ComboFix 15-10-28.01 - Tomek 2015-11-01  18:09:43.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1033.18.8112.5959 [GMT 1:00]
Uruchomiony z: c:\users\Tomek\Downloads\do wirus¡w\ComboFIX_instalka\ComboFix.exe
AV: ESET NOD32 Antivirus 9.0.318.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 9.0.318.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usuniêto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\msvcr71.dll
c:\windows\SysWow64\hookdll.dll
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-10-01 do 2015-11-01  )))))))))))))))))))))))))))))))
.
.
2015-11-01 17:12 . 2015-11-01 17:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-11-01 17:12 . 2015-11-01 17:12	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2015-10-28 22:52 . 2015-10-28 22:52	--------	d-----w-	c:\programdata\ParetoLogic
2015-10-28 22:52 . 2015-10-28 22:52	--------	d-----w-	c:\program files (x86)\Common Files\ParetoLogic
2015-10-28 22:52 . 2015-10-28 22:52	--------	d-----w-	c:\program files (x86)\ParetoLogic
2015-10-28 21:25 . 2015-10-28 21:34	--------	d-----w-	c:\users\Tomek\AppData\Roaming\Bitcoin
2015-10-28 20:42 . 2015-10-28 20:42	--------	d-----w-	c:\users\Tomek\AppData\Roaming\www.shadowexplorer.com
2015-10-28 20:42 . 2015-10-28 20:42	--------	d-----w-	c:\program files (x86)\ShadowExplorer
2015-10-26 13:36 . 2015-10-26 13:36	110080	----a-r-	c:\users\Tomek\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconF7A21AF7.exe
2015-10-26 13:36 . 2015-10-26 13:36	110080	----a-r-	c:\users\Tomek\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconD7F16134.exe
2015-10-26 13:36 . 2015-10-26 13:36	--------	d-----w-	c:\program files (x86)\Enigma Software Group
2015-10-26 13:36 . 2015-10-26 13:36	--------	d-----w-	c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-10-26 13:36 . 2015-10-26 13:36	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2015-10-26 10:59 . 2015-10-28 22:27	--------	d-----w-	c:\program files\Recuva
2015-10-26 10:36 . 2015-10-26 10:36	--------	d-----w-	c:\program files\HitmanPro
2015-10-26 10:32 . 2015-10-26 10:47	--------	d-----w-	c:\programdata\HitmanPro
2015-10-24 13:28 . 2015-11-01 17:04	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-24 13:28 . 2015-10-24 13:28	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2015-10-24 13:28 . 2015-10-24 13:28	--------	d-----w-	c:\programdata\Malwarebytes
2015-10-24 13:28 . 2015-10-05 07:50	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-10-24 13:28 . 2015-10-05 07:50	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-10-24 13:28 . 2015-10-05 07:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-10-24 13:12 . 2015-10-24 13:12	170280	----a-w-	c:\windows\system32\drivers\ESETCleanersDriver.sys
2015-10-24 11:47 . 2015-10-24 11:47	--------	d-----w-	c:\users\Tomek\AppData\Local\ESET
2015-10-24 11:46 . 2015-10-24 11:46	--------	d-----w-	c:\program files\ESET
2015-10-24 10:35 . 2015-10-24 12:58	--------	d-----w-	c:\users\Tomek\AppData\Local\Ehwztion
2015-10-24 10:35 . 2015-10-24 12:59	--------	d-----w-	c:\users\Tomek\AppData\Local\YblpPack
2015-10-24 10:26 . 2015-11-01 17:00	--------	d-----w-	C:\UsbFix
2015-10-20 16:13 . 2015-08-31 22:45	11062400	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DCDEC7A7-FBD0-47C0-A55E-438B1D91F847}\mpengine.dll
2015-10-18 22:58 . 2015-10-24 12:58	--------	d-----w-	c:\users\Tomek\AppData\Local\Black_Tree_Gaming
2015-10-18 22:57 . 2015-10-18 23:08	--------	d-----w-	c:\program files\Nexus Mod Manager
2015-10-14 14:57 . 2015-10-14 14:57	--------	d-----w-	c:\windows\SysWow64\NV
2015-10-14 14:57 . 2015-10-14 14:57	--------	d-----w-	c:\windows\system32\NV
2015-10-14 14:52 . 2015-10-24 12:58	--------	d-----w-	c:\users\Tomek\AppData\Local\NVIDIA
2015-10-14 14:52 . 2015-10-04 08:23	1423120	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-10-14 14:52 . 2015-10-04 08:23	1317192	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-10-14 14:52 . 2015-10-04 08:22	1756608	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-10-14 14:52 . 2015-10-04 08:22	1710568	----a-w-	c:\windows\system32\nvspcap64.dll
2015-10-14 14:52 . 2015-08-11 04:52	72504	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-10-14 14:52 . 2015-08-11 04:52	69416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-10-14 14:52 . 2015-08-11 04:52	50472	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-10-14 14:07 . 2015-10-24 12:57	--------	d-----w-	c:\programdata\NVIDIA
2015-10-14 14:06 . 2015-10-03 02:49	6358648	----a-w-	c:\windows\system32\nvcpl.dll
2015-10-14 14:06 . 2015-10-03 02:49	2982520	----a-w-	c:\windows\system32\nvsvc64.dll
2015-10-14 14:06 . 2015-10-03 02:49	938800	----a-w-	c:\windows\system32\nvvsvc.exe
2015-10-14 14:06 . 2015-10-03 02:49	75056	----a-w-	c:\windows\system32\nv3dappshextr.dll
2015-10-14 14:06 . 2015-10-03 02:49	62768	----a-w-	c:\windows\system32\nvshext.dll
2015-10-14 14:06 . 2015-10-03 02:49	523384	----a-w-	c:\windows\system32\nv3dappshext.dll
2015-10-14 14:06 . 2015-10-03 02:49	385328	----a-w-	c:\windows\system32\nvmctray.dll
2015-10-14 14:06 . 2015-10-03 02:49	2554488	----a-w-	c:\windows\system32\nvsvcr.dll
2015-10-14 14:06 . 2015-10-01 09:33	5284082	----a-w-	c:\windows\system32\nvcoproc.bin
2015-10-14 14:06 . 2015-10-24 12:57	--------	d-----w-	c:\programdata\NVIDIA Corporation
2015-10-14 14:06 . 2015-10-14 14:57	--------	d-----w-	c:\program files (x86)\NVIDIA Corporation
2015-10-14 14:02 . 2015-10-24 12:58	--------	d-----w-	c:\users\Tomek\.oracle_jre_usage
2015-10-14 14:02 . 2015-10-24 12:57	--------	d-----w-	c:\programdata\Oracle
2015-10-14 14:02 . 2015-10-24 11:09	--------	d-----w-	c:\program files (x86)\Java
2015-10-05 12:05 . 2015-10-05 12:05	--------	d-----w-	c:\program files\Microsoft Silverlight
2015-10-05 12:05 . 2015-10-05 12:05	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2015-10-03 20:10 . 2015-10-03 20:10	--------	d-----w-	c:\program files (x86)\Fraps
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-18 18:23 . 2015-03-04 17:52	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-18 18:23 . 2015-03-04 17:52	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-03 05:06 . 2015-08-02 17:31	467912	----a-w-	c:\windows\system32\nvumdshimx.dll
2015-10-03 05:06 . 2015-08-02 17:31	388024	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2015-10-03 05:06 . 2015-08-02 17:31	177416	----a-w-	c:\windows\system32\nvinitx.dll
2015-10-03 05:06 . 2015-08-02 17:31	155976	----a-w-	c:\windows\SysWow64\nvinit.dll
2015-10-03 05:06 . 2015-08-02 17:31	3573832	----a-w-	c:\windows\system32\nvapi64.dll
2015-10-03 05:06 . 2015-08-02 17:31	3154104	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-10-03 05:06 . 2015-08-02 17:31	12769408	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-09-27 10:56 . 2015-03-06 13:09	16	----a-w-	c:\users\Tomek\AppData\Roaming\msregsvv.dll
2015-08-13 00:34 . 2014-11-15 00:33	132483416	----a-w-	c:\windows\system32\MRT.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyœlne, prawid³owe wpisy nie s¹ pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SteelSeries Engine"="c:\program files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" [2014-06-26 87040]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 4468056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-12-20 292848]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2013-05-14 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2012-12-27 4522496]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Killer Network Manager.lnk - c:\windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2015-3-4 72008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ESETCleanersDriver;ESET Cleaner Service;c:\windows\system32\Drivers\ESETCleanersDriver.sys;c:\windows\SYSNATIVE\Drivers\ESETCleanersDriver.sys [x]
R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 FiiOE07;Service for FiiO USB DAC-E07K(WDM);c:\windows\system32\drivers\FiiOE07.sys;c:\windows\SYSNATIVE\drivers\FiiOE07.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 UsbTray;UsbTray;c:\windows\SysWOW64\UsbTray.sys;c:\windows\SysWOW64\UsbTray.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MDFSYSNT;MacDrive file system driver; [x]
S0 MDPMGRNT;MacDrive Partition Driver;c:\windows\system32\DRIVERS\MDPMGRNT.SYS;c:\windows\SYSNATIVE\DRIVERS\MDPMGRNT.SYS [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 CBDisk;CBDisk;c:\windows\system32\drivers\CBDisk.sys;c:\windows\SYSNATIVE\drivers\CBDisk.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 Bosch DNS-SD Service;Bosch DNS-SD Service;c:\program files (x86)\Bosch\DNS-SD\BoschDNSSDService.exe;c:\program files (x86)\Bosch\DNS-SD\BoschDNSSDService.exe [x]
S2 conmon;Dante Control and Monitoring;c:\program files (x86)\Audinate\Shared Files\conmon_cmm_service.exe;c:\program files (x86)\Audinate\Shared Files\conmon_cmm_service.exe [x]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys;c:\windows\SYSNATIVE\DRIVERS\diginet.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 M4LIC;Mediafour M4LIC service;c:\program files (x86)\Common Files\Mediafour\M4LIC.EXE;c:\program files (x86)\Common Files\Mediafour\M4LIC.EXE [x]
S2 MacDrive8Service;MacDrive 8 service;c:\program files\Mediafour\MacDrive 8\MacDrive8Service.exe;c:\program files\Mediafour\MacDrive 8\MacDrive8Service.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\SCM\MSIService.exe;c:\program files (x86)\SCM\MSIService.exe [x]
S2 NovaPdfServer;novaPDF Server;c:\program files\Softland\novaPDF 8\Server\novapdfs.exe;c:\program files\Softland\novaPDF 8\Server\novapdfs.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 sesvc;ShadowExplorer Service;c:\program files (x86)\ShadowExplorer\sesvc.exe;c:\program files (x86)\ShadowExplorer\sesvc.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
S3 busenum;SteelBusSvc;c:\windows\system32\DRIVERS\SteelBus64.sys;c:\windows\SYSNATIVE\DRIVERS\SteelBus64.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 SAlphaPS2;SteelPs2Svc;c:\windows\system32\DRIVERS\SAlphaPS264.sys;c:\windows\SYSNATIVE\DRIVERS\SAlphaPS264.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
.
.
Zawartoœæ folderu 'Zaplanowane zadania'
.
2015-11-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-04 18:23]
.
2015-10-28 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2015-10-28 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-18 17:13]
.
2015-10-28 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-18 17:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-30 36352]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2013-11-13 184632]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-11-07 7818552]
"SCM"="c:\program files (x86)\SCM\SCM.exe" [2014-09-01 405504]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-08-14 13675736]
"MacDrive 8 application"="c:\program files\Mediafour\MacDrive 8\MacDrive.exe" [2010-02-04 345688]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-04 2654512]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-04 1710568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Skan uzupe³niaj¹cy -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.43.1
FF - ProfilePath - c:\users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\tlnelhv3.default\
.
- - - - USUNIÊTO PUSTE WPISY - - - -
.
ShellIconOverlayIdentifiers-MacDrive volume icons - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{A6356F2F-D3E1-4D83-9AA2-72871DD0C298} - c:\program files (x86)\InstallShield Installation Information\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}\setup.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-168588485-3458256194-3685778785-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@Allowed: (Read) (S-1-5-21-168588485-3458256194-3685778785-1000)
"ThreadingModel"="Apartment"
@="c:\\ProgramData\\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\\wmdrmnet.dll"
.
[HKEY_USERS\S-1-5-21-168588485-3458256194-3685778785-1000_Classes\Drive\ShellEx\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@Allowed: (Read) (S-1-5-21-168588485-3458256194-3685778785-1000)
"DriveMask"=dword:ffffffff
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@SACL=(02 0001)
@Ace=(0x11) (1 3) (S-1-16-12288)
"ThreadingModel"="Apartment"
@="c:\\ProgramData\\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\\wmdrmnet.dll"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@SACL=(02 0001)
@Ace=(0x11) (1 3) (S-1-16-12288)
"DriveMask"=dword:ffffffff
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukoñczenia: 2015-11-01  18:13:53
ComboFix-quarantined-files.txt  2015-11-01 17:13
.
Przed: 17 198 768 128 bajtów wolnych
Po: 16 784 257 024 bajtów wolnych
.
- - End Of File - - A99299AD092651C11AE1F4E4DA37B1FA
A36C5E4F47E84449FF07ED3517B43A31