ComboFix 11-06-01.07 - sesion 2011-06-02  15:19:01.1.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1250.48.1045.18.4095.2714 [GMT 2:00]
Uruchomiony z: c:\users\sesion\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: Zapora osobista *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\fakturka
c:\fakturka\Fakturka.ini
c:\fakturka\KONTRAH.CDX
c:\fakturka\KONTRAH.DBF
c:\fakturka\POZYCJEFAK.DBF
c:\fakturka\REJESTR.CDX
c:\fakturka\REJESTR.DBF
c:\fakturka\TOWARY.CDX
c:\fakturka\TOWARY.DBF
c:\users\sesion\AppData\Roaming\Houg
c:\users\sesion\AppData\Roaming\Houg\itat.zao
c:\users\sesion\AppData\Roaming\inst.exe
c:\users\sesion\AppData\Roaming\Pyez
c:\users\sesion\AppData\Roaming\Pyez\hixue.zed
C:\z.txt
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-05-02 do 2011-06-02  )))))))))))))))))))))))))))))))
.
.
2011-06-02 13:24 . 2011-06-02 13:24	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-05-31 15:28 . 2011-05-31 15:28	--------	d-----w-	C:\PSS
2011-05-31 15:27 . 2011-05-31 16:44	--------	d-----w-	c:\program files (x86)\Pro Surveillance System
2011-05-25 08:04 . 2011-04-22 22:15	27520	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-05-23 19:23 . 2011-04-14 16:59	142296	----a-w-	c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-05-20 17:43 . 2011-05-20 17:43	--------	d-----w-	c:\users\sesion\AppData\Local\Xara
2011-05-20 17:41 . 2011-05-20 17:41	--------	d-----w-	c:\program files (x86)\Common Files\Xara
2011-05-20 17:41 . 2011-05-20 17:41	--------	d-----w-	c:\program files (x86)\Xara
2011-05-20 15:17 . 2011-05-20 15:17	--------	d-----w-	c:\program files (x86)\Goldshell
2011-05-19 11:53 . 2011-05-19 11:53	--------	d-----w-	c:\users\sesion\AppData\Roaming\.RawTherapee
2011-05-14 22:15 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-05-14 22:15 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-05-13 19:55 . 2011-05-13 19:55	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-13 08:00 . 2011-05-13 08:00	--------	d-----w-	c:\users\sesion\AppData\Roaming\RDRM
2011-05-11 21:12 . 2011-04-09 07:02	5562240	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-05-11 21:12 . 2011-04-09 06:02	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 21:12 . 2011-04-09 06:02	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 21:12 . 2011-03-25 03:29	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2011-05-11 21:12 . 2011-03-25 03:29	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2011-05-11 21:12 . 2011-03-25 03:29	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2011-05-11 21:12 . 2011-03-25 03:29	98816	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2011-05-11 21:12 . 2011-03-25 03:29	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2011-05-11 21:12 . 2011-03-25 03:29	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2011-05-11 21:12 . 2011-03-25 03:28	7936	----a-w-	c:\windows\system32\drivers\usbd.sys
2011-05-10 14:45 . 2011-04-22 06:17	74272	----a-w-	c:\windows\system32\RtNicProp64.dll
2011-05-10 14:45 . 2011-04-22 06:17	471144	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2011-05-10 14:42 . 2011-05-10 14:42	--------	d-----w-	c:\users\UpdatusUser
2011-05-10 14:42 . 2011-05-10 14:42	--------	d-----w-	c:\program files (x86)\NVIDIA Corporation
2011-05-10 14:39 . 2011-04-08 05:14	1619048	----a-w-	c:\windows\system32\nvdispco6420140.dll
2011-05-10 14:39 . 2011-04-08 05:14	1404008	----a-w-	c:\windows\system32\nvgenco642060.dll
2011-05-08 21:02 . 2011-05-08 21:02	--------	d-----w-	c:\program files (x86)\LSoft Technologies
2011-05-08 20:56 . 2011-03-11 15:02	10588	----a-w-	c:\windows\SysWow64\drivers\mpfilt.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-22 06:17 . 2010-06-19 11:22	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2011-04-07 21:19 . 2011-04-07 21:19	797288	----a-w-	c:\windows\system32\easyUpdatusAPIU64.dll
2011-03-25 13:44 . 2011-03-25 13:44	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-03-25 13:44 . 2011-03-25 13:44	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-25 13:44 . 2011-03-25 13:44	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-25 13:44 . 2011-03-25 13:44	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-03-25 13:44 . 2011-03-25 13:44	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-03-25 13:44 . 2011-03-25 13:44	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-03-25 13:44 . 2011-03-25 13:44	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-03-25 13:44 . 2011-03-25 13:44	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-03-25 13:44 . 2011-03-25 13:44	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-03-25 13:44 . 2011-03-25 13:44	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-03-25 13:44 . 2011-03-25 13:44	1797632	----a-w-	c:\windows\SysWow64\jscript9.dll
2011-03-25 13:44 . 2011-03-25 13:44	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-03-25 13:44 . 2011-03-25 13:44	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-03-25 13:44 . 2011-03-25 13:44	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-03-25 13:44 . 2011-03-25 13:44	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-03-25 13:44 . 2011-03-25 13:44	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-03-25 13:44 . 2011-03-25 13:44	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-03-25 13:44 . 2011-03-25 13:44	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-03-25 13:44 . 2011-03-25 13:44	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-03-25 13:44 . 2011-03-25 13:44	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-03-25 13:44 . 2011-03-25 13:44	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-03-25 13:44 . 2011-03-25 13:44	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-03-25 13:44 . 2011-03-25 13:44	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-03-25 13:44 . 2011-03-25 13:44	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-03-25 13:44 . 2011-03-25 13:44	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-03-25 13:44 . 2011-03-25 13:44	448512	----a-w-	c:\windows\system32\html.iec
2011-03-25 13:44 . 2011-03-25 13:44	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-03-25 13:44 . 2011-03-25 13:44	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-03-25 13:44 . 2011-03-25 13:44	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-03-25 13:44 . 2011-03-25 13:44	2303488	----a-w-	c:\windows\system32\jscript9.dll
2011-03-25 13:44 . 2011-03-25 13:44	222208	----a-w-	c:\windows\system32\msls31.dll
2011-03-25 13:44 . 2011-03-25 13:44	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-03-25 13:44 . 2011-03-25 13:44	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-03-25 13:44 . 2011-03-25 13:44	160256	----a-w-	c:\windows\system32\wextract.exe
2011-03-25 13:44 . 2011-03-25 13:44	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-03-25 13:44 . 2011-03-25 13:44	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-03-25 13:44 . 2011-03-25 13:44	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-03-25 13:44 . 2011-03-25 13:44	12288	----a-w-	c:\windows\system32\mshta.exe
2011-03-25 13:44 . 2011-03-25 13:44	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-03-25 13:44 . 2011-03-25 13:44	114176	----a-w-	c:\windows\system32\admparse.dll
2011-03-25 13:44 . 2011-03-25 13:44	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-03-25 13:44 . 2011-03-25 13:44	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-03-12 12:08 . 2011-04-27 20:00	1465344	----a-w-	c:\windows\system32\XpsPrint.dll
2011-03-12 11:23 . 2011-04-27 20:00	870912	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2011-03-11 06:41 . 2011-04-27 19:59	189824	----a-w-	c:\windows\system32\drivers\storport.sys
2011-03-11 06:41 . 2011-04-27 19:59	166272	----a-w-	c:\windows\system32\drivers\nvstor.sys
2011-03-11 06:41 . 2011-04-27 19:59	1659776	----a-w-	c:\windows\system32\drivers\ntfs.sys
2011-03-11 06:41 . 2011-04-27 19:59	148352	----a-w-	c:\windows\system32\drivers\nvraid.sys
2011-03-11 06:41 . 2011-04-27 19:59	410496	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2011-03-11 06:41 . 2011-04-27 19:59	27008	----a-w-	c:\windows\system32\drivers\amdxata.sys
2011-03-11 06:41 . 2011-04-27 19:59	107904	----a-w-	c:\windows\system32\drivers\amdsata.sys
2011-03-11 06:34 . 2011-04-12 20:44	1359872	----a-w-	c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-12 20:44	1395712	----a-w-	c:\windows\system32\mfc42.dll
2011-03-11 06:33 . 2011-04-27 19:59	2565632	----a-w-	c:\windows\system32\esent.dll
2011-03-11 06:30 . 2011-04-27 19:59	96768	----a-w-	c:\windows\system32\fsutil.exe
2011-03-11 05:33 . 2011-04-12 20:44	1137664	----a-w-	c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-12 20:44	1164288	----a-w-	c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:33 . 2011-04-27 19:59	1699328	----a-w-	c:\windows\SysWow64\esent.dll
2011-03-11 05:31 . 2011-04-27 19:59	74240	----a-w-	c:\windows\SysWow64\fsutil.exe
2011-03-10 19:00 . 2011-04-04 14:06	1612184	----a-w-	c:\windows\system32\nvdispco642090.dll
2011-03-10 19:00 . 2011-04-04 14:06	1357720	----a-w-	c:\windows\system32\nvgenco642040.dll
2011-03-08 06:29 . 2011-04-12 20:44	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-12 20:44	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Stickies.lnk - c:\program files (x86)\Stickies\stickies.exe [2011-1-14 1122304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ISUSScheduler"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
.
R1 VD_FileDisk;VD_FileDisk; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-06-11 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-06-11 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-02-23 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-02-23 9096]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 vpcuxd;Usługa procedury wejścia wirtualizacji USB;c:\windows\system32\drivers\vpcuxd.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-06-15 1403208]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-04-09 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 MSSQL$INSERTGT;SQL Server (INSERTGT);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-05-31 c:\windows\Tasks\ParetoLogic Registration.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2010-08-21 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2692008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.pl/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&ksportuj do programu Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{B46B0919-62BA-4D99-A5C4-916B57A6805C} - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - c:\program files (x86)\Techland\Common\InternetTranslator\InternetTranslator.dll
TCP: Interfaces\{2C09E92D-E207-415D-BC93-70D7F68A1F09}: NameServer = 192.168.14.14
FF - ProfilePath - c:\users\sesion\AppData\Roaming\Mozilla\Firefox\Profiles\4j1jhbcr.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60347&qkw=
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-SkanerOnline - c:\windows\system32\SkanerOnlineUninstall.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2011-06-02  15:26:14
ComboFix-quarantined-files.txt  2011-06-02 13:26
.
Przed: 20 217 077 760 bajtów wolnych
Po: 19 799 003 136 bajtów wolnych
.
- - End Of File - - 77D82A4D21C8ECF26AB27EF2B759024D