ComboFix 15-04-28.01 - User 2015-04-29 2:22.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2559.1316 [GMT 2:00] Uruchomiony z: c:\documents and settings\User\Moje dokumenty\Pobrane\ComboFix.exe * Utworzono nowy punkt przywracania . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\TEMP c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\TEMP\RAIDTest c:\documents and settings\User\Dane aplikacji\edxLabs c:\documents and settings\User\Dane aplikacji\edxLabs\edxSilkroadLoader5\edxSilkroadLoader5.ini c:\documents and settings\User\WINDOWS c:\program files\Max Soft c:\program files\Max Soft\Catcher\Config.dat c:\program files\Max Soft\Catcher\FTP.dat c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_1.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_10.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_11.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_12.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_2.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_3.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_4.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_5.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_6.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_7.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_8.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Screen_9.jpg c:\program files\Max Soft\Catcher\Sekwencja_1\Thumbs.db c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_1.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_10.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_11.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_12.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_13.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_14.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_15.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_16.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_2.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_3.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_4.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_5.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_6.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_7.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_8.jpg c:\program files\Max Soft\Catcher\Sekwencja_2\Screen_9.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_1.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_10.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_11.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_12.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_13.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_14.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_15.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_16.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_17.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_18.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_19.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_2.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_20.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_21.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_22.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_23.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_24.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_25.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_26.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_27.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_28.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_29.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_3.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_30.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_31.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_32.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_33.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_34.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_35.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_36.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_37.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_38.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_39.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_4.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_40.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_41.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_42.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_43.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_44.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_45.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_46.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_47.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_48.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_49.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_5.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_50.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_51.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_52.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_53.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_54.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_55.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_56.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_57.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_58.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_59.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_6.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_7.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_8.jpg c:\program files\Max Soft\Catcher\Sekwencja_3\Screen_9.jpg c:\program files\Max Soft\Catcher\Stats.dat c:\windows1\msdownld.tmp . . ((((((((((((((((((((((((( Pliki utworzone od 2015-03-28 do 2015-04-29 ))))))))))))))))))))))))))))))) . . 2015-04-29 00:11 . 2015-04-29 00:11 119512 ----a-w- c:\windows1\system32\drivers\MBAMSwissArmy.sys 2015-04-29 00:10 . 2015-04-29 00:10 -------- d-----w- c:\program files\Malwarebytes Anti-Malware 2015-04-29 00:10 . 2015-04-29 00:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Malwarebytes 2015-04-29 00:10 . 2015-04-14 07:37 120024 ----a-w- c:\windows1\system32\drivers\mbamchameleon.sys 2015-04-29 00:10 . 2015-04-14 07:37 23256 ----a-w- c:\windows1\system32\drivers\mbam.sys 2015-04-28 23:02 . 2015-04-28 23:02 -------- d-----w- c:\program files\Enigma Software Group 2015-04-27 23:16 . 2015-04-27 23:18 -------- d-----w- c:\program files\Real Boxing 2015-04-27 20:18 . 2000-07-17 11:41 70088 ----a-w- c:\windows1\system32\Project2-1.ocx 2015-04-27 20:18 . 1999-05-06 22:00 82960 ----a-w- c:\windows1\system32\Picclp32.ocx 2015-04-27 20:18 . 2015-04-27 20:18 -------- d-----w- c:\program files\eGames 2015-04-27 20:17 . 2015-04-27 20:17 -------- d-----w- C:\MINI CARS RACING 2015-04-27 18:01 . 2015-04-27 18:01 -------- d-----w- c:\documents and settings\User\Dane aplikacji\.mono 2015-04-27 18:01 . 2015-04-27 18:01 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Freejam 2015-04-27 18:00 . 2015-04-27 17:55 237864 ----a-w- c:\windows1\system32\EasyAntiCheat.exe 2015-04-22 23:02 . 2015-04-22 23:03 -------- d-----w- c:\program files\Ballance 2015-04-22 23:02 . 2001-09-05 01:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2015-04-22 23:02 . 2001-09-05 01:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll 2015-04-22 23:02 . 2001-09-05 01:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2015-04-22 23:02 . 2001-09-05 01:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2015-04-22 23:02 . 2004-02-23 09:47 614532 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2015-04-15 18:02 . 2015-04-26 19:06 -------- d-----w- c:\program files\Heroes of the Storm 2015-04-15 18:00 . 2015-04-15 18:00 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Blizzard Entertainment 2015-04-15 18:00 . 2015-04-26 22:08 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Battle.net 2015-04-15 18:00 . 2015-04-15 18:02 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Battle.net 2015-04-15 18:00 . 2015-04-15 18:00 -------- d-----w- c:\program files\Battle.net 2015-04-15 18:00 . 2015-04-15 18:00 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Blizzard Entertainment 2015-04-15 17:59 . 2015-04-15 17:59 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Battle.net 2015-04-15 12:49 . 2015-04-15 12:52 -------- d-----w- c:\program files\Product Key Finder 2015-04-14 21:35 . 2015-04-14 21:35 18178736 ----a-w- c:\windows1\system32\FlashPlayerInstaller.exe 2015-04-12 23:06 . 2015-04-12 23:06 -------- d-----w- c:\program files\MegaDev 2015-04-01 18:16 . 2014-10-15 13:18 72296 ----a-w- c:\windows1\system32\WTFastDrv.dll 2015-04-01 18:16 . 2015-04-01 18:16 -------- d-----w- c:\program files\WTFast 2015-03-30 11:29 . 2015-03-30 11:29 -------- d-----w- c:\documents and settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji\Overwolf . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-04-14 21:35 . 2014-01-22 13:04 778416 ----a-w- c:\windows1\system32\FlashPlayerApp.exe 2015-04-14 21:35 . 2014-01-22 13:04 142512 ----a-w- c:\windows1\system32\FlashPlayerCPLApp.cpl 2015-03-01 20:45 . 2015-03-01 20:45 96680 ----a-w- c:\windows1\system32\WindowsAccessBridge.dll 2015-03-01 20:45 . 2015-03-01 20:45 146432 ----a-w- c:\windows1\system32\javacpl.cpl . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2012-07-06 . 9D6788EFFB9972C28C38D9C5E67249D5 . 78336 . . [5.1.2600.6260] . . c:\windows1\SoftwareDistribution\Download\351a2e6282b6812137cece0eb1addd89\SP3GDR\browser.dll [-] 2012-07-06 . 9D6788EFFB9972C28C38D9C5E67249D5 . 78336 . . [5.1.2600.6260] . . c:\windows1\system32\browser.dll [-] 2012-07-06 . 28CF58E8E2967275ECCCA577A4F2FEEF . 78336 . . [5.1.2600.6260] . . c:\windows1\$hf_mig$\KB2705219-v2\SP3QFE\browser.dll [-] 2012-07-06 . 28CF58E8E2967275ECCCA577A4F2FEEF . 78336 . . [5.1.2600.6260] . . c:\windows1\SoftwareDistribution\Download\351a2e6282b6812137cece0eb1addd89\SP3QFE\browser.dll [7] 2008-04-15 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows1\$NtUninstallKB2705219-v2$\browser.dll [7] 2008-04-14 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows1\ServicePackFiles\i386\browser.dll . [-] 2009-02-09 . C9E5AC78D9A00B1DE8CE2AD1BDDE7E42 . 401408 . . [5.1.2600.5755] . . c:\windows1\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . C9E5AC78D9A00B1DE8CE2AD1BDDE7E42 . 401408 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3QFE\rpcss.dll [-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3GDR\rpcss.dll [-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows1\system32\rpcss.dll [-] 2009-02-09 . B5D78596EFFBEB82F3B86D9A002538E1 . 399360 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2GDR\rpcss.dll [-] 2009-02-09 . 3256C32654CC35DFCFEF42B0C5E4AB89 . 401408 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2QFE\rpcss.dll [7] 2008-04-15 . 02396DAB9DD407B06539981F477F3FEC . 399360 . . [5.1.2600.5512] . . c:\windows1\$NtUninstallKB956572$\rpcss.dll [7] 2008-04-14 . 02396DAB9DD407B06539981F477F3FEC . 399360 . . [5.1.2600.5512] . . c:\windows1\ServicePackFiles\i386\rpcss.dll . [-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3GDR\services.exe [-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows1\system32\services.exe [-] 2009-02-09 . 8816E60BF654353E8E0D35ED98875445 . 111104 . . [5.1.2600.5755] . . c:\windows1\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2009-02-09 . 8816E60BF654353E8E0D35ED98875445 . 111104 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3QFE\services.exe [-] 2009-02-09 . ED4E5391100287B9EABF8F2CF4B42235 . 111104 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2GDR\services.exe [-] 2009-02-09 . 245A46964D7F534E1D20563ACF215E80 . 111104 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2QFE\services.exe [7] 2008-04-15 . 3E3AE424E27C4CEFE4CAB368C7B570EA . 109056 . . [5.1.2600.5512] . . c:\windows1\$NtUninstallKB956572$\services.exe [7] 2008-04-14 . 3E3AE424E27C4CEFE4CAB368C7B570EA . 109056 . . [5.1.2600.5512] . . c:\windows1\ServicePackFiles\i386\services.exe . [-] 2010-08-23 . 8B9ED4A686777261B9AFADD2A6D981A0 . 617472 . . [5.82] . . c:\windows1\SoftwareDistribution\Download\51dcc789941271c6fdf609f6c126dc43\SP3QFE\comctl32.dll [-] 2010-08-23 . 8B9ED4A686777261B9AFADD2A6D981A0 . 617472 . . [5.82] . . c:\windows1\system32\comctl32.dll [-] 2010-08-23 . C29639BA7410BCEF8898CBCB07A59CB1 . 1054208 . . [6.0] . . c:\windows1\SoftwareDistribution\Download\51dcc789941271c6fdf609f6c126dc43\asms\60\msft\windows\common\controls\comctl32.dll [-] 2010-08-23 . C29639BA7410BCEF8898CBCB07A59CB1 . 1054208 . . [6.0] . . c:\windows1\SoftwareDistribution\Download\51dcc789941271c6fdf609f6c126dc43\SP3QFE\asms\60\msft\windows\common\controls\comctl32.dll [-] 2010-08-23 . C29639BA7410BCEF8898CBCB07A59CB1 . 1054208 . . [6.0] . . c:\windows1\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [7] 2008-04-15 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows1\$NtUninstallKB2296011$\comctl32.dll [7] 2008-04-15 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows1\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [7] 2008-04-14 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows1\ServicePackFiles\i386\comctl32.dll [7] 2008-04-14 . 737739FACEAD60683AA8D7FF7602FD14 . 1054208 . . [6.0] . . c:\windows1\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll . [-] 2012-10-03 . 65595A3DEAC87E02C2523BDF90FC72A2 . 1018880 . . [5.1.2600.6293] . . c:\windows1\SoftwareDistribution\Download\993cc659cd23e5969ad174e4778bc0ba\sp3gdr\kernel32.dll [-] 2012-10-03 . 65595A3DEAC87E02C2523BDF90FC72A2 . 1018880 . . [5.1.2600.6293] . . c:\windows1\system32\kernel32.dll [-] 2012-10-03 . 8783BA852AD072E0C2F547E9870BDB83 . 1020416 . . [5.1.2600.6293] . . c:\windows1\$hf_mig$\KB2758857\SP3QFE\kernel32.dll [-] 2012-10-03 . 8783BA852AD072E0C2F547E9870BDB83 . 1020416 . . [5.1.2600.6293] . . c:\windows1\SoftwareDistribution\Download\993cc659cd23e5969ad174e4778bc0ba\sp3qfe\kernel32.dll [-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows1\SoftwareDistribution\Download\8ad96f0768b1b334d3cbbb50b39a518f\sp3gdr\kernel32.dll [-] 2009-03-21 . 6CFFFD4A53F08D1BE0222D859BF93B29 . 1020416 . . [5.1.2600.5781] . . c:\windows1\SoftwareDistribution\Download\8ad96f0768b1b334d3cbbb50b39a518f\sp3qfe\kernel32.dll [7] 2008-04-15 . FCE4ECC34A36EDACF03DBE8DE5E28910 . 1018368 . . [5.1.2600.5512] . . c:\windows1\$NtUninstallKB2758857$\kernel32.dll [7] 2008-04-14 . FCE4ECC34A36EDACF03DBE8DE5E28910 . 1018368 . . [5.1.2600.5512] . . c:\windows1\ServicePackFiles\i386\kernel32.dll . [-] 2013-10-29 . 99B034A381809F71C25790F26610144E . 6020608 . . [8.00.6001.23543] . . c:\windows1\SoftwareDistribution\Download\26c7aca797e234daa512b8546c99f2ee\SP3QFE\mshtml.dll [-] 2013-10-29 . 99B034A381809F71C25790F26610144E . 6020608 . . [8.00.6001.23543] . . c:\windows1\SoftwareDistribution\Download\c378db9837e7dc8e045a8c99e09d0187\SP3QFE\mshtml.dll [-] 2013-10-25 . 7209CF364A0CC8EC0BE23FB4EAD25DE2 . 3115008 . . [6.00.2900.6470] . . c:\windows1\ie8\mshtml.dll [-] 2013-10-25 . 7209CF364A0CC8EC0BE23FB4EAD25DE2 . 3115008 . . [6.00.2900.6470] . . c:\windows1\SoftwareDistribution\Download\495619e73ae3e607db9cd3a0ea5e29d1\SP3QFE\mshtml.dll [-] 2013-07-26 . 35AC1CCE9E46180708DD7C653C010EA0 . 6017536 . . [8.00.6001.23515] . . c:\windows1\SoftwareDistribution\Download\6c2ecbfcedefb4df7c0af8d7c2311726\SP3QFE\mshtml.dll [-] 2013-07-26 . 35AC1CCE9E46180708DD7C653C010EA0 . 6017536 . . [8.00.6001.23515] . . c:\windows1\system32\mshtml.dll [-] 2012-08-28 . F3B1F2EDF5FC32E07E3CA4905619A5B1 . 6008832 . . [8.00.6001.19328] . . c:\windows1\ie8updates\KB2862772-IE8\mshtml.dll [-] 2012-08-28 . F3B1F2EDF5FC32E07E3CA4905619A5B1 . 6008832 . . [8.00.6001.19328] . . c:\windows1\SoftwareDistribution\Download\ce90aadd5819143e10a040d8f6ef642c\SP3GDR\mshtml.dll [-] 2012-08-28 . 730BA62E861CB86442722DD21EC899F4 . 6010368 . . [8.00.6001.23415] . . c:\windows1\$hf_mig$\KB2744842-IE8\SP3QFE\mshtml.dll [-] 2012-08-28 . 730BA62E861CB86442722DD21EC899F4 . 6010368 . . [8.00.6001.23415] . . c:\windows1\SoftwareDistribution\Download\ce90aadd5819143e10a040d8f6ef642c\SP3QFE\mshtml.dll [-] 2011-11-04 . 144EC8B34C898D0ABCE3887150791070 . 5978112 . . [8.00.6001.19170] . . c:\windows1\ie8updates\KB2744842-IE8\mshtml.dll [-] 2011-11-04 . 144EC8B34C898D0ABCE3887150791070 . 5978112 . . [8.00.6001.19170] . . c:\windows1\SoftwareDistribution\Download\e266c4fe4ef6217b8eef851cb6b61532\SP3GDR\mshtml.dll [-] 2011-11-04 . 8D7E22494071ED794F12621510E3D661 . 5978624 . . [8.00.6001.23266] . . c:\windows1\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll [-] 2011-11-04 . 8D7E22494071ED794F12621510E3D661 . 5978624 . . [8.00.6001.23266] . . c:\windows1\SoftwareDistribution\Download\e266c4fe4ef6217b8eef851cb6b61532\SP3QFE\mshtml.dll [-] 2010-05-06 . 0B3B306F2DB4744C1BDDB13F1677FD1D . 5950976 . . [8.00.6001.18928] . . c:\windows1\ie8updates\KB2618444-IE8\mshtml.dll [-] 2010-05-06 . 0B3B306F2DB4744C1BDDB13F1677FD1D . 5950976 . . [8.00.6001.18928] . . c:\windows1\SoftwareDistribution\Download\a023776d286e1ee08bd4cbd247454683\SP3GDR\mshtml.dll [-] 2010-05-06 . E8193FA2DE3B651D7CB3503063EDF977 . 5953024 . . [8.00.6001.23019] . . c:\windows1\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-05-06 . E8193FA2DE3B651D7CB3503063EDF977 . 5953024 . . [8.00.6001.23019] . . c:\windows1\SoftwareDistribution\Download\a023776d286e1ee08bd4cbd247454683\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows1\ie8updates\KB982381-IE8\mshtml.dll [7] 2008-04-15 . EBEF7EDB0DF1B4BF195FDA7CCFB7AC30 . 3066880 . . [6.00.2900.5512] . . c:\windows1\$NtUninstallKB2898785$\mshtml.dll [7] 2008-04-14 . EBEF7EDB0DF1B4BF195FDA7CCFB7AC30 . 3066880 . . [6.00.2900.5512] . . c:\windows1\ServicePackFiles\i386\mshtml.dll . [-] 2013-10-29 . 233F2DEA451082C6EFBDFDB52F1F194B . 920064 . . [8.00.6001.23543] . . c:\windows1\SoftwareDistribution\Download\26c7aca797e234daa512b8546c99f2ee\SP3QFE\wininet.dll [-] 2013-10-29 . 233F2DEA451082C6EFBDFDB52F1F194B . 920064 . . [8.00.6001.23543] . . c:\windows1\SoftwareDistribution\Download\c378db9837e7dc8e045a8c99e09d0187\SP3QFE\wininet.dll [-] 2013-10-25 . 212A532B8C8C88C1DCF4C04FF051E74E . 671232 . . [6.00.2900.6470] . . c:\windows1\ie8\wininet.dll [-] 2013-10-25 . 212A532B8C8C88C1DCF4C04FF051E74E . 671232 . . [6.00.2900.6470] . . c:\windows1\SoftwareDistribution\Download\495619e73ae3e607db9cd3a0ea5e29d1\SP3QFE\wininet.dll [-] 2013-07-26 . 8570FB0ECF9441800218DE396AA5513C . 920064 . . [8.00.6001.23515] . . c:\windows1\SoftwareDistribution\Download\6c2ecbfcedefb4df7c0af8d7c2311726\SP3QFE\wininet.dll [-] 2013-07-26 . 8570FB0ECF9441800218DE396AA5513C . 920064 . . [8.00.6001.23515] . . c:\windows1\system32\wininet.dll [-] 2012-08-28 . 8B1E0D8DA7792681D67CE6D82BF1DDE2 . 916992 . . [8.00.6001.19328] . . c:\windows1\ie8updates\KB2862772-IE8\wininet.dll [-] 2012-08-28 . 8B1E0D8DA7792681D67CE6D82BF1DDE2 . 916992 . . [8.00.6001.19328] . . c:\windows1\SoftwareDistribution\Download\ce90aadd5819143e10a040d8f6ef642c\SP3GDR\wininet.dll [-] 2012-08-28 . 92BB9C96E52F8173992E07D0A8BD1EBB . 920064 . . [8.00.6001.23415] . . c:\windows1\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll [-] 2012-08-28 . 92BB9C96E52F8173992E07D0A8BD1EBB . 920064 . . [8.00.6001.23415] . . c:\windows1\SoftwareDistribution\Download\ce90aadd5819143e10a040d8f6ef642c\SP3QFE\wininet.dll [-] 2011-11-04 . 862984AE0521D184733D10E2F6767121 . 916992 . . [8.00.6001.19165] . . c:\windows1\ie8updates\KB2744842-IE8\wininet.dll [-] 2011-11-04 . 862984AE0521D184733D10E2F6767121 . 916992 . . [8.00.6001.19165] . . c:\windows1\SoftwareDistribution\Download\e266c4fe4ef6217b8eef851cb6b61532\SP3GDR\wininet.dll [-] 2011-11-04 . CAB8130AADF2E0A0D98E17A6EC396579 . 919552 . . [8.00.6001.23261] . . c:\windows1\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [-] 2011-11-04 . CAB8130AADF2E0A0D98E17A6EC396579 . 919552 . . [8.00.6001.23261] . . c:\windows1\SoftwareDistribution\Download\e266c4fe4ef6217b8eef851cb6b61532\SP3QFE\wininet.dll [-] 2010-05-06 . 5C4593767BA6AAB8F344388D6B001B3C . 916480 . . [8.00.6001.18923] . . c:\windows1\ie8updates\KB2618444-IE8\wininet.dll [-] 2010-05-06 . 5C4593767BA6AAB8F344388D6B001B3C . 916480 . . [8.00.6001.18923] . . c:\windows1\SoftwareDistribution\Download\a023776d286e1ee08bd4cbd247454683\SP3GDR\wininet.dll [-] 2010-05-06 . FDA49EB1E3A06927534E5770938D15EC . 919040 . . [8.00.6001.23014] . . c:\windows1\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-05-06 . FDA49EB1E3A06927534E5770938D15EC . 919040 . . [8.00.6001.23014] . . c:\windows1\SoftwareDistribution\Download\a023776d286e1ee08bd4cbd247454683\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows1\ie8updates\KB982381-IE8\wininet.dll [7] 2008-04-15 . 0457F0AFD6EE10445D8CF721FB5FA4EB . 668672 . . [6.00.2900.5512] . . c:\windows1\$NtUninstallKB2898785$\wininet.dll [7] 2008-04-14 . 0457F0AFD6EE10445D8CF721FB5FA4EB . 668672 . . [6.00.2900.5512] . . c:\windows1\ServicePackFiles\i386\wininet.dll . [-] 2013-08-05 . 8F4603F449469328C33E05A3574745F7 . 1289216 . . [5.1.2600.6435] . . c:\windows1\SoftwareDistribution\Download\c359e999d63b38a7c94349aa565322f6\sp3qfe\ole32.dll [-] 2013-08-05 . 8F4603F449469328C33E05A3574745F7 . 1289216 . . [5.1.2600.6435] . . c:\windows1\system32\ole32.dll [7] 2010-07-16 . C10BDDDBA990C49BD195A60715DD6BEF . 1287680 . . [5.1.2600.6010] . . c:\windows1\SoftwareDistribution\Download\3b0167aec9ae3aacba66cc5266b0ae4d\sp3gdr\ole32.dll [7] 2010-07-16 . BBA690E74E139B3E0357164A1F065C24 . 1288704 . . [5.1.2600.6010] . . c:\windows1\$hf_mig$\KB979687\SP3QFE\ole32.dll [7] 2010-07-16 . BBA690E74E139B3E0357164A1F065C24 . 1288704 . . [5.1.2600.6010] . . c:\windows1\SoftwareDistribution\Download\3b0167aec9ae3aacba66cc5266b0ae4d\sp3qfe\ole32.dll [7] 2008-04-15 . 7A50662D3E47A0D855CE2960ED6CA523 . 1287168 . . [5.1.2600.5512] . . c:\windows1\$NtUninstallKB2876217$\ole32.dll [7] 2008-04-14 . 7A50662D3E47A0D855CE2960ED6CA523 . 1287168 . . [5.1.2600.5512] . . c:\windows1\ServicePackFiles\i386\ole32.dll . [-] 2010-12-09 . 121242099222790B2687018B3D5395DD . 726528 . . [5.1.2600.6055] . . c:\windows1\$hf_mig$\KB2393802\SP3QFE\ntdll.dll [-] 2010-12-09 . 121242099222790B2687018B3D5395DD . 726528 . . [5.1.2600.6055] . . c:\windows1\SoftwareDistribution\Download\b8e35ad3e22e1252f87612f76d3493f2\SP3QFE\ntdll.dll [-] 2010-12-09 . 0EE6546CDEF5F387AD0D23D4EBF798A8 . 726528 . . [5.1.2600.6055] . . c:\windows1\SoftwareDistribution\Download\b8e35ad3e22e1252f87612f76d3493f2\SP3GDR\ntdll.dll [-] 2010-12-09 . 0EE6546CDEF5F387AD0D23D4EBF798A8 . 726528 . . [5.1.2600.6055] . . c:\windows1\system32\ntdll.dll [-] 2009-02-09 . 4577955ACDA3229ECEA9065AD25A3B40 . 723456 . . [5.1.2600.5755] . . c:\windows1\$hf_mig$\KB956572\SP3QFE\ntdll.dll [-] 2009-02-09 . 4577955ACDA3229ECEA9065AD25A3B40 . 723456 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3QFE\ntdll.dll [-] 2009-02-09 . 75F21EA0824F6E932764EEA3D320F2AE . 722944 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3GDR\ntdll.dll [-] 2009-02-09 . 5CAFEAE9DAA0B832C7C4688914805B64 . 722944 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2GDR\ntdll.dll [-] 2009-02-09 . 7EAAF498E67080EAEAE664D5358AA335 . 723456 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2QFE\ntdll.dll [7] 2008-04-15 . 344E9C9B857D6A930576F6E08EC1F8AC . 714240 . . [5.1.2600.5512] . . c:\windows1\$NtUninstallKB2393802$\ntdll.dll [7] 2008-04-14 . 344E9C9B857D6A930576F6E08EC1F8AC . 714240 . . [5.1.2600.5512] . . c:\windows1\ServicePackFiles\i386\ntdll.dll . [-] 2010-09-18 07:18 . 576D37910F472BB5E62EF14D4B274599 . 953856 . . [4.1.6151] . . c:\windows1\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [-] 2010-09-18 07:18 . 576D37910F472BB5E62EF14D4B274599 . 953856 . . [4.1.6151] . . c:\windows1\SoftwareDistribution\Download\83f04fa9268f64697f2fd3c758435a46\SP3QFE\mfc40u.dll [-] 2010-09-18 06:53 . E7A93F4C5154D34F61328D34DE02CD61 . 953856 . . [4.1.6151] . . c:\windows1\SoftwareDistribution\Download\83f04fa9268f64697f2fd3c758435a46\SP3GDR\mfc40u.dll [-] 2010-09-18 06:53 . E7A93F4C5154D34F61328D34DE02CD61 . 953856 . . [4.1.6151] . . c:\windows1\system32\mfc40u.dll [7] 2008-04-15 12:00 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows1\$NtUninstallKB2387149$\mfc40u.dll [7] 2008-04-14 21:50 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows1\ServicePackFiles\i386\mfc40u.dll . [-] 2013-07-04 . F06F92609E38B40BD96DC95D4FBB5BAF . 2071424 . . [5.1.2600.6419] . . c:\windows1\Driver Cache\i386\ntkrnlpa.exe [-] 2013-07-04 . F06F92609E38B40BD96DC95D4FBB5BAF . 2071424 . . [5.1.2600.6419] . . c:\windows1\SoftwareDistribution\Download\b75dffeedbd7c3d10835cdc83fce008d\sp3qfe\ntkrnlpa.exe [-] 2013-07-04 . 32042DF56603835DA3189D64D83D15E0 . 2030080 . . [5.1.2600.6419] . . c:\windows1\system32\ntkrnlpa.exe [-] 2012-04-11 . FDBACBE41DDF60D86B55F3C48F84BA2A . 2070400 . . [5.1.2600.6206] . . c:\windows1\SoftwareDistribution\Download\c9b15f5141d2ff3ab02aec778ae6e24c\SP3GDR\ntkrnlpa.exe [-] 2012-04-11 . A18631E2C30F0A52CF9F15FA1F57614D . 2028032 . . [5.1.2600.6206] . . c:\windows1\$NtUninstallKB2859537$\ntkrnlpa.exe [-] 2012-04-11 . 78E18A878019BCC3FC8D1BDA074E0719 . 2070400 . . [5.1.2600.6206] . . c:\windows1\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe [-] 2012-04-11 . 78E18A878019BCC3FC8D1BDA074E0719 . 2070400 . . [5.1.2600.6206] . . c:\windows1\SoftwareDistribution\Download\c9b15f5141d2ff3ab02aec778ae6e24c\SP3QFE\ntkrnlpa.exe [-] 2010-12-09 . 7E8979CD5018A9927A8A2C859914ED16 . 2070656 . . [5.1.2600.6055] . . c:\windows1\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe [-] 2010-12-09 . 7E8979CD5018A9927A8A2C859914ED16 . 2070656 . . [5.1.2600.6055] . . c:\windows1\SoftwareDistribution\Download\b8e35ad3e22e1252f87612f76d3493f2\SP3QFE\ntkrnlpa.exe [-] 2010-12-09 . 720FA9D2F96501ABE8786B24DC48C7B7 . 2028544 . . [5.1.2600.6055] . . c:\windows1\$NtUninstallKB2676562$\ntkrnlpa.exe [-] 2010-12-09 . FBAA6966A914147FE3CE95982D001F4F . 2070656 . . [5.1.2600.6055] . . c:\windows1\SoftwareDistribution\Download\b8e35ad3e22e1252f87612f76d3493f2\SP3GDR\ntkrnlpa.exe [-] 2009-02-10 . AE8D75A5457D995EACE1B160FCF3D5E4 . 2067328 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3GDR\ntkrnlpa.exe [-] 2009-02-09 . ACC1C47256752D1C4D5DC00C3A3CF3A1 . 2059008 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2GDR\ntkrnlpa.exe [-] 2009-02-09 . 2DDE205ED520F438FB5FB4004A8702D3 . 2064256 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2QFE\ntkrnlpa.exe [-] 2009-02-09 . DBB713C90996F42BA3D4725B438D8332 . 2067456 . . [5.1.2600.5755] . . c:\windows1\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2009-02-09 . DBB713C90996F42BA3D4725B438D8332 . 2067456 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3QFE\ntkrnlpa.exe [7] 2008-04-15 . 280CD53BA94A32BCA61B5EA01753AED8 . 2025472 . . [5.1.2600.5512] . . c:\windows1\$NtUninstallKB2393802$\ntkrnlpa.exe [7] 2008-04-14 . 4BBA965664FAA56B187C27F4CAD7E7C5 . 2067200 . . [5.1.2600.5512] . . c:\windows1\ServicePackFiles\i386\ntkrnlpa.exe . [-] 2013-07-04 . EA33ED2AABAEFF95C9BDF87BFB34DB29 . 2194816 . . [5.1.2600.6419] . . c:\windows1\Driver Cache\i386\ntoskrnl.exe [-] 2013-07-04 . EA33ED2AABAEFF95C9BDF87BFB34DB29 . 2194816 . . [5.1.2600.6419] . . c:\windows1\SoftwareDistribution\Download\b75dffeedbd7c3d10835cdc83fce008d\sp3qfe\ntoskrnl.exe [-] 2013-07-04 . 67C83BE5B508CD2DAB9A233D77F4B396 . 2151424 . . [5.1.2600.6419] . . c:\windows1\system32\ntoskrnl.exe [-] 2012-04-11 . 206876B212E4ED112C862EFCABDCD112 . 2149888 . . [5.1.2600.6206] . . c:\windows1\$NtUninstallKB2859537$\ntoskrnl.exe [-] 2012-04-11 . 7F1A4FFC01C9218C3EA1FFC8DCEC4171 . 2193920 . . [5.1.2600.6206] . . c:\windows1\SoftwareDistribution\Download\c9b15f5141d2ff3ab02aec778ae6e24c\SP3GDR\ntoskrnl.exe [-] 2012-04-11 . 833DE0A926DA4CCBCE6DD67FEDCC3EB2 . 2193920 . . [5.1.2600.6206] . . c:\windows1\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe [-] 2012-04-11 . 833DE0A926DA4CCBCE6DD67FEDCC3EB2 . 2193920 . . [5.1.2600.6206] . . c:\windows1\SoftwareDistribution\Download\c9b15f5141d2ff3ab02aec778ae6e24c\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . 8A302601BE409E59260BB8ADE7CC6BC2 . 2194048 . . [5.1.2600.6055] . . c:\windows1\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . 8A302601BE409E59260BB8ADE7CC6BC2 . 2194048 . . [5.1.2600.6055] . . c:\windows1\SoftwareDistribution\Download\b8e35ad3e22e1252f87612f76d3493f2\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . EEB63BA2A4399E34E96A69088F680FF0 . 2194048 . . [5.1.2600.6055] . . c:\windows1\SoftwareDistribution\Download\b8e35ad3e22e1252f87612f76d3493f2\SP3GDR\ntoskrnl.exe [-] 2010-12-09 . 68098C0FA5F262547549F773ABBA9EC1 . 2150400 . . [5.1.2600.6055] . . c:\windows1\$NtUninstallKB2676562$\ntoskrnl.exe [-] 2009-02-10 . 67DD50DFE7736999AE3C59699F9698B4 . 2190464 . . [5.1.2600.5755] . . c:\windows1\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-10 . 67DD50DFE7736999AE3C59699F9698B4 . 2190464 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . E5B62946E1F46F3C2268BE5ABBE3FB64 . 2181760 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2GDR\ntoskrnl.exe [-] 2009-02-09 . 9437BE2B30F80F6F4CAD8BEA8D3EF0CD . 2187392 . . [5.1.2600.3520] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2QFE\ntoskrnl.exe [-] 2009-02-09 . F9489C6615A62A5EB3A19FA684AD4415 . 2190336 . . [5.1.2600.5755] . . c:\windows1\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3GDR\ntoskrnl.exe [7] 2008-04-15 . 1B4B41AC8CDAA66DED8999A7DE212D3E . 2146816 . . [5.1.2600.5512] . . c:\windows1\$NtUninstallKB2393802$\ntoskrnl.exe [7] 2008-04-14 . 8CA14ECF04594EABBE93C9FF2E3CBFB1 . 2190336 . . [5.1.2600.5512] . . c:\windows1\ServicePackFiles\i386\ntoskrnl.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows1\RaidTool\xInsIDE.exe" [2000-01-01 43608] "36X Raid Configurer"="c:\windows1\system32\xRaidSetup.exe" [2000-01-01 1976920] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "RTHDCPL"="RTHDCPL.EXE" [2013-10-04 20145368] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows1\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "SoftwareSASGeneration"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0ROBoot \??\c:\windows1\system32\ASOROSet.bin . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Menu Start^Programy^Autostart^McAfee Security Scan Plus.lnk] path=c:\documents and settings\All Users.WINDOWS1\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk backup=c:\windows1\pss\McAfee Security Scan Plus.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish] 2014-11-28 13:37 1329408 ----a-w- c:\program files\Clownfish\Clownfish.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2014-03-04 09:19 3696912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM] 2015-03-11 18:40 3631448 ----a-w- c:\program files\Origin\Origin.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2012-08-30 16:43 15512424 ----a-w- c:\windows1\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2012-08-30 16:43 108392 ----a-w- c:\windows1\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2014-12-17 21:12 508800 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Documents and Settings\\User\\Dane aplikacji\\uTorrent\\uTorrent.exe"= "c:\\WINDOWS1\\system32\\PnkBstrA.exe"= "c:\\WINDOWS1\\system32\\PnkBstrB.exe"= "c:\\Riot Games\\League of Legends\\lol.launcher.exe"= "c:\\Program Files\\NapiProjekt\\napisy.exe"= "c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Steam\\bin\\steamwebhelper.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\Crash Time II\\BurningWheels.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\PAYDAY The Heist\\payday_win32_release.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "7437:UDP"= 7437:UDP:TP-LINK USB Printer Controller UDP Port . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows1\system32\drivers\dtsoftbus01.sys [2014-09-07 243128] R1 VBoxDrv;VirtualBox Service;c:\windows1\system32\drivers\VBoxDrv.sys [2015-02-09 744520] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows1\system32\drivers\AtihdXP3.sys [2008-03-05 96256] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows1\system32\drivers\MBAMSwissArmy.sys [2015-04-29 119512] S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-29 1080120] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488] S3 Ambfilt;Ambfilt;c:\windows1\system32\drivers\Ambfilt.sys [2014-01-22 1691480] S3 AR9271;Wireless Network Adapter Service;c:\windows1\system32\drivers\athuw.sys [2008-03-05 1714176] S3 cpuz130;cpuz130;\??\c:\docume~1\User\USTAWI~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\User\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [?] S3 EagleXNt;EagleXNt;\??\c:\windows1\system32\drivers\EagleXNt.sys --> c:\windows1\system32\drivers\EagleXNt.sys [?] S3 EasyAntiCheat;EasyAntiCheat;c:\windows1\system32\EasyAntiCheat.exe [2015-04-27 237864] S3 MBAMProtector;MBAMProtector;c:\windows1\system32\drivers\mbam.sys [2015-04-29 23256] S3 OSFMount;OSFMount;\??\c:\cs go\Counter-Strike Global Offensive\image\x86\OSFMount.sys --> c:\cs go\Counter-Strike Global Offensive\image\x86\OSFMount.sys [?] S3 PortTalk;PortTalk;c:\windows1\system32\drivers\PortTalk.sys [2014-03-19 3567] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows1\system32\drivers\VBoxNetAdp.sys [2014-11-21 116184] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows1\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows1\system32\DRIVERS\VBoxNetFlt.sys [?] S4 sptd;sptd;c:\windows1\system32\Drivers\sptd.sys --> c:\windows1\system32\Drivers\sptd.sys [?] . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - MBAMSWISSARMY . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-04-17 10:33 988488 ----a-w- c:\program files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2015-04-28 c:\windows1\Tasks\Adobe Flash Player Updater.job - c:\windows1\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-22 21:35] . 2015-04-29 c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2014-05-14 14:00] . 2015-04-28 c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2014-05-14 14:00] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.oursurfing.com/?type=hp&ts=1430260888&from=amt&uid=ST3200827AS_4ND2DS5AXXXX4ND2DS5A mStart Page = hxxp://www.oursurfing.com/?type=hp&ts=1430260888&from=amt&uid=ST3200827AS_4ND2DS5AXXXX4ND2DS5A TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\h7qkpd2f.default-1430263158375\ . - - - - USUNIĘTO PUSTE WPISY - - - - . Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) HKCU-Run-Clownfish - (no file) MSConfigStartUp-Andy - c:\program files\Andy\HandyAndy.exe MSConfigStartUp-BlueStacks Agent - c:\program files\BlueStacks\HD-Agent.exe MSConfigStartUp-MSMSGS - c:\program files\Messenger\msmsgs.exe AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver - c:\program files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView - c:\program files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update - c:\program files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver - c:\program files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2015-04-29 02:26 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS1\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\WINDOWS1\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'winlogon.exe'(724) c:\windows1\system32\Ati2evxx.dll c:\windows1\system32\atiadlxx.dll . Czas ukończenia: 2015-04-29 02:28:28 ComboFix-quarantined-files.txt 2015-04-29 00:28 . Przed: 46 173 356 032 bajtów wolnych Po: 46 292 131 840 bajtów wolnych . WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS1 [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS1="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - CC34985EF175A76683778846756FC46B 32052574BF9F325AE309ABC7BFD04460