ComboFix 14-10-04.01 - Mateusz 2014-10-06  12:27:50.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.4095.2454 [GMT 2:00]
Uruchomiony z: d:\users\Mateusz\Desktop\Downloads\ComboFix.exe
AV: STOPzilla *Enabled/Updated* {17032AB1-6644-0721-EEB5-A39B8B646009}
SP: STOPzilla *Enabled/Updated* {AC62CB55-407E-08AF-D405-98E9F0E32AB4}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\AUTORUN.INF
D:\Autorun.inf
d:\users\Mateusz\AppData\Local\.#
d:\users\Mateusz\AppData\Local\.#\MBX@F18@3D1A68.###
d:\users\Mateusz\AppData\Roaming\apachesrvin.vbs
d:\windows\IsUn0415.exe
d:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2014-09-06 do 2014-10-06  )))))))))))))))))))))))))))))))
.
.
2014-10-06 10:37 . 2014-10-06 10:37	--------	d-----w-	d:\users\Default\AppData\Local\temp
2014-10-06 09:36 . 2010-08-30 06:34	536576	----a-w-	d:\windows\SysWow64\sqlite3.dll
2014-10-06 08:36 . 2014-08-27 11:30	82872	----a-r-	d:\windows\system32\drivers\sbapifs.sys
2014-10-06 08:35 . 2014-08-27 11:30	47496	----a-r-	d:\windows\system32\SBBD.EXE
2014-10-06 08:35 . 2014-10-06 10:23	--------	d-----w-	d:\programdata\STOPzilla!
2014-10-06 08:35 . 2014-10-06 10:02	--------	d-----w-	d:\program files (x86)\STOPzilla!
2014-10-06 07:20 . 2014-10-06 08:31	--------	d-----w-	D:\sh4ldr
2014-10-06 07:20 . 2014-10-06 07:20	--------	d-----w-	d:\program files (x86)\Enigma Software Group
2014-10-06 07:12 . 2014-10-06 10:02	--------	d-----w-	d:\windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2014-10-05 21:06 . 2014-10-06 10:02	--------	d-----w-	d:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-05 08:10 . 2014-10-05 10:18	--------	d-----w-	d:\users\Mateusz\AppData\Roaming\mystartsearch
2014-10-05 08:09 . 2014-10-06 09:30	--------	d-----w-	d:\users\Mateusz\AppData\Local\Opera Software
2014-10-05 08:09 . 2014-10-06 09:30	--------	d-----w-	d:\users\Mateusz\AppData\Roaming\Opera Software
2014-10-05 08:09 . 2014-10-06 09:30	--------	d-----w-	d:\program files (x86)\Opera
2014-10-05 08:08 . 2014-10-05 08:08	2150400	----a-w-	d:\users\Mateusz\AppData\Roaming\DownloadSetup_37Jjk.exe
2014-10-05 08:08 . 2014-10-05 08:08	77	----a-w-	d:\users\Mateusz\AppData\Roaming\die.bat
2014-10-05 07:45 . 2014-10-05 07:46	20480	----a-w-	d:\windows\AdobeUpdater.exe
2014-10-02 22:00 . 2014-10-06 03:17	76232	----a-w-	d:\programdata\Microsoft\Windows Defender\Definition Updates\{040DC29F-842F-4838-A33C-4D5DC7D977D7}\offreg.dll
2014-09-23 17:14 . 2014-09-23 17:18	--------	d-----w-	d:\users\Mateusz\AppData\Local\Sniper3
2014-09-22 13:32 . 2014-09-22 13:32	282756	----a-w-	d:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2014-09-22 13:32 . 2014-09-22 13:32	163972	----a-w-	d:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2014-09-22 13:32 . 2003-02-27 14:12	696320	----a-w-	d:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2014-09-22 13:32 . 2002-12-05 12:10	155648	----a-w-	d:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2014-09-22 13:32 . 2002-12-02 13:22	5632	----a-w-	d:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2014-09-22 13:32 . 2002-12-02 11:33	57344	----a-w-	d:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2014-09-22 13:32 . 2002-12-02 11:33	237568	----a-w-	d:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2014-09-13 09:28 . 2014-09-13 09:28	3231696	----a-w-	d:\program files (x86)\Mozilla Firefox\d3dcompiler_46.dll
2014-09-12 09:43 . 2014-09-12 09:43	227728	----a-w-	d:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-25 05:32 . 2012-09-26 10:29	701104	----a-w-	d:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 05:32 . 2012-03-26 22:53	71344	----a-w-	d:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-27 11:30 . 2014-08-27 11:30	74768	----a-r-	d:\windows\SysWow64\drivers\SZKG64.sys
2014-08-27 11:30 . 2014-08-27 11:30	74768	----a-r-	d:\windows\SysWow64\drivers\is3srv64.sys
2014-08-15 09:39 . 2011-03-28 16:36	23256	----a-w-	d:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-07-25 14:01 . 2014-08-06 15:48	1291280	----a-w-	d:\windows\SysWow64\nvspbridge.dll
2014-07-25 14:01 . 2014-08-06 15:48	1126480	----a-w-	d:\windows\SysWow64\nvspcap.dll
2014-07-25 14:01 . 2014-08-06 15:48	1715224	----a-w-	d:\windows\system32\nvspbridge64.dll
2014-07-25 14:01 . 2014-08-06 15:48	1283136	----a-w-	d:\windows\system32\nvspcap64.dll
2014-07-11 01:02 . 2014-07-27 10:10	98216	----a-w-	d:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-03-26 22:58 . 2012-03-26 22:58	0	----a-w-	d:\program files (x86)\GUT20AA.tmp
2009-12-06 17:18	26624	--sh--w-	d:\windows\bfcs2.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="d:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"SunJavaUpdateSched"="d:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 is3srv;is3srv;d:\windows\SySWOW64\drivers\is3srv64.sys;d:\windows\SySWOW64\drivers\is3srv64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;d:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;d:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DUMeterSvc;DU Meter Service;d:\programy\DU Meter\DUMeterSvc.exe;d:\programy\DU Meter\DUMeterSvc.exe [x]
R2 SkypeUpdate;Skype Updater;d:\program files (x86)\Skype\Updater\Updater.exe;d:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;d:\programy\DU Meter\DUMETR64.SYS;d:\programy\DU Meter\DUMETR64.SYS [x]
R3 EagleX64;EagleX64;d:\windows\system32\drivers\EagleX64.sys;d:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 esgiguard;esgiguard;d:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;d:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;d:\program files (x86)\Garena Plus\Room\safedrv.sys;d:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;d:\windows\system32\drivers\MBAMSwissArmy.sys;d:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;d:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe;d:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [x]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;d:\windows\system32\DRIVERS\netr28x.sys;d:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 NLNdisMP;NLNdisMP;d:\windows\system32\DRIVERS\nlndis.sys;d:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;d:\windows\system32\DRIVERS\nlndis.sys;d:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;d:\windows\system32\drivers\rdpvideominiport.sys;d:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;d:\windows\system32\drivers\synth3dvsc.sys;d:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;d:\windows\system32\DRIVERS\taphss6.sys;d:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;d:\windows\system32\drivers\tsusbflt.sys;d:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;d:\windows\system32\drivers\tsusbhub.sys;d:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;d:\windows\system32\drivers\rdvgkmd.sys;d:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;d:\windows\system32\Wat\WatAdminSvc.exe;d:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;d:\windows\System32\Drivers\PxHlpa64.sys;d:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 szkg5;szkg5;d:\windows\SySWOW64\DRIVERS\szkg64.sys;d:\windows\SySWOW64\DRIVERS\szkg64.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;d:\windows\system32\DRIVERS\anodlwfx.sys;d:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\DRIVERS\dtsoftbus01.sys;d:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 NvNetworkService;NVIDIA Network Service;d:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;d:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;d:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;d:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Realtek11nSU;Realtek11nSU;d:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;d:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 RzKLService;RzKLService;d:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;d:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 sbapifs;sbapifs;d:\windows\system32\DRIVERS\sbapifs.sys;d:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;d:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;d:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 NvStreamKms;NvStreamKms;d:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;d:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);d:\windows\system32\drivers\nvvad64v.sys;d:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 05:48	1096520	----a-w-	d:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2014-10-06 d:\windows\Tasks\Adobe Flash Player Updater.job
- d:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-26 05:32]
.
2014-10-06 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 20:31]
.
2014-10-06 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 20:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="d:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"Zune Launcher"="d:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"NvBackend"="d:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="d:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
.
------- Skan uzupełniający -------
.
uLocal Page = d:\windows\system32\blank.htm
uStart Page = hxxp://www.google.pl/
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = d:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
TCP: DhcpNameServer = 85.11.67.250 85.11.66.45
FF - ProfilePath - d:\users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\l3lp86ep.default-1411724205287\
FF - prefs.js: browser.startup.homepage - google.pl
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-DivXMediaServer - d:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - d:\windows\System32\SPReview\SPReview.exe
ShellIconOverlayIdentifiers-{E68D0A50-3C40-4712-B90D-DCFA93FF2534} - d:\programdata\GG\ggdrive\ggdrive-overlay.dll
ShellIconOverlayIdentifiers-{E68D0A51-3C40-4712-B90D-DCFA93FF2534} - d:\programdata\GG\ggdrive\ggdrive-overlay.dll
ShellIconOverlayIdentifiers-{E68D0A52-3C40-4712-B90D-DCFA93FF2534} - d:\programdata\GG\ggdrive\ggdrive-overlay.dll
ShellIconOverlayIdentifiers-{E68D0A53-3C40-4712-B90D-DCFA93FF2534} - d:\programdata\GG\ggdrive\ggdrive-overlay.dll
AddRemove-FarmingSimulator2013PL_is1 - d:\program files (x86)\cdp.pl\Farming Simulator 2013\unins000.exe
AddRemove-MTA:SA 1.3 - d:\program files (x86)\MTA San Andreas 1.3\Uninstall.exe
AddRemove-PunkBusterSvc - d:\program files (x86)\Origin Games\Battlefield 3\pbsvc.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - d:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DUMeterSvc]
"ImagePath"="d:\programy\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1233466062-3746002062-2420178946-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1233466062-3746002062-2420178946-1000\Software\SecuROM\License information*]
"datasecu"=hex:29,2c,a8,08,86,9f,8f,82,a0,f7,6c,fa,f4,31,d9,ee,e5,61,92,1b,93,
   a8,16,3d,bc,78,7a,69,3b,74,67,ef,be,0d,db,3a,21,e0,c4,66,9b,3f,fb,a0,e5,58,\
"rkeysecu"=hex:4b,29,8e,10,66,fd,de,fc,53,6c,38,3f,da,27,53,42
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="d:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2014-10-06  12:40:08
ComboFix-quarantined-files.txt  2014-10-06 10:40
.
Przed: 74 184 974 336 bajtów wolnych
Po: 74 070 413 312 bajtów wolnych
.
- - End Of File - - 988FD8079B05D817535EFCCB90B0888B
A36C5E4F47E84449FF07ED3517B43A31