ComboFix 15-06-27.01 - Kuba 2015-06-30  21:53:58.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.8108.4674 [GMT 2:00]
Uruchomiony z: C:\Users\Kuba\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Kaspersky Anti-Virus *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Zapora osobista ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Rezydentny antywirus jest aktywny



(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))


C:\ProgramData\Roaming
C:\Users\Kuba\AppData\Roaming\3557.tmp
C:\Users\Kuba\AppData\Roaming\4C9B.tmp


(((((((((((((((((((((((((   Pliki utworzone od 2015-05-28 do 2015-06-30  )))))))))))))))))))))))))))))))


2015-06-30 20:10:12 . 2015-06-30 20:10:12	--------	d-----w-	C:\Users\TEMP\AppData\Local\temp
2015-06-30 20:10:12 . 2015-06-30 20:10:12	--------	d-----w-	C:\Users\Gość\AppData\Local\temp
2015-06-30 20:10:12 . 2015-06-30 20:10:12	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-06-30 14:22:49 . 2015-06-30 14:26:54	--------	d-----w-	C:\FRST
2015-06-30 14:14:47 . 2015-05-19 03:29:01	46768	----a-w-	C:\Windows\system32\drivers\nvvad64v.sys
2015-06-30 14:14:46 . 2015-05-19 03:14:42	57520	----a-w-	C:\Windows\SysWow64\nvaudcap32v.dll
2015-06-29 19:26:23 . 2013-05-06 06:13:26	110176	----a-w-	C:\Windows\system32\klfphc.dll
2015-06-29 19:26:18 . 2015-06-29 19:26:18	--------	d-----w-	C:\Windows\ELAMBKUP
2015-06-29 19:26:17 . 2015-06-30 19:43:12	--------	d-----w-	C:\ProgramData\Kaspersky Lab
2015-06-29 19:26:17 . 2015-06-29 19:26:17	--------	d-----w-	C:\Program Files (x86)\Kaspersky Lab
2015-06-29 16:45:59 . 2015-05-27 14:35:26	24917504	----a-w-	C:\Windows\system32\mshtml.dll
2015-06-29 16:45:59 . 2015-05-22 18:24:16	1016832	----a-w-	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-06-29 16:45:58 . 2015-05-22 19:12:08	10949120	----a-w-	C:\Program Files\Internet Explorer\F12Resources.dll
2015-06-29 16:41:39 . 2013-12-24 23:09:41	1987584	----a-w-	C:\Windows\SysWow64\d3d10warp.dll
2015-06-29 16:41:39 . 2013-12-24 22:48:32	2565120	----a-w-	C:\Windows\system32\d3d10warp.dll
2015-06-29 16:41:39 . 2013-11-26 08:16:50	3419136	----a-w-	C:\Windows\SysWow64\d2d1.dll
2015-06-29 16:41:39 . 2013-11-22 22:48:21	3928064	----a-w-	C:\Windows\system32\d2d1.dll
2015-06-29 16:40:34 . 2015-02-03 03:31:16	1424896	----a-w-	C:\Windows\system32\WindowsCodecs.dll
2015-06-29 16:40:34 . 2015-02-03 03:12:42	1230848	----a-w-	C:\Windows\SysWow64\WindowsCodecs.dll
2015-06-29 16:40:32 . 2011-04-28 03:55:08	552960	----a-w-	C:\Windows\system32\drivers\bthport.sys
2015-06-29 16:40:32 . 2011-04-28 03:54:56	80384	----a-w-	C:\Windows\system32\drivers\BTHUSB.SYS
2015-06-29 16:40:31 . 2015-04-20 03:17:07	1647104	----a-w-	C:\Windows\system32\DWrite.dll
2015-06-29 16:40:31 . 2015-04-20 03:17:07	1179136	----a-w-	C:\Windows\system32\FntCache.dll
2015-06-29 16:40:31 . 2015-04-20 02:56:29	1250816	----a-w-	C:\Windows\SysWow64\DWrite.dll
2015-06-29 16:39:48 . 2015-02-04 03:16:35	465920	----a-w-	C:\Windows\system32\WMPhoto.dll
2015-06-29 16:39:48 . 2015-02-04 02:54:09	417792	----a-w-	C:\Windows\SysWow64\WMPhoto.dll
2015-06-29 16:19:09 . 2015-06-29 16:19:09	--------	d-----w-	C:\Users\Kuba\AppData\Local\ESET
2015-06-29 16:18:07 . 2015-06-29 16:18:07	--------	d-----w-	C:\Program Files\ESET
2015-06-28 17:32:24 . 2015-06-28 17:32:24	--------	d-----w-	C:\Windows\SysWow64\Wat
2015-06-28 17:32:24 . 2015-06-28 17:32:24	--------	d-----w-	C:\Windows\system32\Wat
2015-06-28 17:11:04 . 2013-10-14 16:00:00	28368	----a-w-	C:\Windows\system32\IEUDINIT.EXE
2015-06-28 17:02:43 . 2015-06-28 17:02:43	878080	----a-w-	C:\Windows\system32\advapi32.dll
2015-06-28 17:02:43 . 2015-06-28 17:02:43	859648	----a-w-	C:\Windows\system32\tdh.dll
2015-06-28 17:02:42 . 2015-06-28 17:02:42	640512	----a-w-	C:\Windows\SysWow64\advapi32.dll
2015-06-28 17:02:42 . 2015-06-28 17:02:42	619520	----a-w-	C:\Windows\SysWow64\tdh.dll
2015-06-28 17:01:46 . 2015-06-28 17:01:46	327168	----a-w-	C:\Windows\system32\mswsock.dll
2015-06-28 17:01:46 . 2015-06-28 17:01:46	231424	----a-w-	C:\Windows\SysWow64\mswsock.dll
2015-06-28 16:55:40 . 2015-06-28 16:55:40	1887232	----a-w-	C:\Windows\system32\d3d11.dll
2015-06-28 16:55:40 . 2015-06-28 16:55:40	1505280	----a-w-	C:\Windows\SysWow64\d3d11.dll
2015-06-28 15:52:25 . 2015-06-28 15:56:02	--------	d-----w-	C:\Windows\system32\MRT
2015-06-28 15:43:54 . 2015-05-01 13:17:03	124112	----a-w-	C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-28 15:43:54 . 2015-05-01 13:16:41	102608	----a-w-	C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-06-28 15:38:48 . 2012-03-01 06:46:16	23408	----a-w-	C:\Windows\system32\drivers\fs_rec.sys
2015-06-28 15:38:48 . 2012-03-01 06:28:47	5120	----a-w-	C:\Windows\system32\wmi.dll
2015-06-28 15:38:48 . 2012-03-01 05:29:16	5120	----a-w-	C:\Windows\SysWow64\wmi.dll
2015-06-28 15:35:13 . 2014-03-09 21:48:52	171160	----a-w-	C:\Windows\system32\infocardapi.dll
2015-06-28 15:35:13 . 2014-03-09 21:48:51	1389208	----a-w-	C:\Windows\system32\icardagt.exe
2015-06-28 15:35:13 . 2014-03-09 21:47:43	99480	----a-w-	C:\Windows\SysWow64\infocardapi.dll
2015-06-28 15:35:13 . 2014-03-09 21:47:42	619672	----a-w-	C:\Windows\SysWow64\icardagt.exe
2015-06-28 15:35:12 . 2014-06-30 22:24:50	8856	----a-w-	C:\Windows\system32\icardres.dll
2015-06-28 15:35:12 . 2014-06-30 22:14:53	8856	----a-w-	C:\Windows\SysWow64\icardres.dll
2015-06-28 15:35:08 . 2014-06-06 06:16:07	35480	----a-w-	C:\Windows\SysWow64\TsWpfWrp.exe
2015-06-28 15:35:08 . 2014-06-06 06:12:57	35480	----a-w-	C:\Windows\system32\TsWpfWrp.exe
2015-06-28 15:26:59 . 2015-02-03 03:31:03	325632	----a-w-	C:\Windows\system32\msnetobj.dll
2015-06-28 15:25:55 . 2015-05-05 01:29:39	342016	----a-w-	C:\Windows\system32\schannel.dll
2015-06-28 15:24:20 . 2014-06-03 10:02:21	3241984	----a-w-	C:\Windows\system32\msi.dll
2015-06-28 15:23:59 . 2013-10-19 02:18:57	81408	----a-w-	C:\Windows\system32\imagehlp.dll
2015-06-28 15:22:39 . 2014-12-06 04:17:27	303616	----a-w-	C:\Windows\system32\nlasvc.dll
2015-06-28 15:21:23 . 2015-03-25 03:24:41	98304	----a-w-	C:\Windows\system32\wudriver.dll
2015-06-28 15:20:51 . 2015-04-08 03:29:10	1736192	----a-w-	C:\Program Files\Windows Journal\NBDoc.DLL
2015-06-28 15:17:20 . 2014-06-18 02:19:05	503296	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
2015-06-28 15:17:20 . 2014-06-18 02:19:05	449024	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
2015-06-28 15:17:20 . 2014-06-18 02:19:05	1247232	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll
2015-06-28 15:17:20 . 2014-06-18 02:19:05	110592	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll
2015-06-28 15:17:20 . 2014-06-18 02:18:39	224768	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2015-06-28 15:17:20 . 2014-06-18 02:18:30	692736	----a-w-	C:\Windows\system32\osk.exe
2015-06-28 15:17:20 . 2014-06-18 02:17:30	544768	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll
2015-06-28 15:17:20 . 2014-06-18 01:52:09	348672	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2015-06-28 15:17:20 . 2014-06-18 01:51:42	10240	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2015-06-28 15:17:20 . 2014-06-18 01:51:32	646144	----a-w-	C:\Windows\SysWow64\osk.exe
2015-06-28 15:16:49 . 2015-02-13 05:22:33	14177280	----a-w-	C:\Windows\system32\shell32.dll
2015-06-28 15:16:20 . 2014-03-26 14:44:48	2002432	----a-w-	C:\Windows\system32\msxml6.dll
2015-06-28 15:16:20 . 2014-03-26 14:41:39	2048	----a-w-	C:\Windows\system32\msxml6r.dll
2015-06-28 15:16:20 . 2014-03-26 14:27:50	1389056	----a-w-	C:\Windows\SysWow64\msxml6.dll
2015-06-28 15:16:20 . 2014-03-26 14:25:14	2048	----a-w-	C:\Windows\SysWow64\msxml6r.dll
2015-06-28 15:14:13 . 2014-06-06 10:10:34	624128	----a-w-	C:\Windows\system32\qedit.dll
2015-06-28 15:14:13 . 2014-06-06 09:44:17	509440	----a-w-	C:\Windows\SysWow64\qedit.dll
2015-06-28 15:12:59 . 2012-06-06 06:05:51	495616	----a-w-	C:\Program Files\Common Files\System\ado\msadox.dll
2015-06-28 15:11:51 . 2015-03-05 05:12:33	404480	----a-w-	C:\Windows\system32\gdi32.dll
2015-06-28 15:11:51 . 2015-03-05 04:05:06	311808	----a-w-	C:\Windows\SysWow64\gdi32.dll
2015-06-28 15:11:51 . 2012-11-02 05:59:11	478208	----a-w-	C:\Windows\system32\dpnet.dll
2015-06-28 15:11:51 . 2012-11-02 05:11:31	376832	----a-w-	C:\Windows\SysWow64\dpnet.dll
2015-06-28 15:11:28 . 2011-05-24 11:42:55	404480	----a-w-	C:\Windows\system32\umpnpmgr.dll
2015-06-28 15:11:28 . 2011-05-24 10:40:05	64512	----a-w-	C:\Windows\SysWow64\devobj.dll
2015-06-28 15:11:28 . 2011-05-24 10:40:05	44544	----a-w-	C:\Windows\SysWow64\devrtl.dll
2015-06-28 15:11:28 . 2011-05-24 10:39:38	145920	----a-w-	C:\Windows\SysWow64\cfgmgr32.dll
2015-06-28 15:11:28 . 2011-05-24 10:37:54	252928	----a-w-	C:\Windows\SysWow64\drvinst.exe
2015-06-28 15:02:13 . 2015-06-28 15:02:13	--------	d-----w-	C:\Users\Kuba\AppData\Local\ElevatedDiagnostics
2015-06-21 11:24:32 . 2015-06-24 09:58:23	--------	d-----w-	C:\Users\Kuba\AppData\Local\Spotify
2015-06-21 11:22:35 . 2015-06-24 09:58:20	--------	d-----w-	C:\Users\Kuba\AppData\Roaming\Spotify
2015-06-14 10:59:25 . 2015-06-29 16:08:42	--------	d-----w-	C:\Program Files\Common Files\AV
2015-06-06 20:05:59 . 2015-06-06 20:15:27	--------	d-----w-	C:\Users\Kuba\AppData\Local\Popcorn-Time
2015-06-06 20:05:27 . 2015-06-06 20:05:44	--------	d-----w-	C:\Users\Kuba\AppData\Local\Popcorn Time
.


((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2015-06-30 14:07:37 . 2014-10-22 19:13:14	225976	----a-w-	C:\Windows\system32\drivers\klhk.sys
2015-06-29 20:24:20 . 2014-11-10 15:48:04	190648	----a-w-	C:\Windows\system32\drivers\kneps.sys
2015-06-29 20:24:19 . 2014-11-22 12:12:38	85360	----a-w-	C:\Windows\system32\drivers\klwtp.sys
2015-06-29 20:24:19 . 2014-10-09 10:31:40	65208	----a-w-	C:\Windows\system32\drivers\kltdi.sys
2015-06-29 20:24:19 . 2013-04-12 12:34:48	24944	----a-w-	C:\Windows\system32\drivers\klpd.sys
2015-06-29 20:24:18 . 2014-10-10 15:02:54	39280	----a-w-	C:\Windows\system32\drivers\klim6.sys
2015-06-29 20:24:18 . 2014-08-19 10:31:48	64368	----a-w-	C:\Windows\system32\drivers\kldisk.sys
2015-06-29 20:24:17 . 2014-03-31 08:47:10	478392	----a-w-	C:\Windows\system32\drivers\kl1.sys
2015-06-29 19:28:54 . 2013-08-08 14:11:00	39280	----a-w-	C:\Windows\system32\drivers\klmouflt.sys
2015-06-29 19:28:53 . 2014-10-30 02:22:16	40304	----a-w-	C:\Windows\system32\drivers\klkbdflt.sys
2015-06-29 19:28:51 . 2014-12-13 16:21:18	850608	----a-w-	C:\Windows\system32\drivers\klif.sys
2015-06-29 19:28:51 . 2014-11-28 16:19:40	159960	----a-w-	C:\Windows\system32\drivers\klflt.sys
2015-06-29 19:28:47 . 2013-01-14 18:10:52	247016	----a-w-	C:\Windows\system32\drivers\cm_km_w.sys
2015-06-24 20:12:57 . 2014-02-27 00:09:11	778416	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2015-06-24 20:12:57 . 2014-02-27 00:09:11	142512	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-13 15:51:11 . 2015-05-30 20:00:16	136408	----a-w-	C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-05-19 03:14:42 . 2014-02-26 22:57:24	61616	----a-w-	C:\Windows\system32\nvaudcap64v.dll
2015-05-09 03:13:33 . 2015-06-28 15:13:17	44032	----a-w-	C:\Windows\apppatch\acwow64.dll
2015-04-25 15:32:12 . 2014-10-15 21:30:44	98216	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-14 07:37:56 . 2015-05-30 19:59:59	63704	----a-w-	C:\Windows\system32\drivers\mwac.sys
2015-04-14 07:37:46 . 2015-05-30 19:59:59	107736	----a-w-	C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-14 07:37:42 . 2015-05-30 19:59:59	25816	----a-w-	C:\Windows\system32\drivers\mbam.sys


(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))


*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" [2014-12-12 17:21:24 7394584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-08-15 12:35:26 292848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=C:\Windows\SysWOW64\nvinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 SetupARService;SetupARService;C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe;C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 AndnetBus;LGE Mobile USB Composite Device;C:\Windows\system32\DRIVERS\lgandnetbus64.sys;C:\Windows\SYSNATIVE\DRIVERS\lgandnetbus64.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\system32\DRIVERS\lgandnetdiag64.sys;C:\Windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\system32\DRIVERS\lgandnetmodem64.sys;C:\Windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 AthDfu;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\Drivers\AthDfu.sys;C:\Windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\system32\drivers\btath_bus.sys;C:\Windows\SYSNATIVE\drivers\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\drivers\btath_hcrp.sys;C:\Windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\drivers\btath_rcp.sys;C:\Windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 EagleX64;EagleX64;C:\Windows\system32\drivers\EagleX64.sys;C:\Windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys;C:\Windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 IntcDAud;Audio dla wyświetlaczy Intel(R);C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\system32\drivers\leath_hid.sys;C:\Windows\SYSNATIVE\drivers\leath_hid.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys;C:\Windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 rtsuvc;Lenovo EasyCamera;C:\Windows\system32\DRIVERS\rtsuvc.sys;C:\Windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);C:\Windows\system32\DRIVERS\cm_km_w.sys;C:\Windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys;C:\Windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;C:\Windows\system32\DRIVERS\iaStorA.sys;C:\Windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;C:\Windows\system32\DRIVERS\iaStorF.sys;C:\Windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0;C:\Windows\system32\drivers\iusb3hcs.sys;C:\Windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;C:\Windows\System32\DRIVERS\LhdX64.sys;C:\Windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys;C:\Windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys;C:\Windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys;C:\Windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;C:\Windows\system32\DRIVERS\ehdrv.sys;C:\Windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\EpfwLWF.sys;C:\Windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 klhk;klhk;C:\Windows\system32\DRIVERS\klhk.sys;C:\Windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys;C:\Windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;C:\Windows\system32\DRIVERS\klpd.sys;C:\Windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;C:\Windows\system32\DRIVERS\kltdi.sys;C:\Windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;C:\Windows\system32\DRIVERS\klwtp.sys;C:\Windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;C:\Windows\system32\DRIVERS\kneps.sys;C:\Windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AVP15.0.2;Usługa Kaspersky Anti-Virus 15.0.2;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe;C:\Program Files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;C:\Windows\system32\DRIVERS\kldisk.sys;C:\Windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 WtuSystemSupport;WtuSystemSupport;C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe;C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\Windows\system32\DRIVERS\AcpiVpc.sys;C:\Windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\system32\drivers\btmaud.sys;C:\Windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys;C:\Windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys;C:\Windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ETDSMBus;ETDSMBus;C:\Windows\system32\DRIVERS\ETDSMBus.sys;C:\Windows\SYSNATIVE\DRIVERS\ETDSMBus.sys [x]
S3 ibtfltcoex;ibtfltcoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys;C:\Windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0;C:\Windows\system32\DRIVERS\iusb3hub.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;C:\Windows\system32\DRIVERS\iusb3xhc.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys;C:\Windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;C:\Windows\system32\DRIVERS\klflt.sys;C:\Windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\system32\DRIVERS\klkbdflt.sys;C:\Windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys;C:\Windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys;C:\Windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\system32\drivers\nvvad64v.sys;C:\Windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 usb3Hub;UoIP Hub;C:\Windows\system32\DRIVERS\usb3Hub.sys;C:\Windows\SYSNATIVE\DRIVERS\usb3Hub.sys [x]


Zawartość folderu 'Zaplanowane zadania'

2015-06-30 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-27 00:09:11 . 2015-06-24 20:12:58]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Energy Management"="C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-11-04 15:28:28 8079408]
"EnergyUtility"="C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe" [2013-11-04 15:28:28 6199128]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2013-09-06 08:16:35 165872]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2013-09-06 08:16:33 407536]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2013-09-06 08:16:34 444400]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 03:45:04 2673296]
"ShadowPlay"="C:\Windows\system32\nvspcap64.dll" [2015-03-28 03:43:39 1570672]
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 14:23:34 36352]
"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 02:19:18 184112]
"BTMTrayAgent"="C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-09-19 06:04:50 7818040]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2015-01-28 12:08:44 5595848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=C:\Windows\System32\nvinitx.dll

------- Skan uzupełniający -------

uStart Page = https://mysearch.avg.com?cid={BDA19891-564A-4DBF-BE1A-B13DE6BB238E}&mid=e406d05991f547d2a330d18b80eab585-2c28e8520ca63e7829754cea03b43083786c50b5&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-12 22:33:37&v=4.1.0.411&pid=wtu&sg=&sap=hp
uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: {{5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
TCP: DhcpNameServer = 8.8.8.8 192.168.1.1
FF - ProfilePath - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\5qbnjlud.default\
FF - prefs.js: browser.startup.homepage - google.pl
FF - prefs.js: network.proxy.type - 0
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2

- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-ETDCtrl - C:\Program Files (x86)\Elantech\ETDCtrl.exe



--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-3160247180-4210161264-933964749-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ce,65,e7,93,08,7b,b3,c0,e1,48,e3,e8,21,c3,1b,c9,1b,7a,ef,71,01,b6,14,
   77,92,e2,85,bd,33,9b,6a,8e,04,d9,52,aa,b8,95,54,18,b7,ba,fc,4e,6f,38,8c,8b,\
"??"=hex:9d,6d,62,c7,7e,94,d3,01,62,72,da,46,cb,d1,2f,38

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_190_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_190_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_190_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_190_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_190.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_190.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_190.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_190.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Czas ukończenia: 2015-06-30  22:32:54
ComboFix-quarantined-files.txt  2015-06-30 20:32:47

Przed: 29 874 114 560 bajtów wolnych
Po: 30 221 258 752 bajtów wolnych

- - End Of File - - A753846B558F6BFDC241D32531BAE615
A36C5E4F47E84449FF07ED3517B43A31