Skocz do zawartości
Nadchodzące zmiany w logowaniu

ustasiak15

Użytkownicy
 Pokaż profil  Zobacz aktywność

  • Postów

    3

  • Dołączył

  • Ostatnia wizyta

  1. ustasiak15

    Pomoc log ComboFix

    ustasiak15 opublikował(a) temat w Windows 7

    ComboFix 18-08-08.01 - MarekS 2019-03-29 8:42.1.2 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.2013.1041 [GMT 1:00] Uruchomiony z: c:\users\MarekS\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189} SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Pliki utworzone od 2019-02-28 do 2019-03-29 ))))))))))))))))))))))))))))))) . . 2019-03-29 07:50 . 2019-03-29 07:50 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C31D5885-131D-4A68-9ED6-C97CD998EBBE}\offreg.844.dll 2019-03-29 05:35 . 2019-03-26 18:56 12248736 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C31D5885-131D-4A68-9ED6-C97CD998EBBE}\mpengine.dll 2019-03-28 18:06 . 2017-03-07 15:06 221184 ----a-w- c:\windows\system32\rdpudd.dll 2019-03-28 18:06 . 2017-03-07 15:06 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll 2019-03-28 18:06 . 2017-03-07 15:06 2746880 ----a-w- c:\windows\system32\rdpcorets.dll 2019-03-28 13:20 . 2019-03-26 18:56 12248736 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2019-03-28 08:59 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2019-03-28 08:59 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll 2019-03-28 08:18 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll 2019-03-28 07:43 . 2019-03-28 07:43 -------- d-----w- c:\programdata\Emsisoft 2019-03-28 07:41 . 2019-03-28 08:57 -------- d-----w- C:\EEK 2019-03-28 04:31 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll 2019-03-28 04:31 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll 2019-03-28 04:31 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe 2019-03-28 04:30 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe 2019-03-27 13:45 . 2016-04-14 13:49 603648 ----a-w- c:\windows\system32\d3d10level9.dll 2019-03-27 13:45 . 2015-12-08 21:54 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2019-03-27 13:45 . 2015-02-04 02:54 417792 ----a-w- c:\windows\system32\WMPhoto.dll 2019-03-27 12:07 . 2019-03-27 12:07 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2019-03-27 12:03 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2019-03-27 11:53 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll 2019-03-27 11:53 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll 2019-03-27 11:53 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll 2019-03-27 11:53 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll 2019-03-27 11:53 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll 2019-03-27 11:53 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll 2019-03-27 11:53 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe 2019-03-27 11:53 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys 2019-03-27 11:53 . 2015-07-09 17:42 179712 ----a-w- c:\windows\system32\notepad.exe 2019-03-27 11:53 . 2015-07-09 17:42 179712 ----a-w- c:\windows\notepad.exe 2019-03-27 11:53 . 2014-12-11 17:47 74240 ----a-w- c:\windows\system32\TSWbPrxy.exe 2019-03-27 11:52 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2019-03-27 11:52 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll 2019-03-27 11:52 . 2019-02-16 05:30 123904 ----a-w- c:\windows\system32\poqexec.exe 2019-03-27 11:51 . 2016-02-04 18:41 296448 ----a-w- c:\windows\system32\mfds.dll 2019-03-27 11:49 . 2016-03-09 18:40 316416 ----a-w- c:\windows\system32\webio.dll 2019-03-27 11:49 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll 2019-03-27 11:49 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll 2019-03-27 11:49 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll 2019-03-27 11:49 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll 2019-03-27 11:49 . 2015-01-29 03:02 844288 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll 2019-03-27 11:49 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys 2019-03-27 11:49 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll 2019-03-27 11:49 . 2014-11-11 02:44 186880 ----a-w- c:\windows\system32\pku2u.dll 2019-03-27 11:49 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll 2019-03-27 11:48 . 2016-02-09 09:50 21504 ----a-w- c:\windows\system32\seclogon.dll 2019-03-27 11:47 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL 2019-03-27 11:47 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL 2019-03-27 10:53 . 2019-03-27 10:53 -------- d-s---w- c:\windows\system32\CompatTel 2019-03-27 10:53 . 2019-03-27 10:53 -------- d-----w- c:\windows\system32\appraiser 2019-03-27 10:52 . 2019-03-27 10:52 -------- d-----w- c:\windows\system32\Wat 2019-03-27 09:42 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll 2019-03-27 09:42 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2019-03-27 09:42 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2019-03-27 09:42 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2019-03-27 09:42 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll 2019-03-27 09:42 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll 2019-03-27 09:42 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe 2019-03-27 09:10 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2019-03-27 09:10 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2019-03-27 09:10 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2019-03-27 09:10 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2019-03-27 09:10 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2019-03-27 09:10 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll 2019-03-27 09:10 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2019-03-27 09:09 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2019-03-27 09:09 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll 2019-03-27 08:54 . 2017-04-27 22:50 3550208 ----a-w- c:\windows\system32\D3DCompiler_47.dll 2019-03-27 08:44 . 2015-12-16 18:43 6144 ----a-w- c:\windows\system32\kbdgeoqw.dll 2019-03-27 08:44 . 2015-12-16 18:43 6144 ----a-w- c:\windows\system32\KBDAZEL.DLL 2019-03-27 06:19 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll 2019-03-27 06:17 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe 2019-03-27 06:16 . 2019-02-10 16:43 1214176 ----a-w- c:\windows\system32\drivers\ntfs.sys 2019-03-27 06:15 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll 2019-03-27 06:15 . 2016-02-05 18:44 97792 ----a-w- c:\windows\system32\fveapibase.dll 2019-03-27 06:15 . 2016-02-05 17:33 15360 ----a-w- c:\windows\system32\tbs.dll 2019-03-27 06:15 . 2015-06-03 20:22 355456 ----a-w- c:\windows\system32\fveapi.dll 2019-03-27 06:15 . 2015-06-03 20:22 257864 ----a-w- c:\windows\system32\wbem\Win32_Tpm.dll 2019-03-27 06:11 . 2015-07-15 02:55 44032 ----a-w- c:\windows\system32\basesrv.dll 2019-03-27 06:10 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll 2019-03-27 06:10 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax 2019-03-27 06:10 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl 2019-03-27 06:10 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll 2019-03-27 06:05 . 2015-11-03 18:55 179712 ----a-w- c:\windows\system32\els.dll 2019-03-27 06:04 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys 2019-03-27 06:04 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys 2019-03-27 06:04 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2019-03-27 06:04 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll 2019-03-27 05:59 . 2015-07-22 17:53 635392 ----a-w- c:\windows\system32\tdh.dll 2019-03-27 05:59 . 2015-07-09 17:42 67584 ----a-w- c:\windows\system32\dwmapi.dll 2019-03-27 05:59 . 2015-07-09 17:42 1372160 ----a-w- c:\windows\system32\dwmcore.dll 2019-03-27 05:59 . 2012-06-06 05:05 143360 ----a-w- c:\program files\Common Files\System\ado\msjro.dll 2019-03-27 05:59 . 2012-06-06 05:05 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2019-03-27 05:59 . 2012-06-06 05:05 57344 ----a-w- c:\program files\Common Files\System\ado\msador15.dll 2019-03-27 05:59 . 2012-06-06 05:05 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2019-03-27 05:59 . 2012-06-06 05:05 212992 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2019-03-27 05:59 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll 2019-03-27 05:59 . 2014-06-18 01:51 646144 ----a-w- c:\windows\system32\osk.exe 2019-03-27 05:58 . 2016-01-21 00:51 57280 ----a-w- c:\windows\system32\drivers\disk.sys 2019-03-27 05:58 . 2016-01-22 06:04 642048 ----a-w- c:\windows\system32\CPFilters.dll 2019-03-27 05:58 . 2016-01-22 06:04 535040 ----a-w- c:\windows\system32\EncDec.dll 2019-03-27 05:58 . 2015-04-18 02:56 342016 ----a-w- c:\windows\system32\certcli.dll 2019-03-27 05:57 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll 2019-03-27 05:57 . 2015-12-08 21:53 509952 ----a-w- c:\windows\system32\qedit.dll 2019-03-27 05:55 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe 2019-03-27 05:53 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys 2019-03-27 05:53 . 2014-12-06 03:50 242688 ----a-w- c:\windows\system32\nlasvc.dll 2019-03-27 05:53 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll 2019-03-27 05:53 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll 2019-03-27 05:53 . 2015-06-01 23:47 210432 ----a-w- c:\windows\system32\cewmdm.dll 2019-03-27 05:53 . 2016-05-11 15:19 351744 ----a-w- c:\windows\system32\winhttp.dll 2019-03-27 05:53 . 2016-05-11 15:19 231424 ----a-w- c:\windows\system32\mswsock.dll 2019-03-27 05:53 . 2016-05-11 15:19 206336 ----a-w- c:\windows\system32\ws2_32.dll 2019-03-27 05:51 . 2015-04-24 17:56 530432 ----a-w- c:\windows\system32\comctl32.dll 2019-03-27 05:50 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll 2019-03-27 05:50 . 2011-02-12 05:35 191488 ----a-w- c:\windows\system32\FXSCOVER.exe 2019-03-27 05:49 . 2010-12-23 05:54 850944 ----a-w- c:\windows\system32\sbe.dll 2019-03-27 05:49 . 2010-12-23 05:50 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2019-03-27 05:49 . 2011-06-15 08:55 86016 ----a-w- c:\windows\system32\odbccu32.dll 2019-03-27 05:49 . 2011-06-15 08:55 81920 ----a-w- c:\windows\system32\odbccr32.dll 2019-03-27 05:49 . 2011-06-15 08:55 319488 ----a-w- c:\windows\system32\odbcjt32.dll 2019-03-27 05:49 . 2011-06-15 08:55 163840 ----a-w- c:\windows\system32\odbctrac.dll 2019-03-27 05:49 . 2011-06-15 08:55 122880 ----a-w- c:\windows\system32\odbccp32.dll 2019-03-27 05:49 . 2011-06-15 08:54 94208 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll 2019-03-27 05:49 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2019-03-26 13:33 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2019-03-12 04:02 . 2019-03-27 08:48 4608 ----a-w- c:\windows\system32\drivers\en-US\srv.sys.mui 2019-01-04 15:56 . 2019-03-27 06:17 2560 ----a-w- c:\windows\apppatch\AcRes.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1002984] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2019-03-26 280576] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP] 2009-12-07 18:36 75320 ----a-w- c:\windows\System32\DeviceNP.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ DPPassFilter scecli . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2019-02-26 104960] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696] R3 NisSrv;Inspekcja sieci firmy Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864] R3 OxPPort;OxPPort;c:\windows\system32\DRIVERS\OxPPort.sys [2008-07-31 82048] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2019-03-27 1343400] R4 ekrn;ESET Service;c:\program files\ESET\ESET Security\ekrn.exe [x] R4 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-12-07 362040] R4 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864] R4 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192] R4 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984] R4 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-14 635416] S0 SafeBoot;SafeBoot; [x] S0 SbAlg;SbAlg; [x] S0 SbFsLock;SbFsLock; [x] S1 RsvLock;RsvLock; [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-03 266344] . . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc utcsvc REG_MULTI_SZ DiagTrack . . ------- Skan uzupełniający ------- . uStart Page = about:blank Trusted Zone: //about.htm/ Trusted Zone: //Exclude.htm/ Trusted Zone: //FWEvent.htm/ Trusted Zone: //LanguageSelection.htm/ Trusted Zone: //Message.htm/ Trusted Zone: //MyAgttryCmd.htm/ Trusted Zone: //MyAgttryNag.htm/ Trusted Zone: //MyNotification.htm/ Trusted Zone: //NOCLessUpdate.htm/ Trusted Zone: //quarantine.htm/ Trusted Zone: //ScanNow.htm/ Trusted Zone: //strings.vbs/ Trusted Zone: //Template.htm/ Trusted Zone: //Update.htm/ Trusted Zone: //VirFound.htm/ Trusted Zone: mcafee.com\* Trusted Zone: mcafeeasap.com\betavscan Trusted Zone: mcafeeasap.com\vs Trusted Zone: mcafeeasap.com\www TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{AE0A6353-03DA-42F1-8F23-5AF11DBF6216}: NameServer = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\MarekS\AppData\Roaming\Mozilla\Firefox\Profiles\mdk3we5l.default\ FF - prefs.js: browser.startup.homepage - about:blank . - - - - USUNIĘTO PUSTE WPISY - - - - . SafeBoot-MBAMService . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'lsass.exe'(576) c:\windows\system32\DPFPApi.DLL . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Microsoft Security Client\MsMpEng.exe c:\windows\system32\taskhost.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\conhost.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Czas ukończenia: 2019-03-29 08:54:23 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2019-03-29 07:54 . Przed: 205 800 099 840 bajtów wolnych Po: 205 867 229 184 bajtów wolnych . - - End Of File - - 80B7C33E82ABB8E4FB0094FDBA3F0CDD EFFE75C97E8D63422C6379F40E5ECDC9 Prosze o pomoc
  2. ustasiak15
    Czy ktos moze mi pomoc w problemie w otczycie czy sa jakies wiusy i jak je usunac.
  3. ustasiak15
    ComboFix 18-08-08.01 - marekS 2019-01-17 9:21.1.2 - x86 Uruchomiony z: c:\users\marekS\Downloads\ComboFix.exe * Utworzono nowy punkt przywracania . . ((((((((((((((((((((((((( Pliki utworzone od 2018-12-17 do 2019-01-17 ))))))))))))))))))))))))))))))) . . 2019-01-17 08:29 . 2019-01-17 08:29 -------- d-----w- c:\users\Default\AppData\Local\temp 2019-01-17 07:26 . 2019-01-17 07:26 -------- d-----w- c:\programdata\bdch 2019-01-17 05:30 . 2019-01-17 05:30 75172 ----a-w- c:\programdata\agent.update.1547703003.bdinstall.v2.bin 2019-01-17 05:23 . 2019-01-17 05:23 -------- d-----w- c:\programdata\Bitdefender 2019-01-17 05:23 . 2018-12-03 16:06 241840 ----a-w- c:\windows\system32\drivers\edrsensor.sys 2019-01-17 05:23 . 2018-11-20 09:42 211248 ----a-w- c:\windows\system32\drivers\gzflt.sys 2019-01-17 05:22 . 2018-10-29 10:24 1115400 ----a-w- c:\windows\system32\drivers\atc.sys 2019-01-17 05:22 . 2018-12-04 16:28 255392 ----a-w- c:\windows\system32\drivers\bddci.sys 2019-01-17 05:22 . 2018-11-19 12:09 317808 ----a-w- c:\windows\system32\drivers\gemma.sys 2019-01-17 05:21 . 2018-12-07 04:10 522480 ----a-w- c:\windows\system32\drivers\trufos.sys 2019-01-17 05:17 . 2019-01-17 08:33 -------- d-----w- c:\program files\Bitdefender Antivirus Free 2019-01-17 05:05 . 2019-01-17 05:05 99420 ----a-w- c:\programdata\agent.1547701507.bdinstall.v2.bin 2019-01-17 05:05 . 2019-01-17 05:30 -------- d-----w- c:\program files\Bitdefender Agent 2019-01-17 05:05 . 2019-01-17 05:05 -------- d-----w- c:\programdata\Bitdefender Agent 2019-01-14 07:41 . 2019-01-14 07:41 -------- d-----w- c:\programdata\Licenses 2019-01-13 16:31 . 2019-01-13 16:31 -------- d-----w- c:\program files\FastStone Image Viewer 2019-01-13 08:35 . 2019-01-13 08:35 -------- d-----w- c:\programdata\Ashampoo 2019-01-13 08:35 . 2019-01-13 08:35 -------- d-----w- c:\program files\Ashampoo 2019-01-12 18:41 . 2019-01-12 18:41 -------- d-----w- c:\program files\Windows Live 2019-01-12 15:43 . 2019-01-12 15:47 842240 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2019-01-12 15:43 . 2019-01-12 15:47 175104 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2019-01-12 14:04 . 2019-01-12 14:04 -------- d-----w- c:\windows\system32\appraiser 2019-01-12 14:04 . 2019-01-12 14:04 -------- d-s---w- c:\windows\system32\CompatTel 2019-01-12 12:04 . 2011-03-11 05:39 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys 2019-01-12 12:04 . 2011-03-11 05:39 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys 2019-01-12 12:04 . 2011-03-11 05:38 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys 2019-01-12 12:04 . 2011-03-11 05:38 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys 2019-01-12 12:04 . 2011-03-11 05:38 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys 2019-01-12 12:04 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll 2019-01-12 12:04 . 2011-03-11 05:31 74240 ----a-w- c:\windows\system32\fsutil.exe 2019-01-12 11:58 . 2014-12-11 17:47 74240 ----a-w- c:\windows\system32\TSWbPrxy.exe 2019-01-12 11:58 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll 2019-01-12 11:58 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll 2019-01-12 11:58 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll 2019-01-12 11:58 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe 2019-01-12 11:55 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL 2019-01-12 11:55 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL 2019-01-12 11:54 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll 2019-01-12 11:02 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2019-01-12 11:02 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll 2019-01-12 10:56 . 2019-01-12 10:56 -------- d-----w- c:\program files\Mozilla Thunderbird 2019-01-12 10:55 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll 2019-01-12 10:55 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2019-01-12 10:55 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2019-01-12 10:55 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2019-01-12 10:55 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll 2019-01-12 10:55 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll 2019-01-12 10:55 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe 2019-01-12 10:31 . 2015-09-14 12:03 38520 ----a-w- c:\windows\system32\drivers\rtlivnry.sys 2019-01-12 09:14 . 2015-09-14 12:03 38520 ----a-w- c:\windows\system32\drivers\DasPtct.SYS 2019-01-12 07:57 . 2018-12-06 02:35 2405376 ----a-w- c:\windows\system32\win32k.sys 2019-01-12 07:47 . 2016-04-14 13:49 603648 ----a-w- c:\windows\system32\d3d10level9.dll 2019-01-11 18:56 . 2019-01-11 18:56 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2019-01-11 17:17 . 2017-04-27 22:50 3550208 ----a-w- c:\windows\system32\D3DCompiler_47.dll 2019-01-11 16:59 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2019-01-11 16:59 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2019-01-11 16:59 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2019-01-11 16:59 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2019-01-11 16:59 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll 2019-01-11 16:59 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2019-01-11 16:59 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2019-01-11 16:56 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll 2019-01-11 16:56 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll 2019-01-11 16:56 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe 2019-01-11 16:56 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe 2019-01-11 16:55 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2019-01-11 16:55 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll 2019-01-11 16:11 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2019-01-11 15:58 . 2016-01-22 06:04 642048 ----a-w- c:\windows\system32\CPFilters.dll 2019-01-11 15:58 . 2016-01-22 06:04 535040 ----a-w- c:\windows\system32\EncDec.dll 2019-01-11 15:57 . 2015-05-25 18:01 92160 ----a-w- c:\windows\system32\sechost.dll 2019-01-11 15:57 . 2015-05-25 18:00 364544 ----a-w- c:\windows\system32\tracerpt.exe 2019-01-11 15:57 . 2015-05-25 18:00 82944 ----a-w- c:\windows\system32\logman.exe 2019-01-11 15:57 . 2015-05-25 18:00 40448 ----a-w- c:\windows\system32\typeperf.exe 2019-01-11 15:57 . 2015-05-25 18:00 37888 ----a-w- c:\windows\system32\relog.exe 2019-01-11 15:57 . 2015-05-25 18:00 17408 ----a-w- c:\windows\system32\diskperf.exe 2019-01-11 15:56 . 2015-07-22 17:53 635392 ----a-w- c:\windows\system32\tdh.dll 2019-01-11 15:54 . 2015-04-18 02:56 342016 ----a-w- c:\windows\system32\certcli.dll 2019-01-11 15:54 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll 2019-01-11 15:54 . 2014-06-18 01:51 646144 ----a-w- c:\windows\system32\osk.exe 2019-01-11 15:54 . 2015-06-03 20:22 355456 ----a-w- c:\windows\system32\fveapi.dll 2019-01-11 15:54 . 2015-06-03 20:22 257864 ----a-w- c:\windows\system32\wbem\Win32_Tpm.dll 2019-01-11 15:54 . 2016-02-05 18:44 97792 ----a-w- c:\windows\system32\fveapibase.dll 2019-01-11 15:54 . 2016-02-05 17:33 15360 ----a-w- c:\windows\system32\tbs.dll 2019-01-11 15:54 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll 2019-01-11 15:52 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll 2019-01-11 15:51 . 2015-04-11 03:07 54656 ----a-w- c:\windows\system32\drivers\stream.sys 2019-01-11 15:22 . 2015-12-08 21:54 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL 2019-01-11 15:21 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2019-01-11 15:21 . 2012-11-28 22:57 9728 ----a-w- c:\windows\system32\Wdfres.dll 2019-01-11 15:21 . 2012-11-28 22:57 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2019-01-11 15:21 . 2015-02-04 02:54 417792 ----a-w- c:\windows\system32\WMPhoto.dll 2019-01-11 15:20 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2019-01-11 15:20 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp.dll 2019-01-11 15:20 . 2013-12-04 02:03 423936 ----a-w- c:\windows\system32\secproc_isv.dll 2019-01-11 15:20 . 2013-12-04 02:03 428032 ----a-w- c:\windows\system32\secproc.dll 2019-01-11 15:20 . 2013-12-04 02:02 390144 ----a-w- c:\windows\system32\msdrm.dll 2019-01-11 15:20 . 2013-12-04 01:54 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2019-01-11 15:20 . 2013-12-04 01:54 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe 2019-01-11 15:20 . 2013-12-04 01:54 572416 ----a-w- c:\windows\system32\RMActivate.exe 2019-01-11 15:20 . 2013-12-04 01:54 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2019-01-11 15:20 . 2015-04-24 17:56 530432 ----a-w- c:\windows\system32\comctl32.dll 2019-01-11 14:19 . 2019-01-11 14:19 -------- d-----w- c:\windows\system32\SPReview 2019-01-11 14:17 . 2019-01-11 14:17 -------- d-----w- c:\windows\system32\EventProviders 2019-01-11 14:13 . 2010-11-20 12:21 380416 ----a-w- c:\windows\system32\sxs.dll 2019-01-11 14:12 . 2010-11-20 12:05 35328 ----a-w- c:\windows\system32\pifmgr.dll 2019-01-11 12:28 . 2019-01-12 14:18 -------- d-----w- c:\program files\Mozilla Maintenance Service 2019-01-11 12:25 . 2019-01-11 12:25 -------- d-----w- c:\windows\pl 2019-01-11 12:22 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2019-01-11 12:22 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2019-01-11 12:22 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2019-01-11 12:17 . 2019-01-11 12:17 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\930395f11d4a9a71f\MeshBetaRemover.exe 2019-01-11 12:16 . 2019-01-11 12:16 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\DSETUP.dll 2019-01-11 12:16 . 2019-01-11 12:16 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\DXSETUP.exe 2019-01-11 12:16 . 2019-01-11 12:16 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\dsetup32.dll 2019-01-11 12:16 . 2019-01-11 12:16 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\DSETUP.dll 2019-01-11 12:16 . 2019-01-11 12:16 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\DXSETUP.exe 2019-01-11 12:16 . 2019-01-11 12:16 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\dsetup32.dll 2019-01-11 12:11 . 2019-01-11 13:25 -------- d-----w- c:\windows\system32\MRT 2019-01-11 12:10 . 2019-01-11 12:10 127229528 -c--a-w- c:\windows\system32\MRT-KB890830.exe 2019-01-11 11:13 . 2019-01-11 11:12 12051024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{674FD43E-FF81-4B20-B884-CCBC3AFBE557}\mpengine.dll 2019-01-11 11:12 . 2018-12-10 22:04 499424 ------w- c:\windows\system32\MpSigStub.exe 2019-01-11 11:08 . 2016-06-25 15:43 301056 ----a-w- c:\windows\system32\EOSNotify.exe 2019-01-11 10:55 . 2019-01-11 10:55 -------- d-----r- C:\360SANDBOX 2019-01-11 10:21 . 2019-01-11 10:21 -------- d-----w- C:\2a4b8497829f5ea2e55582 . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2019-01-11 14:25 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2019-01-11 12:23 . 2010-06-24 10:33 34496 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2019-01-11 280576] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP] 2009-12-07 18:36 75320 ----a-w- c:\windows\System32\DeviceNP.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ DPPassFilter scecli . R1 epp;epp;c:\eek\bin32\epp.sys [x] R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312] R3 DfSdkS;Usługa defragmentacji;c:\program files\Ashampoo\Ashampoo Uninstaller 2017\DfSdkS.exe [2009-08-24 406016] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2018-12-27 104960] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [x] R3 OxPPort;OxPPort;c:\windows\system32\DRIVERS\OxPPort.sys [2008-07-31 82048] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152] R4 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-12-07 362040] R4 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864] R4 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192] R4 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984] R4 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-14 635416] S0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2018-11-20 211248] S0 SafeBoot;SafeBoot; [x] S0 SbAlg;SbAlg; [x] S0 SbFsLock;SbFsLock; [x] S1 atc;atc;c:\windows\system32\DRIVERS\atc.sys [2018-10-29 1115400] S1 Gemma;Gemma;c:\windows\system32\DRIVERS\gemma.sys [2018-11-19 317808] S1 RsvLock;RsvLock; [x] S2 BdDci;BdDci Service;c:\windows\system32\DRIVERS\bddci.sys [2018-12-04 255392] S2 bdredline;bdredline;c:\program files\Bitdefender Antivirus Free\bdredline.exe [2018-03-22 1929240] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992] S2 ProductAgentService;ProductAgentService;c:\program files\Bitdefender Agent\ProductAgentService.exe [2018-11-15 1293936] S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032] S2 UI5IFS;Ashampoo Uninstaller FileSystemChanges Driver;c:\program files\Ashampoo\Ashampoo Uninstaller 2017\IFS32.sys [2015-12-07 27736] S2 updatesrv;Bitdefender Update Service;c:\program files\Bitdefender Antivirus Free\updatesrv.exe [2018-11-13 240936] S2 vsservppl;Bitdefender Correlation Service;c:\program files\Bitdefender Antivirus Free\vsservppl.exe [2018-11-13 240936] S3 edrsensor;edrsensor;c:\windows\system32\DRIVERS\edrsensor.sys [2018-12-03 241840] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-03 266344] . . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc utcsvc REG_MULTI_SZ DiagTrack . Zawartość folderu 'Zaplanowane zadania' . 2019-01-17 c:\windows\Tasks\AdwCleaner_onReboot.job - c:\users\marekS\Downloads\adwcleaner_7.2.6.0.exe [2019-01-11 17:43] . . ------- Skan uzupełniający ------- . uStart Page = about:blank uDefault_Search_URL = hxxp://go.microsoft.com mStart Page = about:blank Trusted Zone: //about.htm/ Trusted Zone: //Exclude.htm/ Trusted Zone: //FWEvent.htm/ Trusted Zone: //LanguageSelection.htm/ Trusted Zone: //Message.htm/ Trusted Zone: //MyAgttryCmd.htm/ Trusted Zone: //MyAgttryNag.htm/ Trusted Zone: //MyNotification.htm/ Trusted Zone: //NOCLessUpdate.htm/ Trusted Zone: //quarantine.htm/ Trusted Zone: //ScanNow.htm/ Trusted Zone: //strings.vbs/ Trusted Zone: //Template.htm/ Trusted Zone: //Update.htm/ Trusted Zone: //VirFound.htm/ Trusted Zone: mcafee.com\* Trusted Zone: mcafeeasap.com\betavscan Trusted Zone: mcafeeasap.com\vs Trusted Zone: mcafeeasap.com\www TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{AE0A6353-03DA-42F1-8F23-5AF11DBF6216}: NameServer = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\marekS\AppData\Roaming\Mozilla\Firefox\Profiles\blf8b9uv.default-1547362238930\ . - - - - USUNIĘTO PUSTE WPISY - - - - . AddRemove-HP Remote Solution - c:\programdata\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}\HP_Remote_Solution_Install.exe AddRemove-{C611CF88-969D-43E6-A877-D6D6439DD081} - c:\programdata\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}\HP_Remote_Solution_Install.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-3407625709-3377507047-3563137500-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_32_0_0_114_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_32_0_0_114_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'lsass.exe'(652) c:\windows\system32\DPFPApi.DLL . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\taskhost.exe c:\program files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe c:\program files\Bitdefender Antivirus Free\vsserv.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conhost.exe c:\program files\Bitdefender Antivirus Free\bdagent.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnscfg.exe . ************************************************************************** . Czas ukończenia: 2019-01-17 09:37:15 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2019-01-17 08:37 . Przed: 209 259 171 840 bajtów wolnych Po: 209 216 393 216 bajtów wolnych . - - End Of File - - 503AFBD91001552889E66361CEDF32EE EFFE75C97E8D63422C6379F40E5ECDC9
×
×
  • Dodaj nową pozycję...