ComboFix 15-12-29.01 - userek 2015-12-31 10:04:19.5.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.8175.6407 [GMT 1:00] Uruchomiony z: g:\programy instalki\Antyvir\ComboFix_15.12.29.1.exe AV: ESET Smart Security 9.0.318.20 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289} FW: Zapora osobista ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} SP: ESET Smart Security 9.0.318.20 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Utworzono nowy punkt przywracania . . ((((((((((((((((((((((((( Pliki utworzone od 2015-11-28 do 2015-12-31 ))))))))))))))))))))))))))))))) . . 2015-12-31 09:07 . 2015-12-31 09:07 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-12-28 18:54 . 2015-12-29 17:06 -------- d-----w- c:\program files\Mozilla Firefox 2015-12-22 09:13 . 2010-08-25 04:00 361472 ----a-w- c:\windows\system32\CNMXLMAA.DLL 2015-12-22 09:13 . 2015-12-22 09:13 -------- d-----w- c:\programdata\CanonIJMSetup 2015-12-22 09:13 . 2015-12-22 09:13 -------- d-----w- c:\program files\Common Files\CANON 2015-12-22 09:12 . 2015-12-22 09:12 -------- d-----w- c:\program files\Canon 2015-12-22 09:09 . 2015-12-22 09:13 -------- d-----w- c:\program files (x86)\Canon 2015-12-22 08:45 . 2015-12-22 08:45 -------- d-----w- c:\program files (x86)\OpenOffice 4 2015-12-21 09:15 . 2015-12-21 09:15 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird 2015-12-21 07:54 . 2015-12-21 07:54 -------- d-----w- c:\windows\Migration 2015-12-21 07:54 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\pl-PL\wdf01000.sys.mui 2015-12-21 07:52 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2015-12-21 07:52 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2015-12-21 07:52 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2015-12-21 07:52 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2015-12-21 07:52 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2015-12-21 07:52 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2015-12-21 07:52 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2015-12-21 07:49 . 2015-07-30 18:06 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2015-12-21 07:49 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2015-12-21 07:49 . 2015-02-03 03:31 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll 2015-12-21 07:49 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll 2015-12-21 07:48 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2015-12-21 07:48 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2015-12-20 23:42 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{00229E49-5C3F-49F2-A78A-1ABD72D4ADBA}\mpengine.dll 2015-12-20 23:37 . 2015-11-10 18:55 1648128 ----a-w- c:\windows\system32\DWrite.dll 2015-12-19 08:58 . 2015-12-19 08:58 -------- d-----w- C:\Intel 2015-12-15 16:59 . 2015-12-15 16:59 -------- d-----w- c:\users\Public\Foxit Software 2015-12-09 10:01 . 2015-12-22 22:34 -------- d-----w- C:\FRST 2015-12-09 10:00 . 2015-12-31 09:02 -------- d-----w- C:\AdwCleaner 2015-12-05 21:48 . 2015-12-05 21:48 -------- d-----w- c:\program files\Common Files\AV 2015-12-05 21:43 . 2013-09-20 09:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe 2015-12-05 21:43 . 2015-12-06 08:40 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2015-12-05 21:43 . 2015-12-05 22:02 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2 2015-12-05 19:03 . 2015-12-05 19:17 -------- d-----w- c:\program files (x86)\Samsung 2015-12-05 19:03 . 2015-12-05 19:03 -------- d-----w- c:\programdata\Samsung 2015-12-05 15:17 . 2015-12-05 15:17 -------- d-----w- c:\windows\system32\Macromed 2015-12-04 16:10 . 2015-12-31 08:58 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-12-04 16:10 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-12-04 16:10 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-12-04 15:25 . 2015-12-04 15:25 -------- d-----w- c:\program files (x86)\PowerISO 2015-12-04 15:25 . 2010-04-12 08:55 91568 ----a-w- c:\windows\system32\drivers\scdemu.sys 2015-12-04 15:24 . 2015-12-04 15:24 -------- d-----w- c:\programdata\Canneverbe Limited 2015-12-04 15:14 . 2015-12-04 15:14 -------- d-----w- c:\program files\VLC Player 2015-12-03 20:15 . 2015-12-03 20:15 31136 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS 2015-12-03 19:46 . 2015-12-03 19:46 -------- d-----w- c:\program files (x86)\HD Tune Pro 2015-12-03 18:24 . 2015-12-30 20:00 -------- d-----w- c:\program files (x86)\Common Files\BattlEye 2015-12-03 18:09 . 2015-12-03 18:09 -------- d-----w- c:\program files (x86)\CrystalDiskInfo 2015-12-02 19:20 . 2010-11-21 03:24 2872320 ----a-w- c:\windows\explorer.exe.Back 2015-12-02 19:17 . 2015-12-20 23:41 -------- d-----w- c:\windows\system32\MRT 2015-12-02 19:04 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2015-12-02 19:04 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-12-02 19:03 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE 2015-12-02 19:00 . 2015-12-02 19:00 -------- d-----w- c:\programdata\Sony 2015-12-02 19:00 . 2015-12-02 19:00 -------- d-----w- c:\program files\Sony 2015-12-02 19:00 . 2015-12-02 19:00 -------- d-----w- c:\program files (x86)\Sony 2015-12-02 18:54 . 2015-12-02 18:54 878080 ----a-w- c:\windows\system32\advapi32.dll 2015-12-02 18:54 . 2015-12-02 18:54 859648 ----a-w- c:\windows\system32\tdh.dll 2015-12-02 18:54 . 2015-12-02 18:54 640512 ----a-w- c:\windows\SysWow64\advapi32.dll 2015-12-02 18:54 . 2015-12-02 18:54 619520 ----a-w- c:\windows\SysWow64\tdh.dll 2015-12-02 18:53 . 2015-12-02 18:53 327168 ----a-w- c:\windows\system32\mswsock.dll 2015-12-02 18:53 . 2015-12-02 18:53 231424 ----a-w- c:\windows\SysWow64\mswsock.dll 2015-12-02 18:46 . 2015-12-02 18:46 1887232 ----a-w- c:\windows\system32\d3d11.dll 2015-12-02 18:46 . 2015-12-02 18:46 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll 2015-12-02 18:44 . 2015-12-03 17:03 -------- d-----w- c:\program files (x86)\Notepad++ 2015-12-02 18:32 . 2015-12-02 18:32 -------- d-----w- c:\program files\DIPS64 2015-12-02 18:31 . 2015-12-02 19:57 -------- d-----w- c:\program files (x86)\Common Files\Steam 2015-12-02 18:31 . 2015-12-02 18:31 -------- d-----w- C:\Gry 2015-12-02 18:24 . 2015-12-04 15:16 -------- d-----w- c:\program files (x86)\Sunrise Seven 2015-12-02 18:18 . 2015-12-02 18:23 -------- d-----w- c:\program files (x86)\AIDA64 Extreme 2015-12-02 18:17 . 2015-12-02 18:17 -------- d-----w- c:\program files\Core Temp 2015-12-02 18:16 . 2015-12-02 18:16 -------- d-----w- c:\program files\CPU-Z 2015-12-02 18:15 . 2015-12-02 18:15 -------- d-----w- c:\program files (x86)\HELP 2015-12-02 18:14 . 2015-12-02 18:14 -------- d-----w- c:\program files (x86)\FurMark_1.13.0 2015-12-02 18:09 . 2015-12-27 21:50 -------- d-----w- c:\program files (x86)\MSI Afterburner 2015-12-02 18:09 . 2015-12-02 18:09 -------- d-----w- c:\program files (x86)\GPU-Z 2015-12-02 18:04 . 2015-12-03 19:27 -------- d-----w- c:\program files\CrystalDiskMark5 2015-12-02 18:01 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2015-12-02 18:01 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2015-12-02 18:01 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2015-12-02 17:57 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll 2015-12-02 17:57 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe 2015-12-02 17:57 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll 2015-12-02 17:57 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe 2015-12-02 17:57 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll 2015-12-02 17:57 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll 2015-12-02 17:57 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe 2015-12-02 17:57 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe 2015-12-02 17:55 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll 2015-12-02 17:54 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll 2015-12-02 17:52 . 2014-07-17 02:07 235520 ----a-w- c:\windows\system32\winsta.dll 2015-12-02 17:51 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll 2015-12-02 17:51 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll 2015-12-02 17:51 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2015-12-02 17:51 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2015-12-02 17:51 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys 2015-12-02 17:51 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2015-12-02 17:51 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll 2015-12-02 17:51 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll 2015-12-02 17:47 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2015-12-02 17:40 . 2015-12-02 17:40 -------- d-----w- c:\program files\HWiNFO64 2015-12-02 17:37 . 2015-12-03 20:08 1024 ---h--w- C:\AMTAG.BIN 2015-12-02 17:37 . 2015-01-02 14:18 1811568 ----a-w- c:\windows\ampa.exe 2015-12-02 17:37 . 2013-12-18 10:33 17008 ----a-w- c:\windows\SysWow64\ampa.sys 2015-12-02 17:37 . 2013-12-18 10:33 17008 ----a-w- c:\windows\system32\ampa.sys 2015-12-02 17:37 . 2015-12-03 20:08 -------- d-----w- c:\program files (x86)\AOMEI Partition Assistant Standard 5.6 2015-12-02 17:34 . 2015-12-04 15:21 -------- d-----w- c:\program files\CCleaner 2015-12-02 17:33 . 2015-12-02 17:33 -------- d-----w- c:\program files (x86)\Odkurzacz 2015-12-02 17:31 . 2015-12-02 17:31 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2015-12-02 17:31 . 2015-12-02 17:31 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite 2015-12-02 17:31 . 2015-12-02 17:31 -------- d-----w- c:\programdata\DAEMON Tools Lite 2015-12-02 17:30 . 2015-12-04 15:24 -------- d-----w- c:\program files\CDBurnerXP 2015-12-02 17:25 . 2015-12-02 17:27 -------- d-----w- c:\program files (x86)\CoolEditPro2 2015-12-02 17:16 . 2015-12-06 10:31 -------- d-----w- c:\program files (x86)\AIMP3 2015-12-02 17:15 . 2015-12-02 17:15 -------- d-----w- c:\program files\7-Zip 2015-12-02 17:12 . 2015-12-05 14:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2015-12-02 17:12 . 2015-12-04 16:10 -------- d-----w- c:\programdata\Malwarebytes 2015-12-02 17:12 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-12-02 16:50 . 2015-12-02 16:50 -------- d-----w- c:\program files\ESET 2015-12-02 16:43 . 2015-12-22 08:42 -------- d-----w- c:\program files\TNod User & Password Finder 2015-12-02 16:41 . 2015-12-02 16:41 -------- d-----w- c:\program files (x86)\Bino 2015-12-02 16:41 . 2015-12-02 16:41 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2015-12-02 16:41 . 2013-04-05 19:26 2106368 ----a-w- c:\windows\SysWow64\ac3filter.ax 2015-12-02 16:41 . 2013-04-05 19:26 276992 ----a-w- c:\windows\SysWow64\BugTrap.dll 2015-12-02 16:41 . 2011-06-02 01:10 644608 ----a-w- c:\windows\SysWow64\xvidcore.dll . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-12-02 12:18 . 2010-11-21 03:27 301728 ------w- c:\windows\system32\MpSigStub.exe 2015-10-20 00:45 . 2015-12-02 17:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll 2015-10-13 00:22 . 2015-10-13 00:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll 2015-10-07 05:16 . 2015-10-07 05:16 142976 ----a-w- c:\windows\system32\drivers\ekbdflt.sys 2010-06-15 01:54 . 2010-06-15 01:54 153008 ----a-w- c:\program files (x86)\fraps64.dll 2010-06-15 01:54 . 2010-06-15 01:54 206768 ----a-w- c:\program files (x86)\fraps32.dll 2010-06-15 01:54 . 2010-06-15 01:54 74672 ----a-w- c:\program files (x86)\fraps64.dat 2010-06-15 01:54 . 2010-06-15 01:54 2320304 ----a-w- c:\program files (x86)\fraps.exe 2010-06-15 01:46 . 2010-06-15 01:46 163840 ----a-w- c:\program files (x86)\frapslcd.dll 2014-03-07 09:03 3109520 --sha-r- c:\windows\SysWOW64\avcodec-lav-55.dll 2014-03-07 09:03 98960 --sha-r- c:\windows\SysWOW64\avfilter-lav-4.dll 2014-03-07 09:03 550032 --sha-r- c:\windows\SysWOW64\avformat-lav-55.dll 2014-03-07 09:03 59536 --sha-r- c:\windows\SysWOW64\avresample-lav-1.dll 2014-03-07 09:03 181392 --sha-r- c:\windows\SysWOW64\avutil-lav-52.dll 2014-03-07 09:03 122512 --sha-r- c:\windows\SysWOW64\HLaudio.dll 2014-03-07 09:03 203408 --sha-r- c:\windows\SysWOW64\HLsplit.dll 2014-03-07 09:03 313520 --sha-r- c:\windows\SysWOW64\HLvideo.dll 2014-03-07 09:03 166544 --sha-r- c:\windows\SysWOW64\IntelQuickSyncDecoder.dll 2014-03-07 09:03 109712 --sha-r- c:\windows\SysWOW64\libbluray.dll 2011-02-11 08:26 112128 --sha-r- c:\windows\SysWOW64\OptimFROG.dll 2014-03-07 09:03 118416 --sha-r- c:\windows\SysWOW64\swscale-lav-2.dll 2010-01-06 22:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll 2012-10-05 17:54 188416 --sha-r- c:\windows\SysWOW64\winDCE32.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ad Muncher"="c:\program files (x86)\Ad Muncher\AdMunch.exe" [2015-12-02 560760] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R3 ALSysIO;ALSysIO;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys [x] R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x] R3 AxtuDrv;AxtuDrv;c:\windows\SysWOW64\Drivers\AxtuDrv.sys;c:\windows\SysWOW64\Drivers\AxtuDrv.sys [x] R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x] R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x] R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x] R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x] S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x] S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x] S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x] S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x] S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2015-08-11 8048640] "Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704] "Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://google.pl/ mLocal Page = c:\windows\SysWOW64\blank.htm Trusted Zone: eset.com\help TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\userek\AppData\Roaming\Mozilla\Firefox\Profiles\9gy4symj.default-1449332321480\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com/ FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072013&q= FF - prefs.js: network.proxy.ftp - 178.33.53.55 FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.http - 178.33.53.55 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - 178.33.53.55 FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - 178.33.53.55 FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 0 . - - - - USUNIĘTO PUSTE WPISY - - - - . Notify-SDWinLogon - SDWinLogon.dll . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2015-12-31 10:08:38 ComboFix-quarantined-files.txt 2015-12-31 09:08 ComboFix2.txt 2015-12-20 08:06 ComboFix3.txt 2015-12-14 15:24 ComboFix4.txt 2015-12-09 09:58 ComboFix5.txt 2015-12-31 09:03 . Przed: 196 786 700 288 bajtów wolnych Po: 198 141 947 904 bajtów wolnych . - - End Of File - - D05CCB944FB2633313E41537E6E5F86E