ComboFix 16-07-16.01 - GALA 2016-07-19  13:26:15.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1250.48.1045.18.3970.1905 [GMT 2:00]
Uruchomiony z: c:\users\GALA\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini2
c:\windows\RPSETUP.EXE.LOG
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2016-06-19 do 2016-07-19  )))))))))))))))))))))))))))))))
.
.
2016-07-19 11:31 . 2016-07-19 11:31	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2016-07-19 11:31 . 2016-07-19 11:31	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-07-19 11:31 . 2016-07-19 11:31	--------	d-----w-	c:\users\Biuro\AppData\Local\temp
2016-07-19 11:17 . 2016-07-19 11:17	75888	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E074025C-BBAD-4658-B014-72260561DA1D}\offreg.1008.dll
2016-07-19 10:51 . 2016-07-19 10:51	--------	d-----w-	c:\users\GALA\AppData\Local\AvgSetupLog
2016-07-19 10:13 . 2016-06-21 13:04	12007136	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E074025C-BBAD-4658-B014-72260561DA1D}\mpengine.dll
2016-07-19 10:11 . 2016-06-21 13:04	12007136	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-07-19 10:08 . 2016-07-19 10:08	1167568	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E51FC23F-F910-41B0-A6CF-237AF844E74D}\gapaengine.dll
2016-07-19 10:07 . 2016-07-19 10:55	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-07-19 10:07 . 2016-07-19 10:07	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2016-07-19 10:07 . 2016-03-10 12:09	64896	----a-w-	c:\windows\system32\drivers\mwac.sys
2016-07-19 10:07 . 2016-03-10 12:08	140672	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2016-07-19 10:07 . 2016-03-10 12:08	27008	----a-w-	c:\windows\system32\drivers\mbam.sys
2016-07-19 10:03 . 2016-07-19 10:03	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2016-07-19 10:03 . 2016-07-19 10:03	--------	d-----w-	c:\program files\Microsoft Security Client
2016-07-19 09:42 . 2016-07-19 09:43	--------	d-----w-	c:\users\Administrator
2016-07-19 08:23 . 2016-07-19 08:42	--------	d-----w-	c:\users\Biuro\AppData\Roaming\TeamViewer
2016-07-16 23:34 . 2016-07-16 23:34	--------	d-----w-	c:\users\GALA\AppData\Local\tkdata
2016-07-15 07:00 . 2016-07-15 07:00	--------	d-----w-	c:\users\Biuro\AppData\Local\CEF
2016-07-15 06:59 . 2016-07-15 07:01	--------	d-----w-	c:\users\Biuro\AppData\Local\tkdata
2016-07-15 06:57 . 2016-07-19 10:48	--------	d-----w-	c:\program files\Common Files\McAfee
2016-07-15 06:57 . 2016-07-18 04:44	--------	d-----w-	c:\program files (x86)\McAfee
2016-07-15 06:46 . 2016-07-19 09:56	--------	d-----w-	c:\programdata\McAfee
2016-07-15 06:46 . 2016-07-18 06:55	--------	d-----w-	c:\program files (x86)\McAfee Security Scan
2016-07-14 09:56 . 2016-07-14 12:59	--------	d-----w-	c:\users\Biuro\AppData\Local\Mozilla Thunderbird
2016-07-13 06:54 . 2016-06-26 00:27	756736	----a-w-	c:\windows\system32\win32spl.dll
2016-07-13 06:54 . 2016-06-26 00:27	970240	----a-w-	c:\windows\system32\localspl.dll
2016-07-13 06:54 . 2016-06-26 00:27	166400	----a-w-	c:\windows\system32\inetpp.dll
2016-07-13 06:54 . 2016-06-25 19:54	497152	----a-w-	c:\windows\SysWow64\win32spl.dll
2016-07-13 06:54 . 2016-06-26 00:27	38912	----a-w-	c:\windows\system32\Spool\prtprocs\x64\winprint.dll
2016-07-13 06:54 . 2016-06-26 00:27	344576	----a-w-	c:\windows\system32\ntprint.dll
2016-07-13 06:54 . 2016-06-26 00:27	22528	----a-w-	c:\windows\system32\inetppui.dll
2016-07-13 06:54 . 2016-06-25 19:53	297472	----a-w-	c:\windows\SysWow64\ntprint.dll
2016-07-13 06:54 . 2016-06-25 19:53	48640	----a-w-	c:\windows\system32\wpnpinst.exe
2016-07-13 06:54 . 2016-06-25 19:53	61952	----a-w-	c:\windows\system32\ntprint.exe
2016-07-13 06:54 . 2016-06-25 19:41	61952	----a-w-	c:\windows\SysWow64\ntprint.exe
2016-07-13 06:54 . 2016-06-14 15:03	3217408	----a-w-	c:\windows\system32\win32k.sys
2016-07-05 13:48 . 2016-07-14 08:26	--------	d-----w-	c:\users\Biuro\AppData\Local\Mozilla Firefox
2016-06-21 09:53 . 2016-07-19 10:43	--------	d-----w-	c:\program files (x86)\TeamViewer
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-07-15 06:46 . 2013-12-11 21:33	796352	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-07-15 06:46 . 2013-12-11 21:33	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-07-13 22:31 . 2014-01-17 10:37	144749672	----a-w-	c:\windows\system32\MRT.exe
2016-06-21 10:13 . 2010-11-21 03:27	485032	------w-	c:\windows\system32\MpSigStub.exe
2016-06-14 15:21 . 2016-07-13 06:54	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2016-05-18 16:10 . 2016-06-15 06:10	312832	----a-w-	c:\windows\SysWow64\gdi32.dll
2016-05-18 16:09 . 2016-06-15 06:10	405504	----a-w-	c:\windows\system32\gdi32.dll
2016-05-13 22:15 . 2016-06-15 06:10	382184	----a-w-	c:\windows\system32\atmfd.dll
2016-05-13 22:09 . 2016-06-15 06:10	41472	----a-w-	c:\windows\system32\lpk.dll
2016-05-13 22:09 . 2016-06-15 06:10	100864	----a-w-	c:\windows\system32\fontsub.dll
2016-05-13 22:09 . 2016-06-15 06:10	14336	----a-w-	c:\windows\system32\dciman32.dll
2016-05-13 22:09 . 2016-06-15 06:10	46080	----a-w-	c:\windows\system32\atmlib.dll
2016-05-13 21:54 . 2016-06-15 06:10	308456	----a-w-	c:\windows\SysWow64\atmfd.dll
2016-05-13 21:50 . 2016-06-15 06:10	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2016-05-13 21:49 . 2016-06-15 06:10	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2016-05-13 21:49 . 2016-06-15 06:10	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2016-05-13 21:27 . 2016-06-15 06:10	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2016-05-12 17:20 . 2016-06-15 06:10	95464	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2016-05-12 17:20 . 2016-06-15 06:10	154856	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2016-05-12 17:15 . 2016-06-15 06:10	105472	----a-w-	c:\windows\system32\winipsec.dll
2016-05-12 17:15 . 2016-06-15 06:10	2048	----a-w-	c:\windows\system32\tzres.dll
2016-05-12 17:15 . 2016-06-15 06:10	86528	----a-w-	c:\windows\system32\TSpkg.dll
2016-05-12 17:15 . 2016-06-15 06:10	210432	----a-w-	c:\windows\system32\wdigest.dll
2016-05-12 17:15 . 2016-06-15 06:10	28672	----a-w-	c:\windows\system32\sspisrv.dll
2016-05-12 17:15 . 2016-06-15 06:10	135680	----a-w-	c:\windows\system32\sspicli.dll
2016-05-12 17:14 . 2016-06-15 06:10	344064	----a-w-	c:\windows\system32\schannel.dll
2016-05-12 17:14 . 2016-06-15 06:10	28160	----a-w-	c:\windows\system32\secur32.dll
2016-05-12 17:14 . 2016-06-15 06:10	190464	----a-w-	c:\windows\system32\rpchttp.dll
2016-05-12 17:14 . 2016-06-15 06:10	1212928	----a-w-	c:\windows\system32\rpcrt4.dll
2016-05-12 17:14 . 2016-06-15 06:10	373760	----a-w-	c:\windows\system32\polstore.dll
2016-05-12 17:14 . 2016-06-15 06:10	312320	----a-w-	c:\windows\system32\ncrypt.dll
2016-05-12 17:14 . 2016-06-15 06:10	316416	----a-w-	c:\windows\system32\msv1_0.dll
2016-05-12 17:14 . 2016-06-15 06:10	60416	----a-w-	c:\windows\system32\msobjs.dll
2016-05-12 17:14 . 2016-06-15 06:10	146432	----a-w-	c:\windows\system32\msaudite.dll
2016-05-12 17:14 . 2016-06-15 06:10	1464320	----a-w-	c:\windows\system32\lsasrv.dll
2016-05-12 17:14 . 2016-06-15 06:10	730624	----a-w-	c:\windows\system32\kerberos.dll
2016-05-12 17:14 . 2016-06-15 06:10	502272	----a-w-	c:\windows\system32\IPSECSVC.DLL
2016-05-12 17:14 . 2016-06-15 06:10	96256	----a-w-	c:\windows\system32\gpapi.dll
2016-05-12 17:14 . 2016-06-15 06:10	794624	----a-w-	c:\windows\system32\gpsvc.dll
2016-05-12 17:14 . 2016-06-15 06:10	793088	----a-w-	c:\windows\system32\gpprefcl.dll
2016-05-12 17:14 . 2016-06-15 06:10	75776	----a-w-	c:\windows\system32\FwRemoteSvr.dll
2016-05-12 17:14 . 2016-06-15 06:10	32768	----a-w-	c:\windows\system32\gpscript.dll
2016-05-12 17:14 . 2016-06-15 06:10	43520	----a-w-	c:\windows\system32\cryptbase.dll
2016-05-12 17:14 . 2016-06-15 06:10	22016	----a-w-	c:\windows\system32\credssp.dll
2016-05-12 17:14 . 2016-06-15 06:10	463872	----a-w-	c:\windows\system32\certcli.dll
2016-05-12 17:14 . 2016-06-15 06:10	690688	----a-w-	c:\windows\system32\adtschema.dll
2016-05-12 15:18 . 2016-06-15 06:10	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2016-05-12 15:18 . 2016-06-15 06:10	666112	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2016-05-12 15:18 . 2016-06-15 06:10	70144	----a-w-	c:\windows\SysWow64\winipsec.dll
2016-05-12 15:18 . 2016-06-15 06:10	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2016-05-12 15:18 . 2016-06-15 06:10	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2016-05-12 15:18 . 2016-06-15 06:10	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2016-05-12 15:18 . 2016-06-15 06:10	251392	----a-w-	c:\windows\SysWow64\schannel.dll
2016-05-12 15:18 . 2016-06-15 06:10	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2016-05-12 15:18 . 2016-06-15 06:10	141312	----a-w-	c:\windows\SysWow64\rpchttp.dll
2016-05-12 15:18 . 2016-06-15 06:10	274944	----a-w-	c:\windows\SysWow64\polstore.dll
2016-05-12 15:18 . 2016-06-15 06:10	223232	----a-w-	c:\windows\SysWow64\ncrypt.dll
2016-05-12 15:18 . 2016-06-15 06:10	260608	----a-w-	c:\windows\SysWow64\msv1_0.dll
2016-05-12 15:18 . 2016-06-15 06:10	60416	----a-w-	c:\windows\SysWow64\msobjs.dll
2016-05-12 15:18 . 2016-06-15 06:10	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2016-05-12 15:18 . 2016-06-15 06:10	553472	----a-w-	c:\windows\SysWow64\kerberos.dll
2016-05-12 15:18 . 2016-06-15 06:10	591872	----a-w-	c:\windows\SysWow64\gpprefcl.dll
2016-05-12 15:18 . 2016-06-15 06:10	79360	----a-w-	c:\windows\SysWow64\gpapi.dll
2016-05-12 15:18 . 2016-06-15 06:10	44032	----a-w-	c:\windows\SysWow64\FwRemoteSvr.dll
2016-05-12 15:18 . 2016-06-15 06:10	342528	----a-w-	c:\windows\SysWow64\certcli.dll
2016-05-12 15:18 . 2016-06-15 06:10	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2016-05-12 15:18 . 2016-06-15 06:10	690688	----a-w-	c:\windows\SysWow64\adtschema.dll
2016-05-12 15:06 . 2016-06-15 06:10	25600	----a-w-	c:\windows\system32\gpscript.exe
2016-05-12 15:05 . 2016-06-15 06:10	64000	----a-w-	c:\windows\system32\auditpol.exe
2016-05-12 14:58 . 2016-06-15 06:10	159744	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2016-05-12 14:58 . 2016-06-15 06:10	464896	----a-w-	c:\windows\system32\drivers\srv.sys
2016-05-12 14:58 . 2016-06-15 06:10	405504	----a-w-	c:\windows\system32\drivers\srv2.sys
2016-05-12 14:58 . 2016-06-15 06:10	168960	----a-w-	c:\windows\system32\drivers\srvnet.sys
2016-05-12 14:58 . 2016-06-15 06:10	291328	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2016-05-12 14:58 . 2016-06-15 06:10	129536	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2016-05-12 14:57 . 2016-06-15 06:10	30720	----a-w-	c:\windows\system32\lsass.exe
2016-05-12 14:57 . 2016-06-15 06:10	30720	----a-w-	c:\windows\SysWow64\gpscript.dll
2016-05-12 14:57 . 2016-06-15 06:10	24576	----a-w-	c:\windows\SysWow64\gpscript.exe
2016-05-12 14:56 . 2016-06-15 06:10	50176	----a-w-	c:\windows\SysWow64\auditpol.exe
2016-05-12 14:51 . 2016-06-15 06:10	36352	----a-w-	c:\windows\SysWow64\cryptbase.dll
2016-05-12 13:05 . 2016-06-15 06:10	459640	----a-w-	c:\windows\system32\drivers\cng.sys
2016-05-12 13:05 . 2016-06-15 06:10	297984	----a-w-	c:\windows\system32\bcryptprimitives.dll
2016-05-12 13:04 . 2016-06-15 06:10	249352	----a-w-	c:\windows\SysWow64\bcryptprimitives.dll
2016-05-11 17:02 . 2016-06-15 06:10	296448	----a-w-	c:\windows\system32\ws2_32.dll
2016-05-11 17:02 . 2016-06-15 06:10	444928	----a-w-	c:\windows\system32\winhttp.dll
2016-05-11 17:02 . 2016-06-15 06:10	483840	----a-w-	c:\windows\system32\StructuredQuery.dll
2016-05-11 17:02 . 2016-06-15 06:10	327168	----a-w-	c:\windows\system32\mswsock.dll
2016-05-11 15:19 . 2016-06-15 06:10	206336	----a-w-	c:\windows\SysWow64\ws2_32.dll
2016-05-11 15:19 . 2016-06-15 06:10	351744	----a-w-	c:\windows\SysWow64\winhttp.dll
2016-05-11 15:19 . 2016-06-15 06:10	363520	----a-w-	c:\windows\SysWow64\StructuredQuery.dll
2016-05-11 15:19 . 2016-06-15 06:10	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2016-05-11 15:11 . 2016-06-15 06:10	25088	----a-w-	c:\windows\system32\netbtugc.exe
2016-05-11 15:01 . 2016-06-15 06:10	26624	----a-w-	c:\windows\SysWow64\netbtugc.exe
2016-05-11 14:58 . 2016-06-15 06:10	262144	----a-w-	c:\windows\system32\drivers\netbt.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-12-16 133400]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfx64bulk.sys;c:\windows\SYSNATIVE\drivers\hpfx64bulk.sys [x]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys;c:\windows\SYSNATIVE\drivers\hpfx64fax.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys;c:\windows\SYSNATIVE\DRIVERS\netvsc60.sys [x]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys;c:\windows\SYSNATIVE\DRIVERS\VMBusVideoM.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0150.sys [x]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe  [x]
S2 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
S2 DellUpdate;Dell Update Service;c:\program files (x86)\Dell Update\DellUpService.exe;c:\program files (x86)\Dell Update\DellUpService.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 NovaPdfServer;novaPDF Server;c:\program files\Softland\novaPDF 8\Server\novapdfs.exe;c:\program files\Softland\novaPDF 8\Server\novapdfs.exe [x]
S2 SupportAssistAgent;Dell SupportAssist Agent;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Inspekcja sieci firmy Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys;c:\windows\SYSNATIVE\drivers\SiUSBXp.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-18 17:46	1245848	----a-w-	c:\program files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2016-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 15:18]
.
2016-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 15:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-22 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-22 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-22 439064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-01-16 6463080]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{DA77ED33-F712-4D9E-B381-C1051EBA819E}: NameServer = 192.168.10.1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-SALXPDRV&10C4&82E9 - c:\windows\system32\Silabs\DriverUninstaller.exe USBXpress\SALXPDRV&10C4&82E9
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2016-07-19  13:35:11
ComboFix-quarantined-files.txt  2016-07-19 11:35
.
Przed: 341 567 631 360 bajtów wolnych
Po: 341 561 843 712 bajtów wolnych
.
- - End Of File - - F79160C4D8F75CD3B8FFAB4D2F03A54F