	--------	d-----w-	c:\users\mój-komputer\AppData\Roaming\AVG2013
2012-12-10 22:58 . 2012-12-10 22:58	--------	d-----w-	c:\users\mój-komputer\AppData\Roaming\TuneUp Software
2012-12-10 22:57 . 2012-12-25 12:32	--------	d-----w-	c:\programdata\AVG2013
2012-12-10 22:56 . 2012-12-25 12:32	--------	d-----w-	c:\program files (x86)\AVG
2012-12-10 22:54 . 2012-12-25 12:32	--------	d-----w-	c:\programdata\MFAData
2012-12-10 22:54 . 2012-12-10 22:54	--------	d-----w-	c:\users\mój-komputer\AppData\Local\MFAData
2012-12-10 17:19 . 2012-12-10 17:19	--------	d-----w-	c:\program files (x86)\MSECache
2012-12-09 17:43 . 2012-12-10 17:37	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FCB12EB2-D21D-409B-9133-2C2D0C654F45}\offreg.dll
2012-12-07 07:56 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FCB12EB2-D21D-409B-9133-2C2D0C654F45}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-22 19:04 . 2012-02-16 15:31	22368	----a-w-	c:\windows\system32\drivers\AFD.SYS
2012-12-22 19:04 . 2009-07-14 00:10	22368	----a-w-	c:\windows\system32\drivers\WS2IFSL.SYS
2012-12-12 12:14 . 2011-09-09 06:02	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-12-11 21:03 . 2012-04-04 07:20	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:03 . 2011-09-05 21:47	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 22:50 . 2011-09-05 17:22	285328	----a-w-	c:\windows\system32\aswBoot.exe
2012-10-27 15:47 . 2012-10-27 15:47	69632	----a-w-	c:\windows\system32\drivers\ew_jucdcecm.sys
2012-10-27 15:47 . 2012-10-27 15:47	28672	----a-w-	c:\windows\system32\drivers\ew_juextctrl.sys
2012-10-27 15:47 . 2012-10-27 15:47	212992	----a-w-	c:\windows\system32\drivers\ew_juwwanecm.sys
2012-10-27 15:47 . 2012-10-27 15:47	13952	----a-w-	c:\windows\system32\drivers\ew_usbenumfilter.sys
2012-10-27 15:47 . 2012-10-27 15:47	1001472	----a-w-	c:\windows\system32\drivers\mod7700.sys
2012-10-27 15:47 . 2012-10-27 15:47	98816	----a-w-	c:\windows\system32\drivers\ew_jucdcacm.sys
2012-10-27 15:47 . 2012-10-27 15:47	86016	----a-w-	c:\windows\system32\drivers\ew_jubusenum.sys
2012-10-27 15:47 . 2012-10-27 15:47	421376	----a-w-	c:\windows\system32\drivers\ewusbwwan.sys
2012-10-27 15:47 . 2012-10-27 15:47	22016	----a-w-	c:\windows\system32\drivers\ew_hwupgrade.sys
2012-10-27 15:47 . 2012-10-27 15:47	117248	----a-w-	c:\windows\system32\drivers\ew_hwusbdev.sys
2012-10-27 15:47 . 2012-10-27 15:47	32768	----a-w-	c:\windows\system32\drivers\ewdcsc.sys
2012-10-27 15:47 . 2012-10-27 15:47	221312	----a-w-	c:\windows\system32\drivers\ewusbmdm.sys
2012-10-27 15:47 . 2012-01-28 13:52	1490656	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2012-10-27 15:47 . 2012-01-28 13:52	1490656	----a-w-	c:\windows\system32\drivers\WdfCoInstaller01007.dll
2012-10-22 13:02 . 2012-10-22 13:02	154464	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2012-10-16 08:38 . 2012-11-28 08:05	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 08:05	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 08:05	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-15 03:48 . 2012-10-15 03:48	63328	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2012-10-10 11:06 . 2012-09-24 17:55	1056	--sha-w-	c:\programdata\KGyGaAvL.sys
2012-10-09 18:17 . 2012-11-16 13:37	55296	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-16 13:37	226816	----a-w-	c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-16 13:37	44032	----a-w-	c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 13:37	193536	----a-w-	c:\windows\SysWow64\dhcpcore6.dll
2012-10-05 03:32 . 2012-10-05 03:32	111456	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 16:40 . 2012-12-12 08:25	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-16 13:37	1914248	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-16 13:37	303104	----a-w-	c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-16 13:37	70656	----a-w-	c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-16 13:37	246272	----a-w-	c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-16 13:37	18944	----a-w-	c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-16 13:37	216576	----a-w-	c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-16 13:37	569344	----a-w-	c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-16 13:37	18944	----a-w-	c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-16 13:37	175104	----a-w-	c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-16 13:37	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-16 13:37	45568	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 03:30 . 2012-10-02 03:30	185696	----a-w-	c:\windows\system32\drivers\avgldx64.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2736128]
"F.lux"="c:\users\mój-komputer\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-03-06 563736]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-30 1132320]
Ralink Wireless Utility.lnk - c:\program files (x86)\Ralink\Common\RaUI.exe [2012-12-26 1807648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	PendingFileRenameOperations\0ld\0 programów~njest aktywna:~n~n%G~n~nAntywirusy i programy ochronne systemu mogą przeszkadzać w~ndzita
.
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 O2 Broadband. RunOuc;O2 Broadband. OUC;c:\program files (x86)\O2\O2 Broadband USB Modem\O2 Broadband\UpdateDog\ouc.exe [2012-10-27 218624]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-10-27 117248]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2012-10-27 421376]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2012-10-27 98816]
R3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\DRIVERS\ew_jucdcecm.sys [2012-10-27 69632]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2012-10-27 28672]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-07 1255736]
S0 56611911;56611911;c:\windows\system32\DRIVERS\56611911.sys [2012-04-26 460888]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-12-20 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 203264]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2010-11-16 339456]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-03-06 635416]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ralink\Common\RalinkRegistryWriter64.exe [2008-09-05 210720]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-10-27 86016]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 96384]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 11:29	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-12-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 21:03]
.
2012-12-18 c:\windows\Tasks\HPCeeScheduleFormój-komputer.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-20 489472]
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: Interfaces\{0CD18E36-5123-4EDC-851A-11D4805F9BBA}: NameServer = 62.40.32.33 8.8.8.8
FF - ProfilePath - c:\users\mój-komputer\AppData\Roaming\Mozilla\Firefox\Profiles\xymb5fs4.default\
FF - prefs.js: browser.startup.homepage - google.pl
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2012-12-29  14:27:39
ComboFix-quarantined-files.txt  2012-12-29 14:27
ComboFix2.txt  2012-12-25 13:19
ComboFix3.txt  2012-12-24 13:33
ComboFix4.txt  2012-12-24 10:03
ComboFix5.txt  2012-12-29 12:30
.
Przed: 190,267,580,416 bytes free
Po: 189,961,121,792 bytes free
.
- - End Of File - - D3CE47CB8CAB77954CBEBF53027AD1F5