ComboFix 15-08-20.01 - user 2015-08-20 21:14:09.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.2925.1427 [GMT 2:00] Uruchomiony z: c:\users\user\Downloads\ComboFix.exe AV: Panda Free Antivirus *Disabled/Updated* {AAF74A68-8713-CDF1-004F-30003398BE9E} FW: Panda Firewall *Disabled* {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5} SP: Panda Free Antivirus *Disabled/Updated* {1196AB8C-A129-C27F-3AFF-0B72481FF423} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\data c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini c:\programdata\ntuser.pol c:\windows\IsUn0415.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2015-07-20 do 2015-08-20 ))))))))))))))))))))))))))))))) . . 2015-08-20 19:25 . 2015-08-20 19:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2015-08-20 19:25 . 2015-08-20 19:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-08-20 17:49 . 2015-08-20 19:09 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2015-08-20 17:49 . 2015-08-20 17:50 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2015-08-20 14:30 . 2015-08-20 14:30 -------- d-----w- c:\users\user\AppData\Local\Deployment 2015-08-20 14:30 . 2015-08-20 14:30 -------- d-----w- c:\users\user\AppData\Local\Apps 2015-08-20 13:44 . 2015-08-20 13:44 43664 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys 2015-08-20 13:09 . 2015-05-22 08:45 61712 ----a-w- c:\windows\system32\drivers\PSKMAD.sys 2015-08-20 11:38 . 2015-08-20 11:57 -------- d-----w- c:\programdata\HitmanPro 2015-08-20 09:57 . 2015-08-20 13:10 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-08-20 09:56 . 2015-08-20 09:57 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2015-08-20 09:56 . 2015-08-20 09:56 -------- d-----w- c:\programdata\Malwarebytes 2015-08-20 09:56 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-08-20 09:56 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-08-20 09:56 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-08-20 09:51 . 2015-08-20 14:02 -------- d-----w- C:\AdwCleaner 2015-08-19 21:00 . 2015-08-11 01:20 25191936 ----a-w- c:\windows\system32\mshtml.dll 2015-08-19 21:00 . 2015-08-11 01:14 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2015-08-19 21:00 . 2015-08-11 00:33 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2015-08-19 12:10 . 2015-08-19 12:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\Google 2015-08-19 10:17 . 2015-08-20 17:40 -------- d-----w- c:\programdata\panda_url_filtering 2015-08-19 10:17 . 2015-08-19 10:17 -------- d-----w- c:\programdata\Panda Security URL Filtering 2015-08-19 10:16 . 2015-08-19 10:17 -------- d-----w- c:\program files (x86)\pandasecuritytb 2015-08-19 10:16 . 2015-08-19 10:16 -------- d-----w- c:\users\user\AppData\Roaming\Panda Security 2015-08-19 10:15 . 2015-08-19 10:16 -------- d-----w- c:\program files (x86)\Panda Security 2015-08-19 10:03 . 2015-08-19 10:16 -------- d-----w- c:\programdata\Panda Security 2015-08-19 09:28 . 2015-08-19 09:28 -------- d-----w- c:\users\UpdatusUser\AppData\Roaming\Opera Software 2015-08-19 09:27 . 2015-08-20 13:43 -------- d-----w- c:\programdata\Tristip 2015-08-18 19:43 . 2015-08-18 19:52 -------- d-----w- c:\users\user\.scorched3d 2015-08-17 19:55 . 2015-08-17 19:55 -------- d-----w- c:\users\user\AppData\Local\CEF 2015-08-17 19:27 . 2015-08-17 19:27 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2015-08-17 19:27 . 2015-08-20 19:26 -------- d-----w- c:\users\user\AppData\Local\LogMeIn Hamachi 2015-08-17 19:10 . 2015-08-17 19:11 -------- d-----w- c:\users\user\AppData\Roaming\Audio Recorder Free 2015-08-17 19:10 . 2015-08-17 19:10 -------- d-----w- c:\users\user\AppData\Roaming\New Version Available 2015-08-17 19:09 . 2005-05-18 09:52 1212416 ----a-w- c:\windows\SysWow64\NCTAudioInformation2.dll 2015-08-17 19:09 . 2005-05-17 10:37 1986560 ----a-w- c:\windows\SysWow64\NCTAudioFile2.dll 2015-08-17 19:09 . 2005-04-25 11:01 458752 ----a-w- c:\windows\SysWow64\NCTAudioRecord2.dll 2015-08-17 19:09 . 2005-04-25 11:01 458752 ----a-w- c:\windows\SysWow64\NCTAudioPlayer2.dll 2015-08-17 19:09 . 2005-04-15 10:08 880640 ----a-w- c:\windows\SysWow64\NCTAudioEditor2.dll 2015-08-17 19:09 . 2005-04-04 15:21 602112 ----a-w- c:\windows\SysWow64\NCTAudioTransform2.dll 2015-08-17 19:09 . 2005-03-28 13:54 479232 ----a-w- c:\windows\SysWow64\NCTAudioVisualization2.dll 2015-08-17 19:09 . 2005-03-28 13:52 417792 ----a-w- c:\windows\SysWow64\NCTTextToAudio2.dll 2015-08-17 19:09 . 2005-02-24 09:51 348160 ----a-w- c:\windows\SysWow64\NCTWMAFile2.dll 2015-08-17 19:09 . 2004-11-04 11:31 835584 ----a-w- c:\windows\SysWow64\NCTAudioCDGrabber2.dll 2015-08-17 19:09 . 2015-08-17 19:09 -------- d-----w- c:\program files (x86)\Audio Recorder Free 2015-08-17 19:09 . 2015-08-17 19:09 -------- d-----w- c:\users\user\AppData\Local\Opera Software 2015-08-17 19:07 . 2015-08-17 19:07 -------- d-----w- c:\users\user\AppData\Roaming\Shortcut 2015-08-17 18:43 . 2015-08-17 18:43 -------- d-----w- c:\program files (x86)\Bandicam 2015-08-17 18:30 . 2015-08-17 18:30 -------- d-----w- c:\users\user\AppData\Roaming\BANDISOFT 2015-08-17 18:29 . 2015-08-17 18:43 -------- d-----w- c:\program files (x86)\BandiMPEG1 2015-08-17 18:15 . 2015-08-17 18:15 715038 ----a-w- c:\windows\unins000.exe 2015-08-17 18:15 . 2011-12-07 17:37 148992 ----a-w- c:\windows\system32\lagarith.dll 2015-08-17 18:15 . 2011-12-07 17:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll 2015-08-17 18:07 . 2015-08-17 18:07 -------- d-----w- c:\users\user\AppData\Local\Dxtory Software 2015-08-17 18:07 . 2014-06-08 20:14 2508336 ----a-w- c:\windows\SysWow64\DxtoryCodec.dll 2015-08-17 18:07 . 2014-06-08 20:14 2610736 ----a-w- c:\windows\system32\DxtoryCodec.dll 2015-08-17 18:07 . 2015-08-17 18:07 -------- d-----w- c:\program files (x86)\ExKode 2015-08-17 13:14 . 2015-08-17 13:36 -------- d-----w- c:\users\user\AppData\Roaming\OBS 2015-08-17 13:14 . 2015-08-17 13:14 -------- d-----w- c:\program files\OBS 2015-08-17 13:14 . 2015-08-17 13:14 -------- d-----w- c:\program files (x86)\OBS 2015-08-13 10:16 . 2015-08-13 11:16 9284296 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2015-08-12 15:23 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 15:23 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 08:17 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll 2015-08-12 08:16 . 2015-07-01 20:49 260096 ----a-w- c:\windows\system32\WebClnt.dll . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-08-13 11:16 . 2013-03-29 10:51 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-08-13 11:16 . 2013-03-29 10:51 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-08-03 10:12 . 2012-02-06 12:57 33856 ---ha-w- c:\windows\system32\hamachi.sys 2015-07-19 16:45 . 2015-07-19 16:45 107768 ----a-w- c:\windows\system32\drivers\PSINReg.sys 2015-07-19 16:45 . 2015-07-19 16:45 134392 ----a-w- c:\windows\system32\drivers\PSINProt.sys 2015-07-19 16:45 . 2015-07-19 16:45 124152 ----a-w- c:\windows\system32\drivers\PSINProc.sys 2015-07-19 16:45 . 2015-07-19 16:45 197880 ----a-w- c:\windows\system32\drivers\PSINKNC.sys 2015-07-19 16:45 . 2015-07-19 16:45 121592 ----a-w- c:\windows\system32\drivers\PSINFile.sys 2015-07-19 16:45 . 2015-07-19 16:45 164088 ----a-w- c:\windows\system32\drivers\PSINAflt.sys 2015-07-16 17:22 . 2015-07-16 17:22 291496 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2015-07-16 17:22 . 2015-07-16 17:22 291496 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2015-07-16 17:22 . 2015-07-16 17:22 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2015-07-16 17:04 . 2015-07-16 17:02 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys 2015-07-15 17:54 . 2015-08-12 08:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2015-07-09 15:37 . 2015-07-09 15:37 72952 ----a-w- c:\windows\system32\drivers\NNSPihsw.sys 2015-07-09 15:37 . 2015-07-09 15:37 257784 ----a-w- c:\windows\system32\drivers\NNSStrm.sys 2015-07-09 15:37 . 2015-07-09 15:37 106232 ----a-w- c:\windows\system32\drivers\NNStlsc.sys 2015-07-09 15:37 . 2015-07-09 15:37 170232 ----a-w- c:\windows\system32\drivers\NNSPrv.sys 2015-07-09 15:37 . 2015-07-09 15:37 113400 ----a-w- c:\windows\system32\drivers\NNSSmtp.sys 2015-07-09 15:37 . 2015-07-09 15:37 300280 ----a-w- c:\windows\system32\drivers\NNSProt.sys 2015-07-09 15:37 . 2015-07-09 15:37 124152 ----a-w- c:\windows\system32\drivers\NNSPop3.sys 2015-07-09 15:37 . 2015-07-09 15:37 110840 ----a-w- c:\windows\system32\drivers\NNSIds.sys 2015-07-09 15:37 . 2015-07-09 15:37 103160 ----a-w- c:\windows\system32\drivers\NNSpicc.sys 2015-07-09 15:37 . 2015-07-09 15:37 201976 ----a-w- c:\windows\system32\drivers\NNSHttp.sys 2015-07-09 15:37 . 2015-07-09 15:37 110840 ----a-w- c:\windows\system32\drivers\NNSHttps.sys 2015-07-09 15:37 . 2015-07-09 15:37 94456 ----a-w- c:\windows\system32\drivers\NNSAlpc.sys 2015-07-04 18:07 . 2015-07-16 12:48 2087424 ----a-w- c:\windows\system32\ole32.dll 2015-07-04 17:48 . 2015-07-16 12:48 1414656 ----a-w- c:\windows\SysWow64\ole32.dll 2015-06-17 17:47 . 2015-07-16 12:51 404992 ----a-w- c:\windows\system32\gdi32.dll 2015-06-17 17:37 . 2015-07-16 12:51 312320 ----a-w- c:\windows\SysWow64\gdi32.dll 2015-06-15 21:50 . 2015-07-16 12:48 112064 ----a-w- c:\windows\system32\consent.exe 2015-06-15 21:45 . 2015-07-16 12:48 3242496 ----a-w- c:\windows\system32\msi.dll 2015-06-15 21:45 . 2015-07-16 12:48 504320 ----a-w- c:\windows\system32\msihnd.dll 2015-06-15 21:45 . 2015-07-16 12:48 1941504 ----a-w- c:\windows\system32\authui.dll 2015-06-15 21:45 . 2015-07-16 12:48 70656 ----a-w- c:\windows\system32\appinfo.dll 2015-06-15 21:44 . 2015-07-16 12:48 128000 ----a-w- c:\windows\system32\msiexec.exe 2015-06-15 21:43 . 2015-07-16 12:48 2364416 ----a-w- c:\windows\SysWow64\msi.dll 2015-06-15 21:43 . 2015-07-16 12:48 337408 ----a-w- c:\windows\SysWow64\msihnd.dll 2015-06-15 21:43 . 2015-07-16 12:48 1805824 ----a-w- c:\windows\SysWow64\authui.dll 2015-06-15 21:42 . 2015-07-16 12:48 73216 ----a-w- c:\windows\SysWow64\msiexec.exe 2015-06-15 21:42 . 2015-07-16 12:48 25088 ----a-w- c:\windows\system32\msimsg.dll 2015-06-15 21:37 . 2015-07-16 12:48 25088 ----a-w- c:\windows\SysWow64\msimsg.dll 2015-06-02 00:07 . 2015-07-16 12:52 254976 ----a-w- c:\windows\system32\cewmdm.dll 2015-06-01 23:47 . 2015-07-16 12:52 210432 ----a-w- c:\windows\SysWow64\cewmdm.dll 2015-05-25 18:19 . 2015-06-12 17:53 1255424 ----a-w- c:\windows\system32\diagtrack.dll 2015-05-25 18:19 . 2015-06-12 17:53 879104 ----a-w- c:\windows\system32\tdh.dll 2015-05-25 18:19 . 2015-06-12 17:53 113664 ----a-w- c:\windows\system32\sechost.dll 2015-05-25 18:18 . 2015-06-12 17:53 879104 ----a-w- c:\windows\system32\advapi32.dll 2015-05-25 18:18 . 2015-06-12 17:53 47104 ----a-w- c:\windows\system32\typeperf.exe 2015-05-25 18:18 . 2015-06-12 17:53 404992 ----a-w- c:\windows\system32\tracerpt.exe 2015-05-25 18:18 . 2015-06-12 17:53 43008 ----a-w- c:\windows\system32\relog.exe 2015-05-25 18:18 . 2015-06-12 17:53 104448 ----a-w- c:\windows\system32\logman.exe 2015-05-25 18:18 . 2015-06-12 17:53 19456 ----a-w- c:\windows\system32\diskperf.exe 2015-05-25 18:01 . 2015-06-12 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll 2015-05-25 18:01 . 2015-06-12 17:53 92160 ----a-w- c:\windows\SysWow64\sechost.dll 2015-05-25 18:01 . 2015-06-12 17:53 641536 ----a-w- c:\windows\SysWow64\advapi32.dll 2015-05-25 18:00 . 2015-06-12 17:53 40448 ----a-w- c:\windows\SysWow64\typeperf.exe 2015-05-25 18:00 . 2015-06-12 17:53 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe 2015-05-25 18:00 . 2015-06-12 17:53 37888 ----a-w- c:\windows\SysWow64\relog.exe 2015-05-25 18:00 . 2015-06-12 17:53 82944 ----a-w- c:\windows\SysWow64\logman.exe 2015-05-25 18:00 . 2015-06-12 17:53 17408 ----a-w- c:\windows\SysWow64\diskperf.exe 2015-05-25 17:00 . 2015-06-12 17:53 36864 ----a-w- c:\windows\system32\UtcResources.dll 2015-05-23 09:00 . 2015-07-16 17:22 912744 ----a-w- c:\windows\SysWow64\pbsvc.exe . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] 2015-05-27 17:41 115224 ----a-w- c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll" [2015-05-27 115224] . [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 189464 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\users\user\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920] "Dropbox Update"="c:\users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-16 134512] "DAEMON Tools Lite Automount"="c:\program files (x86)\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 4468056] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 6806144] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "ADSMTray"="c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-09-25 3054136] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-08-03 5579624] "PSUAMain"="c:\program files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" [2015-07-28 54520] . c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 39179912] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h [2010-9-25 156952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\programdata\Tristip\jchwrrlp.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R2 Tristip;Tristip;c:\programdata\Tristip\Tristip;c:\programdata\Tristip\Tristip [x] R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x] R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x] R3 lgmdbus;LG Mobile driver (WDM);c:\windows\system32\DRIVERS\lgmdbus.sys;c:\windows\SYSNATIVE\DRIVERS\lgmdbus.sys [x] R3 lgmdmdfl;LG Mobile USB WMC Modem Filter;c:\windows\system32\DRIVERS\lgmdmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\lgmdmdfl.sys [x] R3 lgmdmdm;LG Mobile USB WMC Modem Driver;c:\windows\system32\DRIVERS\lgmdmdm.sys;c:\windows\SYSNATIVE\DRIVERS\lgmdmdm.sys [x] R3 lgmdmgmt;LG Mobile USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\lgmdmgmt.sys;c:\windows\SYSNATIVE\DRIVERS\lgmdmgmt.sys [x] R3 lgmdobex;LG Mobile USB WMC OBEX Interface;c:\windows\system32\DRIVERS\lgmdobex.sys;c:\windows\SYSNATIVE\DRIVERS\lgmdobex.sys [x] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 Origin Client Service;Origin Client Service;d:\gry\Origin\OriginClientService.exe;d:\gry\Origin\OriginClientService.exe [x] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSAlpc.sys [x] S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttp.sys [x] S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttps.sys [x] S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys;c:\windows\SYSNATIVE\DRIVERS\NNSIds.sys [x] S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys;c:\windows\SYSNATIVE\DRIVERS\NNSNAHSL.sys [x] S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPicc.sys [x] S1 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPihsw.sys [x] S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPop3.sys [x] S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys;c:\windows\SYSNATIVE\DRIVERS\NNSProt.sys [x] S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPrv.sys [x] S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSSmtp.sys [x] S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys;c:\windows\SYSNATIVE\DRIVERS\NNSStrm.sys [x] S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSTlsc.sys [x] S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys;c:\windows\SYSNATIVE\DRIVERS\psinknc.sys [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x] S2 NanoServiceMain;Panda Protection Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [x] S2 panda_url_filtering;panda_url_filtering Service;c:\programdata\Panda Security URL Filtering\Panda_URL_Filteringb.exe;c:\programdata\Panda Security URL Filtering\Panda_URL_Filteringb.exe [x] S2 PandaAgent;Panda Devices Agent;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [x] S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINAflt.sys [x] S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys;c:\windows\SYSNATIVE\DRIVERS\PSINFile.sys [x] S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProc.sys [x] S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProt.sys [x] S2 PSINReg;PSINReg;c:\windows\system32\DRIVERS\PSINReg.sys;c:\windows\SYSNATIVE\DRIVERS\PSINReg.sys [x] S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [x] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [x] S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel(R) Audio dla ekranów;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x] S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys;c:\windows\SYSNATIVE\DRIVERS\JME.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 panda_url_filteringd;panda_url_filteringd driver;c:\programdata\Panda Security URL Filtering\panda_url_filteringd.sys;c:\programdata\Panda Security URL Filtering\panda_url_filteringd.sys [x] S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x] . . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - PANDA_URL_FILTERINGD . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-08-20 14:31 995144 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.155\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2015-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-29 11:16] . 2015-08-20 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3416873059-519134790-2141062635-1001Core.job - c:\users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16 09:14] . 2015-08-20 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3416873059-519134790-2141062635-1001UA.job - c:\users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16 09:14] . 2015-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 14:30] . 2015-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 14:30] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] 2015-05-27 17:42 131096 ----a-w- c:\program files (x86)\pandasecuritytb\pandasecurityDx64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx64.dll" [2015-05-27 131096] . [HKEY_CLASSES_ROOT\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 226328 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 226328 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 226328 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-05 22:53 226328 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm mStart Page = about:blank mDefault_Page_URL = about:blank uInternet Settings,ProxyOverride = TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 . - - - - USUNIĘTO PUSTE WPISY - - - - . Toolbar-Locked - (no file) Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr AddRemove-Pharaoh - c:\windows\IsUn0415.exe AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Tristip] "ImagePath"="c:\programdata\Tristip\Tristip" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-3416873059-519134790-2141062635-1001\Software\SecuROM\License information*] "datasecu"=hex:f6,68,a6,d2,27,a4,a3,ba,cc,25,a2,08,f7,d9,2d,74,7a,7d,56,c4,6f, cf,3c,fc,c7,86,a0,31,1f,0d,e9,45,ae,ff,10,45,9a,13,89,ad,ac,15,8c,22,3a,88,\ "rkeysecu"=hex:df,bf,da,09,ea,27,42,30,99,f1,9d,32,97,2c,8c,bd . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.18" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2015-08-20 21:37:47 ComboFix-quarantined-files.txt 2015-08-20 19:37 . Przed: 27 532 476 416 bajtów wolnych Po: 27 351 216 128 bajtów wolnych . - - End Of File - - FC3C98786094F3E37FB43A709193780E