irena Opublikowano 7 Stycznia 2015 Zgłoś Udostępnij Opublikowano 7 Stycznia 2015 uzyłam dzisiaj combofixa i własciwie nie wiem co mam dalej z tym poczac chciałabym prosic o analize logo ComboFix 15-01-07.01 - 1 2015-01-07 8:45.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.2043.1205 [GMT 1:00] Uruchomiony z: c:\users\1\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Utworzono nowy punkt przywracania . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\1\AppData\Local\AlawarHelper.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2014-12-07 do 2015-01-07 ))))))))))))))))))))))))))))))) . . 2015-01-07 07:51 . 2015-01-07 07:51 -------- d-----w- c:\users\natiii\AppData\Local\temp 2015-01-07 07:51 . 2015-01-07 07:51 -------- d-----w- c:\users\Gość\AppData\Local\temp 2015-01-07 07:51 . 2015-01-07 07:51 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-01-05 12:53 . 2015-01-05 03:45 48792 ----a-w- c:\windows\system32\drivers\{a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64.sys 2015-01-03 06:36 . 2015-01-02 10:43 48792 ----a-w- c:\windows\system32\drivers\{82adbb5d-7d8c-4f2d-9936-53071e499858}Gw64.sys 2014-12-30 16:29 . 2014-12-30 04:46 48792 ----a-w- c:\windows\system32\drivers\{2c7e9044-6b3b-4ecc-9224-8b8c893f6fc1}Gw64.sys 2014-12-28 17:16 . 2014-12-28 17:16 -------- d-----w- c:\program files (x86)\Techland 2014-12-27 13:07 . 2014-12-26 22:34 48792 ----a-w- c:\windows\system32\drivers\{8fb4e628-35c6-4275-89be-ce3462febcc4}Gw64.sys 2014-12-25 09:51 . 2014-12-25 09:51 -------- d-----w- c:\users\1\AppData\Local\Pay-By-Ads 2014-12-25 09:51 . 2014-12-24 18:44 48792 ----a-w- c:\windows\system32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw64.sys 2014-12-25 09:45 . 2014-12-25 09:45 -------- d-----w- c:\programdata\IePluginServices 2014-12-25 09:45 . 2014-12-25 09:45 -------- d-----w- c:\programdata\WindowsMangerProtect 2014-12-25 09:45 . 2014-12-25 09:45 -------- d-----w- c:\program files (x86)\SupTab 2014-12-25 09:44 . 2014-12-25 09:44 -------- d-----w- c:\users\1\AppData\Roaming\omiga-plus 2014-12-25 09:44 . 2015-01-07 07:20 -------- d-----w- c:\program files (x86)\Faster Light 2014-12-18 10:52 . 2014-12-17 16:25 48832 ----a-w- c:\windows\system32\drivers\{1de0dec0-675e-482f-a756-fd24c6796c8e}w64.sys 2014-12-15 15:02 . 2014-12-15 15:02 -------- d-----w- c:\programdata\BlueStacks . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-12-19 12:11 . 2014-07-03 08:47 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-12-19 12:11 . 2014-07-03 08:47 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-11-30 03:33 . 2014-11-30 15:14 48832 ----a-w- c:\windows\system32\drivers\{b66d62b0-ebea-42c8-88c7-71cdab32919e}w64.sys 2014-11-28 12:24 . 2014-11-29 07:59 48832 ----a-w- c:\windows\system32\drivers\{b7f87806-4a32-46e7-ad9b-12f73fb810a9}w64.sys 2014-11-26 20:27 . 2014-11-27 06:43 48832 ----a-w- c:\windows\system32\drivers\{cb987b80-b481-4623-9e86-1b830e33479a}w64.sys 2014-10-22 19:34 . 2014-10-23 06:05 48824 ----a-w- c:\windows\system32\drivers\{6191cc23-5db4-4079-aaac-546c45b08af1}w64.sys 2014-10-21 22:36 . 2014-10-22 10:14 48824 ----a-w- c:\windows\system32\drivers\{6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64.sys 2014-10-21 15:35 . 2014-10-22 06:18 48824 ----a-w- c:\windows\system32\drivers\{58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64.sys 2014-10-20 19:01 . 2014-10-21 09:44 48824 ----a-w- c:\windows\system32\drivers\{3c9eada7-386c-4a04-ab1e-4eb122397ced}w64.sys 2014-10-20 12:02 . 2014-10-21 09:43 48824 ----a-w- c:\windows\system32\drivers\{ee0f3b24-27a7-4a51-ac79-5baa51d5b24e}w64.sys 2014-10-19 22:03 . 2014-10-20 07:52 48824 ----a-w- c:\windows\system32\drivers\{cfbbf934-a234-4282-8ef3-310abb84c3e4}w64.sys 2014-10-18 18:11 . 2014-10-19 08:20 48824 ----a-w- c:\windows\system32\drivers\{0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64.sys 2014-10-17 21:00 . 2014-10-18 11:30 48824 ----a-w- c:\windows\system32\drivers\{9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64.sys 2014-10-17 14:00 . 2014-10-18 03:50 48824 ----a-w- c:\windows\system32\drivers\{d025c1f1-c366-4b43-8131-ad1c8300487b}w64.sys 2014-10-17 07:18 . 2014-10-17 17:42 48824 ----a-w- c:\windows\system32\drivers\{df8d93ab-56ab-414d-b711-87b0e2749bbd}w64.sys 2014-10-16 17:04 . 2014-10-17 13:46 48824 ----a-w- c:\windows\system32\drivers\{f0f5249d-53cc-459a-8755-4cd64b179fb4}w64.sys 2014-10-16 10:00 . 2014-10-16 19:54 48824 ----a-w- c:\windows\system32\drivers\{1f1a6417-232f-4d66-b329-9186268a4e91}w64.sys 2014-10-15 09:39 . 2014-10-16 15:41 48824 ----a-w- c:\windows\system32\drivers\{44b76908-31ad-4fdd-90ce-abbdbb78f175}w64.sys 2014-10-15 05:32 . 2014-10-15 16:14 48824 ----a-w- c:\windows\system32\drivers\{f916f162-d4e9-413b-95d2-589769dc98ff}w64.sys 2014-10-13 00:53 . 2014-10-13 15:36 48824 ----a-w- c:\windows\system32\drivers\{75d07d19-b619-45eb-aba7-fd8d77feb6b6}w64.sys 2014-10-12 18:19 . 2014-10-13 05:53 48824 ----a-w- c:\windows\system32\drivers\{a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64.sys 2014-10-11 19:37 . 2014-10-13 05:52 48824 ----a-w- c:\windows\system32\drivers\{45df5bc0-27fc-482b-88e9-68b0812c4d00}w64.sys 2014-10-11 07:06 . 2014-10-11 16:48 48824 ----a-w- c:\windows\system32\drivers\{38fc16c9-a7b4-4377-b565-cc5a76f2c89f}w64.sys . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] 2014-12-25 09:45 515464 ----a-w- c:\program files (x86)\SupTab\SupTab.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{950ef4df-b9dd-4b97-9e34-5c7d25a5eb88}] 2014-12-25 09:44 250616 ----a-w- c:\program files (x86)\Faster Light\FasterLightbho.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-07-24 21650016] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "4hd"="c:\program files (x86)\4HD\4hd.exe" [2014-10-22 702960] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt;{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt;c:\windows\system32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys;c:\windows\SYSNATIVE\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x] R2 MaintainerSvc2.04.9173792;MaintainerSvc2.04.9173792;c:\programdata\0fd8dc4b-3fdb-4d7c-a6d4-ff64cff56cc4\maintainer.exe;c:\programdata\0fd8dc4b-3fdb-4d7c-a6d4-ff64cff56cc4\maintainer.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R2 WindowsMangerProtect;WindowsMangerProtect Service;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] S1 {0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64;{0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64;c:\windows\system32\drivers\{0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64.sys;c:\windows\SYSNATIVE\drivers\{0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64.sys [x] S1 {1de0dec0-675e-482f-a756-fd24c6796c8e}w64;{1de0dec0-675e-482f-a756-fd24c6796c8e}w64;c:\windows\system32\drivers\{1de0dec0-675e-482f-a756-fd24c6796c8e}w64.sys;c:\windows\SYSNATIVE\drivers\{1de0dec0-675e-482f-a756-fd24c6796c8e}w64.sys [x] S1 {1f1a6417-232f-4d66-b329-9186268a4e91}w64;{1f1a6417-232f-4d66-b329-9186268a4e91}w64;c:\windows\system32\drivers\{1f1a6417-232f-4d66-b329-9186268a4e91}w64.sys;c:\windows\SYSNATIVE\drivers\{1f1a6417-232f-4d66-b329-9186268a4e91}w64.sys [x] S1 {2c7e9044-6b3b-4ecc-9224-8b8c893f6fc1}Gw64;{2c7e9044-6b3b-4ecc-9224-8b8c893f6fc1}Gw64;c:\windows\system32\drivers\{2c7e9044-6b3b-4ecc-9224-8b8c893f6fc1}Gw64.sys;c:\windows\SYSNATIVE\drivers\{2c7e9044-6b3b-4ecc-9224-8b8c893f6fc1}Gw64.sys [x] S1 {38fc16c9-a7b4-4377-b565-cc5a76f2c89f}w64;{38fc16c9-a7b4-4377-b565-cc5a76f2c89f}w64;c:\windows\system32\drivers\{38fc16c9-a7b4-4377-b565-cc5a76f2c89f}w64.sys;c:\windows\SYSNATIVE\drivers\{38fc16c9-a7b4-4377-b565-cc5a76f2c89f}w64.sys [x] S1 {3c9eada7-386c-4a04-ab1e-4eb122397ced}w64;{3c9eada7-386c-4a04-ab1e-4eb122397ced}w64;c:\windows\system32\drivers\{3c9eada7-386c-4a04-ab1e-4eb122397ced}w64.sys;c:\windows\SYSNATIVE\drivers\{3c9eada7-386c-4a04-ab1e-4eb122397ced}w64.sys [x] S1 {44b76908-31ad-4fdd-90ce-abbdbb78f175}w64;{44b76908-31ad-4fdd-90ce-abbdbb78f175}w64;c:\windows\system32\drivers\{44b76908-31ad-4fdd-90ce-abbdbb78f175}w64.sys;c:\windows\SYSNATIVE\drivers\{44b76908-31ad-4fdd-90ce-abbdbb78f175}w64.sys [x] S1 {45df5bc0-27fc-482b-88e9-68b0812c4d00}w64;{45df5bc0-27fc-482b-88e9-68b0812c4d00}w64;c:\windows\system32\drivers\{45df5bc0-27fc-482b-88e9-68b0812c4d00}w64.sys;c:\windows\SYSNATIVE\drivers\{45df5bc0-27fc-482b-88e9-68b0812c4d00}w64.sys [x] S1 {58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64;{58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64;c:\windows\system32\drivers\{58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64.sys;c:\windows\SYSNATIVE\drivers\{58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64.sys [x] S1 {6191cc23-5db4-4079-aaac-546c45b08af1}w64;{6191cc23-5db4-4079-aaac-546c45b08af1}w64;c:\windows\system32\drivers\{6191cc23-5db4-4079-aaac-546c45b08af1}w64.sys;c:\windows\SYSNATIVE\drivers\{6191cc23-5db4-4079-aaac-546c45b08af1}w64.sys [x] S1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64;{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64;c:\windows\system32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys;c:\windows\SYSNATIVE\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys [x] S1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}w64;{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64;c:\windows\system32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys;c:\windows\SYSNATIVE\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys [x] S1 {6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64;{6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64;c:\windows\system32\drivers\{6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64.sys;c:\windows\SYSNATIVE\drivers\{6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64.sys [x] S1 {75d07d19-b619-45eb-aba7-fd8d77feb6b6}w64;{75d07d19-b619-45eb-aba7-fd8d77feb6b6}w64;c:\windows\system32\drivers\{75d07d19-b619-45eb-aba7-fd8d77feb6b6}w64.sys;c:\windows\SYSNATIVE\drivers\{75d07d19-b619-45eb-aba7-fd8d77feb6b6}w64.sys [x] S1 {82adbb5d-7d8c-4f2d-9936-53071e499858}Gw64;{82adbb5d-7d8c-4f2d-9936-53071e499858}Gw64;c:\windows\system32\drivers\{82adbb5d-7d8c-4f2d-9936-53071e499858}Gw64.sys;c:\windows\SYSNATIVE\drivers\{82adbb5d-7d8c-4f2d-9936-53071e499858}Gw64.sys [x] S1 {8fb4e628-35c6-4275-89be-ce3462febcc4}Gw64;{8fb4e628-35c6-4275-89be-ce3462febcc4}Gw64;c:\windows\system32\drivers\{8fb4e628-35c6-4275-89be-ce3462febcc4}Gw64.sys;c:\windows\SYSNATIVE\drivers\{8fb4e628-35c6-4275-89be-ce3462febcc4}Gw64.sys [x] S1 {9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64;{9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64;c:\windows\system32\drivers\{9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64.sys;c:\windows\SYSNATIVE\drivers\{9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64.sys [x] S1 {a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64;{a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64;c:\windows\system32\drivers\{a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64.sys;c:\windows\SYSNATIVE\drivers\{a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64.sys [x] S1 {a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64;{a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64;c:\windows\system32\drivers\{a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64.sys;c:\windows\SYSNATIVE\drivers\{a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64.sys [x] S1 {b66d62b0-ebea-42c8-88c7-71cdab32919e}w64;{b66d62b0-ebea-42c8-88c7-71cdab32919e}w64;c:\windows\system32\drivers\{b66d62b0-ebea-42c8-88c7-71cdab32919e}w64.sys;c:\windows\SYSNATIVE\drivers\{b66d62b0-ebea-42c8-88c7-71cdab32919e}w64.sys [x] S1 {b7f87806-4a32-46e7-ad9b-12f73fb810a9}w64;{b7f87806-4a32-46e7-ad9b-12f73fb810a9}w64;c:\windows\system32\drivers\{b7f87806-4a32-46e7-ad9b-12f73fb810a9}w64.sys;c:\windows\SYSNATIVE\drivers\{b7f87806-4a32-46e7-ad9b-12f73fb810a9}w64.sys [x] S1 {cb987b80-b481-4623-9e86-1b830e33479a}w64;{cb987b80-b481-4623-9e86-1b830e33479a}w64;c:\windows\system32\drivers\{cb987b80-b481-4623-9e86-1b830e33479a}w64.sys;c:\windows\SYSNATIVE\drivers\{cb987b80-b481-4623-9e86-1b830e33479a}w64.sys [x] S1 {cfbbf934-a234-4282-8ef3-310abb84c3e4}w64;{cfbbf934-a234-4282-8ef3-310abb84c3e4}w64;c:\windows\system32\drivers\{cfbbf934-a234-4282-8ef3-310abb84c3e4}w64.sys;c:\windows\SYSNATIVE\drivers\{cfbbf934-a234-4282-8ef3-310abb84c3e4}w64.sys [x] S1 {d025c1f1-c366-4b43-8131-ad1c8300487b}w64;{d025c1f1-c366-4b43-8131-ad1c8300487b}w64;c:\windows\system32\drivers\{d025c1f1-c366-4b43-8131-ad1c8300487b}w64.sys;c:\windows\SYSNATIVE\drivers\{d025c1f1-c366-4b43-8131-ad1c8300487b}w64.sys [x] S1 {df8d93ab-56ab-414d-b711-87b0e2749bbd}w64;{df8d93ab-56ab-414d-b711-87b0e2749bbd}w64;c:\windows\system32\drivers\{df8d93ab-56ab-414d-b711-87b0e2749bbd}w64.sys;c:\windows\SYSNATIVE\drivers\{df8d93ab-56ab-414d-b711-87b0e2749bbd}w64.sys [x] S1 {ee0f3b24-27a7-4a51-ac79-5baa51d5b24e}w64;{ee0f3b24-27a7-4a51-ac79-5baa51d5b24e}w64;c:\windows\system32\drivers\{ee0f3b24-27a7-4a51-ac79-5baa51d5b24e}w64.sys;c:\windows\SYSNATIVE\drivers\{ee0f3b24-27a7-4a51-ac79-5baa51d5b24e}w64.sys [x] S1 {f0f5249d-53cc-459a-8755-4cd64b179fb4}w64;{f0f5249d-53cc-459a-8755-4cd64b179fb4}w64;c:\windows\system32\drivers\{f0f5249d-53cc-459a-8755-4cd64b179fb4}w64.sys;c:\windows\SYSNATIVE\drivers\{f0f5249d-53cc-459a-8755-4cd64b179fb4}w64.sys [x] S1 {f17a6425-9752-4042-9063-36eef24d8b77}Gw64;{f17a6425-9752-4042-9063-36eef24d8b77}Gw64;c:\windows\system32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw64.sys;c:\windows\SYSNATIVE\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw64.sys [x] S1 {f916f162-d4e9-413b-95d2-589769dc98ff}w64;{f916f162-d4e9-413b-95d2-589769dc98ff}w64;c:\windows\system32\drivers\{f916f162-d4e9-413b-95d2-589769dc98ff}w64.sys;c:\windows\SYSNATIVE\drivers\{f916f162-d4e9-413b-95d2-589769dc98ff}w64.sys [x] S2 4hdupdater;4hdupdater;c:\program files (x86)\4HD\updater.exe;c:\program files (x86)\4HD\updater.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 Update Faster Light;Update Faster Light;c:\program files (x86)\Faster Light\updateFasterLight.exe;c:\program files (x86)\Faster Light\updateFasterLight.exe [x] S2 Util Faster Light;Util Faster Light;c:\program files (x86)\Faster Light\bin\utilFasterLight.exe;c:\program files (x86)\Faster Light\bin\utilFasterLight.exe [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-12-18 17:29 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2015-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-03 12:11] . 2015-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-11 17:44] . 2015-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-11 17:44] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://rts.dsrlte.com?affID=na mDefault_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419500669&from=cor&uid=WDCXWD5000LPVX-00V0TT0_WD-WX21A547902779027&q={searchTerms} mDefault_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1419500669&from=cor&uid=WDCXWD5000LPVX-00V0TT0_WD-WX21A547902779027 mStart Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1419500669&from=cor&uid=WDCXWD5000LPVX-00V0TT0_WD-WX21A547902779027 mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419500669&from=cor&uid=WDCXWD5000LPVX-00V0TT0_WD-WX21A547902779027&q={searchTerms} IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 194.204.159.1 FF - ProfilePath - c:\users\1\AppData\Roaming\Mozilla\Firefox\Profiles\pqsxmvgg.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - prefs.js: browser.startup.homepage - hxxp://rts.dsrlte.com?affID=na FF - prefs.js: keyword.URL - user_pref(extensions.autoDisableScopes,14); . - - - - USUNIĘTO PUSTE WPISY - - - - . Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.15" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2015-01-07 08:54:28 ComboFix-quarantined-files.txt 2015-01-07 07:54 . Przed: 126 672 330 752 bajtów wolnych Po: 126 376 263 680 bajtów wolnych . - - End Of File - - CA22F98A6361912956D0C689F5D97583 A36C5E4F47E84449FF07ED3517B43A31 Odnośnik do komentarza
picasso Opublikowano 7 Stycznia 2015 Zgłoś Udostępnij Opublikowano 7 Stycznia 2015 Na temat używania ComboFix: KLIK. Jego log już zostaw, by było wiadome co robił. Proszę przeczytaj zasady działu: KLIK. Uzupełnij: opis problemu (w jakim celu logi) + wymagany zestaw obowiązkowych raportów (mają być dołączone jako pliki w załącznikach a nie wklejane w poście). Odnośnik do komentarza
Rekomendowane odpowiedzi
Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto
Jedynie zarejestrowani użytkownicy mogą komentować zawartość tej strony.
Zarejestruj nowe konto
Załóż nowe konto. To bardzo proste!
Zarejestruj sięZaloguj się
Posiadasz już konto? Zaloguj się poniżej.
Zaloguj się