ComboFix 15-01-29.01 - SYSTEM 2015-02-01 9:36.3.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1033.18.2047.1063 [GMT 1:00] Uruchomiony z: c:\windows\system32\config\systemprofile\Downloads\ComboFix.exe AV: AVG Internet Security *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\RelevantKnowledge c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk c:\users\Solskier\AppData\Local\TempFullTiltPokerEuSetup.exe c:\windows\system32\2.jpg c:\windows\system32\Cache c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\272512937d9e61a4__exp__1422827182 c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\28bc8f716fd76a47__exp__1422827179 c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\32c84fe32bb74d60__exp__1422827183 c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\590ba23ce359fd0c__exp__1422827182 c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1__exp__1422827181 c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0__exp__1422827181 c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\6d03dad1035885d3__exp__1422827184 c:\windows\system32\Cache\935ee77178548e84.fb c:\windows\system32\Cache\935ee77178548e84__exp__1422827180 c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\ad10a52aff5e038d__exp__1422827179 c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c1fa887b03019701__exp__1422827184 c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\c4d28dca2e7648be__exp__1422827180 c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d201ef9910cd39de__exp__1422827181 c:\windows\system32\Cache\f549f11a7b58c06c.fb c:\windows\system32\Cache\f549f11a7b58c06c__exp__1422827178 c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\Cache\f998975c9cc711ee__exp__1422827183 c:\windows\system32\system c:\windows\system32\WNLT c:\windows\system32\WNLT\Installation\Config.bin c:\windows\system32\WNLT\Installation\NTSetup.exe c:\windows\system32\WNLT\Installation\SWDS.bin c:\windows\system32\WNLT\Installation\Uninstall\msvcp100.dll c:\windows\system32\WNLT\Installation\Uninstall\msvcr100.dll c:\windows\system32\WNLT\Installation\Uninstall\uninstaller.exe c:\windows\system32\WNLT\Installation\Uninstall\UninstallerLauncher.exe c:\windows\system32\WNLT\Installation\uninstaller.exe c:\windows\UA000088.DLL . . ((((((((((((((((((((((((( Pliki utworzone od 2015-01-01 do 2015-02-01 ))))))))))))))))))))))))))))))) . . 2015-02-01 08:54 . 2015-02-01 08:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-02-01 08:04 . 2015-02-01 08:04 -------- d-----w- c:\programdata\Arcabit Skaner Online 2015-02-01 00:53 . 2015-02-01 00:53 -------- d-----w- c:\programdata\Arcabit 2015-02-01 00:34 . 2015-02-01 00:34 -------- d-----w- c:\windows\system32\%LocalAppData% 2015-01-31 22:56 . 2015-01-31 22:56 -------- d-----w- c:\program files\ESET 2015-01-31 22:49 . 2015-01-31 22:51 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\Dropbox 2015-01-31 22:44 . 2015-01-31 22:44 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\AVAST Software 2015-01-31 22:42 . 2015-01-31 22:42 91496 ----a-w- c:\windows\system32\drivers\aswStm.sys 2015-01-31 22:42 . 2015-01-31 22:43 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys 2015-01-31 22:42 . 2015-01-31 22:42 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2015-01-31 22:42 . 2015-01-31 22:42 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2015-01-31 22:42 . 2015-01-31 22:43 73480 ----a-w- c:\windows\system32\drivers\aswmonflt.sys 2015-01-31 22:42 . 2015-01-31 22:42 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2015-01-31 22:42 . 2015-01-31 22:42 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2015-01-31 22:42 . 2015-01-31 22:43 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys 2015-01-31 22:42 . 2015-01-31 22:42 291352 ----a-w- c:\windows\system32\aswBoot.exe 2015-01-31 22:42 . 2015-01-31 22:42 43152 ----a-w- c:\windows\avastSS.scr 2015-01-31 22:06 . 2015-01-31 22:06 -------- d-----w- c:\programdata\MFAData 2015-01-31 21:52 . 2015-01-31 22:34 -------- d-----w- c:\users\Guest 2015-01-31 21:46 . 2015-01-31 21:46 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\AVG Secure Search 2015-01-31 21:46 . 2015-01-31 21:46 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\Nero 2015-01-31 21:46 . 2015-01-31 21:46 -------- d-----w- C:\AVG9 2015-01-31 21:44 . 2015-02-01 08:55 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Temp 2015-01-31 21:40 . 2015-02-01 08:28 -------- d-----w- c:\users\TEMP . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-01-24 21:03 . 2013-03-07 18:53 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-01-24 21:03 . 2012-01-28 17:37 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2015-01-05 16:42 . 2013-06-02 09:17 27136 ----a-w- c:\windows\system32\ImHttpComm.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2014-08-25 17:19 3627032 ----a-w- c:\program files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll" [2014-08-25 3627032] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2015-01-31 22:42 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-27 2077536] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2014-08-25 2640408] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-08-01 152392] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-31 5227112] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "SoftwareSASGeneration"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-06-22 11:33 12536 ----a-w- c:\windows\System32\avgrsstx.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux5"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-21 921952] R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x] R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2010-11-16 264704] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-04-03 315008] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-07-20 30312] R3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys [2010-02-15 30104] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-08-31 208896] R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792] R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2011-07-20 98432] R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2011-07-20 14848] R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2011-07-20 123648] R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2011-07-20 100224] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-07-20 121064] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-07-20 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-07-20 136808] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-07-20 114280] R4 Browser Manager;Browser Manager;Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x] S0 aswRvrt;avast! Revert; [x] S0 aswVmm;avast! VM Monitor; [x] S0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSxx.sys [2010-06-22 25168] S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-03-05 52872] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-27 691696] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-01-31 787800] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-01-31 423784] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2013-01-15 226016] S1 AvgTdiX;AVG Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2011-05-06 243152] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-08-11 42784] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-11 172032] S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-01-31 24184] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-01-31 73480] S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-01-31 91496] S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-06-22 308136] S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2010-11-24 2331544] S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2013-06-28 1440080] S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [2013-01-09 1324104] S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [2013-01-09 795208] S2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-11 1820184] S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys [2010-02-15 30104] S3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [2010-06-22 122448] S3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [2010-06-22 30288] S3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [2010-06-22 26192] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-10-09 72576] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-01-27 03:39 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2015-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-07 21:03] . 2015-01-31 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-31 22:42] . 2015-01-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-682935528-494026121-326331953-1001Core.job - c:\users\Solskier\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-13 21:47] . 2015-01-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-682935528-494026121-326331953-1001UA.job - c:\users\Solskier\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-13 21:47] . 2015-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-01 21:27] . 2015-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-01 21:27] . . ------- Skan uzupełniający ------- . mStart Page = hxxp://home.sweetim.com/?crg=3.1010000&st=18&barid={F71C97B2-2CEE-41BB-9487-652FA1F78108} TCP: Interfaces\{2C16D74E-A54E-4E93-B0B4-3413FCAF2985}: NameServer = 89.108.202.20 89.108.195.20 TCP: Interfaces\{CBD21133-FA5D-40DF-8713-9B98F7DCAB73}: NameServer = 89.108.195.21 89.108.202.21 TCP: Interfaces\{FC3377C3-B632-4A69-80FD-097778995ED5}: NameServer = 89.108.195.21 89.108.202.21 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll FF - ProfilePath - . - - - - USUNIĘTO PUSTE WPISY - - - - . BHO-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\Vuze_Remote\prxtbVuz0.dll Toolbar-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\Vuze_Remote\prxtbVuz0.dll MSConfigStartUp-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe AddRemove-WNLT - c:\windows\system32\WNLT\Installation\Uninstall\UninstallerLauncher.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2015-02-01 09:59:01 ComboFix-quarantined-files.txt 2015-02-01 08:59 . Przed: 8 812 077 056 bytes free Po: 29 921 853 440 bytes free . - - End Of File - - CBA465E2AC09B360BD047A9A99992A8D A36C5E4F47E84449FF07ED3517B43A31