ustasiak15
-
Postów
3 -
Dołączył
-
Ostatnia wizyta
Odpowiedzi opublikowane przez ustasiak15
-
-
Czy ktos moze mi pomoc w problemie w otczycie czy sa jakies wiusy i jak je usunac.
-
ComboFix 18-08-08.01 - marekS 2019-01-17 9:21.1.2 - x86
Uruchomiony z: c:\users\marekS\Downloads\ComboFix.exe
* Utworzono nowy punkt przywracania
.
.
((((((((((((((((((((((((( Pliki utworzone od 2018-12-17 do 2019-01-17 )))))))))))))))))))))))))))))))
.
.
2019-01-17 08:29 . 2019-01-17 08:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2019-01-17 07:26 . 2019-01-17 07:26 -------- d-----w- c:\programdata\bdch
2019-01-17 05:30 . 2019-01-17 05:30 75172 ----a-w- c:\programdata\agent.update.1547703003.bdinstall.v2.bin
2019-01-17 05:23 . 2019-01-17 05:23 -------- d-----w- c:\programdata\Bitdefender
2019-01-17 05:23 . 2018-12-03 16:06 241840 ----a-w- c:\windows\system32\drivers\edrsensor.sys
2019-01-17 05:23 . 2018-11-20 09:42 211248 ----a-w- c:\windows\system32\drivers\gzflt.sys
2019-01-17 05:22 . 2018-10-29 10:24 1115400 ----a-w- c:\windows\system32\drivers\atc.sys
2019-01-17 05:22 . 2018-12-04 16:28 255392 ----a-w- c:\windows\system32\drivers\bddci.sys
2019-01-17 05:22 . 2018-11-19 12:09 317808 ----a-w- c:\windows\system32\drivers\gemma.sys
2019-01-17 05:21 . 2018-12-07 04:10 522480 ----a-w- c:\windows\system32\drivers\trufos.sys
2019-01-17 05:17 . 2019-01-17 08:33 -------- d-----w- c:\program files\Bitdefender Antivirus Free
2019-01-17 05:05 . 2019-01-17 05:05 99420 ----a-w- c:\programdata\agent.1547701507.bdinstall.v2.bin
2019-01-17 05:05 . 2019-01-17 05:30 -------- d-----w- c:\program files\Bitdefender Agent
2019-01-17 05:05 . 2019-01-17 05:05 -------- d-----w- c:\programdata\Bitdefender Agent
2019-01-14 07:41 . 2019-01-14 07:41 -------- d-----w- c:\programdata\Licenses
2019-01-13 16:31 . 2019-01-13 16:31 -------- d-----w- c:\program files\FastStone Image Viewer
2019-01-13 08:35 . 2019-01-13 08:35 -------- d-----w- c:\programdata\Ashampoo
2019-01-13 08:35 . 2019-01-13 08:35 -------- d-----w- c:\program files\Ashampoo
2019-01-12 18:41 . 2019-01-12 18:41 -------- d-----w- c:\program files\Windows Live
2019-01-12 15:43 . 2019-01-12 15:47 842240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2019-01-12 15:43 . 2019-01-12 15:47 175104 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2019-01-12 14:04 . 2019-01-12 14:04 -------- d-----w- c:\windows\system32\appraiser
2019-01-12 14:04 . 2019-01-12 14:04 -------- d-s---w- c:\windows\system32\CompatTel
2019-01-12 12:04 . 2011-03-11 05:39 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2019-01-12 12:04 . 2011-03-11 05:39 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2019-01-12 12:04 . 2011-03-11 05:38 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2019-01-12 12:04 . 2011-03-11 05:38 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2019-01-12 12:04 . 2011-03-11 05:38 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2019-01-12 12:04 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2019-01-12 12:04 . 2011-03-11 05:31 74240 ----a-w- c:\windows\system32\fsutil.exe
2019-01-12 11:58 . 2014-12-11 17:47 74240 ----a-w- c:\windows\system32\TSWbPrxy.exe
2019-01-12 11:58 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll
2019-01-12 11:58 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll
2019-01-12 11:58 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll
2019-01-12 11:58 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe
2019-01-12 11:55 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2019-01-12 11:55 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2019-01-12 11:54 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2019-01-12 11:02 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2019-01-12 11:02 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2019-01-12 10:56 . 2019-01-12 10:56 -------- d-----w- c:\program files\Mozilla Thunderbird
2019-01-12 10:55 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2019-01-12 10:55 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2019-01-12 10:55 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2019-01-12 10:55 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2019-01-12 10:55 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2019-01-12 10:55 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2019-01-12 10:55 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe
2019-01-12 10:31 . 2015-09-14 12:03 38520 ----a-w- c:\windows\system32\drivers\rtlivnry.sys
2019-01-12 09:14 . 2015-09-14 12:03 38520 ----a-w- c:\windows\system32\drivers\DasPtct.SYS
2019-01-12 07:57 . 2018-12-06 02:35 2405376 ----a-w- c:\windows\system32\win32k.sys
2019-01-12 07:47 . 2016-04-14 13:49 603648 ----a-w- c:\windows\system32\d3d10level9.dll
2019-01-11 18:56 . 2019-01-11 18:56 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-01-11 17:17 . 2017-04-27 22:50 3550208 ----a-w- c:\windows\system32\D3DCompiler_47.dll
2019-01-11 16:59 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2019-01-11 16:59 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2019-01-11 16:59 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2019-01-11 16:59 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2019-01-11 16:59 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2019-01-11 16:59 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2019-01-11 16:59 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2019-01-11 16:56 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
2019-01-11 16:56 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
2019-01-11 16:56 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
2019-01-11 16:56 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2019-01-11 16:55 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2019-01-11 16:55 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2019-01-11 16:11 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-01-11 15:58 . 2016-01-22 06:04 642048 ----a-w- c:\windows\system32\CPFilters.dll
2019-01-11 15:58 . 2016-01-22 06:04 535040 ----a-w- c:\windows\system32\EncDec.dll
2019-01-11 15:57 . 2015-05-25 18:01 92160 ----a-w- c:\windows\system32\sechost.dll
2019-01-11 15:57 . 2015-05-25 18:00 364544 ----a-w- c:\windows\system32\tracerpt.exe
2019-01-11 15:57 . 2015-05-25 18:00 82944 ----a-w- c:\windows\system32\logman.exe
2019-01-11 15:57 . 2015-05-25 18:00 40448 ----a-w- c:\windows\system32\typeperf.exe
2019-01-11 15:57 . 2015-05-25 18:00 37888 ----a-w- c:\windows\system32\relog.exe
2019-01-11 15:57 . 2015-05-25 18:00 17408 ----a-w- c:\windows\system32\diskperf.exe
2019-01-11 15:56 . 2015-07-22 17:53 635392 ----a-w- c:\windows\system32\tdh.dll
2019-01-11 15:54 . 2015-04-18 02:56 342016 ----a-w- c:\windows\system32\certcli.dll
2019-01-11 15:54 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2019-01-11 15:54 . 2014-06-18 01:51 646144 ----a-w- c:\windows\system32\osk.exe
2019-01-11 15:54 . 2015-06-03 20:22 355456 ----a-w- c:\windows\system32\fveapi.dll
2019-01-11 15:54 . 2015-06-03 20:22 257864 ----a-w- c:\windows\system32\wbem\Win32_Tpm.dll
2019-01-11 15:54 . 2016-02-05 18:44 97792 ----a-w- c:\windows\system32\fveapibase.dll
2019-01-11 15:54 . 2016-02-05 17:33 15360 ----a-w- c:\windows\system32\tbs.dll
2019-01-11 15:54 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2019-01-11 15:52 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2019-01-11 15:51 . 2015-04-11 03:07 54656 ----a-w- c:\windows\system32\drivers\stream.sys
2019-01-11 15:22 . 2015-12-08 21:54 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2019-01-11 15:21 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2019-01-11 15:21 . 2012-11-28 22:57 9728 ----a-w- c:\windows\system32\Wdfres.dll
2019-01-11 15:21 . 2012-11-28 22:57 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2019-01-11 15:21 . 2015-02-04 02:54 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2019-01-11 15:20 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2019-01-11 15:20 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2019-01-11 15:20 . 2013-12-04 02:03 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2019-01-11 15:20 . 2013-12-04 02:03 428032 ----a-w- c:\windows\system32\secproc.dll
2019-01-11 15:20 . 2013-12-04 02:02 390144 ----a-w- c:\windows\system32\msdrm.dll
2019-01-11 15:20 . 2013-12-04 01:54 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2019-01-11 15:20 . 2013-12-04 01:54 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2019-01-11 15:20 . 2013-12-04 01:54 572416 ----a-w- c:\windows\system32\RMActivate.exe
2019-01-11 15:20 . 2013-12-04 01:54 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2019-01-11 15:20 . 2015-04-24 17:56 530432 ----a-w- c:\windows\system32\comctl32.dll
2019-01-11 14:19 . 2019-01-11 14:19 -------- d-----w- c:\windows\system32\SPReview
2019-01-11 14:17 . 2019-01-11 14:17 -------- d-----w- c:\windows\system32\EventProviders
2019-01-11 14:13 . 2010-11-20 12:21 380416 ----a-w- c:\windows\system32\sxs.dll
2019-01-11 14:12 . 2010-11-20 12:05 35328 ----a-w- c:\windows\system32\pifmgr.dll
2019-01-11 12:28 . 2019-01-12 14:18 -------- d-----w- c:\program files\Mozilla Maintenance Service
2019-01-11 12:25 . 2019-01-11 12:25 -------- d-----w- c:\windows\pl
2019-01-11 12:22 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2019-01-11 12:22 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2019-01-11 12:22 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2019-01-11 12:17 . 2019-01-11 12:17 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\930395f11d4a9a71f\MeshBetaRemover.exe
2019-01-11 12:16 . 2019-01-11 12:16 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\DSETUP.dll
2019-01-11 12:16 . 2019-01-11 12:16 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\DXSETUP.exe
2019-01-11 12:16 . 2019-01-11 12:16 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\dsetup32.dll
2019-01-11 12:16 . 2019-01-11 12:16 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\DSETUP.dll
2019-01-11 12:16 . 2019-01-11 12:16 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\DXSETUP.exe
2019-01-11 12:16 . 2019-01-11 12:16 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\dsetup32.dll
2019-01-11 12:11 . 2019-01-11 13:25 -------- d-----w- c:\windows\system32\MRT
2019-01-11 12:10 . 2019-01-11 12:10 127229528 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2019-01-11 11:13 . 2019-01-11 11:12 12051024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{674FD43E-FF81-4B20-B884-CCBC3AFBE557}\mpengine.dll
2019-01-11 11:12 . 2018-12-10 22:04 499424 ------w- c:\windows\system32\MpSigStub.exe
2019-01-11 11:08 . 2016-06-25 15:43 301056 ----a-w- c:\windows\system32\EOSNotify.exe
2019-01-11 10:55 . 2019-01-11 10:55 -------- d-----r- C:\360SANDBOX
2019-01-11 10:21 . 2019-01-11 10:21 -------- d-----w- C:\2a4b8497829f5ea2e55582
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-01-11 14:25 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2019-01-11 12:23 . 2010-06-24 10:33 34496 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2019-01-11 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-12-07 18:36 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R1 epp;epp;c:\eek\bin32\epp.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
R3 DfSdkS;Usługa defragmentacji;c:\program files\Ashampoo\Ashampoo Uninstaller 2017\DfSdkS.exe [2009-08-24 406016]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2018-12-27 104960]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [x]
R3 OxPPort;OxPPort;c:\windows\system32\DRIVERS\OxPPort.sys [2008-07-31 82048]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R4 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-12-07 362040]
R4 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
R4 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
R4 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R4 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2018-11-20 211248]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 atc;atc;c:\windows\system32\DRIVERS\atc.sys [2018-10-29 1115400]
S1 Gemma;Gemma;c:\windows\system32\DRIVERS\gemma.sys [2018-11-19 317808]
S1 RsvLock;RsvLock; [x]
S2 BdDci;BdDci Service;c:\windows\system32\DRIVERS\bddci.sys [2018-12-04 255392]
S2 bdredline;bdredline;c:\program files\Bitdefender Antivirus Free\bdredline.exe [2018-03-22 1929240]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ProductAgentService;ProductAgentService;c:\program files\Bitdefender Agent\ProductAgentService.exe [2018-11-15 1293936]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 UI5IFS;Ashampoo Uninstaller FileSystemChanges Driver;c:\program files\Ashampoo\Ashampoo Uninstaller 2017\IFS32.sys [2015-12-07 27736]
S2 updatesrv;Bitdefender Update Service;c:\program files\Bitdefender Antivirus Free\updatesrv.exe [2018-11-13 240936]
S2 vsservppl;Bitdefender Correlation Service;c:\program files\Bitdefender Antivirus Free\vsservppl.exe [2018-11-13 240936]
S3 edrsensor;edrsensor;c:\windows\system32\DRIVERS\edrsensor.sys [2018-12-03 241840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-03 266344]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
Zawartość folderu 'Zaplanowane zadania'
.
2019-01-17 c:\windows\Tasks\AdwCleaner_onReboot.job
- c:\users\marekS\Downloads\adwcleaner_7.2.6.0.exe [2019-01-11 17:43]
.
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://go.microsoft.com
mStart Page = about:blank
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{AE0A6353-03DA-42F1-8F23-5AF11DBF6216}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\marekS\AppData\Roaming\Mozilla\Firefox\Profiles\blf8b9uv.default-1547362238930\
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-HP Remote Solution - c:\programdata\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}\HP_Remote_Solution_Install.exe
AddRemove-{C611CF88-969D-43E6-A877-D6D6439DD081} - c:\programdata\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}\HP_Remote_Solution_Install.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3407625709-3377507047-3563137500-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_32_0_0_114_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_32_0_0_114_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'lsass.exe'(652)
c:\windows\system32\DPFPApi.DLL
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files\Bitdefender Antivirus Free\vsserv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\Bitdefender Antivirus Free\bdagent.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnscfg.exe
.
**************************************************************************
.
Czas ukończenia: 2019-01-17 09:37:15 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2019-01-17 08:37
.
Przed: 209 259 171 840 bajtów wolnych
Po: 209 216 393 216 bajtów wolnych
.
- - End Of File - - 503AFBD91001552889E66361CEDF32EE
EFFE75C97E8D63422C6379F40E5ECDC9
Pomoc log ComboFix
w Windows 7
Opublikowano
ComboFix 18-08-08.01 - MarekS 2019-03-29 8:42.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.2013.1041 [GMT 1:00]
Uruchomiony z: c:\users\MarekS\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Pliki utworzone od 2019-02-28 do 2019-03-29 )))))))))))))))))))))))))))))))
.
.
2019-03-29 07:50 . 2019-03-29 07:50 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C31D5885-131D-4A68-9ED6-C97CD998EBBE}\offreg.844.dll
2019-03-29 05:35 . 2019-03-26 18:56 12248736 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C31D5885-131D-4A68-9ED6-C97CD998EBBE}\mpengine.dll
2019-03-28 18:06 . 2017-03-07 15:06 221184 ----a-w- c:\windows\system32\rdpudd.dll
2019-03-28 18:06 . 2017-03-07 15:06 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2019-03-28 18:06 . 2017-03-07 15:06 2746880 ----a-w- c:\windows\system32\rdpcorets.dll
2019-03-28 13:20 . 2019-03-26 18:56 12248736 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2019-03-28 08:59 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2019-03-28 08:59 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2019-03-28 08:18 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2019-03-28 07:43 . 2019-03-28 07:43 -------- d-----w- c:\programdata\Emsisoft
2019-03-28 07:41 . 2019-03-28 08:57 -------- d-----w- C:\EEK
2019-03-28 04:31 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
2019-03-28 04:31 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
2019-03-28 04:31 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
2019-03-28 04:30 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2019-03-27 13:45 . 2016-04-14 13:49 603648 ----a-w- c:\windows\system32\d3d10level9.dll
2019-03-27 13:45 . 2015-12-08 21:54 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2019-03-27 13:45 . 2015-02-04 02:54 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2019-03-27 12:07 . 2019-03-27 12:07 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-03-27 12:03 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-03-27 11:53 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2019-03-27 11:53 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2019-03-27 11:53 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2019-03-27 11:53 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll
2019-03-27 11:53 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll
2019-03-27 11:53 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll
2019-03-27 11:53 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe
2019-03-27 11:53 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2019-03-27 11:53 . 2015-07-09 17:42 179712 ----a-w- c:\windows\system32\notepad.exe
2019-03-27 11:53 . 2015-07-09 17:42 179712 ----a-w- c:\windows\notepad.exe
2019-03-27 11:53 . 2014-12-11 17:47 74240 ----a-w- c:\windows\system32\TSWbPrxy.exe
2019-03-27 11:52 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2019-03-27 11:52 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2019-03-27 11:52 . 2019-02-16 05:30 123904 ----a-w- c:\windows\system32\poqexec.exe
2019-03-27 11:51 . 2016-02-04 18:41 296448 ----a-w- c:\windows\system32\mfds.dll
2019-03-27 11:49 . 2016-03-09 18:40 316416 ----a-w- c:\windows\system32\webio.dll
2019-03-27 11:49 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2019-03-27 11:49 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2019-03-27 11:49 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2019-03-27 11:49 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2019-03-27 11:49 . 2015-01-29 03:02 844288 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2019-03-27 11:49 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2019-03-27 11:49 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2019-03-27 11:49 . 2014-11-11 02:44 186880 ----a-w- c:\windows\system32\pku2u.dll
2019-03-27 11:49 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2019-03-27 11:48 . 2016-02-09 09:50 21504 ----a-w- c:\windows\system32\seclogon.dll
2019-03-27 11:47 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2019-03-27 11:47 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2019-03-27 10:53 . 2019-03-27 10:53 -------- d-s---w- c:\windows\system32\CompatTel
2019-03-27 10:53 . 2019-03-27 10:53 -------- d-----w- c:\windows\system32\appraiser
2019-03-27 10:52 . 2019-03-27 10:52 -------- d-----w- c:\windows\system32\Wat
2019-03-27 09:42 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2019-03-27 09:42 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2019-03-27 09:42 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2019-03-27 09:42 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2019-03-27 09:42 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2019-03-27 09:42 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2019-03-27 09:42 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe
2019-03-27 09:10 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2019-03-27 09:10 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2019-03-27 09:10 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2019-03-27 09:10 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2019-03-27 09:10 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2019-03-27 09:10 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2019-03-27 09:10 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2019-03-27 09:09 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2019-03-27 09:09 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2019-03-27 08:54 . 2017-04-27 22:50 3550208 ----a-w- c:\windows\system32\D3DCompiler_47.dll
2019-03-27 08:44 . 2015-12-16 18:43 6144 ----a-w- c:\windows\system32\kbdgeoqw.dll
2019-03-27 08:44 . 2015-12-16 18:43 6144 ----a-w- c:\windows\system32\KBDAZEL.DLL
2019-03-27 06:19 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll
2019-03-27 06:17 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2019-03-27 06:16 . 2019-02-10 16:43 1214176 ----a-w- c:\windows\system32\drivers\ntfs.sys
2019-03-27 06:15 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2019-03-27 06:15 . 2016-02-05 18:44 97792 ----a-w- c:\windows\system32\fveapibase.dll
2019-03-27 06:15 . 2016-02-05 17:33 15360 ----a-w- c:\windows\system32\tbs.dll
2019-03-27 06:15 . 2015-06-03 20:22 355456 ----a-w- c:\windows\system32\fveapi.dll
2019-03-27 06:15 . 2015-06-03 20:22 257864 ----a-w- c:\windows\system32\wbem\Win32_Tpm.dll
2019-03-27 06:11 . 2015-07-15 02:55 44032 ----a-w- c:\windows\system32\basesrv.dll
2019-03-27 06:10 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2019-03-27 06:10 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2019-03-27 06:10 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2019-03-27 06:10 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2019-03-27 06:05 . 2015-11-03 18:55 179712 ----a-w- c:\windows\system32\els.dll
2019-03-27 06:04 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2019-03-27 06:04 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2019-03-27 06:04 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2019-03-27 06:04 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2019-03-27 05:59 . 2015-07-22 17:53 635392 ----a-w- c:\windows\system32\tdh.dll
2019-03-27 05:59 . 2015-07-09 17:42 67584 ----a-w- c:\windows\system32\dwmapi.dll
2019-03-27 05:59 . 2015-07-09 17:42 1372160 ----a-w- c:\windows\system32\dwmcore.dll
2019-03-27 05:59 . 2012-06-06 05:05 143360 ----a-w- c:\program files\Common Files\System\ado\msjro.dll
2019-03-27 05:59 . 2012-06-06 05:05 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2019-03-27 05:59 . 2012-06-06 05:05 57344 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2019-03-27 05:59 . 2012-06-06 05:05 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2019-03-27 05:59 . 2012-06-06 05:05 212992 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2019-03-27 05:59 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2019-03-27 05:59 . 2014-06-18 01:51 646144 ----a-w- c:\windows\system32\osk.exe
2019-03-27 05:58 . 2016-01-21 00:51 57280 ----a-w- c:\windows\system32\drivers\disk.sys
2019-03-27 05:58 . 2016-01-22 06:04 642048 ----a-w- c:\windows\system32\CPFilters.dll
2019-03-27 05:58 . 2016-01-22 06:04 535040 ----a-w- c:\windows\system32\EncDec.dll
2019-03-27 05:58 . 2015-04-18 02:56 342016 ----a-w- c:\windows\system32\certcli.dll
2019-03-27 05:57 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2019-03-27 05:57 . 2015-12-08 21:53 509952 ----a-w- c:\windows\system32\qedit.dll
2019-03-27 05:55 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2019-03-27 05:53 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2019-03-27 05:53 . 2014-12-06 03:50 242688 ----a-w- c:\windows\system32\nlasvc.dll
2019-03-27 05:53 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2019-03-27 05:53 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2019-03-27 05:53 . 2015-06-01 23:47 210432 ----a-w- c:\windows\system32\cewmdm.dll
2019-03-27 05:53 . 2016-05-11 15:19 351744 ----a-w- c:\windows\system32\winhttp.dll
2019-03-27 05:53 . 2016-05-11 15:19 231424 ----a-w- c:\windows\system32\mswsock.dll
2019-03-27 05:53 . 2016-05-11 15:19 206336 ----a-w- c:\windows\system32\ws2_32.dll
2019-03-27 05:51 . 2015-04-24 17:56 530432 ----a-w- c:\windows\system32\comctl32.dll
2019-03-27 05:50 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2019-03-27 05:50 . 2011-02-12 05:35 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2019-03-27 05:49 . 2010-12-23 05:54 850944 ----a-w- c:\windows\system32\sbe.dll
2019-03-27 05:49 . 2010-12-23 05:50 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2019-03-27 05:49 . 2011-06-15 08:55 86016 ----a-w- c:\windows\system32\odbccu32.dll
2019-03-27 05:49 . 2011-06-15 08:55 81920 ----a-w- c:\windows\system32\odbccr32.dll
2019-03-27 05:49 . 2011-06-15 08:55 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2019-03-27 05:49 . 2011-06-15 08:55 163840 ----a-w- c:\windows\system32\odbctrac.dll
2019-03-27 05:49 . 2011-06-15 08:55 122880 ----a-w- c:\windows\system32\odbccp32.dll
2019-03-27 05:49 . 2011-06-15 08:54 94208 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2019-03-27 05:49 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-03-26 13:33 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2019-03-12 04:02 . 2019-03-27 08:48 4608 ----a-w- c:\windows\system32\drivers\en-US\srv.sys.mui
2019-01-04 15:56 . 2019-03-27 06:17 2560 ----a-w- c:\windows\apppatch\AcRes.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1002984]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2019-03-26 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-12-07 18:36 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2019-02-26 104960]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 NisSrv;Inspekcja sieci firmy Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
R3 OxPPort;OxPPort;c:\windows\system32\DRIVERS\OxPPort.sys [2008-07-31 82048]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2019-03-27 1343400]
R4 ekrn;ESET Service;c:\program files\ESET\ESET Security\ekrn.exe [x]
R4 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-12-07 362040]
R4 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
R4 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
R4 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R4 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 RsvLock;RsvLock; [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-03 266344]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{AE0A6353-03DA-42F1-8F23-5AF11DBF6216}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\MarekS\AppData\Roaming\Mozilla\Firefox\Profiles\mdk3we5l.default\
FF - prefs.js: browser.startup.homepage - about:blank
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
SafeBoot-MBAMService
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'lsass.exe'(576)
c:\windows\system32\DPFPApi.DLL
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Czas ukończenia: 2019-03-29 08:54:23 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2019-03-29 07:54
.
Przed: 205 800 099 840 bajtów wolnych
Po: 205 867 229 184 bajtów wolnych
.
- - End Of File - - 80B7C33E82ABB8E4FB0094FDBA3F0CDD
EFFE75C97E8D63422C6379F40E5ECDC9
Prosze o pomoc