ComboFix 14-05-29.01 - Insane 2014-05-29  20:06:56.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.48.1045.18.8191.6496 [GMT 2:00]
Uruchomiony z: c:\users\Insane\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\335936624.exe
c:\users\Insane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
c:\users\Insane\AppData\Roaming\msconfig.ini
c:\users\Insane\AppData\Roaming\WinRAR\AMD External Events Client.exe
c:\users\Insane\AppData\Roaming\WinRAR\MsMpCom.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2014-04-28 do 2014-05-29  )))))))))))))))))))))))))))))))
.
.
2014-05-29 18:10 . 2014-05-29 18:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-15 18:18 . 2014-05-15 18:19	--------	d-----w-	C:\Fraps
2014-05-15 18:12 . 2014-05-15 18:12	--------	d-----w-	C:\{$3483-6183-1568-3845$}
2014-05-15 18:12 . 2014-05-15 18:12	--------	d-----w-	c:\programdata\Sony
2014-05-15 18:09 . 2014-05-15 18:09	--------	d-----w-	c:\program files (x86)\Audacity
2014-05-14 15:32 . 2014-05-19 17:53	--------	d-----w-	c:\programdata\Symulator Koparki 2011
2014-05-12 15:13 . 2014-05-12 15:13	--------	d-----w-	c:\program files (x86)\Foxit Software
2014-05-12 12:30 . 2014-05-12 12:30	--------	d-----w-	c:\program files\CPUID
2014-05-11 16:50 . 2014-05-11 16:50	--------	d-----w-	c:\program files (x86)\ScreenShooter
2014-05-10 09:47 . 2006-03-31 10:41	3927248	----a-w-	c:\windows\system32\d3dx9_30.dll
2014-05-10 09:43 . 2014-05-10 09:43	--------	d-----w-	c:\program files (x86)\Origin Games
2014-05-10 09:38 . 2014-05-29 17:49	--------	d-----w-	c:\programdata\Origin
2014-05-10 09:38 . 2014-05-10 09:38	--------	d-----w-	c:\programdata\Electronic Arts
2014-05-10 09:37 . 2014-05-29 17:48	--------	d-----w-	c:\program files (x86)\Origin
2014-05-10 09:31 . 2014-05-10 09:31	--------	d-----w-	c:\program files (x86)\Mumble
2014-05-10 09:23 . 2014-05-10 09:23	--------	d-----w-	c:\program files (x86)\Microsoft Works
2014-05-10 09:23 . 2014-05-10 09:23	--------	d-----w-	c:\windows\PCHEALTH
2014-05-10 09:22 . 2014-05-10 09:22	--------	d-----w-	c:\program files\Microsoft Office
2014-05-10 09:22 . 2014-05-10 09:24	--------	d-----w-	c:\programdata\Microsoft Help
2014-05-10 09:21 . 2014-05-10 09:21	--------	d-----r-	C:\MSOCache
2014-05-10 09:19 . 2014-05-10 08:25	--------	d-----w-	c:\windows\Panther
2014-05-10 09:18 . 2014-05-16 19:09	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-05-10 09:18 . 2014-03-04 11:32	599840	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-05-10 09:10 . 2014-05-10 09:10	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-05-10 09:10 . 2014-05-10 09:10	--------	d-----r-	c:\program files (x86)\Skype
2014-05-10 09:10 . 2014-05-10 09:10	--------	d-----w-	c:\programdata\Skype
2014-05-10 09:04 . 2014-05-10 09:04	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2014-05-10 09:04 . 2014-05-15 15:51	--------	d-----w-	C:\totalcmd
2014-05-10 09:02 . 2012-06-09 17:21	178688	----a-w-	c:\windows\SysWow64\unrar.dll
2014-05-10 09:02 . 2014-05-10 09:02	--------	d-----w-	c:\program files (x86)\K-Lite Codec Pack
2014-05-10 09:01 . 2014-05-10 09:01	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2014-05-10 08:59 . 2014-05-10 08:59	--------	d-----w-	c:\programdata\Oracle
2014-05-10 08:59 . 2014-05-10 08:59	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-05-10 08:59 . 2014-05-10 08:59	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-10 08:59 . 2014-05-10 08:59	--------	d-----w-	c:\program files (x86)\Java
2014-05-10 08:56 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E2ECF2A3-5DC5-4EFE-82C0-3BE9937776E5}\mpengine.dll
2014-05-10 08:56 . 2014-03-31 07:35	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-05-10 08:54 . 2014-05-10 08:54	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2014-05-10 08:52 . 2009-11-25 19:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2014-05-10 08:52 . 2009-11-25 19:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2014-05-10 08:52 . 2009-11-25 19:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2014-05-10 08:52 . 2009-11-25 19:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2014-05-10 08:52 . 2009-11-25 19:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2014-05-10 08:52 . 2009-11-25 19:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2014-05-10 08:52 . 2009-11-25 19:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2014-05-10 08:52 . 2009-11-25 19:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2014-05-10 08:52 . 2009-11-25 19:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2014-05-10 08:52 . 2009-11-25 19:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2014-05-10 08:50 . 2014-05-10 10:14	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-10 08:50 . 2014-05-10 10:14	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-10 08:50 . 2014-05-10 08:50	--------	d-----w-	c:\windows\SysWow64\Macromed
2014-05-10 08:50 . 2014-05-10 08:50	--------	d-----w-	c:\windows\system32\Macromed
2014-05-10 08:47 . 2014-05-10 08:49	--------	d-----w-	c:\programdata\Xfire
2014-05-10 08:47 . 2014-05-10 08:47	--------	d-----w-	c:\program files (x86)\Xfire
2014-05-10 08:44 . 2014-05-10 08:44	--------	d-----w-	c:\program files (x86)\WapSter
2014-05-10 08:40 . 2014-05-10 08:41	--------	d-----w-	c:\program files (x86)\Google
2014-05-10 08:36 . 2014-05-10 08:36	2048	----a-w-	c:\windows\SysWow64\winver.exe
2014-05-10 08:36 . 2014-05-10 08:36	833024	----a-w-	c:\windows\SysWow64\user32.dll
2014-05-10 08:36 . 2014-05-10 08:36	410624	----a-w-	c:\windows\SysWow64\systemcpl.dll
2014-05-10 08:36 . 2014-05-10 08:36	1536	----a-w-	c:\windows\SysWow64\sppcomapi.dll
2014-05-10 08:36 . 2014-05-10 08:36	113543	----a-w-	c:\windows\SysWow64\slmgr.vbs
2014-05-10 08:34 . 2011-03-21 13:22	452200	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2014-05-10 08:34 . 2011-03-21 13:22	74272	----a-w-	c:\windows\system32\RtNicProp64.dll
2014-05-10 08:34 . 2011-03-21 13:22	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2014-05-10 08:34 . 2014-05-10 08:35	--------	d--h--w-	c:\program files (x86)\InstallShield Installation Information
2014-05-10 08:34 . 2014-05-10 08:35	--------	d-----w-	c:\program files (x86)\Realtek
2014-05-10 08:33 . 2014-05-10 08:33	--------	d-----w-	c:\program files\DIFX
2014-05-10 08:33 . 2014-05-10 08:33	--------	dc----w-	c:\windows\system32\DRVSTORE
2014-05-10 08:33 . 2014-05-10 08:33	--------	d-----w-	c:\program files (x86)\AMD
2014-05-10 08:33 . 2009-12-22 00:26	38456	----a-w-	c:\windows\system32\drivers\usbfilter.sys
2014-05-10 08:33 . 2009-05-05 01:00	16440	----a-w-	c:\windows\system32\drivers\AtiPcie.sys
2014-05-10 08:33 . 2014-05-10 08:33	--------	d-----w-	c:\program files\ATI
2014-05-10 08:32 . 2014-05-10 08:32	--------	d-----w-	c:\program files\ATI Technologies
2014-05-10 08:29 . 2014-05-16 19:09	--------	d-sh--w-	c:\windows\Installer
2014-05-10 08:29 . 2014-05-29 16:36	--------	d-----w-	c:\programdata\NVIDIA
2014-05-10 08:27 . 2014-05-10 09:18	--------	d-----w-	c:\program files\NVIDIA Corporation
2014-05-10 08:27 . 2014-05-10 08:27	--------	d-----w-	C:\NVIDIA
2014-05-10 08:22 . 2014-05-10 08:22	--------	d-----w-	c:\programdata\Hewlett-Packard
2014-05-10 08:22 . 2009-07-14 01:41	230400	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2009-07-14 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2014-05-10 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"screenshooter"="c:\program files (x86)\ScreenShooter\screenshooter.exe" [2010-09-03 606208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"windows COM Host"="c:\{$3483-6183-1568-3845$}\comhost.exe" [2014-01-11 346624]
.
c:\users\Insane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2012-10-27 3558856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-22 13:34	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2014-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10 08:40]
.
2014-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10 08:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-03 11842152]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Insane\AppData\Roaming\Mozilla\Firefox\Profiles\hgc8uxph.default\
FF - ExtSQL: 2014-05-15 19:52; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Insane\AppData\Roaming\Mozilla\Firefox\Profiles\hgc8uxph.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2014-05-15 19:54; {bee6eb20-01e0-ebd1-da83-080329fb9a3a}; c:\users\Insane\AppData\Roaming\Mozilla\Firefox\Profiles\hgc8uxph.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF - ExtSQL: 2014-05-15 20:01; netvideohunter@netvideohunter.com; c:\users\Insane\AppData\Roaming\Mozilla\Firefox\Profiles\hgc8uxph.default\extensions\netvideohunter@netvideohunter.com
FF - ExtSQL: 2014-05-15 20:03; anttoolbar@ant.com; c:\users\Insane\AppData\Roaming\Mozilla\Firefox\Profiles\hgc8uxph.default\extensions\anttoolbar@ant.com
FF - ExtSQL: 2014-05-15 20:06; artur.dubovoy@gmail.com; c:\users\Insane\AppData\Roaming\Mozilla\Firefox\Profiles\hgc8uxph.default\extensions\artur.dubovoy@gmail.com
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-uTorrent - c:\users\Insane\AppData\Roaming\uTorrent\uTorrent.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2014-05-29  20:11:56
ComboFix-quarantined-files.txt  2014-05-29 18:11
.
Przed: 10 415 181 824 bajtów wolnych
Po: 10 606 985 216 bajtów wolnych
.
- - End Of File - - 27DA26149827761F6249FA31E275214C
A36C5E4F47E84449FF07ED3517B43A31