ComboFix 15-10-09.01 - Artur 2015-10-11  15:05:41.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1250.48.1045.18.3767.2493 [GMT 2:00]
Uruchomiony z: c:\users\Artur\Downloads\ComboFix12.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Artur\AppData\Local\Microsoft\Windows\Temporary Internet Files\{63664BA6-FD3F-4499-8BE6-99B62935CCFE}.xps
c:\users\Artur\AppData\Roaming\Local
c:\users\Artur\AppData\Roaming\Local\Microsoft\Windows\GameExplorer\Fallout 3\GameuxInstallHelper.dll
c:\users\Artur\AppData\Roaming\Local\Microsoft\Windows\GameExplorer\GameuxInstallHelper.dll
c:\users\Artur\Documents\PrawkoB2013S.tmp
c:\windows\msdownld.tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\UNWISE.EXE
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-09-11 do 2015-10-11  )))))))))))))))))))))))))))))))
.
.
2015-10-11 13:13 . 2015-10-11 13:13	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-10-11 13:13 . 2015-10-11 13:13	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-10-11 12:36 . 2015-10-11 12:36	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-10-08 02:14 . 2013-05-06 06:13	110176	----a-w-	c:\windows\system32\klfphc.dll
2015-10-08 02:14 . 2015-10-08 02:14	--------	d-----w-	c:\windows\ELAMBKUP
2015-10-08 02:13 . 2015-10-11 12:52	--------	d-----w-	c:\programdata\Kaspersky Lab
2015-10-08 02:13 . 2015-10-08 02:13	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2015-10-08 02:13 . 2015-07-04 00:18	227000	----a-w-	c:\windows\system32\drivers\klhk.sys
2015-10-08 02:13 . 2015-06-29 23:05	931000	----a-w-	c:\windows\system32\drivers\klif.sys
2015-10-08 02:13 . 2015-06-29 23:05	171192	----a-w-	c:\windows\system32\drivers\klflt.sys
2015-10-06 20:05 . 2015-10-06 20:05	229376	--sha-r-	c:\windows\SysWow64\MFC71CHTQ.dll
2015-10-06 12:19 . 2015-10-06 12:19	1	----a-w-	c:\windows\SysWow64\SI.bin
2015-10-05 23:27 . 2015-10-05 23:27	--------	d-----w-	c:\users\Artur\AppData\Local\Disc_Soft_Ltd
2015-10-05 23:25 . 2015-10-05 23:25	--------	d-----w-	c:\program files (x86)\Disc Soft
2015-10-05 23:24 . 2015-10-05 23:24	30264	----a-w-	c:\windows\system32\drivers\dtlitescsibus.sys
2015-10-05 23:24 . 2015-10-05 23:26	--------	d-----w-	c:\users\Artur\AppData\Roaming\DAEMON Tools Lite
2015-10-05 23:23 . 2015-10-05 23:23	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2015-10-05 23:02 . 2015-10-05 23:02	--------	d-----w-	c:\users\Artur\AppData\Local\ElevatedDiagnostics
2015-10-02 16:16 . 2015-08-31 22:45	11062400	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{64046ADF-4CDA-47A3-BDF1-629B6908E16F}\mpengine.dll
2015-09-30 20:22 . 2015-09-30 20:22	--------	d-----w-	c:\users\Artur\AppData\Roaming\Testy.2014.PWPW
2015-09-30 20:12 . 2015-09-30 20:12	--------	d-----w-	c:\program files (x86)\Ekierowca
2015-09-29 14:34 . 2011-09-06 12:29	76040	----a-w-	c:\windows\system32\drivers\multikey.sys
2015-09-23 17:51 . 2015-10-06 17:32	--------	d-----w-	c:\users\Artur\AppData\Local\cache
2015-09-23 17:49 . 2015-09-23 17:49	--------	d-----w-	c:\programdata\FLEXnet
2015-09-23 17:44 . 2015-09-23 17:44	--------	d-----w-	c:\programdata\FARO
2015-09-23 17:29 . 2015-09-23 17:29	--------	d-----w-	c:\program files\Common Files\Macrovision Shared
2015-09-23 17:28 . 2015-10-06 11:29	--------	d-----w-	c:\users\Artur\AppData\Local\Autodesk
2015-09-23 17:25 . 2015-10-06 11:19	--------	d-----w-	c:\program files\Autodesk
2015-09-23 17:25 . 2015-09-23 17:34	--------	d-----w-	c:\program files\Common Files\Autodesk Shared
2015-09-23 17:14 . 2015-09-23 17:14	--------	d-----w-	c:\program files (x86)\Autodesk
2015-09-23 17:11 . 2015-09-23 17:28	--------	d-----w-	c:\program files (x86)\Common Files\Autodesk Shared
2015-09-23 16:54 . 2015-10-09 03:10	--------	d-----w-	c:\users\Artur\AppData\Roaming\Autodesk
2015-09-23 16:54 . 2015-10-09 03:10	--------	d-----w-	c:\programdata\Autodesk
2015-09-23 16:52 . 2015-09-23 16:52	--------	d-----w-	c:\users\Artur\AppData\Local\Akamai
2015-09-23 16:51 . 2015-10-06 00:12	--------	d-----w-	C:\Autodesk
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-08 02:25 . 2015-06-08 17:43	41352	----a-w-	c:\windows\system32\drivers\klpd.sys
2015-10-08 01:38 . 2015-02-18 20:35	113880	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-06 20:41 . 2015-03-21 18:24	778440	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-06 20:41 . 2015-03-21 18:24	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-21 17:44 . 2015-08-23 20:24	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2015-09-21 17:44 . 2015-08-23 20:20	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-09-20 20:00 . 2015-08-23 20:20	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-09-02 03:04 . 2015-09-09 01:30	41984	----a-w-	c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 01:30	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 01:30	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 01:30	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 01:30	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 01:30	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 01:30	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 01:30	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 01:30	3209216	----a-w-	c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 01:30	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 01:30	299520	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-08-26 18:07 . 2015-09-09 01:29	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-08-26 18:07 . 2015-09-09 01:29	37888	----a-w-	c:\windows\system32\wups2.dll
2015-08-26 18:07 . 2015-09-09 01:29	3165696	----a-w-	c:\windows\system32\wucltux.dll
2015-08-26 18:07 . 2015-09-09 01:29	2606080	----a-w-	c:\windows\system32\wuaueng.dll
2015-08-26 18:07 . 2015-09-09 01:29	192000	----a-w-	c:\windows\system32\wuwebv.dll
2015-08-26 18:07 . 2015-09-09 01:29	36864	----a-w-	c:\windows\system32\wups.dll
2015-08-26 18:07 . 2015-09-09 01:29	696320	----a-w-	c:\windows\system32\wuapi.dll
2015-08-26 18:06 . 2015-09-09 01:29	91136	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-08-26 18:06 . 2015-09-09 01:29	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-08-26 18:06 . 2015-09-09 01:29	37376	----a-w-	c:\windows\system32\wuapp.exe
2015-08-26 18:06 . 2015-09-09 01:29	139776	----a-w-	c:\windows\system32\wuauclt.exe
2015-08-26 17:56 . 2015-09-09 01:29	93184	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-08-26 17:56 . 2015-09-09 01:29	173056	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-08-26 17:56 . 2015-09-09 01:29	30208	----a-w-	c:\windows\SysWow64\wups.dll
2015-08-26 17:56 . 2015-09-09 01:29	566784	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-08-26 17:55 . 2015-09-09 01:29	34816	----a-w-	c:\windows\SysWow64\wuapp.exe
2015-08-26 16:37 . 2015-02-06 16:32	134753440	----a-w-	c:\windows\system32\MRT.exe
2015-08-23 20:23 . 2015-08-23 20:20	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2015-08-23 20:20 . 2015-08-23 20:20	682280	----a-w-	c:\windows\SysWow64\pbsvc.exe
2015-08-18 01:42 . 2015-09-09 01:31	393304	----a-w-	c:\windows\system32\iedkcs32.dll
2015-08-15 06:48 . 2015-09-09 01:31	25190400	----a-w-	c:\windows\system32\mshtml.dll
2015-08-15 06:34 . 2015-09-09 01:31	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2015-08-15 06:33 . 2015-09-09 01:31	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2015-08-15 06:18 . 2015-09-09 01:31	66560	----a-w-	c:\windows\system32\iesetup.dll
2015-08-15 06:18 . 2015-09-09 01:32	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2015-08-15 06:17 . 2015-09-09 01:31	417792	----a-w-	c:\windows\system32\html.iec
2015-08-15 06:17 . 2015-09-09 01:31	585216	----a-w-	c:\windows\system32\vbscript.dll
2015-08-15 06:17 . 2015-09-09 01:31	2886144	----a-w-	c:\windows\system32\iertutil.dll
2015-08-15 06:17 . 2015-09-09 01:31	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2015-08-15 06:10 . 2015-09-09 01:31	54784	----a-w-	c:\windows\system32\jsproxy.dll
2015-08-15 06:09 . 2015-09-09 01:31	34304	----a-w-	c:\windows\system32\iernonce.dll
2015-08-15 06:06 . 2015-09-09 01:31	615936	----a-w-	c:\windows\system32\ieui.dll
2015-08-15 06:04 . 2015-09-09 01:32	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2015-08-15 06:04 . 2015-09-09 01:31	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2015-08-15 06:04 . 2015-09-09 01:31	817664	----a-w-	c:\windows\system32\jscript.dll
2015-08-15 06:04 . 2015-09-09 01:31	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2015-08-15 06:00 . 2015-09-09 01:31	5923328	----a-w-	c:\windows\system32\jscript9.dll
2015-08-15 05:57 . 2015-09-09 01:31	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2015-08-15 05:53 . 2015-09-09 01:31	490496	----a-w-	c:\windows\system32\dxtmsft.dll
2015-08-15 05:53 . 2015-09-09 01:31	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2015-08-15 05:46 . 2015-09-09 01:31	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-15 05:42 . 2015-09-09 01:31	199680	----a-w-	c:\windows\system32\msrating.dll
2015-08-15 05:41 . 2015-09-09 01:31	92160	----a-w-	c:\windows\system32\mshtmled.dll
2015-08-15 05:40 . 2015-09-09 01:31	504832	----a-w-	c:\windows\SysWow64\vbscript.dll
2015-08-15 05:40 . 2015-09-09 01:31	62464	----a-w-	c:\windows\SysWow64\iesetup.dll
2015-08-15 05:39 . 2015-09-09 01:32	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2015-08-15 05:39 . 2015-09-09 01:31	341504	----a-w-	c:\windows\SysWow64\html.iec
2015-08-15 05:39 . 2015-09-09 01:31	316928	----a-w-	c:\windows\system32\dxtrans.dll
2015-08-15 05:38 . 2015-09-09 01:31	64000	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2015-08-15 05:29 . 2015-09-09 01:31	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2015-08-15 05:29 . 2015-09-09 01:31	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2015-08-15 05:24 . 2015-09-09 01:31	720384	----a-w-	c:\windows\system32\ie4uinit.exe
2015-08-15 05:23 . 2015-09-09 01:31	801280	----a-w-	c:\windows\system32\msfeeds.dll
2015-08-15 05:22 . 2015-09-09 01:31	1359360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2015-08-15 05:22 . 2015-09-09 01:31	2126336	----a-w-	c:\windows\system32\inetcpl.cpl
2015-08-15 05:16 . 2015-09-09 01:31	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-08-15 05:16 . 2015-09-09 01:31	14451712	----a-w-	c:\windows\system32\ieframe.dll
2015-08-15 05:10 . 2015-09-09 01:31	4520448	----a-w-	c:\windows\SysWow64\jscript9.dll
2015-08-15 05:07 . 2015-09-09 01:31	2427392	----a-w-	c:\windows\system32\wininet.dll
2015-08-15 05:01 . 2015-09-09 01:31	2052608	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2015-08-15 05:01 . 2015-09-09 01:31	1155072	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2015-08-15 04:55 . 2015-09-09 01:31	1545728	----a-w-	c:\windows\system32\urlmon.dll
2015-08-15 04:43 . 2015-09-09 01:31	800768	----a-w-	c:\windows\system32\ieapfltr.dll
2015-08-15 04:43 . 2015-09-09 01:31	1951232	----a-w-	c:\windows\SysWow64\wininet.dll
2015-08-05 17:56 . 2015-09-09 01:32	1110016	----a-w-	c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 01:32	24576	----a-w-	c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 01:32	275456	----a-w-	c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 01:32	216064	----a-w-	c:\windows\SysWow64\InkEd.dll
2015-08-04 18:03 . 2015-09-09 01:31	692672	----a-w-	c:\windows\system32\winload.efi
2015-08-04 18:00 . 2015-09-09 01:31	616360	----a-w-	c:\windows\system32\winresume.efi
2015-08-04 17:56 . 2015-09-09 01:31	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-08-04 17:56 . 2015-09-09 01:31	59392	----a-w-	c:\windows\system32\appidapi.dll
2015-08-04 17:56 . 2015-09-09 01:31	32768	----a-w-	c:\windows\system32\appidsvc.dll
2015-08-04 17:55 . 2015-09-09 01:31	147456	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2015-08-04 17:55 . 2015-09-09 01:31	17920	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2015-08-04 17:47 . 2015-09-09 01:31	50688	----a-w-	c:\windows\SysWow64\appidapi.dll
2015-08-04 16:58 . 2015-09-09 01:31	61440	----a-w-	c:\windows\system32\drivers\appid.sys
2015-07-30 18:06 . 2015-08-12 08:10	1648128	----a-w-	c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-12 08:10	1180160	----a-w-	c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-12 08:10	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-12 08:10	1251328	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-12 08:10	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-07-14 11:03	1729752	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-07-14 11:03	1729752	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-07-14 11:03	1729752	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" [2015-07-03 876728]
"Akamai NetSession Interface"="c:\users\Artur\AppData\Local\Akamai\netsession_win.exe" [2015-09-10 4691384]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"Camera Assistant Software"="c:\program files (x86)\Video Web Camera\traybar.exe" [2010-07-06 600688]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe" [2015-07-03 1855672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVP16.0.0;Usługa Kaspersky Anti-Virus 16.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 PLAY ONLINE. RunOuc;PLAY ONLINE. OUC;c:\program files (x86)\PLAY ONLINE\UpdateDog\ouc.exe;c:\program files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [x]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [x]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 EPLAN Client Service;EPLAN Client Service;c:\program files\EPLAN\Common\EClientService.exe;c:\program files\EPLAN\Common\EClientService.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 vssbrigde64;vssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys;c:\windows\SYSNATIVE\DRIVERS\aksdf.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 DIgLiseService;DIgLiseService;c:\digsilent\License Server\diglise.exe;c:\digsilent\License Server\diglise.exe [x]
S2 hasplms;Sentinel LDK License Manager;c:\windows\system32\hasplms.exe  -run;c:\windows\SYSNATIVE\hasplms.exe  -run [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 multikey;Virtual USB MultiKey;c:\windows\system32\DRIVERS\multikey.sys;c:\windows\SYSNATIVE\DRIVERS\multikey.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Audio dla ekranów;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 SjtWinIo;SJT I/O Driver;c:\windows\system32\DRIVERS\SjtWinIo.sys;c:\windows\SYSNATIVE\DRIVERS\SjtWinIo.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - 38539376
*Deregistered* - 38539376
.
Zawartość folderu 'Zaplanowane zadania'
.
2015-10-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-21 20:41]
.
2015-10-11 c:\windows\Tasks\AQIT.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2015-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-06 13:03]
.
2015-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-06 13:03]
.
2015-10-11 c:\windows\Tasks\MATLAB R2015a Startup Accelerator.job
- c:\program files\MATLAB\R2015a\bin\win64\MATLABStartupAccelerator.exe [2015-03-18 18:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-07-14 10:59	2335960	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-07-14 10:59	2335960	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-07-14 10:59	2335960	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-02-06 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-02-06 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-02-06 415256]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-03-30 500936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Wyślij &do programu OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 37.8.214.2 31.11.202.254
TCP: Interfaces\{413BD8AE-C490-4400-A0A7-248D217F3DDA}: NameServer = 89.108.195.21 89.108.202.21
TCP: Interfaces\{CFEC815F-E128-46EC-A3DC-035E32C28A71}: NameServer = 89.108.195.21 89.108.202.21
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Wow6432Node-HKCU-Run-EpicScale - (no file)
Wow6432Node-HKCU-Run-ChomikBox - c:\program files (x86)\ChomikBox\chomikbox.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-DIgSILENT Preinstaller - c:\users\Artur\AppData\Local\Temp\nsc5909.tmp\Preinstall.exe
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_241_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_241_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_241_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_241_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_241.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_241.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_241.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_241.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2015-10-11  15:16:54
ComboFix-quarantined-files.txt  2015-10-11 13:16
.
Przed: 325 843 529 728 bajtów wolnych
Po: 327 301 668 864 bajtów wolnych
.
- - End Of File - - ADC1B7A552DEAD470460D08F834D58BF
A36C5E4F47E84449FF07ED3517B43A31