ComboFix 15-03-01.01 - janou 2015-03-08 16:42:09.5.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.48.1045.18.8144.6725 [GMT 1:00] Uruchomiony z: E:\ComboFix.exe AV: 360 Total Security *Disabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} SP: 360 Total Security *Disabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Pliki utworzone od 2015-02-08 do 2015-03-08 ))))))))))))))))))))))))))))))) . . 2015-03-08 15:44 . 2015-03-08 15:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-03-07 01:32 . 2015-02-16 03:21 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F746D3EB-CFB5-418F-BCCC-13774F688882}\mpengine.dll 2015-03-06 23:41 . 2015-03-06 23:45 -------- d-----r- c:\users\Public 2015-03-06 23:18 . 2015-03-06 23:18 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2015-03-06 23:04 . 2015-03-07 16:52 -------- d-----w- C:\$360Section 2015-03-06 23:03 . 2015-03-07 16:52 -------- d-----w- c:\programdata\360Quarant 2015-03-06 23:02 . 2015-03-06 23:02 -------- d-----w- c:\programdata\360TotalSecurity 2015-03-06 23:02 . 2015-03-06 23:03 -------- d-----w- c:\programdata\360safe 2015-03-06 23:02 . 2015-03-04 03:18 314448 ----a-w- c:\windows\system32\drivers\360fsflt.sys 2015-03-06 23:02 . 2015-03-06 23:02 -------- d-----r- C:\360SANDBOX 2015-03-06 23:02 . 2015-03-04 03:18 40520 ----a-w- c:\windows\system32\drivers\360Camera64.sys 2015-03-06 23:02 . 2015-03-04 03:18 305736 ----a-w- c:\windows\system32\drivers\360Box64.sys 2015-03-06 23:02 . 2015-03-04 03:18 100424 ----a-w- c:\windows\system32\drivers\360AntiHacker64.sys 2015-03-06 23:02 . 2015-03-04 03:18 180816 ----a-w- c:\windows\system32\drivers\BAPIDRV64.SYS 2015-03-06 23:02 . 2015-03-04 03:18 77896 ----a-w- c:\windows\system32\drivers\360AvFlt.sys 2015-03-06 23:02 . 2015-03-06 23:02 -------- d-----w- c:\program files (x86)\360 2015-03-06 18:43 . 2015-03-08 11:45 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-03-06 18:43 . 2015-03-06 18:43 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2015-03-06 18:43 . 2015-03-06 18:43 -------- d-----w- c:\programdata\Malwarebytes 2015-03-06 18:43 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-03-06 18:43 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-03-06 18:43 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-03-06 18:10 . 2015-03-07 08:54 -------- d-----w- c:\program files (x86)\NapiProjekt 2015-03-06 17:48 . 2015-03-08 13:02 -------- d-----w- C:\KMPlayer 2015-03-05 20:56 . 2015-03-06 19:19 -------- d-----w- c:\program files (x86)\TeamViewer 2015-03-05 20:36 . 2015-03-05 20:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2015-03-05 17:34 . 2015-03-05 17:34 -------- d-----w- c:\windows\usb-audio.deMiditechAL2GF2 2015-03-05 17:31 . 2015-03-05 17:31 50496 ----a-w- c:\windows\system32\drivers\mal2gf2a.sys 2015-03-05 17:31 . 2015-03-05 17:31 462656 ----a-w- c:\windows\system32\drivers\mal2gf2u.sys 2015-03-03 21:32 . 2015-03-03 21:32 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-03-03 21:32 . 2015-03-03 21:32 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-03-03 21:32 . 2015-03-03 21:32 -------- d-----w- c:\windows\SysWow64\Macromed 2015-03-03 21:32 . 2015-03-03 21:32 -------- d-----w- c:\windows\system32\Macromed 2015-03-03 20:55 . 2015-03-03 20:55 -------- d-----w- c:\program files\CCleaner 2015-03-03 20:39 . 2015-03-06 23:05 -------- d-----w- C:\AdwCleaner 2015-03-03 20:20 . 2015-03-03 20:20 -------- d-----w- c:\windows\system32\appmgmt 2015-03-03 20:18 . 2015-03-03 20:18 172032 ----a-w- c:\windows\SysWow64\AniGIF.ocx 2015-03-03 20:17 . 2015-03-03 20:17 -------- d-----w- c:\program files\Core Temp 2015-03-01 16:55 . 2015-03-01 16:55 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller 2015-03-01 16:55 . 2014-09-16 17:45 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll 2015-03-01 16:42 . 2015-03-01 16:42 -------- d-----w- c:\program files (x86)\Origin Games 2015-03-01 16:40 . 2015-03-07 16:42 -------- d-----w- c:\programdata\Origin 2015-03-01 16:40 . 2015-03-02 17:51 -------- d-----w- c:\programdata\Electronic Arts 2015-03-01 16:40 . 2015-03-01 16:40 -------- d-----w- c:\program files (x86)\Origin 2015-02-28 14:48 . 2015-02-05 17:57 621384 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2015-02-28 14:42 . 2014-11-22 10:46 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2015-02-28 14:42 . 2014-11-22 10:46 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2015-02-27 03:43 . 2015-02-27 03:43 -------- d-----w- c:\program files (x86)\HD Tune 2015-02-27 03:42 . 2015-02-27 03:42 -------- d-----w- c:\programdata\Licenses 2015-02-27 03:42 . 2015-02-27 03:42 -------- d-----w- c:\program files (x86)\Common Files\BinarySense 2015-02-27 03:42 . 2015-02-27 03:42 -------- d-----w- c:\program files (x86)\BinarySense 2015-02-27 03:28 . 2015-02-27 03:28 -------- d-----w- c:\program files (x86)\CrystalDiskInfo 2015-02-26 21:02 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll 2015-02-26 21:02 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll 2015-02-26 21:02 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2015-02-26 21:02 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll 2015-02-26 20:55 . 2015-02-26 20:56 -------- d-----w- c:\windows\system32\MRT 2015-02-26 03:06 . 2015-02-26 03:06 -------- d-s---w- c:\windows\system32\CompatTel 2015-02-26 03:06 . 2015-02-26 03:06 -------- d-----w- c:\windows\system32\appraiser 2015-02-26 03:06 . 2015-02-26 03:06 -------- d-----w- c:\windows\SysWow64\Wat 2015-02-26 03:06 . 2015-02-26 03:06 -------- d-----w- c:\windows\system32\Wat 2015-02-26 02:48 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL 2015-02-26 02:48 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2015-02-26 02:48 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe 2015-02-26 02:48 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll 2015-02-26 02:48 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL 2015-02-26 02:43 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE 2015-02-26 02:12 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll 2015-02-26 02:12 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll 2015-02-26 02:12 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe 2015-02-26 02:12 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe 2015-02-26 02:12 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll 2015-02-26 02:12 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll 2015-02-26 02:12 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe 2015-02-26 02:12 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe 2015-02-26 02:12 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll 2015-02-26 02:12 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll 2015-02-26 02:05 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2015-02-26 02:05 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll 2015-02-26 02:01 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll 2015-02-26 02:01 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll 2015-02-26 02:01 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll 2015-02-26 02:01 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe 2015-02-26 02:01 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll 2015-02-26 02:01 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe 2015-02-26 02:01 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe 2015-02-26 02:01 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe 2015-02-25 21:08 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll 2015-02-25 21:08 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll 2015-02-25 21:08 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll 2015-02-25 21:08 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll 2015-02-25 21:08 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe 2015-02-25 21:08 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe 2015-02-25 21:06 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2015-02-25 21:05 . 2014-10-03 02:12 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll 2015-02-25 20:56 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll 2015-02-25 16:00 . 2015-02-25 16:00 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation 2015-02-25 16:00 . 2015-02-25 16:00 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Intel 2015-02-25 15:56 . 2015-02-25 15:57 -------- d-----w- c:\programdata\Qualcomm 2015-02-25 15:55 . 2015-02-25 15:55 -------- d-----w- c:\program files\Qualcomm Atheros 2015-02-25 15:55 . 2015-02-25 15:55 -------- d-----w- c:\programdata\Downloaded Installations 2015-02-25 15:52 . 2015-02-25 15:52 -------- d-----w- c:\windows\SysWow64\RTCOM 2015-02-25 15:52 . 2015-02-25 15:52 -------- d-----w- c:\program files\Realtek 2015-02-25 15:43 . 2014-06-27 03:30 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll 2015-02-25 15:43 . 2014-05-27 10:21 25800 ----a-w- c:\windows\system32\drivers\INETMON.sys 2015-02-25 15:42 . 2015-02-25 15:44 -------- d-----w- C:\Intel 2015-02-25 15:41 . 2015-02-25 15:43 -------- d-----w- c:\programdata\Intel 2015-02-25 15:41 . 2015-02-25 15:41 -------- d-----w- c:\program files (x86)\Common Files\PostureAgent 2015-02-25 15:41 . 2015-02-25 15:44 -------- d-----w- c:\program files (x86)\Intel 2015-02-25 15:40 . 2015-03-03 20:20 -------- d-----w- c:\program files\Intel 2015-02-25 15:40 . 2015-03-01 16:55 -------- d-----w- c:\programdata\Package Cache 2015-02-25 15:26 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll 2015-02-25 15:26 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll 2015-02-25 15:26 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll 2015-02-25 15:26 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll 2015-02-25 15:26 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll 2015-02-25 15:26 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll 2015-02-25 15:26 . 2015-01-16 06:41 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2015-02-25 15:26 . 2015-01-16 06:41 1278920 ----a-w- c:\windows\SysWow64\nvspcap.dll 2015-02-25 15:26 . 2015-01-16 06:41 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll 2015-02-25 15:26 . 2015-01-16 06:41 1514528 ----a-w- c:\windows\system32\nvspcap64.dll 2015-02-25 15:24 . 2015-02-25 15:24 -------- d-----w- c:\program files (x86)\Microsoft.NET 2015-02-25 15:24 . 2015-03-06 08:39 -------- d-sh--w- c:\windows\Installer 2015-02-25 15:23 . 2014-11-22 10:46 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll 2015-02-25 15:23 . 2015-02-05 21:01 1540240 ----a-w- c:\windows\system32\nvhdagenco6420103.dll . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-06-27 292848] "QHSafeTray"="c:\program files (x86)\360\Total Security\safemon\QHSafeTray.exe" [2015-03-04 1208944] . c:\users\janou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ HDDlife.lnk - c:\program files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe [2014-9-3 4630792] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] R3 360Camera;360Safe Camera Filter Service;c:\windows\system32\Drivers\360Camera64.sys;c:\windows\SYSNATIVE\Drivers\360Camera64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x] S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S1 360Box64;360Box mini-filter driver;c:\windows\system32\DRIVERS\360Box64.sys;c:\windows\SYSNATIVE\DRIVERS\360Box64.sys [x] S1 360FsFlt;360FsFlt mini-filter driver;c:\windows\system32\DRIVERS\360FsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360FsFlt.sys [x] S1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV64.sys;c:\windows\SYSNATIVE\DRIVERS\BAPIDRV64.sys [x] S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 QHActiveDefense;360 Total Security;c:\program files (x86)\360\Total Security\safemon\QHActiveDefense.exe;c:\program files (x86)\360\Total Security\safemon\QHActiveDefense.exe [x] S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S3 360AntiHacker;360Safe Anti Hacker Service;c:\windows\system32\Drivers\360AntiHacker64.sys;c:\windows\SYSNATIVE\Drivers\360AntiHacker64.sys [x] S3 360AvFlt;360AvFlt mini-filter driver;c:\windows\system32\DRIVERS\360AvFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360AvFlt.sys [x] S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x] S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x] S3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x] S3 miditech2902_al2gf2_usb;miditech Audiolink II / Guitarface II USB driver;c:\windows\system32\Drivers\mal2gf2u.sys;c:\windows\SYSNATIVE\Drivers\mal2gf2u.sys [x] S3 miditech2902_al2gf2_wdm;miditech Audiolink II / Guitarface II Audio driver;c:\windows\system32\drivers\mal2gf2a.sys;c:\windows\SYSNATIVE\drivers\mal2gf2a.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-02-25 16:34 1084744 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-01-16 2585928] "ISCT Tray"="c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" [2014-08-25 5860656] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-11-26 7659736] "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = www.google.com uDefault_Search_URL = hxxp://www.google.com mDefault_Search_URL = www.google.com mDefault_Page_URL = www.google.com mStart Page = www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://www.google.com TCP: DhcpNameServer = 37.8.214.2 31.11.202.254 FF - ProfilePath - c:\users\janou\AppData\Roaming\Mozilla\Firefox\Profiles\rvcsqdvq.default\ FF - prefs.js: browser.startup.homepage - google.com . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2015-03-08 16:45:03 ComboFix-quarantined-files.txt 2015-03-08 15:45 ComboFix2.txt 2015-03-07 17:08 ComboFix3.txt 2015-03-07 17:01 ComboFix4.txt 2015-03-06 23:45 ComboFix5.txt 2015-03-08 15:41 . Przed: 72 054 136 832 bajtów wolnych Po: 71 994 925 056 bajtów wolnych . - - End Of File - - 20AC8B7ED6E80B676A7917D5A662AC3A A36C5E4F47E84449FF07ED3517B43A31