ComboFix 13-05-13.01 - Piotrek 2013-05-20  12:42:09.3.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1250.48.1045.18.4095.2548 [GMT 2:00]
Uruchomiony z: c:\users\Piotrek\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-04-20 do 2013-05-20  )))))))))))))))))))))))))))))))
.
.
2013-05-20 10:45 . 2013-05-20 10:45	--------	d-----w-	c:\users\Piotrek\AppData\Local\temp
2013-05-20 10:45 . 2013-05-20 10:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-18 10:36 . 2013-05-18 10:36	--------	d-----w-	c:\users\Piotrek\AppData\Local\Macromedia
2013-05-18 10:34 . 2013-05-18 10:34	--------	d-----w-	c:\users\Piotrek\AppData\Local\Mozilla
2013-05-18 10:34 . 2013-05-18 10:34	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2013-05-15 06:36 . 2013-05-15 06:36	--------	d-----w-	c:\program files (x86)\MSXML 4.0
2013-05-15 06:23 . 2013-04-01 17:58	72702784	----a-w-	c:\windows\system32\MRT.exe
2013-05-15 06:21 . 2013-04-17 04:31	9317456	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{49CA5488-ED80-483A-8B09-D28622FE526A}\mpengine.dll
2013-05-15 06:19 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2013-05-15 06:17 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2013-05-15 06:17 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2013-05-15 06:17 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2013-05-15 06:17 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2013-05-15 06:17 . 2010-09-30 10:41	100864	----a-w-	c:\windows\system32\fontsub.dll
2013-05-15 06:17 . 2010-09-30 06:47	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2013-05-15 06:16 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2013-05-15 06:16 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2013-05-15 06:16 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2013-05-15 06:16 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2013-05-15 06:16 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2013-05-15 06:14 . 2013-03-19 06:04	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-05-15 06:12 . 2012-11-02 05:59	478208	----a-w-	c:\windows\system32\dpnet.dll
2013-05-15 06:12 . 2012-11-02 05:11	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2013-05-15 06:12 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2013-05-15 06:12 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2013-05-15 06:12 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2013-05-06 11:04 . 2013-05-06 11:04	--------	d-----w-	c:\program files (x86)\Hosts_Anti_Adwares_PUPs
2013-05-05 13:43 . 2013-05-05 13:43	--------	d-----w-	c:\users\Piotrek\AppData\Roaming\NapiProjekt
2013-05-05 13:43 . 2013-05-05 13:43	--------	d-----w-	c:\program files (x86)\NapiProjekt
2013-04-21 11:45 . 2013-04-21 11:45	--------	d-----w-	c:\users\Piotrek\AppData\Local\Adobe
2013-04-21 11:44 . 2013-04-21 11:44	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2013-04-20 19:53 . 2013-04-20 19:57	--------	d-----w-	c:\program files (x86)\SpeedFan
2013-04-20 19:36 . 2013-04-20 19:36	30112	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2013-04-20 19:36 . 2013-04-20 19:36	--------	d-----w-	c:\program files\HWiNFO64
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 07:51 . 2013-04-10 18:01	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 07:51 . 2013-04-10 18:01	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-10 18:17 . 2013-04-10 18:17	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-10 18:17 . 2013-04-10 18:17	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-04-10 18:17 . 2013-04-10 18:17	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-10 18:17 . 2013-04-10 18:17	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-10 18:17 . 2013-04-10 18:17	1766912	----a-w-	c:\windows\SysWow64\wininet.dll
2013-04-10 18:17 . 2013-04-10 18:17	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-10 18:17 . 2013-04-10 18:17	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-10 18:17 . 2013-04-10 18:17	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-10 18:17 . 2013-04-10 18:17	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-10 18:17 . 2013-04-10 18:17	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-10 18:17 . 2013-04-10 18:17	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-10 18:17 . 2013-04-10 18:17	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-10 18:17 . 2013-04-10 18:17	89600	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-04-10 18:17 . 2013-04-10 18:17	855552	----a-w-	c:\windows\system32\jscript.dll
2013-04-10 18:17 . 2013-04-10 18:17	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-10 18:17 . 2013-04-10 18:17	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-10 18:17 . 2013-04-10 18:17	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-10 18:17 . 2013-04-10 18:17	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-10 18:17 . 2013-04-10 18:17	67072	----a-w-	c:\windows\system32\iesetup.dll
2013-04-10 18:17 . 2013-04-10 18:17	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-10 18:17 . 2013-04-10 18:17	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-10 18:17 . 2013-04-10 18:17	61440	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-04-10 18:17 . 2013-04-10 18:17	603136	----a-w-	c:\windows\system32\msfeeds.dll
2013-04-10 18:17 . 2013-04-10 18:17	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-10 18:17 . 2013-04-10 18:17	53248	----a-w-	c:\windows\system32\jsproxy.dll
2013-04-10 18:17 . 2013-04-10 18:17	526336	----a-w-	c:\windows\system32\ieui.dll
2013-04-10 18:17 . 2013-04-10 18:17	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-10 18:17 . 2013-04-10 18:17	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-10 18:17 . 2013-04-10 18:17	51712	----a-w-	c:\windows\system32\ie4uinit.exe
2013-04-10 18:17 . 2013-04-10 18:17	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-10 18:17 . 2013-04-10 18:17	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-10 18:17 . 2013-04-10 18:17	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-10 18:17 . 2013-04-10 18:17	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-10 18:17 . 2013-04-10 18:17	441856	----a-w-	c:\windows\system32\html.iec
2013-04-10 18:17 . 2013-04-10 18:17	39936	----a-w-	c:\windows\system32\iernonce.dll
2013-04-10 18:17 . 2013-04-10 18:17	3958784	----a-w-	c:\windows\system32\jscript9.dll
2013-04-10 18:17 . 2013-04-10 18:17	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-10 18:17 . 2013-04-10 18:17	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-10 18:17 . 2013-04-10 18:17	2877440	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-04-10 18:17 . 2013-04-10 18:17	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-10 18:17 . 2013-04-10 18:17	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-10 18:17 . 2013-04-10 18:17	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-10 18:17 . 2013-04-10 18:17	2706432	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-04-10 18:17 . 2013-04-10 18:17	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2013-04-10 18:17 . 2013-04-10 18:17	2647040	----a-w-	c:\windows\system32\iertutil.dll
2013-04-10 18:17 . 2013-04-10 18:17	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-10 18:17 . 2013-04-10 18:17	235008	----a-w-	c:\windows\system32\url.dll
2013-04-10 18:17 . 2013-04-10 18:17	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-10 18:17 . 2013-04-10 18:17	2240512	----a-w-	c:\windows\system32\wininet.dll
2013-04-10 18:17 . 2013-04-10 18:17	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-10 18:17 . 2013-04-10 18:17	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-10 18:17 . 2013-04-10 18:17	19230208	----a-w-	c:\windows\system32\mshtml.dll
2013-04-10 18:17 . 2013-04-10 18:17	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-10 18:17 . 2013-04-10 18:17	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-10 18:17 . 2013-04-10 18:17	15404544	----a-w-	c:\windows\system32\ieframe.dll
2013-04-10 18:17 . 2013-04-10 18:17	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-10 18:17 . 2013-04-10 18:17	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-10 18:17 . 2013-04-10 18:17	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-10 18:17 . 2013-04-10 18:17	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-10 18:17 . 2013-04-10 18:17	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-10 18:17 . 2013-04-10 18:17	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-10 18:17 . 2013-04-10 18:17	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-10 18:17 . 2013-04-10 18:17	136704	----a-w-	c:\windows\system32\iesysprep.dll
2013-04-10 18:17 . 2013-04-10 18:17	1365504	----a-w-	c:\windows\system32\urlmon.dll
2013-04-10 18:17 . 2013-04-10 18:17	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-10 18:17 . 2013-04-10 18:17	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-10 18:17 . 2013-04-10 18:17	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-10 18:17 . 2013-04-10 18:17	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-10 18:17 . 2013-04-10 18:17	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-10 18:17 . 2013-04-10 18:17	109056	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-04-10 18:17 . 2013-04-10 18:17	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-10 18:17 . 2013-04-10 18:17	68608	----a-w-	c:\windows\system32\taskhost.exe
2013-04-10 18:16 . 2013-04-10 18:16	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-04-10 18:16 . 2013-04-10 18:16	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-04-10 18:16 . 2013-04-10 18:16	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-04-10 18:16 . 2013-04-10 18:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-04-10 18:16 . 2013-04-10 18:16	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-04-10 18:16 . 2013-04-10 18:16	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-04-10 18:16 . 2013-04-10 18:16	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-10 18:16 . 2013-04-10 18:16	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-04-10 18:16 . 2013-04-10 18:16	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-04-10 18:16 . 2013-04-10 18:16	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-04-10 18:16 . 2013-04-10 18:16	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-10 18:16 . 2013-04-10 18:16	296960	----a-w-	c:\windows\system32\d3d10core.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"thebat_startup"="c:\program files (x86)\The Bat!\thebat.exe" [2009-08-16 7232944]
"uTorrent"="c:\users\Piotrek\AppData\Roaming\uTorrent\uTorrent.exe" [2013-05-02 802136]
"Spotify Web Helper"="c:\users\Piotrek\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-05-11 1105408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2013-04-10 206448]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-08-15 614400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS [2013-04-20 30112]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 238080]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-10 11576]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-18 10:31	1642448	----a-w-	c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-05-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-10 07:51]
.
2013-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-10 14:40]
.
2013-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-10 14:40]
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 217.113.224.135 217.113.224.36
FF - ProfilePath - c:\users\Piotrek\AppData\Roaming\Mozilla\Firefox\Profiles\i0hkqhpu.default\
FF - ExtSQL: 2013-04-11 12:19; KavAntiBanner@Kaspersky.ru; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF - ExtSQL: 2013-04-11 12:19; linkfilter@kaspersky.ru; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF - ExtSQL: 2013-04-11 12:19; virtualKeyboard@kaspersky.ru; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2013-05-20  12:47:20
ComboFix-quarantined-files.txt  2013-05-20 10:47
ComboFix2.txt  2013-05-13 21:01
.
Przed: 42 553 413 632 bajtów wolnych
Po: 42 225 201 152 bajtów wolnych
.
- - End Of File - - CF4CACE5DB0096D685B14F099639F42C