ComboFix 15-01-22.01 - hubi 2015-01-22 8:47.1.4 - x64 Microsoft Windows 8 6.2.9200.0.1250.48.1045.18.8058.5867 [GMT 1:00] Uruchomiony z: c:\users\hubi\Downloads\ComboFix.exe AV: McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} SP: McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Pliki utworzone od 2014-12-22 do 2015-01-22 ))))))))))))))))))))))))))))))) . . 2015-01-22 07:09 . 2015-01-22 07:09 -------- d-----w- c:\windows\pl 2015-01-22 07:08 . 2015-01-22 07:08 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition 2015-01-22 07:06 . 2015-01-22 07:06 -------- d-----w- c:\program files\Windows Live 2015-01-22 07:06 . 2015-01-22 07:06 -------- d-----w- c:\windows\PCHEALTH 2015-01-22 07:06 . 2015-01-22 07:08 -------- d-----w- c:\program files (x86)\Windows Live 2015-01-22 07:02 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2015-01-22 07:02 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll 2015-01-22 07:02 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll 2015-01-22 07:02 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll 2015-01-22 07:02 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2015-01-22 07:02 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll 2015-01-22 07:01 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll 2015-01-22 07:01 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2015-01-22 07:01 . 2006-11-29 12:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll 2015-01-22 07:01 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll 2015-01-22 07:00 . 2015-01-22 07:00 -------- d-----w- c:\program files (x86)\Microsoft OneDrive 2015-01-22 07:00 . 2015-01-22 07:00 -------- d-----w- c:\programdata\Microsoft OneDrive 2015-01-22 06:58 . 2015-01-22 06:58 -------- d-----w- c:\program files (x86)\Common Files\Windows Live 2015-01-22 05:53 . 2015-01-05 23:28 714176 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-01-22 05:53 . 2015-01-05 23:28 106440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-01-22 05:46 . 2015-01-22 05:48 -------- d-----w- c:\windows\system32\MRT 2015-01-22 05:41 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe 2015-01-22 05:41 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe 2015-01-22 04:54 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll 2015-01-22 04:54 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll 2015-01-22 04:54 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll 2015-01-22 04:54 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll 2015-01-22 04:54 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll 2015-01-22 04:54 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll 2015-01-22 04:54 . 2014-12-13 00:11 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll 2015-01-22 04:54 . 2014-12-13 00:11 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2015-01-22 04:54 . 2014-12-13 00:11 2824504 ----a-w- c:\windows\system32\nvspcap64.dll 2015-01-22 04:54 . 2014-12-13 00:11 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll 2015-01-22 04:54 . 2015-01-22 04:54 -------- d-----w- c:\program files (x86)\AGEIA Technologies 2015-01-22 04:53 . 2015-01-22 05:57 -------- d-----w- c:\windows\SysWow64\NV 2015-01-22 04:53 . 2015-01-22 05:57 -------- d-----w- c:\windows\system32\NV 2015-01-22 04:41 . 2015-01-22 04:41 -------- d-----w- C:\NVIDIA 2015-01-22 00:26 . 2015-01-22 00:26 -------- d-----w- c:\program files (x86)\Google 2015-01-21 22:16 . 2014-08-21 23:56 1418752 ----a-w- c:\windows\SysWow64\msxml3.dll 2015-01-21 22:16 . 2014-08-21 23:27 1845760 ----a-w- c:\windows\system32\msxml3.dll 2015-01-21 22:16 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml3r.dll 2015-01-21 22:16 . 2012-11-01 04:20 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll 2015-01-21 22:12 . 2014-10-23 12:47 79872 ----a-w- c:\windows\system32\packager.dll 2015-01-21 22:12 . 2014-10-23 11:04 68096 ----a-w- c:\windows\SysWow64\packager.dll 2015-01-21 22:08 . 2014-06-05 17:30 10116608 ----a-w- c:\windows\system32\twinui.dll 2015-01-21 22:08 . 2014-06-05 13:12 8857600 ----a-w- c:\windows\SysWow64\twinui.dll 2015-01-21 22:08 . 2014-06-05 17:29 2885632 ----a-w- c:\windows\system32\msi.dll 2015-01-21 22:08 . 2014-06-05 17:28 2306560 ----a-w- c:\windows\system32\authui.dll 2015-01-21 22:08 . 2014-06-05 13:11 2416128 ----a-w- c:\windows\SysWow64\msi.dll 2015-01-21 22:08 . 2014-06-05 17:56 112984 ----a-w- c:\windows\system32\consent.exe 2015-01-21 22:08 . 2014-06-05 17:29 393216 ----a-w- c:\windows\system32\msihnd.dll 2015-01-21 22:08 . 2014-06-05 17:28 2146304 ----a-w- c:\windows\system32\actxprxy.dll 2015-01-21 22:08 . 2014-06-05 13:11 295424 ----a-w- c:\windows\SysWow64\msihnd.dll 2015-01-21 22:08 . 2014-06-05 13:10 2037760 ----a-w- c:\windows\SysWow64\authui.dll 2015-01-21 22:08 . 2014-06-05 13:10 754176 ----a-w- c:\windows\SysWow64\actxprxy.dll 2015-01-21 22:08 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll 2015-01-21 22:07 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll 2015-01-21 22:07 . 2012-11-10 04:22 126976 ----a-w- c:\windows\system32\RDWebAI.dll 2015-01-21 22:07 . 2012-11-10 04:23 132608 ----a-w- c:\windows\SysWow64\poqexec.exe 2015-01-21 22:07 . 2012-11-10 04:23 148480 ----a-w- c:\windows\system32\poqexec.exe 2015-01-21 22:07 . 2012-11-10 04:22 122880 ----a-w- c:\windows\system32\VmHostAI.dll 2015-01-21 22:07 . 2012-11-10 04:20 135680 ----a-w- c:\windows\system32\appserverai.dll 2015-01-21 22:07 . 2012-11-01 04:40 2361344 ----a-w- c:\windows\system32\msxml6.dll 2015-01-21 22:07 . 2012-11-01 04:41 1802240 ----a-w- c:\windows\SysWow64\msxml6.dll 2015-01-21 22:07 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml6r.dll 2015-01-21 22:07 . 2012-11-01 04:20 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll 2015-01-21 22:05 . 2014-04-03 11:22 2233176 ----a-w- c:\windows\system32\drivers\tcpip.sys 2015-01-21 22:05 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2015-01-21 22:05 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll 2015-01-21 22:05 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll 2015-01-21 22:04 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys 2015-01-21 22:04 . 2012-10-11 07:02 1636672 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll 2015-01-21 22:04 . 2012-10-11 05:45 370176 ----a-w- c:\windows\system32\SysFxUI.dll 2015-01-21 22:04 . 2012-10-11 05:19 5632 ----a-w- c:\windows\system32\drivers\drmkaud.sys 2015-01-21 22:04 . 2012-10-11 05:18 111616 ----a-w- c:\windows\system32\drivers\drmk.sys 2015-01-21 21:43 . 2015-01-21 21:43 -------- d-----w- c:\programdata\cFos 2015-01-21 21:38 . 2015-01-21 21:38 -------- d-----w- c:\program files (x86)\Speed Gear 2015-01-21 21:07 . 2013-09-23 12:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys 2015-01-21 21:05 . 2015-01-21 21:07 -------- d-----w- c:\program files\McAfee 2015-01-21 21:05 . 2015-01-21 21:25 -------- d-----w- c:\program files (x86)\McAfee 2015-01-21 21:05 . 2015-01-21 21:06 -------- d-----w- c:\program files (x86)\Common Files\McAfee 2015-01-21 20:56 . 2014-10-01 11:18 189920 ----a-w- c:\windows\system32\mfevtps.exe 2015-01-21 20:56 . 2015-01-21 21:07 -------- d-----w- c:\program files\Common Files\McAfee 2015-01-21 20:51 . 2015-01-21 20:51 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2015-01-21 20:31 . 2015-01-22 03:47 -------- d-----w- c:\programdata\McAfee 2015-01-21 20:29 . 2015-01-22 07:16 -------- d-----w- c:\users\hubi 2015-01-21 20:25 . 2015-01-21 20:25 -------- d--h--r- c:\users\Public\AccountPictures 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\users\Default\Ustawienia lokalne 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\users\Default\Szablony 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\users\Default\Menu Start 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\users\Default\Dane aplikacji 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\users\Default\AppData\Local\Historia 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\users\Default\AppData\Local\Dane aplikacji 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\programdata\Szablony 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\programdata\Pulpit 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\programdata\Menu Start 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\programdata\Dokumenty 2015-01-21 20:25 . 2015-01-21 20:25 -------- d-sh--we c:\programdata\Dane aplikacji 2015-01-21 20:24 . 2015-01-21 20:24 -------- d-sh--we c:\users\Default\Moje dokumenty 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\SysWow64\XPSViewer 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\SysWow64\wbem\pl-PL 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\SysWow64\pl 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\SysWow64\drivers\pl-PL 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\system32\wbem\pl-PL 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\system32\pl 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\system32\drivers\UMDF\pl-PL 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\system32\drivers\pl-PL 2015-01-19 06:52 . 2015-01-19 06:52 -------- d-----w- c:\windows\pl-PL 2015-01-19 06:47 . 2015-01-19 06:47 -------- d---a-w- C:\RecoveryLog 2015-01-18 22:40 . 2015-01-18 22:40 -------- d-----w- c:\program files\DIFX 2015-01-18 22:40 . 2015-01-18 22:40 19872 ----a-w- c:\windows\system32\LenovoSDKEmSubSystem.dll 2015-01-18 22:40 . 2015-01-18 22:40 39008 ----a-w- c:\windows\system32\drivers\LhdX64.sys 2015-01-18 22:40 . 2015-01-18 22:40 -------- d-----w- c:\programdata\Downloaded Installations 2015-01-18 22:40 . 2015-01-18 22:40 -------- d-----w- c:\programdata\OneKey Recovery 2015-01-18 22:40 . 2012-06-13 16:10 102376 ----a-w- c:\windows\system32\drivers\wsvd.sys 2015-01-18 22:39 . 2015-01-18 22:39 -------- d-----w- c:\program files (x86)\Amazon 2015-01-18 22:38 . 2015-01-18 22:38 -------- d-----w- c:\windows\Downloaded Installations 2015-01-18 22:38 . 2015-01-22 06:30 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2015-01-18 22:38 . 2015-01-18 22:38 -------- d-----w- c:\programdata\CyberLink 2015-01-18 22:36 . 2015-01-18 22:36 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2015-01-18 22:36 . 2010-07-30 12:31 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll 2015-01-18 22:36 . 2010-07-30 12:31 509224 ----a-w- c:\windows\SysWow64\msvcp71.dll 2015-01-18 22:36 . 2010-07-30 12:31 1066280 ----a-w- c:\windows\SysWow64\mfc71.dll 2015-01-18 22:36 . 2015-01-18 22:36 -------- d-----w- c:\program files (x86)\Common Files\InstallShield 2015-01-18 22:36 . 2015-01-18 22:36 -------- d-----w- c:\program files (x86)\SugarSync . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-01-21 20:47 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2015-01-19 06:51 . 2015-01-19 06:51 6656 ----a-w- c:\windows\SysWow64\drivers\pl-PL\ndiscap.sys.mui 2015-01-19 06:51 . 2015-01-19 06:51 2560 ----a-w- c:\windows\SysWow64\drivers\pl-PL\wfplwfs.sys.mui 2015-01-19 06:51 . 2015-01-19 06:51 14848 ----a-w- c:\windows\SysWow64\drivers\pl-PL\NdisImPlatform.sys.mui 2015-01-18 22:41 . 2015-01-18 22:41 2132508 ----a-w- c:\windows\MFGSTAT.zip 2015-01-18 22:40 . 2012-08-10 17:06 75320 ----a-w- c:\windows\system32\drivers\UMDF\LenovoVhid.dll 2015-01-18 22:40 . 2012-02-21 04:48 1511280 ----a-w- c:\windows\system32\WudfUpdate_01011.dll 2015-01-18 22:40 . 2012-05-15 08:22 33560 ----a-w- c:\windows\system32\drivers\AcpiVpc.sys . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2015-01-22 07:00 223432 ----a-w- c:\users\hubi\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2015-01-22 07:00 223432 ----a-w- c:\users\hubi\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2015-01-22 07:00 223432 ----a-w- c:\users\hubi\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-25 508656] "RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-28 91432] "mcpltui_exe"="c:\program files\Common~1\McAfee\Platform\mcuicnt.exe" [2014-09-17 643064] . c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\AutorunsDisabled\ Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-8-26 1346936] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableCursorSuppression"= 1 (0x1) "ConsentPromptBehaviorUser"= 3 (0x3) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" . R0 mfeelamk;McAfee Inc. mfeelamk;c:\windows\system32\drivers\mfeelamk.sys;c:\windows\SYSNATIVE\drivers\mfeelamk.sys [x] R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x] R3 BthLEEnum;Sterownik funkcji Bluetooth Low Energy;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x] R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x] R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x] R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x] R4 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x] R4 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x] R4 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x] R4 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x] R4 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] R4 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x] S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x] S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [x] S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x] S2 mccspsvc;McAfee CSP Service;c:\program files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe;c:\program files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [x] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x] S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x] S3 IntcDAud;Audio dla wyświetlaczy Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x] S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-01-22 00:26 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2015-01-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-21 21:06] . 2015-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-22 00:26] . 2015-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-22 00:26] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2015-01-22 07:00 262344 ----a-w- c:\users\hubi\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2015-01-22 07:00 262344 ----a-w- c:\users\hubi\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2015-01-22 07:00 262344 ----a-w- c:\users\hubi\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp] @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}" [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending] @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}" [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot] @="{A759AFF6-5851-457D-A540-F4ECED148351}" [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared] @="{1574C9EF-7D58-488F-B358-8B78C1538F51}" [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}] 2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640] "SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968] "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2015-01-18 17079376] "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2015-01-18 191568] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://lenovo13.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 FF - ProfilePath - c:\users\hubi\AppData\Roaming\Mozilla\Firefox\Profiles\4kqv4kcj.default\ . - - - - USUNIĘTO PUSTE WPISY - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) @SACL=(02 0000) . Czas ukończenia: 2015-01-22 08:56:03 ComboFix-quarantined-files.txt 2015-01-22 07:56 . Przed: 910 791 589 888 bytes free Po: 910 738 350 080 bytes free . - - End Of File - - EFB8D9AA9DA5619AF9FC5711827FFDF1