Combofix

ustasiak15 · 17 Stycznia 2019

ComboFix 18-08-08.01 - marekS 2019-01-17   9:21.1.2 - x86
Uruchomiony z: c:\users\marekS\Downloads\ComboFix.exe
* Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2018-12-17 do 2019-01-17 )))))))))))))))))))))))))))))))
.
.
2019-01-17 08:29 . 2019-01-17 08:29   --------   d-----w-   c:\users\Default\AppData\Local\temp
2019-01-17 07:26 . 2019-01-17 07:26   --------   d-----w-   c:\programdata\bdch
2019-01-17 05:30 . 2019-01-17 05:30   75172   ----a-w-   c:\programdata\agent.update.1547703003.bdinstall.v2.bin
2019-01-17 05:23 . 2019-01-17 05:23   --------   d-----w-   c:\programdata\Bitdefender
2019-01-17 05:23 . 2018-12-03 16:06   241840   ----a-w-   c:\windows\system32\drivers\edrsensor.sys
2019-01-17 05:23 . 2018-11-20 09:42   211248   ----a-w-   c:\windows\system32\drivers\gzflt.sys
2019-01-17 05:22 . 2018-10-29 10:24   1115400   ----a-w-   c:\windows\system32\drivers\atc.sys
2019-01-17 05:22 . 2018-12-04 16:28   255392   ----a-w-   c:\windows\system32\drivers\bddci.sys
2019-01-17 05:22 . 2018-11-19 12:09   317808   ----a-w-   c:\windows\system32\drivers\gemma.sys
2019-01-17 05:21 . 2018-12-07 04:10   522480   ----a-w-   c:\windows\system32\drivers\trufos.sys
2019-01-17 05:17 . 2019-01-17 08:33   --------   d-----w-   c:\program files\Bitdefender Antivirus Free
2019-01-17 05:05 . 2019-01-17 05:05   99420   ----a-w-   c:\programdata\agent.1547701507.bdinstall.v2.bin
2019-01-17 05:05 . 2019-01-17 05:30   --------   d-----w-   c:\program files\Bitdefender Agent
2019-01-17 05:05 . 2019-01-17 05:05   --------   d-----w-   c:\programdata\Bitdefender Agent
2019-01-14 07:41 . 2019-01-14 07:41   --------   d-----w-   c:\programdata\Licenses
2019-01-13 16:31 . 2019-01-13 16:31   --------   d-----w-   c:\program files\FastStone Image Viewer
2019-01-13 08:35 . 2019-01-13 08:35   --------   d-----w-   c:\programdata\Ashampoo
2019-01-13 08:35 . 2019-01-13 08:35   --------   d-----w-   c:\program files\Ashampoo
2019-01-12 18:41 . 2019-01-12 18:41   --------   d-----w-   c:\program files\Windows Live
2019-01-12 15:43 . 2019-01-12 15:47   842240   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2019-01-12 15:43 . 2019-01-12 15:47   175104   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2019-01-12 14:04 . 2019-01-12 14:04   --------   d-----w-   c:\windows\system32\appraiser
2019-01-12 14:04 . 2019-01-12 14:04   --------   d-s---w-   c:\windows\system32\CompatTel
2019-01-12 12:04 . 2011-03-11 05:39   143744   ----a-w-   c:\windows\system32\drivers\nvstor.sys
2019-01-12 12:04 . 2011-03-11 05:39   117120   ----a-w-   c:\windows\system32\drivers\nvraid.sys
2019-01-12 12:04 . 2011-03-11 05:38   332160   ----a-w-   c:\windows\system32\drivers\iaStorV.sys
2019-01-12 12:04 . 2011-03-11 05:38   80256   ----a-w-   c:\windows\system32\drivers\amdsata.sys
2019-01-12 12:04 . 2011-03-11 05:38   22400   ----a-w-   c:\windows\system32\drivers\amdxata.sys
2019-01-12 12:04 . 2011-03-11 05:33   1699328   ----a-w-   c:\windows\system32\esent.dll
2019-01-12 12:04 . 2011-03-11 05:31   74240   ----a-w-   c:\windows\system32\fsutil.exe
2019-01-12 11:58 . 2014-12-11 17:47   74240   ----a-w-   c:\windows\system32\TSWbPrxy.exe
2019-01-12 11:58 . 2015-07-16 19:12   856064   ----a-w-   c:\windows\system32\rdvidcrl.dll
2019-01-12 11:58 . 2015-07-16 19:12   53248   ----a-w-   c:\windows\system32\tsgqec.dll
2019-01-12 11:58 . 2015-07-16 19:12   6131200   ----a-w-   c:\windows\system32\mstscax.dll
2019-01-12 11:58 . 2015-07-16 15:14   355840   ----a-w-   c:\windows\system32\wksprt.exe
2019-01-12 11:55 . 2014-07-09 01:29   6144   ----a-w-   c:\windows\system32\KBDYAK.DLL
2019-01-12 11:55 . 2014-07-09 01:29   6144   ----a-w-   c:\windows\system32\KBDBASH.DLL
2019-01-12 11:54 . 2013-11-26 08:16   3419136   ----a-w-   c:\windows\system32\d2d1.dll
2019-01-12 11:02 . 2012-08-23 14:44   14848   ----a-w-   c:\windows\system32\drivers\rdpvideominiport.sys
2019-01-12 11:02 . 2012-08-23 11:12   192000   ----a-w-   c:\windows\system32\rdpendp_winip.dll
2019-01-12 10:56 . 2019-01-12 10:56   --------   d-----w-   c:\program files\Mozilla Thunderbird
2019-01-12 10:55 . 2013-10-01 23:45   32256   ----a-w-   c:\windows\system32\TsUsbGDCoInstaller.dll
2019-01-12 10:55 . 2013-10-02 00:32   12800   ----a-w-   c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2019-01-12 10:55 . 2013-10-02 00:42   49152   ----a-w-   c:\windows\system32\drivers\TsUsbFlt.sys
2019-01-12 10:55 . 2013-10-02 00:30   14336   ----a-w-   c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2019-01-12 10:55 . 2013-10-02 00:14   50176   ----a-w-   c:\windows\system32\MsRdpWebAccess.dll
2019-01-12 10:55 . 2013-10-02 00:14   17920   ----a-w-   c:\windows\system32\wksprtPS.dll
2019-01-12 10:55 . 2013-10-01 22:34   1068544   ----a-w-   c:\windows\system32\mstsc.exe
2019-01-12 10:31 . 2015-09-14 12:03   38520   ----a-w-   c:\windows\system32\drivers\rtlivnry.sys
2019-01-12 09:14 . 2015-09-14 12:03   38520   ----a-w-   c:\windows\system32\drivers\DasPtct.SYS
2019-01-12 07:57 . 2018-12-06 02:35   2405376   ----a-w-   c:\windows\system32\win32k.sys
2019-01-12 07:47 . 2016-04-14 13:49   603648   ----a-w-   c:\windows\system32\d3d10level9.dll
2019-01-11 18:56 . 2019-01-11 18:56   9728   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-01-11 17:17 . 2017-04-27 22:50   3550208   ----a-w-   c:\windows\system32\D3DCompiler_47.dll
2019-01-11 16:59 . 2012-07-26 02:33   66560   ----a-w-   c:\windows\system32\drivers\WUDFPf.sys
2019-01-11 16:59 . 2012-07-26 02:32   155136   ----a-w-   c:\windows\system32\drivers\WUDFRd.sys
2019-01-11 16:59 . 2012-07-26 03:21   196608   ----a-w-   c:\windows\system32\WUDFHost.exe
2019-01-11 16:59 . 2012-07-26 03:20   73216   ----a-w-   c:\windows\system32\WUDFSvc.dll
2019-01-11 16:59 . 2012-07-26 03:20   613888   ----a-w-   c:\windows\system32\WUDFx.dll
2019-01-11 16:59 . 2012-07-26 03:20   38912   ----a-w-   c:\windows\system32\WUDFCoinstaller.dll
2019-01-11 16:59 . 2012-07-26 03:20   172032   ----a-w-   c:\windows\system32\WUDFPlatform.dll
2019-01-11 16:56 . 2014-03-09 21:47   99480   ----a-w-   c:\windows\system32\infocardapi.dll
2019-01-11 16:56 . 2014-06-30 22:14   8856   ----a-w-   c:\windows\system32\icardres.dll
2019-01-11 16:56 . 2014-03-09 21:47   619672   ----a-w-   c:\windows\system32\icardagt.exe
2019-01-11 16:56 . 2014-06-06 06:16   35480   ----a-w-   c:\windows\system32\TsWpfWrp.exe
2019-01-11 16:55 . 2012-03-01 05:46   19824   ----a-w-   c:\windows\system32\drivers\fs_rec.sys
2019-01-11 16:55 . 2012-03-01 05:29   5120   ----a-w-   c:\windows\system32\wmi.dll
2019-01-11 16:11 . 2015-07-30 13:13   103120   ----a-w-   c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-01-11 15:58 . 2016-01-22 06:04   642048   ----a-w-   c:\windows\system32\CPFilters.dll
2019-01-11 15:58 . 2016-01-22 06:04   535040   ----a-w-   c:\windows\system32\EncDec.dll
2019-01-11 15:57 . 2015-05-25 18:01   92160   ----a-w-   c:\windows\system32\sechost.dll
2019-01-11 15:57 . 2015-05-25 18:00   364544   ----a-w-   c:\windows\system32\tracerpt.exe
2019-01-11 15:57 . 2015-05-25 18:00   82944   ----a-w-   c:\windows\system32\logman.exe
2019-01-11 15:57 . 2015-05-25 18:00   40448   ----a-w-   c:\windows\system32\typeperf.exe
2019-01-11 15:57 . 2015-05-25 18:00   37888   ----a-w-   c:\windows\system32\relog.exe
2019-01-11 15:57 . 2015-05-25 18:00   17408   ----a-w-   c:\windows\system32\diskperf.exe
2019-01-11 15:56 . 2015-07-22 17:53   635392   ----a-w-   c:\windows\system32\tdh.dll
2019-01-11 15:54 . 2015-04-18 02:56   342016   ----a-w-   c:\windows\system32\certcli.dll
2019-01-11 15:54 . 2014-06-18 01:52   399360   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2019-01-11 15:54 . 2014-06-18 01:51   646144   ----a-w-   c:\windows\system32\osk.exe
2019-01-11 15:54 . 2015-06-03 20:22   355456   ----a-w-   c:\windows\system32\fveapi.dll
2019-01-11 15:54 . 2015-06-03 20:22   257864   ----a-w-   c:\windows\system32\wbem\Win32_Tpm.dll
2019-01-11 15:54 . 2016-02-05 18:44   97792   ----a-w-   c:\windows\system32\fveapibase.dll
2019-01-11 15:54 . 2016-02-05 17:33   15360   ----a-w-   c:\windows\system32\tbs.dll
2019-01-11 15:54 . 2014-08-01 11:35   793600   ----a-w-   c:\windows\system32\TSWorkspace.dll
2019-01-11 15:52 . 2013-05-10 03:20   24576   ----a-w-   c:\windows\system32\cryptdlg.dll
2019-01-11 15:51 . 2015-04-11 03:07   54656   ----a-w-   c:\windows\system32\drivers\stream.sys
2019-01-11 15:22 . 2015-12-08 21:54   1620992   ----a-w-   c:\windows\system32\WMVDECOD.DLL
2019-01-11 15:21 . 2013-06-25 22:56   527064   ----a-w-   c:\windows\system32\drivers\Wdf01000.sys
2019-01-11 15:21 . 2012-11-28 22:57   9728   ----a-w-   c:\windows\system32\Wdfres.dll
2019-01-11 15:21 . 2012-11-28 22:57   47720   ----a-w-   c:\windows\system32\drivers\WdfLdr.sys
2019-01-11 15:21 . 2015-02-04 02:54   417792   ----a-w-   c:\windows\system32\WMPhoto.dll
2019-01-11 15:20 . 2013-12-04 02:03   87040   ----a-w-   c:\windows\system32\secproc_ssp_isv.dll
2019-01-11 15:20 . 2013-12-04 02:03   87040   ----a-w-   c:\windows\system32\secproc_ssp.dll
2019-01-11 15:20 . 2013-12-04 02:03   423936   ----a-w-   c:\windows\system32\secproc_isv.dll
2019-01-11 15:20 . 2013-12-04 02:03   428032   ----a-w-   c:\windows\system32\secproc.dll
2019-01-11 15:20 . 2013-12-04 02:02   390144   ----a-w-   c:\windows\system32\msdrm.dll
2019-01-11 15:20 . 2013-12-04 01:54   510976   ----a-w-   c:\windows\system32\RMActivate_ssp.exe
2019-01-11 15:20 . 2013-12-04 01:54   594944   ----a-w-   c:\windows\system32\RMActivate_isv.exe
2019-01-11 15:20 . 2013-12-04 01:54   572416   ----a-w-   c:\windows\system32\RMActivate.exe
2019-01-11 15:20 . 2013-12-04 01:54   508928   ----a-w-   c:\windows\system32\RMActivate_ssp_isv.exe
2019-01-11 15:20 . 2015-04-24 17:56   530432   ----a-w-   c:\windows\system32\comctl32.dll
2019-01-11 14:19 . 2019-01-11 14:19   --------   d-----w-   c:\windows\system32\SPReview
2019-01-11 14:17 . 2019-01-11 14:17   --------   d-----w-   c:\windows\system32\EventProviders
2019-01-11 14:13 . 2010-11-20 12:21   380416   ----a-w-   c:\windows\system32\sxs.dll
2019-01-11 14:12 . 2010-11-20 12:05   35328   ----a-w-   c:\windows\system32\pifmgr.dll
2019-01-11 12:28 . 2019-01-12 14:18   --------   d-----w-   c:\program files\Mozilla Maintenance Service
2019-01-11 12:25 . 2019-01-11 12:25   --------   d-----w-   c:\windows\pl
2019-01-11 12:22 . 2009-09-04 16:44   69464   ----a-w-   c:\windows\system32\XAPOFX1_3.dll
2019-01-11 12:22 . 2009-09-04 16:44   515416   ----a-w-   c:\windows\system32\XAudio2_5.dll
2019-01-11 12:22 . 2009-09-04 16:29   453456   ----a-w-   c:\windows\system32\d3dx10_42.dll
2019-01-11 12:17 . 2019-01-11 12:17   15712   ----a-w-   c:\program files\Common Files\Windows Live\.cache\930395f11d4a9a71f\MeshBetaRemover.exe
2019-01-11 12:16 . 2019-01-11 12:16   94040   ----a-w-   c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\DSETUP.dll
2019-01-11 12:16 . 2019-01-11 12:16   525656   ----a-w-   c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\DXSETUP.exe
2019-01-11 12:16 . 2019-01-11 12:16   1691480   ----a-w-   c:\program files\Common Files\Windows Live\.cache\80790e651d4a9a718\dsetup32.dll
2019-01-11 12:16 . 2019-01-11 12:16   94040   ----a-w-   c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\DSETUP.dll
2019-01-11 12:16 . 2019-01-11 12:16   525656   ----a-w-   c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\DXSETUP.exe
2019-01-11 12:16 . 2019-01-11 12:16   1691480   ----a-w-   c:\program files\Common Files\Windows Live\.cache\7f26bcdd1d4a9a717\dsetup32.dll
2019-01-11 12:11 . 2019-01-11 13:25   --------   d-----w-   c:\windows\system32\MRT
2019-01-11 12:10 . 2019-01-11 12:10   127229528   -c--a-w-   c:\windows\system32\MRT-KB890830.exe
2019-01-11 11:13 . 2019-01-11 11:12   12051024   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{674FD43E-FF81-4B20-B884-CCBC3AFBE557}\mpengine.dll
2019-01-11 11:12 . 2018-12-10 22:04   499424   ------w-   c:\windows\system32\MpSigStub.exe
2019-01-11 11:08 . 2016-06-25 15:43   301056   ----a-w-   c:\windows\system32\EOSNotify.exe
2019-01-11 10:55 . 2019-01-11 10:55   --------   d-----r-   C:\360SANDBOX
2019-01-11 10:21 . 2019-01-11 10:21   --------   d-----w-   C:\2a4b8497829f5ea2e55582
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-01-11 14:25 . 2009-07-14 02:05   152576   ----a-w-   c:\windows\system32\msclmd.dll
2019-01-11 12:23 . 2010-06-24 10:33   34496   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2019-01-11 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-12-07 18:36   75320   ----a-w-   c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages   REG_MULTI_SZ     DPPassFilter scecli
.
R1 epp;epp;c:\eek\bin32\epp.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
R3 DfSdkS;Usługa defragmentacji;c:\program files\Ashampoo\Ashampoo Uninstaller 2017\DfSdkS.exe [2009-08-24 406016]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2018-12-27 104960]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [x]
R3 OxPPort;OxPPort;c:\windows\system32\DRIVERS\OxPPort.sys [2008-07-31 82048]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R4 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-12-07 362040]
R4 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
R4 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
R4 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R4 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2018-11-20 211248]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 atc;atc;c:\windows\system32\DRIVERS\atc.sys [2018-10-29 1115400]
S1 Gemma;Gemma;c:\windows\system32\DRIVERS\gemma.sys [2018-11-19 317808]
S1 RsvLock;RsvLock; [x]
S2 BdDci;BdDci Service;c:\windows\system32\DRIVERS\bddci.sys [2018-12-04 255392]
S2 bdredline;bdredline;c:\program files\Bitdefender Antivirus Free\bdredline.exe [2018-03-22 1929240]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ProductAgentService;ProductAgentService;c:\program files\Bitdefender Agent\ProductAgentService.exe [2018-11-15 1293936]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 UI5IFS;Ashampoo Uninstaller FileSystemChanges Driver;c:\program files\Ashampoo\Ashampoo Uninstaller 2017\IFS32.sys [2015-12-07 27736]
S2 updatesrv;Bitdefender Update Service;c:\program files\Bitdefender Antivirus Free\updatesrv.exe [2018-11-13 240936]
S2 vsservppl;Bitdefender Correlation Service;c:\program files\Bitdefender Antivirus Free\vsservppl.exe [2018-11-13 240936]
S3 edrsensor;edrsensor;c:\windows\system32\DRIVERS\edrsensor.sys [2018-12-03 241840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-03 266344]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ     SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc   REG_MULTI_SZ     DiagTrack
.
Zawartość folderu 'Zaplanowane zadania'
.
2019-01-17 c:\windows\Tasks\AdwCleaner_onReboot.job
- c:\users\marekS\Downloads\adwcleaner_7.2.6.0.exe [2019-01-11 17:43]
.
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://go.microsoft.com
mStart Page = about:blank
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{AE0A6353-03DA-42F1-8F23-5AF11DBF6216}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\marekS\AppData\Roaming\Mozilla\Firefox\Profiles\blf8b9uv.default-1547362238930\
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-HP Remote Solution - c:\programdata\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}\HP_Remote_Solution_Install.exe
AddRemove-{C611CF88-969D-43E6-A877-D6D6439DD081} - c:\programdata\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}\HP_Remote_Solution_Install.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3407625709-3377507047-3563137500-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_32_0_0_114_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_32_0_0_114_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'lsass.exe'(652)
c:\windows\system32\DPFPApi.DLL
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files\Bitdefender Antivirus Free\vsserv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\Bitdefender Antivirus Free\bdagent.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnscfg.exe
.
**************************************************************************
.
Czas ukończenia: 2019-01-17 09:37:15 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2019-01-17 08:37
.
Przed: 209 259 171 840 bajtów wolnych
Po: 209 216 393 216 bajtów wolnych
.
- - End Of File - - 503AFBD91001552889E66361CEDF32EE
EFFE75C97E8D63422C6379F40E5ECDC9

ustasiak15 · 17 Stycznia 2019

Czy ktos moze mi pomoc w problemie w otczycie czy sa jakies wiusy i jak je usunac.

jessica · 18 Stycznia 2019

w tym logu nie widzę niczego podejrzanego, ale ComboFix nie pokazuje wszystkiego, więc lepiej zrobić logi z FRST https://www.fixitpc.pl/topic/61-diagnostyka-ogólne-raporty-systemowe/?tab=comments#comment-160527

jessi

Zaloguj się

Combofix

Rekomendowane odpowiedzi

ustasiak15

Odnośnik do komentarza

ustasiak15

Odnośnik do komentarza

jessica

Odnośnik do komentarza

Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto

Zarejestruj nowe konto

Zaloguj się

Ostatnio przeglądający 0 użytkowników

Przeglądaj

Cała aktywność