CloseProcesses:
CreateRestorePoint:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
Startup: C:\Users\Zbyszek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2016-10-22]
ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Tcpip\..\Interfaces\{45989507-3609-4FCB-B98F-9DC12A5661A9}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D5D08A3F-60D2-4EB2-B4EA-689DA57C7F51}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{D6166205-AF99-45D1-854F-F55D3ED772D5}: [DhcpNameServer] 87.204.204.204 62.233.233.233
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4115880397-3610569370-3376281175-1000 -> {B6E0483A-BF69-4C9F-8AD7-0142F48E8740} URL = hxxp://rover.ebay.com/rover/1//4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-4115880397-3610569370-3376281175-1000 -> {E405A133-D6A1-4F26-B5D3-236B7B6BFD45} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pl-pl
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR HKU\S-1-5-21-4115880397-3610569370-3376281175-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
U1 aswbdisk; Brak ImagePath
S3 catchme; \??\C:\04-ComboFix-autoupdate\catchme.sys [X]
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Media Gallery (HKLM\...\{115B60D5-BBDB-490E-AF2E-064D37A3CE01}) (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (HKLM-x32\...\{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (HKLM-x32\...\{C115A674-A398-49E5-9C6E-C0A541D3EA10}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
Task: {17B7DAD3-4717-4F32-8745-F76C02FB974A} - System32\Tasks\{465855C6-6667-41B6-868E-EAD1595E8BB0} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.12.0.101.117/pl/abandoninstall?page=tsBing
Task: {586CFEAD-2240-4EC0-8754-7253728915B2} - \User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} -> Brak pliku <==== UWAGA
Task: {5B39023B-C925-46EA-B9CC-11530E901CD5} - \{26A06A7C-6DEB-47E2-9FFA-30CBE90DB13B} -> Brak pliku <==== UWAGA
Task: {6A6001F3-263C-42F6-A28D-2F376A113B4D} - System32\Tasks\{2A32E1CB-CE57-40F8-8A15-613727894002} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.27.80.101/pl/abandoninstall?page=tsProgressBar
Task: {7487BD9B-4688-47FC-9268-989C5AA6FB99} - \SONY\VAIO Gate\VAIO Gate -> Brak pliku <==== UWAGA
Task: {D410BEA7-156F-4770-B79C-C5973B885115} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> Brak pliku <==== UWAGA
Task: {D72D7FB0-59CD-4263-911B-C27228C44343} - \SONY\VAIO Gate\StartExecuteProxy -> Brak pliku <==== UWAGA
Task: {D7D247FF-E911-4AAD-AE02-5C33AE52AFFD} - \doPDF Update -> Brak pliku <==== UWAGA
C:\ProgramData\Microsoft\Windows\Start Menu\POMOC ZDALNA.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano\KMSnano.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\Desktop\AppsHat.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\Desktop\Bączkowski — skrót.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\Desktop\Google Chrome.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\Desktop\Informacja niejawna — skrót.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\Desktop\LSHunterTVApp.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\Desktop\Search.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\Desktop\SpeedUpMyComputer.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\Desktop\Telewizor C80LE645_646 — skrót.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV\LSHunterTVApp.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV\Uninstall.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\AppsHat.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk
C:\Users\Zbyszek\Desktop\Zbigniew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Users\Public\Desktop\Internet w Cyfrowym Polsacie.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Users\Public\Desktop\OpenOffice.org 3.2.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Users\Public\Desktop\PLAY ONLINE.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Users\Public\Desktop\Wybór przeglądarki.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Users\Public\Desktop\Wznów Instalację Reimage Repair.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A98\Website.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A97\Uninstall.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A96\SpeedUpMyComputer.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A94\Uninstall.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A93\Check for Updates.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A86\Faktura WYNAJEM - rozliczenie ciepła woda 2014.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A85\1d pozyczki sedyko,a wlasc dlug fir na 2015-04-30.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A84\1d pozyczki sedyko,a wlasc dlug fir na 2015-04-10.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A83\001425761665.INV.KUL.CO.007.20140220.103617.20140220.103647.23974.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A82\001425761665.AWB.KUL.CO.007.20140220.103617.20140220.103639.17382.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A81\.~lock.Dane do karty kwalifikacyjnej magazyn.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A4A\OpenOffice.org 3.2.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A47\Google Chrome.lnk
C:\Users\Zbyszek\Desktop\2015-05-22\Irregular\00024A45\Aplikacja wizualizacyjna NOL3.lnk