ComboFix 13-02-15.01 - Soku 2013-02-16  10:59:45.2.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.4095.2567 [GMT 1:00]
Uruchomiony z: c:\users\Soku\Downloads\xasdass.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usuniêto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Soku\AppData\Local\Kookos\kookos.exe silent
c:\users\Soku\AppData\Roaming\÷v¢hoÿó.exe
c:\windows\DPINST.LOG
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
D:\install.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-01-16 do 2013-02-16  )))))))))))))))))))))))))))))))
.
.
2013-02-16 10:32 . 2013-02-16 10:32	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-02-16 10:32 . 2013-02-16 10:32	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-16 09:58 . 2013-02-16 09:58	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{29D8AD1D-7F28-495E-9DF7-A05F9E1DB5B4}\offreg.dll
2013-02-15 16:58 . 2013-02-15 16:58	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-02-12 13:57 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{29D8AD1D-7F28-495E-9DF7-A05F9E1DB5B4}\mpengine.dll
2013-01-18 08:49 . 2013-01-18 08:49	--------	d-----w-	c:\programdata\ATI
2013-01-18 08:49 . 2013-01-18 08:49	--------	d-----w-	c:\program files (x86)\AMD AVT
2013-01-18 08:49 . 2013-01-18 08:49	--------	d-----w-	c:\program files (x86)\AMD APP
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-07 21:53 . 2012-04-01 07:56	697712	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-07 21:53 . 2011-11-24 17:55	74096	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2011-11-24 18:29	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-09 23:04 . 2011-11-24 17:53	67599240	----a-w-	c:\windows\system32\MRT.exe
2012-12-26 12:34 . 2012-12-26 12:34	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-19 20:50 . 2012-12-19 20:50	5630200	----a-w-	c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:48 . 2012-12-19 20:48	11278336	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:29 . 2012-12-19 20:29	23461376	----a-w-	c:\windows\system32\atio6axx.dll
2012-12-19 20:22 . 2012-12-19 20:22	70144	----a-w-	c:\windows\system32\coinst_9.012.dll
2012-12-19 20:19 . 2012-12-19 20:19	163840	----a-w-	c:\windows\system32\atiapfxx.exe
2012-12-19 20:18 . 2012-12-19 20:18	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2012-12-19 20:18 . 2012-12-19 20:18	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2012-12-19 20:17 . 2012-12-19 20:17	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2012-12-19 20:17 . 2012-12-19 20:17	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2012-12-19 20:17 . 2012-12-19 20:17	16082944	----a-w-	c:\windows\system32\aticaldd64.dll
2012-12-19 20:13 . 2012-12-19 20:13	13703168	----a-w-	c:\windows\SysWow64\aticaldd.dll
2012-12-19 20:12 . 2012-12-19 20:12	18982400	----a-w-	c:\windows\SysWow64\atioglxx.dll
2012-12-19 20:09 . 2011-05-25 03:07	960512	----a-w-	c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2011-05-25 03:06	1151488	----a-w-	c:\windows\system32\aticfx64.dll
2012-12-19 20:06 . 2012-09-28 01:39	6681088	----a-w-	c:\windows\SysWow64\atidxx32.dll
2012-12-19 19:59 . 2012-12-19 19:59	5087744	----a-w-	c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-12-19 19:57	442368	----a-w-	c:\windows\system32\atidemgy.dll
2012-12-19 19:56 . 2012-12-19 19:56	550912	----a-w-	c:\windows\system32\atieclxx.exe
2012-12-19 19:56 . 2012-12-19 19:56	240640	----a-w-	c:\windows\system32\atiesrxx.exe
2012-12-19 19:54 . 2012-12-19 19:54	120320	----a-w-	c:\windows\system32\atitmm64.dll
2012-12-19 19:54 . 2012-12-19 19:54	21504	----a-w-	c:\windows\system32\atimuixx.dll
2012-12-19 19:54 . 2012-12-19 19:54	59392	----a-w-	c:\windows\system32\atiedu64.dll
2012-12-19 19:54 . 2012-12-19 19:54	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2012-12-19 19:49 . 2011-05-25 02:49	7370752	----a-w-	c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2012-12-19 19:44	4162048	----a-w-	c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-12-19 19:44	6786560	----a-w-	c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2012-12-19 19:33	56320	----a-w-	c:\windows\system32\atimpc64.dll
2012-12-19 19:33 . 2012-12-19 19:33	56320	----a-w-	c:\windows\system32\amdpcom64.dll
2012-12-19 19:33 . 2012-12-19 19:33	619008	----a-w-	c:\windows\system32\atiadlxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	56832	----a-w-	c:\windows\SysWow64\atimpc32.dll
2012-12-19 19:33 . 2012-12-19 19:33	56832	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2012-12-19 19:33 . 2012-12-19 19:33	421888	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2012-12-19 19:33 . 2012-12-19 19:33	17920	----a-w-	c:\windows\system32\atig6pxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	14848	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	41984	----a-w-	c:\windows\system32\atig6txx.dll
2012-12-19 19:33 . 2012-12-19 19:33	33280	----a-w-	c:\windows\SysWow64\atigktxx.dll
2012-12-19 19:32 . 2012-12-19 19:32	552960	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31 . 2011-05-25 02:24	130048	----a-w-	c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2012-09-28 01:11	109568	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2012-12-19 19:31 . 2012-12-19 19:31	104448	----a-w-	c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2012-12-19 19:30	83968	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2012-12-19 19:30 . 2012-12-19 19:30	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-12-19 14:45 . 2012-12-19 14:45	222720	----a-w-	c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44	76288	----a-w-	c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44	65536	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44	64000	----a-w-	c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44	56320	----a-w-	c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44	34518016	----a-w-	c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38	28732928	----a-w-	c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34	54784	----a-w-	c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34	50176	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-12-16 17:11 . 2012-12-21 22:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 22:52	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 22:52	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 22:52	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 13:14	441856	----a-w-	c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 13:14	2746368	----a-w-	c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 13:14	308736	----a-w-	c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 13:14	2576384	----a-w-	c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 13:14	30720	----a-w-	c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 13:14	43520	----a-w-	c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 13:14	23552	----a-w-	c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 13:14	45568	----a-w-	c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 13:14	44544	----a-w-	c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 13:14	20480	----a-w-	c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 13:14	20480	----a-w-	c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 13:14	20480	----a-w-	c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 13:14	46592	----a-w-	c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 13:14	40960	----a-w-	c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 13:14	21504	----a-w-	c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 13:14	15360	----a-w-	c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 13:14	55296	----a-w-	c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 13:14	51712	----a-w-	c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 13:14	43520	----a-w-	c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 13:14	30720	----a-w-	c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 13:14	45568	----a-w-	c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 13:14	44544	----a-w-	c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 13:14	20480	----a-w-	c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 13:14	23552	----a-w-	c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 13:14	20480	----a-w-	c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 13:14	46592	----a-w-	c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 13:14	20480	----a-w-	c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 13:14	21504	----a-w-	c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 13:14	40960	----a-w-	c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 13:14	15360	----a-w-	c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 13:14	55296	----a-w-	c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 13:14	51712	----a-w-	c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 13:14	362496	----a-w-	c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 13:14	243200	----a-w-	c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 13:14	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 13:14	215040	----a-w-	c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 13:14	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 13:14	424448	----a-w-	c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 13:14	1161216	----a-w-	c:\windows\system32\kernel32.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-01-18 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyœlne, prawid³owe wpisy nie s¹ pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-04-09 16:43	1519272	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"="c:\program files (x86)\ALLPlayer\ALLUpdate.exe" [2011-02-08 1362944]
"Kookos"="c:\users\Soku\AppData\Local\Kookos\kookos.exe" [2012-04-13 4044800]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
"F.lux"="c:\users\Soku\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Pokki"="c:\users\Soku\AppData\Local\Pokki\v0.260.10.204\pokki.exe" [2013-01-25 5639448]
"DAEMON Tools Lite"="c:\users\Soku\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-05-24 393216]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-04-09 1557160]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
.
c:\users\Soku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GameRanger.lnk - c:\users\Soku\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe [2012-3-25 1822496]
RemoveWat.exe [2011-2-6 11128832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2011-08-19 351136]
R3 LVUVC64;Logitech QuickCam 3000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2011-08-19 4869024]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-12-19 117040]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-24 1255736]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-26 283200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 224048]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 130864]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 165680]
.
.
Zawartoœæ folderu 'Zaplanowane zadania'
.
2013-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 21:53]
.
2013-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3341388666-984988990-2067630386-1000Core.job
- c:\users\Soku\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-27 18:29]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3341388666-984988990-2067630386-1000UA.job
- c:\users\Soku\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-27 18:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Skan uzupe³niaj¹cy -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.ask.com/?l=dis&o=101916
mStart Page = hxxp://startsear.ch/?aff=2&cf=64eb828c-2373-11e1-a0f4-0023543c685f
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Wyœlij &do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\Soku\AppData\Roaming\Mozilla\Firefox\Profiles\o0c15kn3.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=2&src=sp&cf=64eb828c-2373-11e1-a0f4-0023543c685f&q=
.
- - - - USUNIÊTO PUSTE WPISY - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-HaaliMkx - c:\program files (x86)\Matroska Pack\haali\uninstall.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukoñczenia: 2013-02-16  11:42:30
ComboFix-quarantined-files.txt  2013-02-16 10:42
ComboFix2.txt  2012-05-05 11:34
.
Przed: 6 048 108 544 bajtów wolnych
Po: 8 163 737 600 bajtów wolnych
.
- - End Of File - - 286B8723B69B6B60DABC8FE8226F941A