ComboFix 15-04-19.01 - PiotrC 04/25/2015  17:20:53.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.6370.3918 [GMT 2:00]
Running from: c:\users\PiotrC\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Resident AV is active
.
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AoutoDealssApp
c:\program files (x86)\AoutoDealssApp\kEr0qRQ93Wy8JR.dat
c:\program files (x86)\AoutoDealssApp\kEr0qRQ93Wy8JR.tlb
c:\program files (x86)\NoNoizaEBrowsee
c:\program files (x86)\NoNoizaEBrowsee\yfOBMcJm6MD8O6.dat
c:\program files (x86)\NoNoizaEBrowsee\yfOBMcJm6MD8O6.tlb
c:\programdata\3822230993683920337
c:\programdata\3822230993683920337\080cbbb1a64bab5f7d30ce96f2836bc8.ini
c:\programdata\3822230993683920337\1b32cb078db45be37d30ce96f2836bc8.ini
c:\programdata\3822230993683920337\41f8ebace27cc78c7d30ce96f2836bc8.ini
c:\programdata\3822230993683920337\4775d99c57b1799e7d30ce96f2836bc8.ini
c:\programdata\3822230993683920337\6b7416d7033da5037d30ce96f2836bc8.ini
c:\programdata\3822230993683920337\954accd1ef18255b7d30ce96f2836bc8.ini
c:\programdata\3822230993683920337\c5dda881163646777d30ce96f2836bc8.ini
c:\programdata\3822230993683920337\d1b823d8a4cc41497d30ce96f2836bc8.ini
c:\programdata\3822230993683920337\ea63b5c2ab3353397d30ce96f2836bc8.ini
c:\users\PiotrC\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jmgpcipcoplepjjmdhjjolkbegogmcgl
c:\users\PiotrC\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jmgpcipcoplepjjmdhjjolkbegogmcgl\1.1\background.html
c:\users\PiotrC\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jmgpcipcoplepjjmdhjjolkbegogmcgl\1.1\content.js
c:\users\PiotrC\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jmgpcipcoplepjjmdhjjolkbegogmcgl\1.1\lsdb.js
c:\users\PiotrC\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jmgpcipcoplepjjmdhjjolkbegogmcgl\1.1\manifest.json
c:\users\PiotrC\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jmgpcipcoplepjjmdhjjolkbegogmcgl\1.1\u5.js
c:\users\PiotrC\AppData\Local\Comodo\Dragon\User Data\Default\Preferences
.
.
(((((((((((((((((((((((((   Files Created from 2015-03-25 to 2015-04-25  )))))))))))))))))))))))))))))))
.
.
2015-04-25 15:24 . 2015-04-25 15:24	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-25 11:52 . 2015-04-25 11:52	--------	d-----w-	c:\users\PiotrC\AppData\Local\ESET
2015-04-25 11:34 . 2015-04-25 11:34	--------	d-----w-	c:\program files\ESET
2015-04-21 14:44 . 2015-04-15 14:33	--------	d-----w-	c:\users\PiotrC\AppData\Local\Rockstar Games
2015-04-21 14:38 . 2015-04-21 14:38	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2015-04-21 14:38 . 2015-04-21 14:38	--------	d-----w-	c:\windows\SysWow64\xlive
2015-04-21 14:38 . 2015-04-21 14:38	--------	d-----w-	c:\program files (x86)\Microsoft Games for Windows - LIVE
2015-04-18 18:56 . 2015-04-18 18:56	--------	d-----w-	c:\users\PiotrC\AppData\Roaming\LavasoftStatistics
2015-04-18 16:22 . 2015-04-18 16:22	--------	d-----w-	c:\windows\system32\appmgmt
2015-04-18 16:17 . 2015-04-18 16:18	--------	d-----w-	C:\AdwCleaner
2015-04-18 15:49 . 2015-04-18 16:22	--------	d-----w-	c:\program files (x86)\Chromemote - Remote for Google TV
2015-04-16 14:06 . 2015-04-16 14:06	--------	d-----w-	c:\programdata\Yellow AdBlocker
2015-04-15 14:34 . 2015-04-15 14:34	--------	d-----w-	c:\program files (x86)\Rockstar Games
2015-04-15 14:34 . 2015-04-15 14:34	--------	d-----w-	c:\program files\Rockstar Games
2015-04-13 17:21 . 2015-04-13 17:21	--------	d-----w-	c:\users\PiotrC\AppData\Local\Overwolf
2015-04-12 07:18 . 2015-04-12 07:18	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-04-12 07:18 . 2015-04-12 07:18	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-12 07:18 . 2015-04-12 07:18	--------	d-----w-	c:\programdata\Oracle
2015-04-12 07:18 . 2015-04-12 07:18	--------	d-----w-	c:\program files (x86)\Java
2015-04-11 16:43 . 2015-04-11 16:43	--------	d-----w-	c:\programdata\{963bacb8-53c9-ab71-963b-bacb853cb2e1}
2015-04-11 13:44 . 2015-04-25 15:16	--------	d-----w-	c:\program files (x86)\AppendInit
2015-04-11 13:43 . 2015-04-25 15:16	--------	d-----w-	c:\program files (x86)\Panel View for Play Music
2015-04-11 13:43 . 2015-04-11 13:43	--------	d-----w-	c:\program files (x86)\DiscountBomb
2015-04-11 07:56 . 2015-04-11 07:56	--------	d-----w-	c:\program files (x86)\Mirillis
2015-04-10 11:09 . 2015-04-25 14:52	--------	d-----w-	c:\programdata\{8b808ee0-1e0f-d7ac-8b80-08ee01e03b80}
2015-04-09 16:51 . 2015-04-13 16:22	275360	----a-w-	c:\windows\system32\DreamScene.dll
2015-04-09 16:51 . 2015-04-09 16:51	--------	d-----w-	c:\program files (x86)\DreamScene Seven
2015-04-09 11:17 . 2015-04-09 11:19	--------	d-----w-	c:\users\PiotrC\AppData\Local\Ori and the Blind Forest
2015-04-09 11:17 . 2015-04-09 11:17	--------	d-----w-	c:\users\PiotrC\AppData\Local\SKIDROW
2015-04-08 17:37 . 2015-04-08 17:37	--------	d-----w-	c:\users\PiotrC\AppData\Roaming\Ori and the Blind Forest
2015-04-08 15:58 . 2015-04-08 15:58	--------	d-----w-	c:\users\PiotrC\AppData\Roaming\Python-Eggs
2015-04-07 16:56 . 2015-04-07 16:56	--------	d-----w-	c:\users\PiotrC\AppData\Roaming\java
2015-04-07 16:56 . 2015-04-12 07:23	--------	d-----w-	c:\users\PiotrC\AppData\Roaming\.minecraft
2015-04-06 14:31 . 2015-04-06 14:31	--------	d-----w-	c:\users\PiotrC\AppData\Local\The Witcher 2
2015-04-06 07:55 . 2015-04-25 14:52	--------	d-----w-	c:\programdata\{0b776249-34b3-9941-0b77-7624934b8924}
2015-04-06 07:55 . 2015-04-25 14:52	--------	d-----w-	c:\programdata\{18722e4c-82fd-1f63-1872-22e4c82fb932}
2015-04-04 12:06 . 2015-04-04 12:06	--------	d-----w-	c:\programdata\Test Drive Unlimited
2015-04-04 11:57 . 2015-04-04 11:57	--------	d-----w-	c:\users\PiotrC\AppData\Local\Stardock
2015-04-04 11:57 . 2015-04-04 11:57	--------	d-----w-	c:\programdata\Stardock
2015-04-04 11:55 . 2015-04-04 11:55	--------	d-----w-	c:\program files (x86)\Stardock
2015-03-31 17:18 . 2015-03-31 17:18	--------	d-----w-	c:\users\Public\Witryna
2015-03-31 17:11 . 2015-04-18 08:42	--------	d-----r-	c:\users\PiotrC\Dropbox
2015-03-31 17:08 . 2015-04-18 08:42	--------	d-----w-	c:\users\PiotrC\AppData\Roaming\Dropbox
2015-03-29 16:34 . 2015-04-25 14:52	--------	d-----w-	c:\programdata\{bfc81d9b-c477-68ed-bfc8-81d9bc47766f}
2015-03-28 11:41 . 2015-04-25 14:52	--------	d-----w-	c:\programdata\{992954e7-a8f1-e719-9929-954e7a8f539e}
2015-03-27 15:50 . 2015-03-27 15:50	--------	d-----w-	c:\users\PiotrC\AppData\Roaming\Rainmeter
2015-03-27 15:50 . 2015-03-27 15:50	--------	d-----w-	c:\program files\Rainmeter
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-17 18:28 . 2015-02-17 22:09	65536	----a-w-	c:\windows\system32\spu_storage.bin
2015-04-01 09:16 . 2014-11-15 00:33	128913832	----a-w-	c:\windows\system32\MRT.exe
2015-03-06 16:21 . 2015-03-06 16:21	43168	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2015-03-06 16:21 . 2015-03-06 16:21	312480	----a-w-	c:\windows\system32\drivers\atksgt.sys
2015-02-24 12:53 . 2015-02-24 12:53	324200	----a-w-	c:\windows\system32\wbload.dll
2015-02-24 12:53 . 2015-02-24 12:53	131072	----a-w-	c:\windows\SysWow64\wbload.dll
2015-02-18 14:05 . 2015-02-18 14:05	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2015-02-17 10:32 . 2015-02-17 10:32	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-17 10:32 . 2015-02-17 10:32	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-17 10:30 . 2015-02-17 10:30	57096	----a-w-	c:\windows\system32\certsentry.dll
2015-02-17 10:30 . 2015-02-17 10:30	48392	----a-w-	c:\windows\SysWow64\certsentry.dll
2015-02-17 10:30 . 2015-02-17 10:30	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2015-02-17 10:30 . 2015-02-17 10:30	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2015-02-17 10:30 . 2015-02-17 10:30	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\gry\Steam\steam.exe" [2015-04-13 2889408]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"DAEMON Tools Lite"="d:\programy\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="d:\programy\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-21 767176]
"AdobeCEPServiceManager"="c:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 1039248]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-03-07 335232]
.
c:\users\PiotrC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\PiotrC\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-4-14 43376600]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2015-3-24 36544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 Andbus;LGE Android Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandmodem64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;d:\programy\Comodo\Dragon\dragon_updater.exe;d:\programy\Comodo\Dragon\dragon_updater.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - EAMON
*NewlyCreated* - EHDRV
*NewlyCreated* - EPFWWFPR
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\PiotrC\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2716216]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
.
.
------- File Associations -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-UnsignedThemes
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-04-25  17:26:28
ComboFix-quarantined-files.txt  2015-04-25 15:26
.
Pre-Run: 22,696,292,352 bytes free
Post-Run: 22,602,522,624 bytes free
.
- - End Of File - - 7FB3A688082FB56A6666B54429AD4F9F
A36C5E4F47E84449FF07ED3517B43A31