ComboFix 15-10-06.01 - admin 2015-10-07  13:21:41.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.8190.5733 [GMT 2:00]
Uruchomiony z: e:\pobrane chrome\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-09-07 do 2015-10-07  )))))))))))))))))))))))))))))))
.
.
2015-10-07 11:26 . 2015-10-07 11:26	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-10-07 10:45 . 2015-10-07 10:46	113880	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-07 10:45 . 2015-06-18 06:41	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-10-07 10:45 . 2015-06-18 06:41	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-10-07 10:45 . 2015-06-18 06:41	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-10-07 10:31 . 2015-10-07 10:35	--------	d-----w-	c:\programdata\Malwarebytes
2015-10-07 10:31 . 2015-10-07 10:31	--------	d-----w-	c:\users\admin\AppData\Roaming\Malwarebytes
2015-10-07 09:31 . 2015-10-07 09:31	--------	d-----w-	c:\program files (x86)\ERUNT
2015-10-04 09:51 . 2015-10-04 09:51	--------	d-----w-	c:\users\Default\AppData\Local\Google
2015-09-29 13:49 . 2015-09-30 10:57	--------	d-----w-	c:\users\admin\AppData\Local\PokerStars.EU
2015-09-25 19:15 . 2015-09-25 19:15	--------	d-----w-	c:\programdata\Codemasters
2015-09-25 13:15 . 2015-09-25 13:15	--------	d--h--w-	c:\program files (x86)\Common Files\EAInstaller
2015-09-25 12:46 . 2015-09-28 13:24	--------	d-----w-	c:\users\admin\AppData\Roaming\Origin
2015-09-25 12:46 . 2015-09-25 12:46	--------	d-----w-	c:\users\admin\AppData\Local\Origin
2015-09-25 12:45 . 2015-10-07 11:19	--------	d-----w-	c:\programdata\Origin
2015-09-25 12:44 . 2015-09-25 13:17	--------	d-----w-	c:\programdata\Electronic Arts
2015-09-22 20:08 . 2015-09-22 20:08	--------	d-----w-	c:\programdata\GG
2015-09-16 08:38 . 2015-09-16 08:38	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2015-09-15 13:16 . 2015-09-15 13:16	--------	d-----w-	c:\users\admin\AppData\Local\Arma 3
2015-09-15 13:16 . 2015-09-15 13:16	--------	d-----w-	c:\programdata\Bohemia Interactive
2015-09-15 11:15 . 2015-09-15 11:15	--------	d-----w-	c:\program files (x86)\GTX Box Team
2015-09-14 11:09 . 2015-09-14 11:52	--------	d-----w-	C:\ZAPAS
2015-09-09 08:09 . 2015-07-15 03:17	2048	----a-w-	c:\windows\system32\tzres.dll
2015-09-09 08:08 . 2015-07-23 00:02	1390592	----a-w-	c:\windows\system32\diagtrack.dll
2015-09-09 08:06 . 2015-09-02 03:04	41984	----a-w-	c:\windows\system32\lpk.dll
2015-09-08 15:33 . 2015-09-21 21:12	--------	d-----w-	c:\users\admin\AppData\Roaming\cef-cache
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-21 19:46 . 2015-07-01 11:36	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-21 19:46 . 2015-07-01 11:36	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-06 17:07 . 2015-09-06 17:07	30264	----a-w-	c:\windows\system32\drivers\dtlitescsibus.sys
2015-09-06 13:54 . 2015-09-06 13:52	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-09-06 13:54 . 2015-09-06 13:52	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2015-09-06 13:52 . 2015-09-06 13:52	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-09-06 13:51 . 2015-09-06 13:51	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2015-09-04 12:10 . 2015-07-01 11:33	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-26 16:37 . 2015-05-28 15:19	134753440	----a-w-	c:\windows\system32\MRT.exe
2015-08-19 09:53 . 2015-08-19 09:53	297904	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2015-08-19 09:52 . 2015-08-19 09:52	313264	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2015-08-04 09:32 . 2015-08-04 09:32	300464	----a-w-	c:\windows\system32\drivers\avgtdia.sys
2015-08-04 09:32 . 2015-08-04 09:32	250800	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2015-07-30 18:06 . 2015-08-12 06:25	1648128	----a-w-	c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-12 06:25	1180160	----a-w-	c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-12 06:25	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-12 06:25	1251328	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-12 06:25	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2015-07-30 13:13 . 2015-08-13 06:08	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-13 06:08	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-28 20:09 . 2015-08-12 06:27	17344	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-28 20:05 . 2015-08-12 06:27	774656	----a-w-	c:\windows\system32\invagent.dll
2015-07-28 20:05 . 2015-08-12 06:27	743424	----a-w-	c:\windows\system32\generaltel.dll
2015-07-28 20:05 . 2015-08-12 06:27	437760	----a-w-	c:\windows\system32\devinv.dll
2015-07-28 20:05 . 2015-08-12 06:27	1116672	----a-w-	c:\windows\system32\appraiser.dll
2015-07-28 20:05 . 2015-08-12 06:27	69120	----a-w-	c:\windows\system32\acmigration.dll
2015-07-28 20:05 . 2015-08-12 06:27	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-28 19:55 . 2015-08-12 06:27	1148416	----a-w-	c:\windows\system32\aeinv.dll
2015-07-24 04:21 . 2015-06-24 20:01	1423304	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-07-24 04:21 . 2015-06-24 20:01	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-07-24 04:21 . 2015-06-24 20:01	1756608	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-07-24 04:21 . 2015-06-24 20:01	1710568	----a-w-	c:\windows\system32\nvspcap64.dll
2015-07-22 17:53 . 2015-09-09 08:08	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-07-15 18:15 . 2015-08-13 11:19	94656	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2015-07-15 18:10 . 2015-08-13 11:19	1743360	----a-w-	c:\windows\system32\sysmain.dll
2015-07-15 18:10 . 2015-08-13 11:19	11264	----a-w-	c:\windows\system32\msmmsp.dll
2015-07-15 03:19 . 2015-08-13 11:18	52736	----a-w-	c:\windows\system32\basesrv.dll
2015-07-10 17:51 . 2015-08-12 06:26	44032	----a-w-	c:\windows\system32\tsgqec.dll
2015-07-10 17:51 . 2015-08-12 06:24	14177280	----a-w-	c:\windows\system32\shell32.dll
2015-07-10 17:51 . 2015-08-12 06:26	3722752	----a-w-	c:\windows\system32\mstscax.dll
2015-07-10 17:51 . 2015-08-12 06:26	158720	----a-w-	c:\windows\system32\aaclient.dll
2015-07-10 17:34 . 2015-08-12 06:26	36864	----a-w-	c:\windows\SysWow64\tsgqec.dll
2015-07-10 17:34 . 2015-08-12 06:26	3221504	----a-w-	c:\windows\SysWow64\mstscax.dll
2015-07-10 17:33 . 2015-08-12 06:26	131584	----a-w-	c:\windows\SysWow64\aaclient.dll
2015-07-09 17:57 . 2015-08-12 06:24	193536	----a-w-	c:\windows\system32\notepad.exe
2015-07-09 17:57 . 2015-08-12 06:24	193536	----a-w-	c:\windows\notepad.exe
2015-07-09 17:42 . 2015-08-12 06:24	179712	----a-w-	c:\windows\SysWow64\notepad.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 4468056]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-09-11 22568208]
"EADM"="e:\gry\Origin\Origin.exe" [2015-10-06 3638768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="d:\programy\AVG\AVG2015\avgui.exe" [2015-08-24 3775912]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
"Adobe Reader Speed Launcher"="d:\programy\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;d:\programy\AVG\AVG2015\avgidsagent.exe;d:\programy\AVG\AVG2015\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;f:\program\Malwarebytes Anti-Malware\mbamservice.exe;f:\program\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;e:\gry\Origin\OriginClientService.exe;e:\gry\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 MBAMScheduler;MBAMScheduler;f:\program\Malwarebytes Anti-Malware\mbamscheduler.exe;f:\program\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgwd;AVG WatchDog;d:\programy\AVG\AVG2015\avgwdsvc.exe;d:\programy\AVG\AVG2015\avgwdsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-09-25 07:26	997704	----a-w-	c:\program files (x86)\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2015-10-04 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_pepper.exe [2015-09-21 19:46]
.
2015-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01 19:46]
.
2015-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20 11:16]
.
2015-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20 11:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-09-11 10:56	775496	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-09-11 10:56	775496	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-09-11 10:56	775496	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43	2023936	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-07-24 2634896]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\d964stgb.default-1444216156882\
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-casinolavida - c:\microgaming\Casino\casinolavida\install.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2015-10-07  13:28:39
ComboFix-quarantined-files.txt  2015-10-07 11:28
.
Przed: 6 597 627 904 bajtów wolnych
Po: 8 191 963 136 bajtów wolnych
.
- - End Of File - - 3DDDDA233F9EF0485BA13B2B6C73EC2F
A36C5E4F47E84449FF07ED3517B43A31