ComboFix 15-02-02.01 - kazek 2015-02-04  20:27:24.13.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.1644.559 [GMT 1:00]
Uruchomiony z: c:\users\kazek\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\kazek\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-01-05 do 2015-02-05  )))))))))))))))))))))))))))))))
.
.
2015-02-04 20:48 . 2015-02-04 20:48	--------	d-----w-	c:\users\Public\AppData\Local\temp
2015-02-04 20:48 . 2015-02-04 20:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-02-04 19:36 . 2015-02-04 19:36	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5384974C-DB6E-4BA0-A684-119FF31D0400}\offreg.dll
2015-02-04 18:42 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDTAT.DLL
2015-02-04 18:42 . 2014-07-09 01:31	7168	----a-w-	c:\windows\SysWow64\KBDYAK.DLL
2015-02-04 18:42 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDRU1.DLL
2015-02-04 18:42 . 2014-07-09 02:03	6656	----a-w-	c:\windows\system32\KBDRU.DLL
2015-02-04 18:42 . 2014-07-09 01:31	6656	----a-w-	c:\windows\SysWow64\KBDBASH.DLL
2015-02-04 18:42 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDYAK.DLL
2015-02-04 18:42 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDBASH.DLL
2015-02-04 18:41 . 2014-11-22 02:26	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2015-02-04 17:39 . 2014-12-15 03:13	11870360	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5384974C-DB6E-4BA0-A684-119FF31D0400}\mpengine.dll
2015-02-04 17:25 . 2015-02-04 17:25	--------	d-s---w-	c:\windows\system32\CompatTel
2015-02-04 17:25 . 2015-02-04 17:25	--------	d-----w-	c:\windows\system32\appraiser
2015-02-04 16:53 . 2013-05-10 04:30	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2015-02-04 16:53 . 2013-05-10 03:48	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2015-02-04 16:53 . 2013-05-10 05:56	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2015-02-04 16:53 . 2013-05-10 04:56	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2015-02-04 16:53 . 2013-05-10 05:56	14631424	----a-w-	c:\windows\system32\wmp.dll
2015-02-04 16:18 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2015-02-03 19:30 . 2015-02-03 19:30	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2015-02-03 19:30 . 2015-02-03 19:30	774144	----a-w-	c:\windows\system32\jscript.dll
2015-02-03 19:30 . 2015-02-03 19:30	666624	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2015-02-03 19:30 . 2015-02-03 19:30	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2015-02-03 19:30 . 2015-02-03 19:30	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2015-02-03 19:30 . 2015-02-03 19:30	142336	----a-w-	c:\program files\Internet Explorer\jsdebuggeride.dll
2015-02-03 19:30 . 2015-02-03 19:30	13824	----a-w-	c:\windows\system32\mshta.exe
2015-02-03 19:30 . 2015-02-03 19:30	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2015-02-03 19:30 . 2015-02-03 19:30	1862144	----a-w-	c:\program files\Internet Explorer\MemoryAnalyzer.dll
2015-02-03 19:30 . 2015-02-03 19:30	48128	----a-w-	c:\windows\system32\imgutil.dll
2015-02-03 19:30 . 2015-02-03 19:30	135680	----a-w-	c:\windows\system32\iepeers.dll
2015-02-03 17:41 . 2014-07-07 02:02	2048	----a-w-	c:\windows\system32\mferror.dll
2015-02-03 17:41 . 2014-07-07 02:06	24576	----a-w-	c:\windows\system32\mfpmp.exe
2015-02-03 17:41 . 2014-07-07 01:37	2048	----a-w-	c:\windows\SysWow64\mferror.dll
2015-02-03 17:41 . 2014-07-07 02:06	55808	----a-w-	c:\windows\system32\rrinstaller.exe
2015-02-03 17:41 . 2014-07-07 02:06	206848	----a-w-	c:\windows\system32\mfps.dll
2015-02-03 17:41 . 2014-07-07 01:40	103424	----a-w-	c:\windows\SysWow64\mfps.dll
2015-02-03 17:41 . 2014-07-07 01:39	50176	----a-w-	c:\windows\SysWow64\rrinstaller.exe
2015-02-03 17:41 . 2014-07-07 01:39	23040	----a-w-	c:\windows\SysWow64\mfpmp.exe
2015-02-03 17:41 . 2014-10-18 01:33	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2015-02-03 17:41 . 2014-10-18 02:05	4121600	----a-w-	c:\windows\system32\mf.dll
2015-02-03 17:30 . 2014-08-21 06:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-02-03 17:30 . 2014-08-21 06:40	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-02-03 17:30 . 2014-08-21 06:26	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-02-03 17:30 . 2014-08-21 06:23	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2015-02-03 17:30 . 2013-07-12 10:41	185344	----a-w-	c:\windows\system32\drivers\usbvideo.sys
2015-02-03 17:30 . 2013-07-12 10:41	100864	----a-w-	c:\windows\system32\drivers\usbcir.sys
2015-02-03 17:25 . 2013-10-04 02:16	116736	----a-w-	c:\windows\system32\drivers\drmk.sys
2015-02-03 17:25 . 2013-10-04 01:36	230400	----a-w-	c:\windows\system32\drivers\portcls.sys
2015-02-03 17:25 . 2013-10-04 02:28	190464	----a-w-	c:\windows\system32\SmartcardCredentialProvider.dll
2015-02-03 17:25 . 2013-10-04 02:25	197120	----a-w-	c:\windows\system32\credui.dll
2015-02-03 17:25 . 2013-10-04 01:58	152576	----a-w-	c:\windows\SysWow64\SmartcardCredentialProvider.dll
2015-02-03 17:25 . 2013-10-04 01:56	168960	----a-w-	c:\windows\SysWow64\credui.dll
2015-02-03 17:24 . 2014-06-18 22:23	1943696	----a-w-	c:\windows\system32\dfshim.dll
2015-02-03 17:24 . 2014-06-18 22:23	156312	----a-w-	c:\windows\system32\mscorier.dll
2015-02-03 17:24 . 2014-06-18 22:23	156824	----a-w-	c:\windows\SysWow64\mscorier.dll
2015-02-03 17:24 . 2014-06-18 22:23	1131664	----a-w-	c:\windows\SysWow64\dfshim.dll
2015-02-03 17:24 . 2014-06-18 22:23	73880	----a-w-	c:\windows\system32\mscories.dll
2015-02-03 17:24 . 2014-06-18 22:23	81560	----a-w-	c:\windows\SysWow64\mscories.dll
2015-02-03 17:24 . 2013-08-05 02:25	155584	----a-w-	c:\windows\system32\drivers\ataport.sys
2015-02-03 17:08 . 2014-12-12 05:35	5553592	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-02-03 17:08 . 2014-12-12 05:11	3971512	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-02-03 17:08 . 2014-12-12 05:11	3916728	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-02-03 17:08 . 2014-12-12 05:31	503808	----a-w-	c:\windows\system32\srcore.dll
2015-02-03 17:08 . 2014-12-12 05:31	50176	----a-w-	c:\windows\system32\srclient.dll
2015-02-03 17:08 . 2014-12-12 05:31	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-02-03 17:08 . 2014-12-12 05:07	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-02-03 17:05 . 2014-07-14 02:02	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2015-02-03 17:05 . 2014-07-14 01:40	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2015-02-03 16:58 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2015-02-03 16:58 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2015-02-03 16:44 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2015-02-03 16:44 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2015-02-03 16:44 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2015-02-03 16:44 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2015-02-03 16:44 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2015-02-03 16:44 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2015-02-03 16:44 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2015-02-03 16:44 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2015-02-02 21:09 . 2014-06-25 02:05	14175744	----a-w-	c:\windows\system32\shell32.dll
2015-02-02 21:09 . 2014-12-11 17:47	52736	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-02-02 21:09 . 2013-10-30 02:32	335360	----a-w-	c:\windows\system32\msieftp.dll
2015-02-02 21:09 . 2013-10-30 02:19	301568	----a-w-	c:\windows\SysWow64\msieftp.dll
2015-02-02 21:09 . 2014-01-28 02:32	228864	----a-w-	c:\windows\system32\wwansvc.dll
2015-02-02 21:09 . 2013-07-04 12:50	633856	----a-w-	c:\windows\system32\comctl32.dll
2015-02-02 21:09 . 2013-07-04 11:50	530432	----a-w-	c:\windows\SysWow64\comctl32.dll
2015-02-02 21:08 . 2013-07-09 05:52	224256	----a-w-	c:\windows\system32\wintrust.dll
2015-02-02 21:08 . 2013-07-09 04:52	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2015-02-02 21:02 . 2014-12-19 03:06	210432	----a-w-	c:\windows\system32\profsvc.dll
2015-02-02 21:02 . 2013-11-23 18:26	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2015-02-02 21:02 . 2013-11-23 17:47	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-02-02 21:00 . 2014-10-14 02:13	683520	----a-w-	c:\windows\system32\termsrv.dll
2015-02-02 20:59 . 2014-06-18 02:19	503296	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2015-02-02 20:58 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2015-02-02 20:58 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2015-02-02 20:58 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2015-02-02 20:58 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2015-02-02 20:58 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2015-02-02 20:58 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2015-02-02 20:58 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2015-02-02 20:58 . 2014-06-06 10:10	624128	----a-w-	c:\windows\system32\qedit.dll
2015-02-02 20:58 . 2014-06-06 09:44	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2015-02-02 20:58 . 2013-07-25 09:25	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2015-02-02 20:58 . 2013-07-25 08:57	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2015-02-02 20:58 . 2014-05-30 06:45	497152	----a-w-	c:\windows\system32\drivers\afd.sys
2015-02-02 20:57 . 2013-06-25 22:55	785624	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2015-02-02 20:57 . 2014-11-11 01:46	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2015-02-02 20:57 . 2013-07-03 04:05	76800	----a-w-	c:\windows\system32\drivers\hidclass.sys
2015-02-02 20:57 . 2013-07-03 04:05	32896	----a-w-	c:\windows\system32\drivers\hidparse.sys
2015-02-02 20:55 . 2014-06-16 02:10	985536	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2015-02-02 20:54 . 2013-07-26 02:24	197120	----a-w-	c:\windows\system32\shdocvw.dll
2015-02-02 20:53 . 2013-07-20 10:33	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-02-02 20:52 . 2014-07-17 01:39	3221504	----a-w-	c:\windows\SysWow64\mstscax.dll
2015-02-02 20:51 . 2014-10-10 00:57	3198976	----a-w-	c:\windows\system32\win32k.sys
2015-02-02 20:50 . 2014-08-23 02:07	404480	----a-w-	c:\windows\system32\gdi32.dll
2015-02-02 20:50 . 2014-08-23 01:45	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-02-02 20:50 . 2014-10-18 02:05	861696	----a-w-	c:\windows\system32\oleaut32.dll
2015-02-02 20:50 . 2014-10-18 01:33	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2015-02-02 20:50 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-02-02 20:50 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2015-02-02 20:50 . 2013-10-12 02:30	830464	----a-w-	c:\windows\system32\nshwfp.dll
2015-02-02 20:50 . 2013-10-12 02:29	859648	----a-w-	c:\windows\system32\IKEEXT.DLL
2015-02-02 20:50 . 2013-10-12 02:29	324096	----a-w-	c:\windows\system32\FWPUCLNT.DLL
2015-02-02 20:50 . 2013-10-12 02:03	656896	----a-w-	c:\windows\SysWow64\nshwfp.dll
2015-02-02 20:50 . 2013-10-12 02:01	216576	----a-w-	c:\windows\SysWow64\FWPUCLNT.DLL
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-25 16:19 . 2013-06-21 19:52	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-25 16:19 . 2013-06-21 19:52	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-22 23:41 . 2010-11-21 03:27	298120	------w-	c:\windows\system32\MpSigStub.exe
2014-11-11 16:35 . 2013-09-11 16:42	43064	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-11-11 16:35 . 2013-09-11 16:39	131608	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-11-11 16:35 . 2013-09-11 16:39	119272	----a-w-	c:\windows\system32\drivers\avgntflt.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_A9AC0798FC7741050EC6025E040CB87A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-01-25 843592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CardDetectorHUAWEI177"="c:\program files (x86)\CardDetector\HUAWEI177\CardDetector.exe" [2011-02-23 290816]
"BEWINTERNET-PL-IEWSessionManager"="c:\program files (x86)\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe" [2011-02-23 140016]
"BEWINTERNET-PL-IEWSMSNotify"="c:\program files (x86)\OrangeBS\BEWInternet-PL-IEW\Phonetools\SMSNotify.exe" [2011-02-23 131072]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-22 343168]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-21 702768]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-11-20 126200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-04 18:24	1086280	----a-w-	c:\program files (x86)\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2015-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-21 16:20]
.
2014-08-10 c:\windows\Tasks\AIRecoveryRemind.job
- c:\program files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2010-07-01 16:14]
.
2014-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf8f06bfe3a03b.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-21 18:58]
.
2014-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cff54025377536.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-21 18:58]
.
2014-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0028d1137851e.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-21 18:58]
.
2013-11-16 c:\windows\Tasks\SidebarExecute.job
- c:\program files\Windows Sidebar\sidebar.exe [2010-11-21 03:24]
.
.
--------- X64 Entries -----------
.
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
IE: E&ksport do programu Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking 4.0.0.0]
.
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_32]
.
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSDTC Bridge 4.0.0.0]
.
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SMSvcHost 4.0.0.0]
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\progra~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\windows\SoftwareDistribution\Download\Install\dotNetFx40_Client_x86_x64.exe
d:\ced37d60ccdeb0581546bd8efab85b\Setup.exe
c:\windows\syswow64\MsiExec.exe
.
**************************************************************************
.
Czas ukończenia: 2015-02-05  17:11:35 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2015-02-05 16:11
ComboFix2.txt  2015-01-25 01:57
ComboFix3.txt  2014-04-19 16:52
ComboFix4.txt  2014-03-24 21:11
ComboFix5.txt  2015-02-04 19:23
.
Przed: 120 370 032 640 bajtów wolnych
Po: 118 015 520 768 bajtów wolnych
.
- - End Of File - - 44F0D37C3FA921EFF8FE4F1B7461D12E
A36C5E4F47E84449FF07ED3517B43A31