Skocz do zawartości


Close Open
Close Open

zainfekowa

Dołączył: 26 lis 2015
Offline Ostatnio aktywny: lis 28 2015 00:57
-----

Moje tematy

Proszę o pomoc ComboFix, logi programu ratunku!!!

26 listopad 2015 - 15:32

zawirusowalo mi komputer tragedia prosze o pomoc
ComboFix, logi programu:
ComboFix 15-11-23.01 - jacek 2015-11-26  14:26:25.1.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.48.1045.18.2045.354 [GMT 1:00]
Uruchomiony z: d:\downloads\ComboFix.exe
AV: 360 Total Security *Disabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
SP: 360 Total Security *Disabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\jacek\AppData\Local\Temp\Adobelm_Cleanup.0001.dir.0004\~de7b92.tmp
c:\users\jacek\AppData\Local\Temp\Adobelm_Cleanup.0001.dir.0004\~df394b.tmp
c:\users\jacek\AppData\Local\Temp\Adobelm_Cleanup.0001.dir.0005\~df394b.tmp
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-10-26 do 2015-11-26  )))))))))))))))))))))))))))))))
.
.
2015-11-26 13:37 . 2015-11-26 13:37    --------    d-----w-    c:\users\Default\AppData\Local\temp
2015-11-26 04:59 . 2015-11-26 04:59    --------    d-----w-    c:\users\jacek\AppData\Roaming\Everything
2015-11-26 04:59 . 2015-11-26 04:59    --------    d-----w-    c:\program files\Everything
2015-11-26 04:59 . 2015-11-26 04:59    --------    d-----w-    c:\program files\RayDld
2015-11-23 13:01 . 2015-11-23 13:01    --------    d-----w-    c:\users\jacek\AppData\Roaming\SOFiSTiK
2015-11-22 17:38 . 2015-11-22 17:07    --------    d-----w-    c:\programdata\regid.1991-06.com.microsoft
2015-11-22 17:38 . 2015-11-22 17:43    --------    d-----w-    c:\program files\Google
2015-11-22 17:38 . 2015-11-22 17:38    630992    ----a-w-    c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-11-22 17:38 . 2015-11-22 17:38    --------    d-----w-    c:\users\jacek\AppData\Local\Google
2015-11-22 17:23 . 2015-11-22 17:24    --------    d-----w-    c:\program files\Microsoft Office 15
2015-11-22 17:08 . 2015-11-22 17:08    --------    d-----w-    c:\program files\Microsoft OneDrive
2015-11-22 17:07 . 2015-11-22 17:07    --------    d-----r-    c:\users\jacek\OneDrive
2015-11-22 17:07 . 2015-11-22 17:07    --------    d-----w-    c:\programdata\Microsoft OneDrive
2015-11-21 10:18 . 2015-11-21 10:22    --------    d-----w-    c:\program files\scilab-5.5.2
2015-11-20 17:56 . 2015-11-20 17:56    --------    d-----w-    c:\program files\MSECache
2015-11-20 17:51 . 2015-11-20 18:02    --------    d-----w-    c:\program files\gmsd_pl_005010152
2015-11-20 17:51 . 2015-11-20 18:02    --------    d-----w-    c:\users\jacek\AppData\Local\gmsd_pl_005010152
2015-11-20 17:50 . 2015-11-20 17:35    --------    d-----w-    c:\users\jacek\AppData\Local\02AA6EBC-1448045400-DC11-8723-0011D8A408ED
2015-11-20 17:48 . 2015-11-26 04:59    --------    d-----w-    c:\users\jacek\AppData\Roaming\istartpageing
2015-11-20 17:48 . 2015-11-20 17:14    --------    d-----w-    c:\program files\SpaceSoundPro
2015-11-20 17:48 . 2015-11-20 18:02    --------    d-----w-    c:\program files\SpaceSondPro_v53.9388
2015-11-20 17:47 . 2015-11-20 17:47    39992    ----a-w-    c:\windows\system32\drivers\dtliteusbbus.sys
2015-11-20 17:46 . 2010-06-02 03:55    74072    ----a-w-    c:\windows\system32\XAPOFX1_5.dll
2015-11-20 17:46 . 2010-06-02 03:55    527192    ----a-w-    c:\windows\system32\XAudio2_7.dll
2015-11-20 17:46 . 2010-06-02 03:55    239960    ----a-w-    c:\windows\system32\xactengine3_7.dll
2015-11-20 17:46 . 2010-05-26 10:41    2106216    ----a-w-    c:\windows\system32\D3DCompiler_43.dll
2015-11-20 17:46 . 2010-05-26 10:41    1868128    ----a-w-    c:\windows\system32\d3dcsx_43.dll
2015-11-20 17:46 . 2010-05-26 10:41    470880    ----a-w-    c:\windows\system32\d3dx10_43.dll
2015-11-20 17:46 . 2010-05-26 10:41    248672    ----a-w-    c:\windows\system32\d3dx11_43.dll
2015-11-20 17:46 . 2010-05-26 10:41    1998168    ----a-w-    c:\windows\system32\D3DX9_43.dll
2015-11-20 17:45 . 2015-11-20 17:45    26168    ----a-w-    c:\windows\system32\drivers\dtlitescsibus.sys
2015-11-20 17:45 . 2015-11-20 17:45    --------    d-----w-    c:\program files\DirectX Happy Uninstall
2015-11-20 17:38 . 2015-11-20 18:02    --------    d-----w-    c:\users\jacek\AppData\Roaming\oursurfing
2015-11-20 17:35 . 2015-11-20 17:39    --------    d-----w-    c:\users\jacek\AppData\Roaming\360safe
2015-11-20 17:34 . 2015-11-20 17:34    --------    d-----w-    c:\users\jacek\AppData\Roaming\360TotalSecurity
2015-11-20 17:34 . 2015-11-20 17:34    --------    d-----w-    c:\programdata\360TotalSecurity
2015-11-20 17:34 . 2015-11-12 15:10    53960    ----a-w-    c:\windows\system32\drivers\qutmipc.sys
2015-11-20 17:33 . 2015-11-12 15:10    179152    ----a-w-    c:\windows\system32\drivers\360SelfProtection.sys
2015-11-20 17:33 . 2015-11-23 11:50    --------    d-----r-    C:\360SANDBOX
2015-11-20 17:33 . 2015-11-12 15:10    204368    ----a-w-    c:\windows\system32\drivers\360Box.sys
2015-11-20 17:33 . 2015-11-12 15:10    122448    ----a-w-    c:\windows\system32\drivers\360AntiHacker.sys
2015-11-20 17:33 . 2015-11-12 15:10    34888    ----a-w-    c:\windows\system32\drivers\360Camera.sys
2015-11-20 17:33 . 2015-11-12 15:10    174672    ----a-w-    c:\windows\system32\drivers\BAPIDRV.SYS
2015-11-20 17:33 . 2015-11-12 15:10    301264    ----a-w-    c:\windows\system32\drivers\qutmdrv.sys
2015-11-20 17:33 . 2015-11-12 15:10    60368    ----a-w-    c:\windows\system32\drivers\hookport.sys
2015-11-20 17:33 . 2015-11-12 15:10    66128    ----a-w-    c:\windows\system32\drivers\360AvFlt.sys
2015-11-20 17:33 . 2015-11-12 15:10    23248    ----a-w-    c:\windows\system32\drivers\efimon.sys
2015-11-20 17:32 . 2015-11-20 17:32    --------    d-----w-    c:\program files\360
2015-11-20 17:30 . 2015-11-20 17:31    --------    d-----w-    c:\programdata\1WMiniPro1
2015-11-20 17:30 . 2015-11-20 17:28    --------    d-----w-    c:\users\jacek\AppData\Roaming\istartsurf
2015-11-20 17:27 . 2015-10-30 03:50    916008    ----a-w-    c:\program files\Mozilla Firefox\uninstall\helper.exe
2015-11-20 17:27 . 2015-10-30 02:24    190632    ----a-w-    c:\program files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2015-11-20 17:27 . 2015-10-30 02:23    58024    ----a-w-    c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2015-11-20 17:27 . 2015-10-30 02:22    59560    ----a-w-    c:\program files\Mozilla Firefox\lgpllibs.dll
2015-11-20 17:27 . 2015-10-30 02:22    901288    ----a-w-    c:\program files\Mozilla Firefox\icuuc55.dll
2015-11-20 17:27 . 2015-10-30 02:22    1287848    ----a-w-    c:\program files\Mozilla Firefox\icuin55.dll
2015-11-20 17:27 . 2015-10-30 02:22    10592424    ----a-w-    c:\program files\Mozilla Firefox\icudt55.dll
2015-11-20 17:12 . 2015-11-20 17:12    --------    d-----w-    c:\users\jacek\AppData\Local\Tempfolder
2015-11-20 17:12 . 2015-11-20 17:12    --------    d-----w-    C:\uninst
2015-11-20 17:11 . 2015-11-20 18:02    --------    d-----w-    c:\program files\AmazingTab
2015-11-20 17:11 . 2015-11-20 18:02    --------    d-----w-    c:\programdata\7WMiniPro7
2015-11-20 16:51 . 2015-11-20 16:51    --------    d-----w-    c:\programdata\Zitenops
2015-11-19 12:23 . 2015-11-19 12:23    --------    d-----w-    c:\users\jacek\AppData\Local\Experience Video
2015-11-19 12:21 . 2015-11-19 00:49    --------    d-----w-    c:\users\jacek\AppData\Local\ospd_us_013010150
2015-11-19 12:21 . 2015-11-20 17:35    --------    d-----w-    c:\users\jacek\AppData\Local\02AA6EBC-1447939299-DC11-8723-0011D8A408ED
2015-11-19 01:20 . 2015-11-20 18:02    --------    d-----w-    c:\users\jacek\AppData\Local\26129
2015-11-19 01:10 . 2015-11-21 22:05    --------    d-----w-    C:\AdwCleaner
2015-11-18 08:04 . 2015-11-18 08:04    --------    d-----w-    c:\program files\FlashGet Network
2015-11-17 20:02 . 2015-11-20 18:02    --------    d-----w-    c:\users\jacek\AppData\Roaming\Subtitle Edit
2015-11-17 20:01 . 2015-11-20 17:14    --------    d-----w-    c:\programdata\QWMiniProQ
2015-11-17 20:01 . 2015-11-20 18:02    --------    d-----w-    c:\users\jacek\AppData\Local\FalloffsPhilistine
2015-11-17 19:20 . 2015-11-20 18:02    --------    d-----w-    c:\program files\CCleaner
2015-11-17 19:17 . 2015-11-20 17:49    --------    d-----w-    c:\programdata\360safe
2015-11-15 00:43 . 2015-11-15 00:43    20128    ----a-w-    c:\program files\Common Files\Microsoft Shared\VSTO\10.0\1045\VSTOLoaderUI.dll
2015-11-15 00:43 . 2015-11-15 00:43    11424    ----a-w-    c:\program files\Common Files\Microsoft Shared\VSTO\10.0\1045\VSTOInstallerUI.dll
2015-11-14 03:28 . 2015-11-14 03:28    150600    ----a-w-    c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2015-11-14 03:28 . 2015-11-14 03:28    4846168    ----a-w-    c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2015-11-14 03:28 . 2015-11-14 03:28    189136    ----a-w-    c:\program files\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
2015-11-14 03:28 . 2015-11-14 03:28    179800    ----a-w-    c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
2015-11-14 03:28 . 2015-11-14 03:28    1653336    ----a-w-    c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL
2015-11-14 03:28 . 2015-11-14 03:28    1557080    ----a-w-    c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL
2015-11-14 03:28 . 2015-11-14 03:28    14432    ----a-w-    c:\program files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\pkeyconfig.companion.dll
2015-11-14 03:28 . 2015-11-14 03:28    1274456    ----a-w-    c:\program files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\pidgenx.dll
2015-11-14 03:28 . 2015-11-14 03:28    121944    ----a-w-    c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL
2015-11-13 07:53 . 2015-11-13 07:53    --------    d-----w-    c:\program files\Clever Age
2015-11-13 07:22 . 2015-11-13 07:11    --------    d-----w-    c:\users\jacek\AppData\Roaming\vlc
2015-11-13 07:08 . 2015-11-17 19:45    --------    d-----w-    c:\program files\Common Files\Real
2015-11-13 07:08 . 2015-11-13 07:08    --------    d-----w-    c:\program files\Real
2015-11-11 21:24 . 2015-11-23 15:47    --------    d-----w-    c:\users\jacek\AppData\Local\Akamai
2015-11-10 14:27 . 2015-11-10 14:27    --------    d-----w-    c:\users\jacek\AppData\Roaming\Subversion
2015-11-10 14:27 . 2015-11-10 14:27    --------    d-----w-    c:\users\jacek\AppData\Local\MathWorks
2015-11-10 14:26 . 2015-11-10 14:26    --------    d-----w-    c:\users\jacek\AppData\Roaming\MathWorks
2015-11-10 13:53 . 2015-11-10 13:53    --------    d-----w-    c:\programdata\MathWorks
2015-11-05 19:04 . 2015-11-05 19:04    --------    d-----w-    c:\users\jacek\AppData\Roaming\AdobeUM
2015-11-05 18:42 . 2015-11-05 18:42    --------    d-----w-    c:\programdata\Adobe Systems
2015-11-05 18:41 . 2015-11-05 18:41    --------    d-----w-    c:\program files\Common Files\Adobe Systems Shared
2015-11-05 17:10 . 2015-11-20 17:36    --------    d-----w-    C:\$360Section
2015-11-05 17:10 . 2015-11-20 17:36    --------    d-----w-    c:\programdata\360Quarant
2015-10-31 14:24 . 2015-10-31 14:24    --------    d-----w-    c:\users\jacek\AppData\Roaming\Ams
2015-10-31 14:21 . 2009-08-07 10:59    233472    ----a-w-    c:\windows\system32\libcurl.dll
2015-10-31 14:21 . 2007-03-17 10:56    15872    ----a-w-    c:\windows\system32\pcreposix3.dll
2015-10-31 14:21 . 2007-03-17 10:56    140288    ----a-w-    c:\windows\system32\pcre3.dll
2015-10-31 14:21 . 2002-01-05 05:48    974848    ----a-w-    c:\windows\system32\mfc70.dll
2015-10-31 14:21 . 2002-01-05 04:37    344064    ----a-w-    c:\windows\system32\msvcr70.dll
2015-10-29 08:18 . 2015-10-29 08:18    --------    d-----w-    c:\users\jacek\AppData\Roaming\360SD
2015-10-27 09:38 . 2015-10-27 09:38    27248    ----a-w-    c:\windows\system32\drivers\cnnctfy2.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-26 13:15 . 2005-01-02 15:00    329384    ----a-w-    c:\windows\system32\drivers\sptd.sys
2015-11-26 07:39 . 2015-06-06 00:04    62576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{1CEADF31-5844-47AE-B140-DB98E622E808}\offreg.dll
2015-11-10 17:44 . 2014-08-29 06:47    780488    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2015-11-10 17:44 . 2014-08-29 06:47    142536    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-11-22 17:07    329376    ----a-w-    c:\users\jacek\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-11-22 17:07    329376    ----a-w-    c:\users\jacek\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-11-22 17:07    329376    ----a-w-    c:\users\jacek\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-11-22 17:07    329376    ----a-w-    c:\users\jacek\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-11-22 17:07    329376    ----a-w-    c:\users\jacek\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\jacek\AppData\Roaming\uTorrent\uTorrent.exe" [2015-10-10 1822048]
"Akamai NetSession Interface"="c:\users\jacek\AppData\Local\Akamai\netsession_win.exe" [2015-09-10 4691384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QHSafeTray"="c:\program files\360\Total Security\safemon\QHSafeTray.exe" [2015-11-12 1474168]
.
c:\users\jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Wysyłanie do programu OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2015-11-22 195248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2015-11-5 25214]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2015-1-27 13137768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R3 360AvFlt;360AvFlt mini-filter driver;c:\windows\system32\DRIVERS\360AvFlt.sys [2015-11-12 66128]
R3 360Camera;360Safe Camera Filter Service;c:\windows\system32\Drivers\360Camera.sys [2015-11-12 34888]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys [2015-11-20 26168]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys [2015-11-20 39992]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2014-12-13 102784]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R4 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2010-01-25 245760]
R4 Multimedia mobilNET. RunOuc;Multimedia mobilNET. OUC;c:\program files\Multimedia mobilNET\UpdateDog\ouc.exe [2014-12-13 218624]
R4 RaMediaServer;Ralink UPnP Media Server;c:\program files\Ralink\Common\RaMediaServer.exe [2011-08-18 625728]
S0 HookPort;HookPort;c:\windows\System32\Drivers\Hookport.sys [2015-11-12 60368]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 360Box;360Box mini-filter driver;c:\windows\system32\DRIVERS\360Box.sys [2015-11-12 204368]
S1 360SelfProtection;360SelfProtection;c:\windows\system32\drivers\360SelfProtection.sys [2015-11-12 179152]
S1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV.sys [2015-11-12 174672]
S1 EfiMon;EfiSystemMon;c:\windows\system32\Drivers\Efimon.sys [2015-11-12 23248]
S1 qutmdserv;Quantum DeepScanner Servers;c:\windows\system32\DRIVERS\qutmdrv.sys [2015-11-12 301264]
S1 qutmipc;qutmipc;c:\windows\system32\drivers\qutmipc.sys [2015-11-12 53960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 219136]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
S2 ClickToRunSvc;Usługa Szybka instalacja pakietu Microsoft Office;c:\program files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2015-10-13 1895096]
S2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2010-11-16 264704]
S2 ihpmServer;ihpmServer;c:\program files\RayDld\ihpmServer.exe [2015-11-25 275176]
S2 QHActiveDefense;360 Total Security;c:\program files\360\Total Security\safemon\QHActiveDefense.exe [2015-11-12 903288]
S2 WdsManPro;WdsManPro Service;c:\programdata\1WMiniPro1\WMiniPro.exe [2015-11-20 309384]
S3 360AntiHacker;360Safe Anti Hacker Service;c:\windows\system32\Drivers\360AntiHacker.sys [2015-11-12 122448]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2014-12-13 353280]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2014-12-13 73216]
S3 netr28;Sterownik karty sieci bezprzewodowej Ralink 802.11n dla systemu Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2015-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-29 17:44]
.
2015-11-26 c:\windows\Tasks\MATLAB R2015b Startup Accelerator.job
- d:\program files\bin\win32\MATLABStartupAccelerator.exe [2015-11-10 17:00]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.istartpageing.com/?type=hp&ts=1448513890&z=1511b120a1b349934636f71g2z1z8b0w2g9cab8tce&from=cornl&uid=st3250410as_6ry23rx9xxxx6ry23rx9
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.istartpageing.com/?type=hp&ts=1448513890&z=1511b120a1b349934636f71g2z1z8b0w2g9cab8tce&from=cornl&uid=st3250410as_6ry23rx9xxxx6ry23rx9
IE: Convert link target to Adobe PDF - d:\program files\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - d:\program files\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Download all links by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
IE: Download all videos by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm
IE: Download by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
IE: Download current video by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Wyślij &do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: Interfaces\{2C40FAA4-D16C-4A0A-B282-42F03EC99AA2}: NameServer = 212.2.96.51 212.2.96.52
TCP: Interfaces\{46A18A4D-AB39-4570-BDB7-D8B07CE82D5E}: NameServer = 213.158.199.1 213.158.199.5
TCP: Interfaces\{53761580-177C-4B99-ABFC-0BD131B3D43C}: NameServer = 213.158.199.1 213.158.199.5
TCP: Interfaces\{94C4B953-D584-4CFA-8CE5-AF7A14819744}: NameServer = 213.158.199.1 213.158.199.5
TCP: Interfaces\{95A4E742-AB12-4E81-8292-059C96230A57}: NameServer = 213.158.199.1 213.158.199.5
FF - ProfilePath - c:\users\jacek\AppData\Roaming\Mozilla\Firefox\Profiles\rjez7bep.default-1443728688780\
FF - prefs.js: browser.startup.homepage - hxxp://www.istartpageing.com/?type=hp&ts=1448513890&z=1511b120a1b349934636f71g2z1z8b0w2g9cab8tce&from=cornl&uid=st3250410as_6ry23rx9xxxx6ry23rx9
.
.
------- Skojarzenia plików -------
.
.scr=AutoCADScriptFile
.txt=txt_auto_file
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'Explorer.exe'(4004)
c:\progra~1\MICROS~2\Office12\GR469A~1.DLL
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Czas ukończenia: 2015-11-26  06:30:18 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2015-11-26 05:30
.
Przed: 736 063 488 bajtów wolnych
Po: 1 736 990 720 bajtów wolnych
.
- - End Of File - - CF7316E39907130087CE3CD5C5AF356E
A36C5E4F47E84449FF07ED3517B43A31