ComboFix 11-08-23.03 - Wojtek 2011-08-23  19:11:36.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.6142.4742 [GMT 2:00]
Uruchomiony z: c:\users\Wojtek\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ClickPotatoLite
c:\programdata\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\programdata\ClickPotatoLiteSA
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSA.dat
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf_update.dat
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat
c:\programdata\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
c:\programdata\ntuser.dat
c:\users\Wojtek\AppData\Roaming\EurekaLog
c:\windows\iun6002.exe
c:\windows\XSxS
D:\install.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-07-23 do 2011-08-23  )))))))))))))))))))))))))))))))
.
.
2011-08-23 17:17 . 2011-08-23 17:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-08-23 00:55 . 2011-08-23 00:55	--------	d-----w-	c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-08-22 22:50 . 2011-08-23 00:53	--------	d-----w-	c:\programdata\AVAST Software
2011-08-22 22:50 . 2011-08-22 22:50	--------	d-----w-	c:\program files\AVAST Software
2011-08-22 19:03 . 2011-08-22 19:03	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2011-08-22 18:50 . 2011-08-23 01:24	--------	d-----w-	c:\programdata\Wise Registry Cleaner
2011-08-22 18:34 . 2011-08-23 01:24	--------	d-----w-	c:\users\Wojtek\AppData\Roaming\Wise Registry Cleaner
2011-08-22 18:34 . 2011-08-22 18:34	--------	d-----w-	c:\program files (x86)\Wise Registry Cleaner
2011-08-22 14:19 . 2011-08-22 14:19	270912	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-22 13:48 . 2011-08-22 14:00	--------	d-----w-	c:\program files (x86)\DAEMON Tools Pro
2011-08-22 13:48 . 2011-08-22 13:56	--------	d-----w-	c:\users\Wojtek\AppData\Roaming\DAEMON Tools Pro
2011-08-22 13:48 . 2011-08-22 13:48	--------	d-----w-	c:\programdata\DAEMON Tools Pro
2011-08-22 13:45 . 2011-08-22 13:45	--------	d-----w-	c:\users\Wojtek\AppData\Roaming\PokerCreations
2011-08-22 13:44 . 2011-08-22 13:45	--------	d-----w-	c:\users\Wojtek\AppData\Roaming\WWE Poker
2011-08-22 13:44 . 2011-08-22 13:44	--------	d-----w-	c:\program files (x86)\WWE Poker
2011-08-22 10:31 . 2011-08-22 10:31	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-22 10:31 . 2011-08-22 10:31	--------	d-----w-	c:\windows\system32\Macromed
2011-08-22 00:40 . 2011-08-22 00:40	--------	d-----w-	c:\programdata\Nokia
2011-08-22 00:35 . 2011-08-22 00:36	--------	d-----w-	c:\users\Wojtek\AppData\Roaming\Nokia Ovi Suite
2011-08-22 00:31 . 2011-08-22 00:31	--------	d-----w-	c:\users\Wojtek\AppData\Local\NokiaAccount
2011-08-22 00:29 . 2011-08-22 00:29	--------	d-----w-	c:\program files (x86)\PC Connectivity Solution
2011-08-21 22:05 . 2011-08-23 15:35	--------	d-----w-	c:\windows\system32\catroot2
2011-08-21 21:06 . 2011-08-21 21:06	--------	d-----w-	c:\program files (x86)\Xenocode
2011-08-21 19:45 . 2011-08-21 19:45	--------	d-----w-	c:\program files\BitComet
2011-08-21 19:43 . 2011-08-21 19:44	--------	d-----w-	c:\program files (x86)\BitComet
2011-08-21 19:12 . 2011-08-21 19:12	--------	d-----w-	c:\program files (x86)\Your Uninstaller! 7
2011-08-21 17:59 . 2011-08-21 17:59	--------	d-----w-	c:\users\Wojtek\AppData\Roaming\URSoft
2011-08-21 16:25 . 2011-08-23 15:38	--------	d-----w-	c:\users\Wojtek\AppData\Roaming\Skype
2011-08-21 13:10 . 2011-08-21 13:10	--------	d-----w-	c:\windows\Profiles
2011-08-20 14:25 . 2011-08-20 14:29	374777	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\UnInstUtEur.exe
2011-08-20 12:27 . 2011-08-20 12:30	763598	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\UnInstUtCan.exe
2011-08-20 12:16 . 2011-08-20 12:22	833207	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\UnInst.exe
2011-08-19 09:16 . 2011-08-12 04:10	8862544	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7785A74A-2250-4164-B58C-D5FFFCBCE601}\mpengine.dll
2011-08-17 21:50 . 2011-08-19 11:20	286720	----a-w-	c:\windows\iun506.exe
2011-08-15 18:17 . 2011-08-15 18:17	83061	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unFS2CrewStartCenterFSX.exe
2011-08-15 18:14 . 2011-08-15 18:14	114817	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\UnFS2CrewWilcoAirbusSpecialFSX.exe
2011-08-13 23:19 . 2011-07-16 05:41	243200	----a-w-	c:\windows\system32\wow64.dll
2011-08-13 23:16 . 2011-06-21 06:34	1923968	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-08-13 23:14 . 2011-06-23 04:33	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-08-13 23:14 . 2011-06-23 05:43	5561216	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-08-13 23:14 . 2011-06-23 04:33	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-08-05 23:21 . 2011-08-23 01:28	--------	d-----w-	c:\users\UpdatusUser
2011-08-05 23:19 . 2011-08-03 11:50	836200	----a-w-	c:\windows\system32\easyupdatusapiu64.dll
2011-08-05 23:19 . 2011-05-25 07:25	29288	----a-w-	c:\windows\system32\nvhdap64.dll
2011-08-05 23:19 . 2011-05-25 07:25	174184	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2011-08-05 23:19 . 2011-05-25 07:25	1426536	----a-w-	c:\windows\system32\nvhdagenco642040.dll
2011-08-05 23:19 . 2011-08-03 11:50	8355944	----a-w-	c:\windows\system32\nvwgf2umx.dll
2011-08-05 23:19 . 2011-08-03 11:50	2412136	----a-w-	c:\windows\SysWow64\nvapi.dll
2011-08-05 23:19 . 2011-05-25 07:25	1496168	----a-w-	c:\windows\system32\nvdispco6420150.dll
2011-08-05 23:19 . 2011-05-25 07:25	1427048	----a-w-	c:\windows\system32\nvgenco642090.dll
2011-08-05 23:19 . 2011-05-25 07:25	12392	----a-w-	c:\windows\system32\drivers\nvBridge.kmd
2011-08-05 15:05 . 2000-04-03 20:05	118784	----a-w-	c:\windows\system32\msstdfmt.dll
2011-08-05 14:38 . 2000-03-14 05:00	118784	----a-w-	c:\windows\SysWow64\MSSTDFMT.DLL
2011-08-04 01:28 . 2006-11-05 14:00	23536	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\MakeRwys.exe
2011-08-04 00:16 . 2011-08-06 01:33	--------	d-----w-	c:\program files (x86)\rcv4
2011-08-03 01:31 . 2011-08-03 01:31	311912	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2011-07-30 05:06 . 2011-07-30 05:06	66793	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Addon Scenery\FlyTampa-Athens\FlyTampa_Athens_FSX_Uninstall.exe
2011-07-24 20:10 . 2011-07-24 20:10	79508	----a-w-	c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\csX753_uninstall.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-22 13:49 . 2011-01-15 02:53	526392	----a-w-	c:\windows\system32\drivers\sptd.sys.vir
2011-08-03 11:50 . 2011-01-12 19:06	2758760	----a-w-	c:\windows\system32\nvapi64.dll
2011-08-03 11:50 . 2011-01-12 19:06	12636776	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2011-08-03 11:50 . 2010-11-09 10:17	6136936	----a-w-	c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2010-11-09 10:17	980072	----a-w-	c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2010-11-09 10:17	61544	----a-w-	c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2010-11-09 10:17	3021416	----a-w-	c:\windows\system32\nvsvc64.dll
2011-08-03 11:50 . 2010-11-09 10:17	2560616	----a-w-	c:\windows\system32\nvsvcr.dll
2011-08-03 11:50 . 2010-11-09 10:17	117864	----a-w-	c:\windows\system32\nvmctray.dll
2011-07-16 04:26 . 2011-08-13 23:19	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2011-07-05 09:04 . 2011-07-04 17:39	88288	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-07-05 09:04 . 2011-07-04 17:39	123784	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-07-01 23:13 . 2009-08-18 10:49	564632	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-07-01 23:13 . 2009-08-18 09:24	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-06-11 03:07 . 2011-07-12 22:17	3137536	----a-w-	c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-07-29 17361032]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoAutorun"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 sptd;sptd; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-22 136176]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 gupdatem;Usługa Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-22 136176]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-22 23:37]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-22 23:37]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2655553526-50726599-371482421-1000Core.job
- c:\users\Wojtek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-13 14:44]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2655553526-50726599-371482421-1000UA.job
- c:\users\Wojtek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-13 14:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"Logitech Download Assistant"="c:\windows\system32\rundll32.exe" [2009-07-14 45568]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.wp.pl/
IE: &P&obierz &za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
Trusted Zone: ovi.com\music
Trusted Zone: wp.pl\www
TCP: DhcpNameServer = 8.8.4.4 62.108.186.3
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-pc12_FSX - c:\windows\iun6002.exe
AddRemove-Area51 Simulations UH-1Y Venom FSX Version - c:\program files\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Rotorcraft\Area51Sim Uh-1Y Venom\Uninstal.exe
AddRemove-FBW_549 - c:\users\Wojtek\Desktop\Uninstal.exe
AddRemove-FTX AU GOLD Version 1.0 - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Uninstaller_Orbx_FTXAUBLUE
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\srvany.exe
c:\windows\KMService.exe
.
**************************************************************************
.
Czas ukończenia: 2011-08-23  21:21:54 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2011-08-23 19:21
.
Przed: 68,657,549,312 bajtów wolnych
Po: 68,511,088,640 bajtów wolnych
.
- - End Of File - - 6E8B23815F080FE57420D731E34D734A