ComboFix 11-08-23.03 - Dario 2011-08-23 20:24:27.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.3957.2575 [GMT 2:00] Uruchomiony z: c:\users\Dario\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\data . . ((((((((((((((((((((((((( Pliki utworzone od 2011-07-23 do 2011-08-23 ))))))))))))))))))))))))))))))) . . 2011-08-23 18:26 . 2011-08-23 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-23 17:57 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4858F6A8-ABB1-498F-8724-12B378CB1074}\mpengine.dll 2011-08-23 17:41 . 2011-08-23 17:41 8704 ----a-w- c:\windows\system32\drivers\PROCEXP90.SYS 2011-08-23 17:41 . 2011-08-23 17:41 302592 ----a-w- c:\windows\SysWow64\CF4420.exe 2011-08-23 17:40 . 2011-08-23 17:41 302592 ----a-w- c:\windows\SysWow64\cmd.execf 2011-08-18 18:57 . 2011-08-18 18:57 -------- d-----w- c:\program files (x86)\ESET 2011-08-16 19:29 . 2011-08-16 19:29 -------- d-----w- c:\users\Dario\AppData\Local\Diagnostics 2011-08-13 18:32 . 2011-08-13 18:32 -------- d-----w- c:\users\Dario\AppData\Roaming\Leadertech 2011-08-11 18:54 . 2011-07-03 21:48 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2011-08-11 18:54 . 2011-07-03 21:48 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{62D1C0C3-B2FB-43BA-BD0F-C12CD8C9431A}\gapaengine.dll 2011-08-10 18:53 . 2011-07-09 02:46 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-08-04 15:21 . 2011-08-23 15:07 -------- d-----w- c:\users\Dario\AppData\Roaming\Media Player Classic 2011-08-04 15:21 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll 2011-08-04 15:21 . 2008-09-24 18:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm 2011-08-04 15:20 . 2011-06-02 00:15 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll 2011-08-04 15:20 . 2011-03-19 19:00 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm 2011-08-04 15:20 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll 2011-08-04 15:20 . 2011-06-16 08:00 73216 ----a-w- c:\windows\SysWow64\ff_vfw.dll 2011-08-02 22:08 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll 2011-07-30 20:17 . 2011-07-30 20:17 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll 2011-07-29 20:43 . 2011-08-03 19:59 -------- d-----w- c:\users\Dario\riotsGamesLogs 2011-07-29 20:29 . 2011-07-29 20:29 -------- d-----w- c:\users\Dario\AppData\Roaming\LolClient 2011-07-29 20:07 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll 2011-07-29 20:07 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll 2011-07-29 20:07 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll 2011-07-29 20:07 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll 2011-07-29 20:07 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll 2011-07-29 19:50 . 2011-08-23 17:40 -------- d-----w- c:\users\Dario\AppData\Roaming\Xfire 2011-07-29 19:50 . 2011-08-19 17:22 -------- d-----w- c:\programdata\Xfire 2011-07-29 19:37 . 2011-08-23 18:26 -------- d-----w- c:\users\Dario\AppData\Local\PMB Files 2011-07-29 19:37 . 2011-08-03 20:00 -------- d-----w- c:\programdata\PMB Files 2011-07-29 19:37 . 2011-07-29 19:37 -------- d-----w- c:\program files (x86)\Pando Networks . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-12 04:10 . 2011-07-05 05:20 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-07-16 04:26 . 2011-08-10 18:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-07-03 13:25 . 2011-07-03 13:25 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll 2011-07-03 07:54 . 2011-07-03 07:54 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2011-07-03 07:54 . 2011-07-03 07:54 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2011-07-03 07:54 . 2011-07-03 07:54 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2011-07-03 07:54 . 2011-07-03 07:54 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2011-07-01 09:51 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-07-01 09:51 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-07-01 08:11 . 2011-07-01 08:11 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-07-01 08:11 . 2011-07-01 08:11 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-07-01 08:11 . 2011-07-01 08:11 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2011-07-01 08:11 . 2011-07-01 08:11 85504 ----a-w- c:\windows\system32\iesetup.dll 2011-07-01 08:11 . 2011-07-01 08:11 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2011-07-01 08:11 . 2011-07-01 08:11 76800 ----a-w- c:\windows\system32\tdc.ocx 2011-07-01 08:11 . 2011-07-01 08:11 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2011-07-01 08:11 . 2011-07-01 08:11 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2011-07-01 08:11 . 2011-07-01 08:11 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2011-07-01 08:11 . 2011-07-01 08:11 603648 ----a-w- c:\windows\system32\vbscript.dll 2011-07-01 08:11 . 2011-07-01 08:11 49664 ----a-w- c:\windows\system32\imgutil.dll 2011-07-01 08:11 . 2011-07-01 08:11 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2011-07-01 08:11 . 2011-07-01 08:11 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-07-01 08:11 . 2011-07-01 08:11 448512 ----a-w- c:\windows\system32\html.iec 2011-07-01 08:11 . 2011-07-01 08:11 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2011-07-01 08:11 . 2011-07-01 08:11 367104 ----a-w- c:\windows\SysWow64\html.iec 2011-07-01 08:11 . 2011-07-01 08:11 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2011-07-01 08:11 . 2011-07-01 08:11 30720 ----a-w- c:\windows\system32\licmgr10.dll 2011-07-01 08:11 . 2011-07-01 08:11 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-07-01 08:11 . 2011-07-01 08:11 222208 ----a-w- c:\windows\system32\msls31.dll 2011-07-01 08:11 . 2011-07-01 08:11 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2011-07-01 08:11 . 2011-07-01 08:11 165888 ----a-w- c:\windows\system32\iexpress.exe 2011-07-01 08:11 . 2011-07-01 08:11 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2011-07-01 08:11 . 2011-07-01 08:11 160256 ----a-w- c:\windows\system32\wextract.exe 2011-07-01 08:11 . 2011-07-01 08:11 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2011-07-01 08:11 . 2011-07-01 08:11 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2011-07-01 08:11 . 2011-07-01 08:11 1492992 ----a-w- c:\windows\system32\inetcpl.cpl 2011-07-01 08:11 . 2011-07-01 08:11 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2011-07-01 08:11 . 2011-07-01 08:11 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2011-07-01 08:11 . 2011-07-01 08:11 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-07-01 08:11 . 2011-07-01 08:11 12288 ----a-w- c:\windows\system32\mshta.exe 2011-07-01 08:11 . 2011-07-01 08:11 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2011-07-01 08:11 . 2011-07-01 08:11 114176 ----a-w- c:\windows\system32\admparse.dll 2011-07-01 08:11 . 2011-07-01 08:11 111616 ----a-w- c:\windows\system32\iesysprep.dll 2011-07-01 08:11 . 2011-07-01 08:11 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2011-07-01 08:11 . 2011-07-01 08:11 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2011-06-30 09:12 . 2011-06-30 09:12 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-06-30 08:53 . 2011-06-30 08:53 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-06-30 08:50 . 2011-06-30 08:50 0 ----a-w- c:\windows\SysWow64\ConduitEngine.tmp 2011-06-30 08:09 . 2011-06-30 08:09 455680 ----a-w- c:\windows\system32\deploytk.dll 2011-06-30 07:30 . 2011-06-30 07:30 45056 ----a-r- c:\users\Dario\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe 2011-06-24 18:51 . 2011-06-24 18:51 36352 ----a-w- c:\windows\SysWow64\xfcodec.dll 2011-06-20 06:57 . 2011-07-01 06:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2E5100ED-3242-4ADB-A217-AD5009BF0AEE}\mpengine.dll 2011-06-11 03:07 . 2011-07-13 20:43 3137536 ----a-w- c:\windows\system32\win32k.sys 2011-06-02 00:10 . 2011-06-30 08:55 644608 ----a-w- c:\windows\SysWow64\xvidcore.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngin.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] 2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\uTorrentBar\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}] 2011-02-09 17:29 400384 ----a-w- c:\programy\ALLPlayer\Iplex\IplexToALLPlayer.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngin.dll" [2011-03-28 176936] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616] "AQQ"="c:\programy\WapSter\WAPSTE~1\AQQ.exe" [2011-08-09 9118208] "ALLUpdate"="c:\programy\ALLPlayer\ALLUpdate.exe" [2011-02-07 1362944] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-29 3077528] "DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-17 98304] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Adobe Reader Speed Launcher"="c:\programy\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2011-6-30 50688] Rainmeter.lnk - c:\programy\Rainmeter\Rainmeter.exe [2010-10-10 117248] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 cpuz130;cpuz130;c:\users\Dario\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Inspekcja sieci firmy Microsoft;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-09 92160] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Zawartość folderu 'Zaplanowane zadania' . 2011-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4158259811-544832624-2225908005-1001Core.job - c:\users\Dario\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-30 08:33] . 2011-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4158259811-544832624-2225908005-1001UA.job - c:\users\Dario\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-30 08:33] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-09 8158240] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-09-16 357376] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2011-06-30 171520] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&ksportuj do programu Microsoft Excel - c:\programy\MICROS~1\Office12\EXCEL.EXE/3000 IE: Wyślij obraz do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Wyślij stronę do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\otkyzp4m.default\ . - - - - USUNIĘTO PUSTE WPISY - - - - . WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file) . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @="IFlashBroker2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2011-08-23 20:28:10 ComboFix-quarantined-files.txt 2011-08-23 18:28 ComboFix2.txt 2011-08-23 17:52 . Przed: 26 127 826 944 bajtów wolnych Po: 26 072 092 672 bajtów wolnych . - - End Of File - - 642CD92E9F835004E0E2E1A7C3A04F8A