ComboFix 16-12-15.01 - Kasia 2016-12-19  13:46:27.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.6005.4488 [GMT 1:00]
Uruchomiony z: c:\users\Kasia\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: Avast Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2016-11-19 do 2016-12-19  )))))))))))))))))))))))))))))))
.
.
2016-12-12 15:55 . 2016-10-07 18:30	391496	----a-w-	c:\windows\system32\aswBoot.exe
2016-12-02 14:20 . 2016-12-02 14:20	--------	d-----w-	c:\users\Gość\AppData\Roaming\Samsung
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-12 15:56 . 2014-03-07 17:38	293352	----a-w-	c:\windows\system32\drivers\aswvmm.sys
2016-10-07 18:31 . 2014-03-07 17:38	513632	----a-w-	c:\windows\system32\drivers\aswSP.sys
2016-10-07 18:31 . 2014-03-07 17:38	969184	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2016-10-07 18:30 . 2014-03-07 17:38	163416	----a-w-	c:\windows\system32\drivers\aswStm.sys
2016-10-07 18:30 . 2014-06-20 17:00	37656	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2016-10-07 18:30 . 2014-03-07 17:38	74544	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2016-10-07 18:30 . 2014-03-07 17:38	108816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2016-10-07 18:30 . 2014-03-07 17:38	103064	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2016-10-07 18:30 . 2016-10-07 18:30	921280	----a-w-	c:\windows\SysWow64\ucrtbase.dll
2016-10-07 18:30 . 2016-10-07 18:30	992960	----a-w-	c:\windows\system32\ucrtbase.dll
2016-10-07 18:30 . 2016-10-07 18:30	53208	----a-w-	c:\windows\avastSS.scr
2016-10-07 18:30 . 2016-03-16 18:28	37144	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2016-10-07 18:29 . 2016-10-07 18:30	453192	----a-w-	c:\windows\system32\drivers\aswNetSec.sys
2016-10-07 18:29 . 2016-10-07 18:29	28312	----a-w-	c:\windows\system32\drivers\aswNetNd6.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2016-08-25 17:31	2564680	----a-w-	c:\program files (x86)\AVG SafeGuard toolbar\19.6.0.592\AVG SafeGuard toolbar_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\19.6.0.592\AVG SafeGuard toolbar_toolbar.dll" [2016-08-25 2564680]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-06-15 2917456]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-09-12 29635712]
"Spotify Web Helper"="c:\users\Kasia\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2016-09-20 1529456]
"Spotify"="c:\users\Kasia\AppData\Roaming\Spotify\Spotify.exe" [2016-09-20 6795376]
"BlueStacks Agent"="c:\program files (x86)\Bluestacks\HD-Agent.exe" [2016-08-11 978456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2016-08-25 1707080]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-12-12 9080768]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2014-10-31 2072928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-17 1080096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxeaserv.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 BstHdAndroidSvc;BlueStacks Android Service ;c:\program files (x86)\Bluestacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\Bluestacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\Bluestacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [x]
R3 BstHdPlusAndroidSvc;BlueStacks Plus Android Service ;c:\program files (x86)\Bluestacks\HD-Plus-Service.exe BstHdPlusAndroidSvc Android;c:\program files (x86)\Bluestacks\HD-Plus-Service.exe BstHdPlusAndroidSvc Android [x]
R3 BstkDrv;BlueStacks Plus Hypervisor;c:\program files (x86)\Bluestacks\BstkDrv.sys;c:\program files (x86)\Bluestacks\BstkDrv.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 wdm_usb;wdm_usb;c:\windows\system32\DRIVERS\usb2ser.sys;c:\windows\SYSNATIVE\DRIVERS\usb2ser.sys [x]
R3 WsDrvInst;Wondershare Driver Install Service;c:\program files (x86)\Wondershare\MobileTrans\DriverInstall.exe;c:\program files (x86)\Wondershare\MobileTrans\DriverInstall.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ngvss;ngvss; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys;c:\windows\SYSNATIVE\drivers\aswNetSec.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\Bluestacks\HD-LogRotatorService.exe;c:\program files (x86)\Bluestacks\HD-LogRotatorService.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe;c:\windows\SYSNATIVE\lxeacoms.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 vToolbarUpdater19.5.0;vToolbarUpdater19.5.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.5.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.5.0\ToolbarUpdater.exe [x]
S3 aswNetNd6;Avast Firewall NDIS6 Helper;c:\windows\system32\DRIVERS\aswNetNd6.sys;c:\windows\SYSNATIVE\DRIVERS\aswNetNd6.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-09-20 19:41	1267528	----a-w-	c:\program files (x86)\Google\Chrome\Application\53.0.2785.116\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2016-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-23 18:03]
.
2016-12-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-160238566-1350474344-338097376-1000Core.job
- c:\users\Kasia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-05 17:56]
.
2016-12-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-160238566-1350474344-338097376-1000UA.job
- c:\users\Kasia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-05 17:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-12-12 15:55	1031520	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-02 10038304]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-06-04 392048]
"lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2013-01-23 772712]
"EzPrint"="c:\program files (x86)\Lexmark S300-S400 Series\ezprint.exe" [2013-01-23 150264]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
uDefault_Search_URL = www.google.com
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Wyślij obraz do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyślij stronę do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.5.0\ViProtocol.dll
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-Jungle Net - c:\program files (x86)\Jungle Net\uninstaller.exe
AddRemove-key-find uninstall - c:\users\Kasia\AppData\Roaming\key-find\UninstallManager.exe
AddRemove-PUSBCOMM&10C4&803B - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\PUSBCOMM&10C4&803B
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2016-12-19  13:53:28
ComboFix-quarantined-files.txt  2016-12-19 12:53
.
Przed: 290 179 579 904 bajtów wolnych
Po: 290 396 975 104 bajtów wolnych
.
- - End Of File - - FD8AABDD478119037B2AB9CB0EC7F00F
A36C5E4F47E84449FF07ED3517B43A31