ComboFix 13-04-28.01 - Dawid 2013-04-29  12:22:05.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.4073.2835 [GMT 2:00]
Uruchomiony z: c:\users\Dawid\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\a.txt
c:\programdata\adobeUpdate.exe
c:\programdata\BuRRoWsye2save
c:\programdata\BuRRoWsye2save\5151b3c719811.dll
c:\programdata\BuRRoWsye2save\5151b3c719811.tlb
c:\programdata\BuRRoWsye2save\data\BuRRoWsye2save.dat
c:\programdata\BuRRoWsye2save\settings.ini
c:\programdata\BuRRoWsye2save\uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\BuRRoWsye2save
c:\programdata\Microsoft\Windows\Start Menu\Programs\BuRRoWsye2save\BuRRoWsye2save.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\BuRRoWsye2save\Uninstall.lnk
c:\programdata\RazorU0\iflmnkfrd.exe
c:\programdata\Roaming
C:\t.txt
c:\users\Dawid\AppData\Roaming\KW
c:\users\Dawid\Documents\Prawko2012.tmp
c:\users\Dawid\Documents\Prawko2013.tmp
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-03-28 do 2013-04-29  )))))))))))))))))))))))))))))))
.
.
2013-04-29 10:25 . 2013-04-29 10:25	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-04-29 10:25 . 2013-04-29 10:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-04-27 08:33 . 2013-04-27 08:33	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-27 08:33 . 2013-04-27 08:33	691592	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-25 12:51 . 2013-04-29 10:25	--------	d-sh--w-	c:\programdata\RazorU0
2013-04-24 08:12 . 2013-04-12 14:45	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-23 06:23 . 2013-04-23 06:23	--------	d-----w-	c:\users\Dawid\AppData\Local\FLT
2013-04-15 09:10 . 2013-04-15 09:29	--------	d-----w-	c:\users\Dawid\AppData\Local\Microsoft Games
2013-04-11 09:22 . 2013-04-11 13:37	--------	d-----w-	c:\program files (x86)\BlueStacks
2013-04-11 09:21 . 2013-04-11 09:27	--------	d-----w-	c:\programdata\BlueStacksSetup
2013-04-10 08:04 . 2013-03-01 03:36	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-04-10 08:03 . 2013-03-19 06:04	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-04-10 08:03 . 2013-03-19 05:04	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 08:03 . 2013-01-24 06:01	223752	----a-w-	c:\windows\system32\drivers\fvevol.sys
2013-04-10 08:03 . 2013-03-19 05:46	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-04-10 08:03 . 2013-03-19 05:04	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 08:03 . 2013-03-19 03:06	112640	----a-w-	c:\windows\system32\smss.exe
2013-04-10 08:03 . 2013-03-19 04:47	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-04-01 20:40 . 2013-04-01 20:40	--------	d-----w-	c:\users\Dawid\AppData\Local\Solid State Networks
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-23 15:39 . 2013-03-26 15:36	90208	----a-w-	c:\windows\system32\drivers\klflt.sys
2013-04-23 15:39 . 2013-03-26 15:36	620128	----a-w-	c:\windows\system32\drivers\klif.sys
2013-04-23 15:39 . 2013-02-28 20:13	55056	----a-w-	c:\windows\system32\drivers\kltdi.sys
2013-04-23 15:39 . 2012-08-13 15:49	178448	----a-w-	c:\windows\system32\drivers\kneps.sys
2013-04-10 08:28 . 2013-01-26 17:31	72702784	----a-w-	c:\windows\system32\MRT.exe
2013-03-15 05:53 . 2013-03-27 10:09	9414456	----a-w-	c:\windows\system32\nvcuda.dll
2013-03-15 05:53 . 2013-03-27 10:09	7959000	----a-w-	c:\windows\SysWow64\nvcuda.dll
2013-03-15 05:53 . 2013-03-27 10:09	7573816	----a-w-	c:\windows\system32\nvopencl.dll
2013-03-15 05:53 . 2013-03-27 10:09	6271872	----a-w-	c:\windows\SysWow64\nvopencl.dll
2013-03-15 05:53 . 2013-03-27 10:09	2913056	----a-w-	c:\windows\system32\nvcuvid.dll
2013-03-15 05:53 . 2013-03-27 10:09	2728736	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2013-03-15 05:53 . 2013-03-27 10:09	26956576	----a-w-	c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2013-03-27 10:09	25256736	----a-w-	c:\windows\system32\nvcompiler.dll
2013-03-15 05:53 . 2013-03-27 10:09	2355488	----a-w-	c:\windows\system32\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-27 10:09	20542752	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2013-03-15 05:53 . 2013-03-27 10:09	1995552	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-27 10:09	1807136	----a-w-	c:\windows\system32\nvdispco6431422.dll
2013-03-15 05:53 . 2013-03-27 10:09	17990800	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2013-03-27 10:09	17560352	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2013-03-15 05:53 . 2013-03-27 10:09	1510176	----a-w-	c:\windows\system32\nvdispgenco6431422.dll
2013-03-15 05:53 . 2013-03-27 10:09	13088000	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-03-15 05:53 . 2013-03-27 10:09	11048736	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2013-03-15 05:53 . 2013-01-24 14:02	2864144	----a-w-	c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2013-01-24 14:02	2539128	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2013-01-24 14:02	15508512	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2013-01-24 14:02	15042928	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2013-01-24 14:03	3477280	----a-w-	c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2013-01-24 14:03	6398240	----a-w-	c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2013-01-24 14:03	877856	----a-w-	c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2013-01-24 14:03	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2013-01-24 14:03	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2013-01-24 14:03	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-03-14 22:15 . 2013-01-27 18:30	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-03-14 22:15 . 2013-02-01 18:16	686416	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-03-13 15:18 . 2013-03-13 15:18	111928	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-03-13 15:18 . 2013-03-13 15:18	66872	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-03-13 15:18 . 2013-03-13 15:18	2793768	----a-w-	c:\windows\SysWow64\pbsvc.exe
2013-03-10 16:40 . 2013-01-24 15:54	686416	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-09 09:45 . 2013-01-24 15:54	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-02-28 20:13 . 2013-03-26 15:37	64856	----a-w-	c:\windows\system32\klfphc.dll
2013-02-28 20:13 . 2013-02-28 20:13	29528	----a-w-	c:\windows\system32\drivers\klmouflt.sys
2013-02-28 20:13 . 2013-02-28 20:13	29016	----a-w-	c:\windows\system32\drivers\klkbdflt.sys
2013-02-12 05:45 . 2013-03-13 13:07	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 13:07	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 13:07	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 13:07	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 13:07	474112	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 13:07	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-14 13:42	19968	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-02-10 03:25 . 2013-02-26 12:20	1807136	----a-w-	c:\windows\system32\nvdispco6420294.dll
2013-02-10 03:25 . 2013-02-26 12:20	1510176	----a-w-	c:\windows\system32\nvdispgenco6420162.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"RazorU"="c:\programdata\RazorU0\iflmnkfrd.exe" [2013-04-29 987781]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"VGAOCAP"="c:\program files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe" [2012-06-06 89088]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"LockIndicator"="c:\program files (x86)\MSI\LockIndicator\LockIndicator.exe" [2011-06-24 1699016]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2011-08-29 1517056]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2013-02-28 356376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-11-30 307304]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-25 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS [2013-01-24 29672]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2013-04-23 55056]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2013-04-23 178448]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2013/02/11 13:03];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-01-11 21:57 146928]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\DRIVERS\fspad_wlh64.sys [2010-06-07 52224]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2013-02-28 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2013-02-28 29528]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 09:59	1642448	----a-w-	c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-04-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24 14:49]
.
2013-04-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-24 14:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-05 12498576]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.gazeta.pl/0,0.html?p=138
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.20
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
BHO-{01B96904-D3F5-866E-1F43-C1FCD6557AB8} - c:\programdata\BuRRoWsye2save\5151b3c719811.dll
Wow6432Node-HKLM-Run-CheckRun22apple_uninstaller - c:\users\Dawid\AppData\Roaming\CheckRun22apple.exe
Wow6432Node-HKLM-Run-tuto4pc_pl_5 - (no file)
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
HKLM-Run-THXCfg64 - c:\windows\system32\THXCfg64.dll
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} - c:\programdata\BuRRoWsye2save\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2013-04-29  12:26:48
ComboFix-quarantined-files.txt  2013-04-29 10:26
.
Przed: 60 142 919 680 bajtów wolnych
Po: 61 611 855 872 bajtów wolnych
.
- - End Of File - - BCC8BE281120277AEE842A02E983FA43