ComboFix 13-03-24.03 - Republic Of Gammers 2013-03-24  20:43:46.5.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.6069.4650 [GMT 1:00]
Uruchomiony z: c:\users\Republic Of Gammers\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-02-24 do 2013-03-24  )))))))))))))))))))))))))))))))
.
.
2013-03-24 18:30 . 2013-03-25 04:10	--------	d-----w-	c:\programdata\Hewlett-Packard
2013-03-24 00:28 . 2013-03-24 00:28	--------	d-----w-	c:\programdata\ATI
2013-03-24 00:26 . 2013-03-24 00:26	--------	d-----w-	c:\program files (x86)\AMD AVT
2013-03-24 00:26 . 2013-03-24 00:26	--------	d-----w-	c:\program files (x86)\AMD APP
2013-03-24 00:26 . 2013-03-24 00:26	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2013-03-24 00:26 . 2013-03-24 00:26	--------	d-----w-	c:\program files (x86)\Common Files\ATI Technologies
2013-03-24 00:24 . 2013-03-24 00:26	--------	d-----w-	c:\program files\ATI Technologies
2013-03-23 22:11 . 2013-03-25 04:20	--------	d-----w-	c:\windows\SysWow64\Wat
2013-03-23 22:11 . 2013-03-25 04:20	--------	d-----w-	c:\windows\system32\Wat
2013-03-17 21:17 . 2010-03-15 09:31	165376	----a-w-	c:\windows\SysWow64\unrar.dll
2013-03-17 21:17 . 2013-03-17 21:17	--------	d-----w-	c:\program files (x86)\K-Lite Codec Pack
2013-03-15 14:05 . 2013-03-15 14:07	--------	d-----w-	c:\users\Republic Of Gammers\AppData\Local\Origin
2013-03-10 22:25 . 2013-03-10 22:25	--------	d-----w-	c:\users\Republic Of Gammers\AppData\Local\http___www.julien-manici
2013-03-10 22:23 . 2013-03-10 22:23	925184	----a-w-	c:\windows\expstart.exe
2013-03-10 22:23 . 2010-11-21 03:24	2872320	----a-w-	c:\windows\explorer.backup.exe
2013-03-10 10:26 . 2013-03-10 10:26	--------	d-----w-	c:\program files (x86)\Julien MANICI
2013-03-10 09:52 . 2013-03-10 18:04	--------	d-----w-	c:\program files (x86)\Iminent
2013-03-10 09:51 . 2013-03-10 22:20	--------	d-----w-	c:\users\Republic Of Gammers\AppData\Local\Smartbar
2013-03-10 09:51 . 2013-03-10 22:20	--------	d-----w-	c:\program files (x86)\SingAlong
2013-03-10 09:51 . 2013-03-10 22:20	--------	d-----w-	c:\program files (x86)\Media converter
2013-03-09 09:43 . 2013-03-09 09:43	--------	d-----w-	c:\users\Republic Of Gammers\AppData\Local\SKIDROW
2013-03-05 17:44 . 2013-03-05 17:44	--------	d-----w-	c:\program files (x86)\ATI Technologies
2013-03-04 16:37 . 2013-03-04 16:37	--------	d-----w-	c:\programdata\Futuremark
2013-03-04 16:25 . 2013-03-23 22:07	--------	d-----w-	c:\users\Default
2013-03-04 16:13 . 2013-03-04 16:13	--------	d-----w-	c:\program files (x86)\Futuremark
2013-03-04 16:13 . 2013-03-04 16:13	--------	d-----w-	c:\program files (x86)\NVIDIA Corporation
2013-03-04 16:13 . 2013-03-24 19:38	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-03-03 08:22 . 2013-03-03 08:22	--------	d-----w-	c:\program files (x86)\Microsoft Works
2013-03-03 08:19 . 2013-03-03 08:19	--------	d-----r-	C:\MSOCache
2013-02-26 18:50 . 2013-02-26 18:50	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-26 18:50 . 2013-02-26 18:50	--------	d-----w-	c:\program files (x86)\Java
2013-02-25 20:13 . 2013-02-25 20:13	--------	d-----w-	c:\users\Republic Of Gammers\AppData\Roaming\HandBrake
2013-02-25 05:05 . 2013-02-25 05:05	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2013-02-24 12:56 . 2013-02-24 12:56	--------	d-----w-	c:\users\Republic Of Gammers\AppData\Roaming\InternetManager_Z
2013-02-23 21:34 . 2013-02-23 21:34	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-23 21:34 . 2013-02-23 21:34	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-23 21:34 . 2013-02-23 21:34	--------	d-----w-	c:\windows\system32\Macromed
2013-02-23 11:19 . 2013-02-23 11:23	--------	d-----w-	c:\programdata\Creative
2013-02-23 11:14 . 2013-02-23 11:14	--------	d-----w-	c:\program files\Creative
2013-02-23 11:11 . 2013-02-23 11:11	--------	d-----w-	c:\windows\SysWow64\RTCOM
2013-02-23 10:44 . 2009-10-01 15:42	141312	------w-	c:\windows\system32\cfgChain.exe
2013-02-23 10:43 . 2013-02-23 11:15	--------	d-----w-	c:\program files (x86)\Creative
2013-02-23 10:43 . 2003-11-10 17:14	729088	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2013-02-23 10:43 . 2003-11-10 17:13	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2013-02-23 10:43 . 2003-11-10 17:12	266240	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2013-02-23 10:43 . 2003-11-10 17:12	192512	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2013-02-23 10:43 . 2003-11-10 17:11	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2013-02-23 10:43 . 2013-02-23 10:43	311428	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2013-02-23 10:43 . 2013-02-23 10:43	188548	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2013-02-23 10:41 . 2013-02-23 10:41	--------	d-----w-	c:\program files\Realtek
2013-02-23 10:41 . 2006-02-07 14:44	65024	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2013-02-23 09:56 . 2013-02-23 09:57	--------	d-----w-	c:\users\Republic Of Gammers\AppData\Roaming\vlc
2013-02-23 09:21 . 2013-03-17 21:15	--------	d-----w-	c:\users\Republic Of Gammers\AppData\Roaming\BESTplayer
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-24 00:43 . 2013-02-17 10:07	291088	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-03-24 00:43 . 2013-02-17 01:30	291088	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-03-24 00:43 . 2013-02-17 01:30	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-03-23 22:11 . 2010-11-21 03:24	14848	----a-w-	c:\windows\system32\slwga.dll
2013-03-23 22:11 . 2010-11-21 03:24	833024	----a-w-	c:\windows\SysWow64\user32.dll
2013-03-23 22:11 . 2010-11-21 03:24	1008640	----a-w-	c:\windows\system32\user32.dll
2013-03-23 22:11 . 2010-11-21 03:24	419840	----a-w-	c:\windows\system32\systemcpl.dll
2013-03-23 22:11 . 2010-11-21 03:23	13824	----a-w-	c:\windows\SysWow64\slwga.dll
2013-02-26 18:50 . 2013-02-17 14:40	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-02-26 18:50 . 2013-02-17 14:40	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-02-17 10:35 . 2013-02-17 10:35	30112	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2013-02-17 10:12 . 2013-02-17 01:30	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\erdnt\cache64\user32.dll
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2013-03-23 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-03-23 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\erdnt\cache86\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-03-24 3494992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-26 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-19 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"THX Audio Control Panel"="c:\program files (x86)\Creative\SB X-Fi MB 2\THXAudioCP\THXAudio.exe" [2010-11-01 1374720]
"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" [2010-02-18 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
mcserver.lnk - d:\programy\T-Mobile\InternetManager_Z\Bin\mcserver.exe [2013-2-24 69448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 atillk64;atillk64;d:\programy\AMD GPU Clock Tool\atillk64.sys [x]
R3 cpuz130;cpuz130;c:\users\REPUBL~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-02-23 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-02-23 79360]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 GPU-Z;GPU-Z;c:\users\REPUBL~1\AppData\Local\Temp\GPU-Z.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-03-23 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;d:\programy\OC\ThrottleStop_500\WinRing0x64.sys [2013-02-07 14544]
R3 zte_cdc_acm;ZTE All CDC-ACM driver;c:\windows\system32\DRIVERS\zte_cdc_acm.sys [2011-08-10 79872]
S0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys [2009-12-15 16512]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS [2013-02-17 30112]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 PfFilter;PfFilter;d:\programy\Protected Folder\pffilter.sys [2012-11-23 38392]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S3 AmdTools64;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools64.sys [2008-04-28 47160]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-26 14:18	1629648	----a-w-	c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-02-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-23 21:34]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 22:36]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16 22:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-07-26 18432]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2013-03-24  20:48:45
ComboFix-quarantined-files.txt  2013-03-24 19:48
ComboFix2.txt  2013-03-23 20:42
ComboFix3.txt  2013-03-20 20:48
ComboFix4.txt  2013-03-19 14:06
ComboFix5.txt  2013-03-24 19:42
.
Przed: 33 763 983 360 bajtów wolnych
Po: 34 782 650 368 bajtów wolnych
.
- - End Of File - - CC87BF15287A96CEEF392A8556D7F212