ComboFix 13-02-23.01 - Gaming Station 2013-02-23  14:07:32.3.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1250.48.1045.18.8191.6174 [GMT 0:00]
Uruchomiony z: f:\download\Compfix19836412451gggh.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-- Poprzednie uruchomienie --
.
Zainfekowana kopia c:\windows\System32\reg.exe została znaleziona. Problem naprawiono 
Plik odzyskano z - c:\windows\winsxs\amd64_microsoft-windows-r..-commandline-editor_31bf3856ad364e35_6.1.7600.16385_none_8d8925a444607f8c\reg.exe 
.
--------
.
Zainfekowana kopia c:\windows\System32\reg.exe została znaleziona. Problem naprawiono 
Plik odzyskano z - c:\windows\winsxs\amd64_microsoft-windows-r..-commandline-editor_31bf3856ad364e35_6.1.7600.16385_none_8d8925a444607f8c\reg.exe 
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-01-23 do 2013-02-23  )))))))))))))))))))))))))))))))
.
.
2013-02-23 14:11 . 2013-02-23 14:11	--------	d-----w-	c:\windows\SysWow64\Wat
2013-02-23 14:11 . 2013-02-23 14:11	--------	d-----w-	c:\windows\system32\Wat
2013-02-23 14:11 . 2013-02-23 14:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-23 14:11 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2013-02-23 14:10 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-23 14:10 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-23 14:08 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2013-02-23 14:08 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2013-02-23 14:08 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2013-02-23 14:08 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2013-02-23 14:07 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2013-02-23 14:07 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2013-02-23 14:07 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2013-02-23 14:07 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2013-02-23 14:07 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2013-02-23 14:07 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2013-02-23 14:07 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2013-02-23 13:02 . 2013-02-19 03:57	9162192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{340AADFB-6D60-4CB5-A6CD-CE599310430C}\mpengine.dll
2013-02-22 14:58 . 2012-08-11 00:56	715776	----a-w-	c:\windows\system32\kerberos.dll
2013-02-22 14:57 . 2012-06-02 05:41	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-02-22 14:57 . 2012-06-02 05:41	140288	----a-w-	c:\windows\system32\cryptnet.dll
2013-02-22 14:57 . 2012-06-02 05:41	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-02-22 14:57 . 2012-06-02 04:36	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-02-22 14:57 . 2012-06-02 04:36	1159680	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-02-22 14:57 . 2012-06-02 04:36	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-02-22 14:10 . 2012-10-30 22:51	370288	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-02-22 14:10 . 2012-10-30 22:51	25232	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-02-22 14:06 . 2012-10-15 16:59	54072	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-02-22 14:06 . 2012-10-30 22:51	59728	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-02-22 14:06 . 2012-10-30 22:51	984144	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-02-22 14:06 . 2012-10-30 22:51	71600	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-02-22 14:06 . 2012-10-30 22:50	285328	----a-w-	c:\windows\system32\aswBoot.exe
2013-02-22 14:06 . 2012-10-30 22:51	41224	----a-w-	c:\windows\avastSS.scr
2013-02-22 14:06 . 2012-10-30 22:50	227648	----a-w-	c:\windows\SysWow64\aswBoot.exe
2013-02-22 14:06 . 2013-02-22 14:10	--------	d-----w-	c:\programdata\AVAST Software
2013-02-22 14:06 . 2013-02-22 14:06	--------	d-----w-	c:\program files\AVAST Software
2013-02-18 16:48 . 2013-02-22 13:53	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-18 16:48 . 2013-02-22 13:53	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-18 16:48 . 2013-02-18 16:48	--------	d-----w-	c:\windows\SysWow64\Macromed
2013-02-18 16:48 . 2013-02-18 16:48	--------	d-----w-	c:\windows\system32\Macromed
2013-02-17 02:24 . 2012-07-06 12:12	81768	----a-w-	c:\windows\system32\xinput1_3.dll
2013-02-17 00:20 . 2013-02-17 00:20	310688	----a-w-	c:\windows\system32\javaws.exe
2013-02-17 00:20 . 2013-02-17 00:20	188832	----a-w-	c:\windows\system32\javaw.exe
2013-02-17 00:20 . 2013-02-17 00:20	188320	----a-w-	c:\windows\system32\java.exe
2013-02-17 00:20 . 2013-02-17 00:20	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-02-17 00:16 . 2013-02-17 00:16	--------	d-----w-	c:\program files\WinRAR
2013-02-16 23:45 . 2013-02-17 00:20	963488	----a-w-	c:\windows\system32\deployJava1.dll
2013-02-16 23:45 . 2013-02-17 00:20	1085344	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-02-16 23:44 . 2013-02-16 23:44	--------	d-----w-	c:\program files\Java
2013-02-16 21:07 . 2013-02-16 21:07	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-02-16 20:41 . 2013-02-16 20:41	--------	d-----r-	C:\ESD
2013-02-16 19:22 . 2013-02-16 19:22	--------	d-----w-	c:\program files (x86)\OSCAR Editor X7
2013-02-16 19:21 . 2013-02-16 19:21	--------	d-----w-	c:\program files (x86)\OscarEditor
2013-02-16 19:04 . 2013-02-16 19:04	--------	d-----w-	c:\programdata\Sony Corporation
2013-02-16 16:10 . 2013-02-16 16:10	0	----a-w-	c:\windows\ativpsrm.bin
2013-02-16 15:46 . 2013-02-16 15:46	163056	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2013-02-16 15:32 . 2013-02-16 15:32	564824	----a-w-	c:\windows\system32\drivers\sptd.sys
2013-02-16 15:30 . 2013-02-16 21:07	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2013-02-16 15:30 . 2013-02-16 15:30	--------	d-----w-	c:\windows\SysWow64\searchplugins
2013-02-16 15:30 . 2013-02-16 15:30	--------	d-----w-	c:\windows\SysWow64\Extensions
2013-02-16 15:30 . 2013-02-16 15:30	--------	d-----w-	c:\programdata\Babylon
2013-02-16 15:29 . 2013-02-16 15:32	--------	d-----w-	c:\programdata\Tarma Installer
2013-02-16 15:23 . 2013-02-16 15:25	--------	d-----w-	c:\program files\CCleaner
2013-02-16 15:22 . 2008-07-31 10:41	68616	----a-w-	c:\windows\SysWow64\XAPOFX1_1.dll
2013-02-16 15:22 . 2008-07-31 10:40	509448	----a-w-	c:\windows\SysWow64\XAudio2_2.dll
2013-02-16 15:22 . 2008-07-12 08:18	467984	----a-w-	c:\windows\SysWow64\d3dx10_39.dll
2013-02-16 15:22 . 2008-07-12 08:18	3851784	----a-w-	c:\windows\SysWow64\D3DX9_39.dll
2013-02-16 15:22 . 2008-07-12 08:18	1493528	----a-w-	c:\windows\SysWow64\D3DCompiler_39.dll
2013-02-16 15:21 . 2013-02-16 15:23	--------	d-----w-	c:\program files (x86)\Google
2013-02-16 15:20 . 2013-02-16 15:20	--------	d-----w-	c:\programdata\AMD
2013-02-16 15:20 . 2013-02-16 15:20	--------	d-----w-	c:\program files (x86)\AMD AVT
2013-02-16 15:20 . 2013-02-16 15:20	--------	d-----w-	c:\program files (x86)\AMD APP
2013-02-16 15:19 . 2013-02-16 15:19	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2013-02-16 15:19 . 2013-02-16 15:19	--------	d-----w-	c:\program files (x86)\Common Files\ATI Technologies
2013-02-16 15:17 . 2013-02-16 15:17	--------	d-----w-	c:\program files (x86)\ATI Technologies
2013-02-16 15:17 . 2013-02-22 14:10	--------	d-sh--w-	c:\windows\Installer
2013-02-16 15:17 . 2013-02-16 15:17	--------	d-----w-	c:\program files\ATI
2013-02-16 15:17 . 2013-02-16 15:19	--------	d-----w-	c:\program files\ATI Technologies
2013-02-16 15:17 . 2013-02-16 19:22	--------	d--h--w-	c:\program files (x86)\InstallShield Installation Information
2013-02-16 15:05 . 2013-02-16 15:05	--------	d-sh--we	c:\users\Default\Ustawienia lokalne
2013-02-16 13:53 . 2013-02-16 15:05	--------	d-----w-	c:\windows\Panther
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 01:28 . 2010-11-21 03:27	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-22 14:59	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-19 20:50 . 2012-12-19 20:50	5630200	----a-w-	c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:48 . 2012-12-19 20:48	11278336	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:29 . 2012-12-19 20:29	23461376	----a-w-	c:\windows\system32\atio6axx.dll
2012-12-19 20:22 . 2012-12-19 20:22	70144	----a-w-	c:\windows\system32\coinst_9.012.dll
2012-12-19 20:19 . 2012-12-19 20:19	163840	----a-w-	c:\windows\system32\atiapfxx.exe
2012-12-19 20:18 . 2012-12-19 20:18	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2012-12-19 20:18 . 2012-12-19 20:18	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2012-12-19 20:17 . 2012-12-19 20:17	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2012-12-19 20:17 . 2012-12-19 20:17	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2012-12-19 20:17 . 2012-12-19 20:17	16082944	----a-w-	c:\windows\system32\aticaldd64.dll
2012-12-19 20:13 . 2012-12-19 20:13	13703168	----a-w-	c:\windows\SysWow64\aticaldd.dll
2012-12-19 20:12 . 2012-12-19 20:12	18982400	----a-w-	c:\windows\SysWow64\atioglxx.dll
2012-12-19 20:09 . 2012-12-19 20:09	960512	----a-w-	c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2012-12-19 20:08	1151488	----a-w-	c:\windows\system32\aticfx64.dll
2012-12-19 20:06 . 2012-12-19 20:06	6681088	----a-w-	c:\windows\SysWow64\atidxx32.dll
2012-12-19 19:59 . 2012-12-19 19:59	5087744	----a-w-	c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-12-19 19:57	442368	----a-w-	c:\windows\system32\atidemgy.dll
2012-12-19 19:56 . 2012-12-19 19:56	550912	----a-w-	c:\windows\system32\atieclxx.exe
2012-12-19 19:56 . 2012-12-19 19:56	240640	----a-w-	c:\windows\system32\atiesrxx.exe
2012-12-19 19:54 . 2012-12-19 19:54	120320	----a-w-	c:\windows\system32\atitmm64.dll
2012-12-19 19:54 . 2012-12-19 19:54	21504	----a-w-	c:\windows\system32\atimuixx.dll
2012-12-19 19:54 . 2012-12-19 19:54	59392	----a-w-	c:\windows\system32\atiedu64.dll
2012-12-19 19:54 . 2012-12-19 19:54	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2012-12-19 19:49 . 2012-12-19 19:49	7370752	----a-w-	c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2012-12-19 19:44	4162048	----a-w-	c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-12-19 19:44	6786560	----a-w-	c:\windows\system32\atiumd64.dll
2012-12-19 19:34 . 2012-12-19 19:34	79360	----a-w-	c:\windows\system32\amdave64.dll
2012-12-19 19:34 . 2012-12-19 19:34	78336	----a-w-	c:\windows\SysWow64\amdave32.dll
2012-12-19 19:34 . 2012-12-19 19:34	74240	----a-w-	c:\windows\system32\atisamu64.dll
2012-12-19 19:34 . 2012-12-19 19:34	71168	----a-w-	c:\windows\SysWow64\atisamu32.dll
2012-12-19 19:33 . 2012-12-19 19:33	56320	----a-w-	c:\windows\system32\atimpc64.dll
2012-12-19 19:33 . 2012-12-19 19:33	56320	----a-w-	c:\windows\system32\amdpcom64.dll
2012-12-19 19:33 . 2012-12-19 19:33	619008	----a-w-	c:\windows\system32\atiadlxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	56832	----a-w-	c:\windows\SysWow64\atimpc32.dll
2012-12-19 19:33 . 2012-12-19 19:33	56832	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2012-12-19 19:33 . 2012-12-19 19:33	421888	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2012-12-19 19:33 . 2012-12-19 19:33	17920	----a-w-	c:\windows\system32\atig6pxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	14848	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	41984	----a-w-	c:\windows\system32\atig6txx.dll
2012-12-19 19:33 . 2012-12-19 19:33	33280	----a-w-	c:\windows\SysWow64\atigktxx.dll
2012-12-19 19:32 . 2012-12-19 19:32	552960	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31 . 2012-12-19 19:31	130048	----a-w-	c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2012-12-19 19:31	109568	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2012-12-19 19:31 . 2012-12-19 19:31	104448	----a-w-	c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2012-12-19 19:30	83968	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2012-12-19 19:30 . 2012-12-19 19:30	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-12-19 15:45 . 2012-12-19 15:45	222720	----a-w-	c:\windows\system32\clinfo.exe
2012-12-19 15:44 . 2012-12-19 15:44	76288	----a-w-	c:\windows\system32\OpenVideo64.dll
2012-12-19 15:44 . 2012-12-19 15:44	65536	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2012-12-19 15:44 . 2012-12-19 15:44	64000	----a-w-	c:\windows\system32\OVDecode64.dll
2012-12-19 15:44 . 2012-12-19 15:44	56320	----a-w-	c:\windows\SysWow64\OVDecode.dll
2012-12-19 15:44 . 2012-12-19 15:44	34518016	----a-w-	c:\windows\system32\amdocl64.dll
2012-12-19 15:38 . 2012-12-19 15:38	28732928	----a-w-	c:\windows\SysWow64\amdocl.dll
2012-12-19 15:34 . 2012-12-19 15:34	54784	----a-w-	c:\windows\system32\OpenCL.dll
2012-12-19 15:34 . 2012-12-19 15:34	50176	----a-w-	c:\windows\SysWow64\OpenCL.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="g:\deamontools lite\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"uTorrent"="g:\utorrent\uTorrent.exe" [2013-02-16 1051984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-23 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-16 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-16 15:23	1607120	----a-w-	c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-02-22 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-22 22:50]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce0e447468397c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 15:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50	133400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=54ff9c94000000000000485b39a409d2
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\AVAST Software\Avast\aswRegSvr.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\program files\AVAST Software\Avast\aswRegSvr.exe
c:\program files\AVAST Software\Avast\setup\avast.setup
c:\program files\AVAST Software\Avast\aswRegSvr.exe
c:\program files\AVAST Software\Avast\setup\avast.setup
.
**************************************************************************
.
Czas ukończenia: 2013-02-23  14:15:59 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2013-02-23 14:15
ComboFix2.txt  2013-02-22 14:48
.
Przed: 76 212 666 368 bajtów wolnych
Po: 75 214 860 288 bajtów wolnych
.
- - End Of File - - AED3F0A277414D0BD3C2CBBE167198A8