wklejto.pl

Dodane przez: ~Anonim (2014-09-12 19:29) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
ComboFix 14-09-12.01 - Maciek 2014-09-12  19:11:17.14.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.3691.2144 [GMT 2:00]
Uruchomiony z: c:\users\Maciek\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Local Settings\Temp
c:\programdata\Local Settings\Temp\msbyuve.com
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2014-08-12 do 2014-09-12  )))))))))))))))))))))))))))))))
.
.
2014-09-12 17:22 . 2014-09-12 17:22     --------        d-----w-        c:\users\Public\AppData\Local\temp
2014-09-12 17:22 . 2014-09-12 17:22     --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-09-12 16:58 . 2014-09-12 17:02     --------        d-----w-        C:\FRST
2014-09-10 18:33 . 2014-06-27 02:08     2777088 ----a-w-        c:\windows\system32\msmpeg2vdec.dll
2014-09-10 18:33 . 2014-06-27 01:45     2285056 ----a-w-        c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 14:37 . 2014-08-01 11:53     1031168 ----a-w-        c:\windows\system32\TSWorkspace.dll
2014-09-10 14:37 . 2014-08-01 11:35     793600  ----a-w-        c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 14:37 . 2014-06-24 03:29     2565120 ----a-w-        c:\windows\system32\d3d10warp.dll
2014-09-10 14:37 . 2014-06-24 02:59     1987584 ----a-w-        c:\windows\SysWow64\d3d10warp.dll
2014-09-10 14:37 . 2014-07-07 02:06     728064  ----a-w-        c:\windows\system32\kerberos.dll
2014-09-10 14:37 . 2014-07-07 01:40     550912  ----a-w-        c:\windows\SysWow64\kerberos.dll
2014-09-10 14:36 . 2014-07-07 02:06     1460736 ----a-w-        c:\windows\system32\lsasrv.dll
2014-09-10 14:36 . 2014-07-07 01:40     22016   ----a-w-        c:\windows\SysWow64\secur32.dll
2014-09-10 14:36 . 2014-07-07 01:39     96768   ----a-w-        c:\windows\SysWow64\sspicli.dll
2014-09-10 14:36 . 2014-09-05 02:10     578048  ----a-w-        c:\windows\system32\aepdu.dll
2014-09-10 14:36 . 2014-09-05 02:05     424448  ----a-w-        c:\windows\system32\aeinv.dll
2014-08-30 08:34 . 2014-09-12 16:05     --------        d-----w-        c:\programdata\PLAY ONLINE
2014-08-28 04:12 . 2014-08-23 02:07     404480  ----a-w-        c:\windows\system32\gdi32.dll
2014-08-28 04:12 . 2014-08-23 01:45     311808  ----a-w-        c:\windows\SysWow64\gdi32.dll
2014-08-28 04:12 . 2014-08-23 00:59     3163648 ----a-w-        c:\windows\system32\win32k.sys
2014-08-24 06:07 . 2010-08-30 06:34     536576  ----a-w-        c:\windows\SysWow64\sqlite3.dll
2014-08-23 11:23 . 2014-08-23 11:20     8192    ----a-w-        c:\windows\SysWow64\srvany.exe
2014-08-23 11:09 . 2014-08-23 11:09     --------        d-----w-        c:\program files (x86)\Microsoft Synchronization Services
2014-08-23 11:08 . 2014-08-23 11:08     --------        d-----w-        c:\windows\PCHEALTH
2014-08-23 11:08 . 2014-08-23 11:08     --------        d-----w-        c:\program files (x86)\Microsoft Sync Framework
2014-08-23 11:05 . 2014-08-23 11:05     --------        d-----w-        c:\program files (x86)\Microsoft Visual Studio 8
2014-08-23 11:04 . 2014-08-23 11:10     --------        d-----w-        c:\windows\SHELLNEW
2014-08-23 11:04 . 2014-08-23 11:04     --------        d-----w-        c:\program files (x86)\Microsoft Analysis Services
2014-08-23 11:02 . 2014-08-23 11:02     --------        d-----r-        C:\MSOCache
2014-08-23 07:03 . 2014-08-23 07:03     --------        d-----w-        c:\program files (x86)\MSECache
2014-08-23 06:48 . 2014-09-12 17:21     --------        d-----w-        c:\programdata\Local Settings
2014-08-23 06:48 . 2014-08-23 11:20     --------        d-----w-        c:\program files (x86)\MS OFFICE 2010 Aktywator
2014-08-15 05:48 . 2014-08-15 05:48     --------        d-----w-        c:\program files (x86)\Common Files\Java
2014-08-15 05:47 . 2014-08-15 05:47     98216   ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-14 21:31 . 2014-03-09 21:47     99480   ----a-w-        c:\windows\SysWow64\infocardapi.dll
2014-08-14 21:31 . 2014-03-09 21:48     171160  ----a-w-        c:\windows\system32\infocardapi.dll
2014-08-14 21:31 . 2014-03-09 21:48     1389208 ----a-w-        c:\windows\system32\icardagt.exe
2014-08-14 21:31 . 2014-03-09 21:47     619672  ----a-w-        c:\windows\SysWow64\icardagt.exe
2014-08-14 21:31 . 2014-06-30 22:24     8856    ----a-w-        c:\windows\system32\icardres.dll
2014-08-14 21:31 . 2014-06-30 22:14     8856    ----a-w-        c:\windows\SysWow64\icardres.dll
2014-08-14 21:31 . 2014-06-06 06:16     35480   ----a-w-        c:\windows\SysWow64\TsWpfWrp.exe
2014-08-14 21:31 . 2014-06-06 06:12     35480   ----a-w-        c:\windows\system32\TsWpfWrp.exe
2014-08-14 18:39 . 2014-06-25 02:05     14175744        ----a-w-        c:\windows\system32\shell32.dll
2014-08-14 18:39 . 2014-06-03 10:02     3241984 ----a-w-        c:\windows\system32\msi.dll
2014-08-14 18:39 . 2014-06-03 10:02     1941504 ----a-w-        c:\windows\system32\authui.dll
2014-08-14 18:39 . 2014-06-03 09:29     2363392 ----a-w-        c:\windows\SysWow64\msi.dll
2014-08-14 18:39 . 2014-06-03 10:02     112064  ----a-w-        c:\windows\system32\consent.exe
2014-08-14 18:39 . 2014-06-03 10:02     504320  ----a-w-        c:\windows\system32\msihnd.dll
2014-08-14 18:39 . 2014-06-03 09:29     337408  ----a-w-        c:\windows\SysWow64\msihnd.dll
2014-08-14 18:39 . 2014-06-03 09:29     1805824 ----a-w-        c:\windows\SysWow64\authui.dll
2014-08-14 18:39 . 2014-07-16 03:23     2048    ----a-w-        c:\windows\system32\tzres.dll
2014-08-14 18:39 . 2014-07-16 02:46     2048    ----a-w-        c:\windows\SysWow64\tzres.dll
2014-08-14 18:38 . 2014-07-09 02:03     7168    ----a-w-        c:\windows\system32\KBDYAK.DLL
2014-08-14 18:38 . 2014-07-09 02:03     7168    ----a-w-        c:\windows\system32\KBDTAT.DLL
2014-08-14 18:38 . 2014-07-09 02:03     7168    ----a-w-        c:\windows\system32\KBDRU1.DLL
2014-08-14 18:38 . 2014-07-09 02:03     6656    ----a-w-        c:\windows\system32\KBDRU.DLL
2014-08-14 18:38 . 2014-07-09 02:03     7168    ----a-w-        c:\windows\system32\KBDBASH.DLL
2014-08-14 18:38 . 2014-07-09 01:31     7168    ----a-w-        c:\windows\SysWow64\KBDYAK.DLL
2014-08-14 18:38 . 2014-07-09 01:31     6656    ----a-w-        c:\windows\SysWow64\KBDBASH.DLL
2014-08-14 18:38 . 2014-06-16 02:10     985536  ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2014-08-14 18:36 . 2014-07-14 02:02     1216000 ----a-w-        c:\windows\system32\rpcrt4.dll
2014-08-14 18:36 . 2014-07-14 01:40     664064  ----a-w-        c:\windows\SysWow64\rpcrt4.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-11 16:22 . 2012-05-09 05:39     1490656 ----a-w-        c:\windows\system32\WdfCoInstaller01007.dll
2014-09-11 16:22 . 2012-05-09 05:39     1490656 ----a-w-        c:\windows\system32\drivers\WdfCoInstaller01007.dll
2014-09-10 18:34 . 2011-11-27 11:22     101694776       ----a-w-        c:\windows\system32\MRT.exe
2014-09-10 14:45 . 2014-01-06 13:52     71344   ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 14:45 . 2014-01-06 13:52     701104  ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-05 14:14 . 2010-06-24 09:33     23256   ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-07-25 00:35 . 2014-07-25 00:35     875688  ----a-w-        c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47     869544  ----a-w-        c:\windows\system32\msvcr120_clr0400.dll
2014-06-18 02:18 . 2014-07-09 06:54     692736  ----a-w-        c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 06:54     646144  ----a-w-        c:\windows\SysWow64\osk.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_Dlls"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute     REG_MULTI_SZ    autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Kmm4xNT;Kmm4xNT; [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 avgfws;Zapora AVG;c:\program files (x86)\AVG\AVG2012\avgfws.exe;c:\program files (x86)\AVG\AVG2012\avgfws.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-04 19:58        1096520 ----a-w-        c:\program files (x86)\Google\Chrome\Application\37.0.2062.103\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2014-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-06 14:45]
.
2014-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 13:20]
.
2014-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 13:20]
.
2014-09-11 c:\windows\Tasks\HPCeeScheduleForMaciek.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2013-01-30 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-30 21:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
c:\programdata\GG\ggdrive\ggdrive-overlay.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
c:\programdata\GG\ggdrive\ggdrive-overlay.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
c:\programdata\GG\ggdrive\ggdrive-overlay.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
c:\programdata\GG\ggdrive\ggdrive-overlay.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-11 6602856]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-08-19 21720]
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.gazeta.pl/0,0.html?p=128
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Wyślij &do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: Interfaces\{281C66C4-2A1A-4A7D-A550-58A174453156}: NameServer = 194.204.159.1,194.204.152.34
TCP: Interfaces\{281C66C4-2A1A-4A7D-A550-58A174453156}\36F6E667562747F60737: DhcpNameServer = 62.179.1.62 62.179.1.63
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2014-09-12  19:27:19
ComboFix-quarantined-files.txt  2014-09-12 17:27
ComboFix2.txt  2014-08-16 11:29
ComboFix3.txt  2014-05-17 14:52
ComboFix4.txt  2014-03-08 12:46
ComboFix5.txt  2014-09-12 17:08
.
Przed: 98 706 747 392 bajtów wolnych
Po: 98 381 041 664 bajtów wolnych
.
- - End Of File - - 547034F4C9B8D5DADA9B6C2FDEBB1FC1
A36C5E4F47E84449FF07ED3517B43A31
 
Wygenerowano w 0.025s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!