ComboFix 15-02-02.01 - Szymon 2015-02-03  22:07:08.1.8 - x64
Uruchomiony z: c:\users\Szymon\Desktop\ComboFix.exe
 * Rezydentny antywirus jest aktywny
.
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\windows\SysWow64\L3
c:\windows\SysWow64\L3\MpaDecFilter.ax
c:\windows\SysWow64\L3\MpaSplitter.ax
c:\windows\XSxS
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-01-03 do 2015-02-03  )))))))))))))))))))))))))))))))
.
.
2015-02-03 20:46 . 2014-12-15 03:13	11870360	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{8C184E90-B3AC-4122-9967-591A51532608}\mpengine.dll
2015-02-02 18:18 . 2014-11-18 07:04	55488	----a-w-	c:\windows\system32\drivers\hcmon.sys
2015-02-02 18:18 . 2015-02-02 21:20	--------	d-----w-	c:\programdata\VMware
2015-02-02 16:27 . 2015-02-02 16:27	--------	d-----w-	c:\users\Szymon\AppData\Local\VS Revo Group
2015-02-02 16:27 . 2015-02-02 16:27	--------	d-----w-	c:\programdata\VS Revo Group
2015-02-02 16:27 . 2009-12-30 09:21	31800	----a-w-	c:\windows\system32\drivers\revoflt.sys
2015-02-02 01:49 . 2015-02-02 01:49	--------	d-----w-	c:\users\Szymon\AppData\Roaming\Toshiba
2015-02-02 01:47 . 2015-02-02 01:47	--------	d-----w-	c:\users\Szymon\AppData\Local\Toshiba
2015-02-02 01:47 . 2015-02-02 01:47	--------	d-----w-	c:\programdata\TOSHIBA
2015-02-02 01:09 . 2015-02-02 01:09	--------	d-----w-	c:\users\Szymon\AppData\Roaming\gimx
2015-02-02 01:09 . 2015-02-02 01:09	--------	d-----w-	c:\users\Szymon\AppData\Roaming\gimx-launcher
2015-02-01 16:32 . 2015-02-01 16:32	--------	d-----w-	c:\program files (x86)\Toshiba
2015-01-20 02:33 . 2015-01-20 02:33	585944	----a-w-	c:\windows\system32\drivers\RtkBtfilter.sys
2015-01-16 11:37 . 2015-01-16 11:37	--------	d-----w-	c:\programdata\McAfee
2015-01-16 00:51 . 2015-01-18 00:08	--------	d-----w-	c:\users\Szymon\AppData\Local\gtk-2.0
2015-01-16 00:51 . 2015-01-16 00:51	--------	d-----w-	c:\users\Szymon\.thumbnails
2015-01-16 00:50 . 2015-01-16 00:50	--------	d-----w-	c:\users\Szymon\AppData\Local\fontconfig
2015-01-16 00:50 . 2015-01-18 00:08	--------	d-----w-	c:\users\Szymon\.gimp-2.8
2015-01-16 00:50 . 2015-01-16 00:50	--------	d-----w-	c:\users\Szymon\AppData\Local\gegl-0.2
2015-01-14 20:57 . 2013-12-26 05:41	206136	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2015-01-14 20:57 . 2013-12-26 05:41	108856	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2015-01-14 20:57 . 2013-12-26 05:41	21320	----a-w-	c:\windows\system32\drivers\ssadmdfl.sys
2015-01-14 20:57 . 2013-12-26 05:41	188232	----a-w-	c:\windows\system32\drivers\ssadmdm.sys
2015-01-14 20:57 . 2013-12-26 05:41	17736	----a-w-	c:\windows\system32\drivers\ssadwhnt.sys
2015-01-14 20:57 . 2013-12-26 05:41	17224	----a-w-	c:\windows\system32\drivers\ssadcmnt.sys
2015-01-14 20:57 . 2013-12-26 05:41	169288	----a-w-	c:\windows\system32\drivers\ssadbus.sys
2015-01-14 20:57 . 2013-12-26 05:41	21320	----a-w-	c:\windows\system32\drivers\sscdmdfl.sys
2015-01-14 20:57 . 2013-12-26 05:41	188232	----a-w-	c:\windows\system32\drivers\sscdmdm.sys
2015-01-14 20:57 . 2013-12-26 05:41	17736	----a-w-	c:\windows\system32\drivers\sscdwhnt.sys
2015-01-14 20:57 . 2013-12-26 05:41	17224	----a-w-	c:\windows\system32\drivers\sscdcmnt.sys
2015-01-14 20:57 . 2013-12-26 05:41	169288	----a-w-	c:\windows\system32\drivers\sscdbus.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-02 16:06 . 2014-12-17 23:56	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-02 16:06 . 2014-12-17 23:56	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-01 16:15 . 2014-01-10 23:42	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2015-02-01 15:49 . 2014-01-10 21:09	113365784	----a-w-	c:\windows\system32\MRT.exe
2014-12-22 23:41 . 2010-11-21 03:27	298120	------w-	c:\windows\system32\MpSigStub.exe
2014-12-17 23:47 . 2014-03-30 17:30	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-13 05:09 . 2014-12-18 17:37	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 17:37	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-12-08 18:42 . 2014-10-07 16:48	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-12-08 11:06 . 2014-02-23 11:35	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-11-27 01:43 . 2014-12-18 15:58	389296	----a-w-	c:\windows\system32\iedkcs32.dll
2014-11-25 23:48 . 2014-11-25 23:48	589512	----a-w-	c:\windows\SysWow64\%InstallDir%speclean.exe
2014-11-22 03:13 . 2014-12-18 15:57	25059840	----a-w-	c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-18 15:58	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-18 15:58	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-18 15:58	66560	----a-w-	c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-18 15:58	580096	----a-w-	c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-18 15:58	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-18 15:58	2885120	----a-w-	c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-18 15:57	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-18 15:58	54784	----a-w-	c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-18 15:58	34304	----a-w-	c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-18 15:58	633856	----a-w-	c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-18 15:58	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-18 15:58	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-18 15:58	6039552	----a-w-	c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-18 15:58	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-18 15:58	490496	----a-w-	c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-18 15:58	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-18 15:58	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-18 15:57	199680	----a-w-	c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-18 15:58	92160	----a-w-	c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-18 15:58	501248	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-18 15:58	62464	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-18 15:58	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-18 15:58	64000	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-18 15:58	316928	----a-w-	c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-18 15:58	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-18 15:58	718848	----a-w-	c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-18 15:58	800768	----a-w-	c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-18 15:58	1359360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-18 15:58	2125312	----a-w-	c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-18 15:58	14412800	----a-w-	c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-18 15:58	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-18 15:58	4299264	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-18 15:58	2358272	----a-w-	c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-18 15:58	2052096	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-18 15:58	1155072	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-18 15:58	1548288	----a-w-	c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-18 15:58	800768	----a-w-	c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-18 15:58	1888256	----a-w-	c:\windows\SysWow64\wininet.dll
2014-11-18 13:56 . 2014-11-18 13:56	1202848	----a-w-	c:\windows\SysWow64\FM20.DLL
2014-11-11 03:09 . 2014-12-18 02:52	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-12-18 02:52	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-12-18 02:52	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-18 02:52	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-12-18 02:52	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-12-18 02:52	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-18 02:52	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-18 02:52	2048	----a-w-	c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-18 02:52	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="c:\users\Szymon\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"DAEMON Tools Lite"="e:\daemon tools lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-11-5 2717024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz136;cpuz136;f:\temp\cpuz136\cpuz136_x64.sys;f:\temp\cpuz136\cpuz136_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Origin Client Service;Origin Client Service;e:\origin\OriginClientService.exe;e:\origin\OriginClientService.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RTCore64;RTCore64;e:\msi afterburner\RTCore64.sys;e:\msi afterburner\RTCore64.sys [x]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe;c:\windows\SYSNATIVE\dllhost.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbrndis6;Karta USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XFDriver64;XFDriver64;e:\xfire_new\XFDriver64.sys;e:\xfire_new\XFDriver64.sys [x]
R4 CoordinatorServiceHost;SW Distributed TS Coordinator Service;e:\solidworks\SolidWorks\swScheduler\DTSCoordinatorService.exe;e:\solidworks\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R4 GenericMount Helper Service;GenericMount Helper Service;e:\norton ghost\Shared\Drivers\GenericMountHelper.exe;e:\norton ghost\Shared\Drivers\GenericMountHelper.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys;c:\windows\SYSNATIVE\DRIVERS\GenericMount.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 SymSnapService;SymSnapService;e:\norton ghost\Shared\Drivers\SymSnapServicex64.exe;e:\norton ghost\Shared\Drivers\SymSnapServicex64.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 12:43	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-03 02:24	1086280	----a-w-	c:\program files (x86)\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2015-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore1caae56bb0b4ea8.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13 14:53]
.
2015-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13 14:53]
.
2015-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cfefbf37da1c1a.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13 14:53]
.
2015-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cfff992c520939.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13 14:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-01-15 15:59	776520	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 15:59	776520	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-01-15 15:59	776520	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-01-15 15:59	776520	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-01-15 15:59	776520	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 08:02	25112	----a-w-	e:\internet download manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5595336]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&ksportuj do programu Microsoft Excel - e:\micros~1\Office12\EXCEL.EXE/3000
IE: Ściągnij przez IDM - e:\internet download manager\IEExt.htm
IE: Ściągnij wszystkie linki przez IDM - e:\internet download manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Szymon\AppData\Roaming\Mozilla\Firefox\Profiles\gc4b4357.default\
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3380270715-3188171858-2067456427-1000_Classes\Wow6432Node\CLSID\{203858ba-2c80-4fd0-a3eb-dc57238ea3ed}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000007e
"Therad"=dword:0000001b
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
   38,95,44,65,cc,1d,24,e1,f2,c2,9f,9e,a1,ec,ba,18,7b,32,94,63,7f,89,c0,1d,77,\
.
[HKEY_USERS\S-1-5-21-3380270715-3188171858-2067456427-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):aa,fc,25,0d,29,73,e5,3e,cb,f1,a7,24,66,3b,8f,d3,5e,98,ae,3f,aa,
   db,04,98,9d,bc,db,ba,c4,4e,68,98,7c,57,20,c2,13,f7,cc,b7,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
e:\norton ghost\Agent\VProSvc.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Czas ukończenia: 2015-02-03  22:14:06 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2015-02-03 21:14
.
Przed: 17 948 835 840 bajtów wolnych
Po: 18 242 895 872 bajtów wolnych
.
- - End Of File - - 3B4CD8117CED7C3A2873657275BF8852