ADVERTISEMENT

combofix.txt.txt

Win 7 - Komputer zacina się na przeglądarce, logi z ComboFix i OTL

Siema. kolega ma problem z komputerem. komp zacina się nawet na przeglądarce co mnie (go) trochę dziwi. w załączniku wrzucam log z combofixa (nie wiem po co on to robił -.-) i OTL


Download file - link to post

ComboFix 13-11-27.01 - Olek 2013-11-29 19:13:21.9.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.48.1045.18.2047.893 [GMT 1:00]
Uruchomiony z: c:\users\Olek\Desktop\Nowy folder\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Pliki utworzone od 2013-10-28 do 2013-11-29 )))))))))))))))))))))))))))))))
.
.
2013-11-29 18:23 . 2013-11-29 18:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-29 18:23 . 2013-11-29 18:23 -------- d-----w- c:\users\UpdatusUser.Olek-Komputer\AppData\Local\temp
2013-11-29 18:23 . 2013-11-29 18:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-29 18:23 . 2013-11-29 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-26 13:18 . 2013-11-26 13:18 -------- d-----w- c:\windows\system32\Shaders
2013-11-24 15:58 . 2013-11-24 15:58 -------- d-----w- c:\programdata\MindGems
2013-11-24 15:58 . 2013-11-24 15:58 -------- d-----w- c:\program files\Folder Size
2013-11-24 15:17 . 2013-11-24 15:17 -------- d-----w- c:\users\Olek\AppData\Roaming\AVAST Software
2013-11-22 20:19 . 2013-11-22 20:20 -------- d-----w- c:\users\Olek\AppData\Roaming\Tunngle
2013-11-22 20:19 . 2009-09-16 06:02 27136 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2013-11-21 16:36 . 2013-11-21 16:36 -------- d-----w- c:\program files\Ubisoft
2013-11-21 13:31 . 2013-11-21 13:31 -------- d-----w- c:\programdata\Hi-Rez Studios
2013-11-20 18:07 . 2013-11-20 20:38 -------- d-----w- c:\program files\Assassins Creed IV Black Flag
2013-11-17 19:01 . 2013-11-17 19:01 -------- d-----w- c:\programdata\Firefly Studios
2013-11-16 13:11 . 2013-11-16 15:51 -------- d-----w- c:\users\Olek\AppData\Roaming\Mount & Blade With Fire and Sword
2013-11-15 23:18 . 2013-11-16 13:12 -------- d-----w- c:\program files\Mount & Blade With Fire and Sword
2013-11-11 22:46 . 2013-11-11 22:46 -------- d-----w- c:\program files\Activision
2013-11-11 13:30 . 2013-11-18 16:48 -------- d-----w- c:\program files\Firefly Studios
2013-11-11 13:29 . 2001-09-05 04:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2013-11-11 13:29 . 2001-09-05 04:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-11-11 13:29 . 2001-09-05 04:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-11-11 13:29 . 2001-09-05 04:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-11-11 12:27 . 2013-11-11 12:27 610436 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-11-07 15:54 . 2013-11-07 15:54 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2013-11-03 17:43 . 2013-05-22 17:49 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-11-03 17:43 . 2013-05-22 17:49 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-11-02 10:34 . 2013-11-02 10:34 -------- d-----w- c:\users\Olek\AppData\Local\Criterion Games
2013-11-02 09:08 . 2013-11-02 09:36 -------- d-----w- c:\users\Olek\AppData\Local\Warframe
2013-11-01 20:11 . 2013-11-13 17:57 -------- d-----w- c:\users\Olek\AppData\Roaming\Awesomium
2013-10-31 09:32 . 2013-10-31 09:32 -------- d-----w- c:\users\Olek\AppData\Roaming\gd.sos.McPixel
2013-10-30 23:10 . 2013-10-18 01:36 955168 ----a-w- c:\windows\system32\nvspcap.dll
2013-10-30 23:03 . 2013-10-30 23:03 -------- d-----w- C:\NVIDIA
2013-10-30 22:52 . 2013-10-30 22:52 -------- d-----w- c:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2013-10-30 20:41 . 2013-10-30 20:41 -------- d-----w- c:\program files\McPixel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-28 13:04 . 2011-09-15 14:28 138032 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-11-28 13:04 . 2011-09-15 14:36 281688 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-11-28 13:04 . 2011-09-15 14:27 281688 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-11-28 13:00 . 2011-09-15 14:27 281688 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-11-24 15:14 . 2013-06-22 20:53 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-24 15:14 . 2013-06-22 20:53 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-24 15:14 . 2012-08-09 07:02 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-11-24 15:14 . 2012-08-09 07:02 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-24 15:14 . 2012-08-09 07:02 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-24 15:14 . 2012-08-09 07:02 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-24 15:14 . 2012-08-09 07:02 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-24 15:14 . 2012-08-09 07:02 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-24 15:14 . 2012-08-09 07:02 43152 ----a-w- c:\windows\avastSS.scr
2013-11-24 15:14 . 2012-08-09 07:02 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-19 16:29 . 2011-09-15 14:27 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-10-30 23:16 . 2012-04-01 16:39 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-30 23:16 . 2011-09-20 15:36 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 22:02 . 2011-10-07 15:44 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-10-28 22:02 . 2011-10-07 15:44 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-10-23 10:24 . 2013-05-12 14:31 2695200 ----a-w- c:\windows\system32\nvapi.dll
2013-10-23 10:24 . 2011-11-24 14:13 15855568 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-10-23 10:24 . 2011-11-24 14:13 15212336 ----a-w- c:\windows\system32\nvd3dum.dll
2013-10-23 07:19 . 2011-11-24 14:13 4318496 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-23 07:19 . 2011-11-24 14:13 3036448 ----a-w- c:\windows\system32\nvsvc.dll
2013-10-23 07:19 . 2011-11-24 14:13 664352 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-23 07:19 . 2011-11-24 14:13 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-10-23 07:19 . 2011-11-24 14:13 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-23 07:19 . 2011-11-24 14:13 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-23 02:02 . 2013-10-23 02:02 589600 ----a-w- c:\windows\system32\nvStreaming.exe
2013-10-11 14:21 . 2013-10-11 14:21 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-08 05:50 . 2013-10-25 21:53 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-09-27 23:01 . 2013-08-12 15:47 28960 ----a-w- c:\windows\system32\nvaudcap32v.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-01-29 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\ERDNT\cache\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyœlne, prawid³owe wpisy nie s¹ pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@= " {472083B0-C522-11CF-8763-00608CC02F24} "
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-24 15:14 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@= " {C5994560-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@= " {C5994561-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@= " {C5994562-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@= " {C5994563-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@= " {C5994564-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@= " {C5994565-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@= " {C5994566-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@= " {C5994567-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@= " {C5994568-53D9-4125-87C9-F193FC689CB2} "
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" swg " = " c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe " [2011-09-20 39408]
" screenshooter " = " c:\program files\ScreenShooter\screenshooter.exe " [2010-09-03 606208]
" Advanced SystemCare 6 " = " c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe " [2013-04-18 491840]
" DAEMON Tools Lite " = " c:\program files\DAEMON Tools Lite\DTLite.exe " [2013-07-03 3673184]
" Skype " = " c:\program files\Skype\Phone\Skype.exe " [2013-11-18 20587168]
" Clownfish " = " " [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" Adobe ARM " = " c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe " [2013-04-04 958576]
" V0420Mon.exe " = " c:\windows\V0420Mon.exe " [2007-04-29 32768]
" Nvtmru " = " c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe " [2013-10-18 1028384]
" LogMeIn Hamachi Ui " = " c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe " [2013-10-01 2345296]
" XboxStat " = " c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe " [2009-12-04 737280]
" SunJavaUpdateSched " = " c:\program files\Common Files\Java\Java Update\jusched.exe " [2013-07-02 254336]
" ShadowPlay " = " c:\windows\system32\nvspcap.dll " [2013-10-18 955168]
" AvastUI.exe " = " c:\program files\AVAST Software\Avast\AvastUI.exe " [2013-11-24 3568312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
" ConsentPromptBehaviorAdmin " = 0 (0x0)
" ConsentPromptBehaviorUser " = 3 (0x3)
" EnableLUA " = 0 (0x0)
" EnableUIADesktopToggle " = 0 (0x0)
" PromptOnSecureDesktop " = 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk]
backup=c:\windows\pss\20Dollars2Surf.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2010-04-02 08:18 1185112 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-07-03 13:16 3673184 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-10-01 13:51 2345296 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-18 12:23 20587168 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-10-30 19:25 1820584 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-09-20 15:36 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
R0 ysyfer;ysyfer; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 droidpad;DroidPad Joystick;c:\windows\system32\DRIVERS\droidpad.sys [2013-04-18 16120]
R3 dump_wmimmc;dump_wmimmc;c:\program files\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Plus\Room\safedrv.sys [x]
R3 V0420VID;Live! Cam Vista IM (VF0420);c:\windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
R3 vproiah;vproiah;c:\windows\system32\DRIVERS\vproiah.sys [x]
R3 WatAdminSvc;Us³uga Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-29 1343400]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [2010-11-01 14416]
R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
R3 XDva392;XDva392;c:\windows\system32\XDva392.sys [x]
R3 XDva394;XDva394;c:\windows\system32\XDva394.sys [x]
R3 XDva398;XDva398;c:\windows\system32\XDva398.sys [x]
R3 XDva405;XDva405;c:\windows\system32\XDva405.sys [x]
R3 XICTAMDM;CELOT-W USB MODEM Driver;c:\windows\system32\DRIVERS\XICTAMDM.sys [2011-02-22 160984]
R3 XICTANmea;CELOT-W NMEA Device Driver(WDM);c:\windows\system32\DRIVERS\XICTANmea.sys [2011-02-22 160984]
R3 XICTAVSP;CELOT-W DM Interface Driver(WDM);c:\windows\system32\DRIVERS\XICTAVSP.sys [2011-02-22 160984]
R4 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]
R4 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
R4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-04-25 4066168]
R4 Roozz Helper;Roozz Helper;c:\program files\Roozz\RoozzHelper.exe [2011-09-07 33792]
R4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 15672]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-11-24 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-11-24 403440]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-10 295248]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-06 243128]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-11-24 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-11-24 70384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2013-10-01 1612112]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-08-26 375056]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-18 14650144]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files\Splashtop\Splashtop Remote\SERVER\SRService.exe [2013-09-02 790368]
S2 SSUService;Splashtop Software Updater Service;c:\program files\Splashtop\Splashtop Software Updater\SSUService.exe [2013-08-07 609056]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-09-27 33568]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 14:42 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
ZawartoϾ folderu 'Zaplanowane zadania'
.
2013-11-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 23:16]
.
2013-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-20 15:36]
.
2013-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-20 15:36]
.
.
------- Skan uzupe³niaj¹cy -------
.
uStart Page = hxxp://www.bing.com
mStart Page = hxxp://websearch.searchere.info/?pid=298 & r=2013/10/08 & hid=5082547275488349826 & lg=EN & cc=PL & unqvl=37
uInternet Settings,ProxyOverride = & lt; local & gt;
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - USUNIÊTO PUSTE WPISY - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
MSConfigStartUp-Gadu-Gadu 10 - c:\program files\Gadu-Gadu 10\gg.exe
MSConfigStartUp-GarenaMessenger - c:\program files\Garena Plus\GarenaMessenger.exe
MSConfigStartUp-iPlusManager - c:\program files\iPlus CDMA\iPlusChecker.exe
AddRemove-5E1C70CB75080F26C39ECE11A1B099D7A46048AB - c:\progra~1\DIFX\25C232B9F73C1237\DPInst.exe
AddRemove-6af12c54-643b-4752-87d0-8335503010de_is1 - c:\program files\Nexus Mod Manager\uninstall\unins000.exe
AddRemove-ASIO4ALL - c:\program files\ASIO4ALL v2\uninstall.exe
AddRemove-BlueSprig_JetClean_is1 - c:\program files\BlueSprig\JetClean\unins000.exe
AddRemove-F7A29E3861B584321D513645B262A474D2E241D6 - c:\progra~1\DIFX\25C232B9F73C1237\DPInst.exe
AddRemove-FL Studio 10 - c:\program files\Image-Line\FL Studio 10\uninstall.exe
AddRemove-Fraps - c:\fraps\uninstall.exe
AddRemove-Gadu-Gadu 10 - c:\program files\Gadu-Gadu 10\Uninstall.exe
AddRemove-GCFScape_is1 - c:\program files\Nem's Tools\GCFScape\unins000.exe
AddRemove-GTA2 Game Hunter - c:\program files\gta2gh\uninst.exe
AddRemove-IL Download Manager - c:\program files\Image-Line\Downloader\uninstall.exe
AddRemove-Revo Uninstaller - c:\program files\VS Revo Group\Revo Uninstaller\uninst.exe
AddRemove-SP_b0285714 - c:\program files\WebSearch\uninstall.exe
AddRemove-TeamSpeak 3 Client - c:\program files\TeamSpeak 3 Client\uninstall.exe
AddRemove-Youtube Downloader HD_is1 - c:\program files\Youtube Downloader HD\unins000.exe
AddRemove-{289AC7E0-0AEE-4a7b-913C-709D9803D23E} - c:\programdata\NexonEU\NGM\NGM.exe
AddRemove-YourFileDownloader - c:\program files\YourFileDownloader\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
" ImagePath " = " c:\windows\system32\GameMon.des -service "
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3573883639-2973998024-4207097079-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
" ?? " =hex:7c,da,9d,a7,63,90,dc,54,ed,65,51,ab,02,40,0e,a3,ba,09,33,17,ea,09,d6,
62,77,0d,fe,4f,f9,3d,b1,00,3b,71,14,1f,90,77,36,c4,ff,b6,70,48,ba,5f,60,a4,\
" ?? " =hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-3573883639-2973998024-4207097079-1000\Software\SecuROM\License information*]
" datasecu " =hex:ba,ad,a7,83,0c,af,5c,08,4d,5d,70,3a,c4,9c,b6,47,da,c7,7b,d3,b0,
b6,48,1d,7c,03,11,bd,c9,b4,3c,cd,43,95,74,67,f1,64,78,a3,67,e2,31,5b,00,d7,\
" rkeysecu " =hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozosta³e uruchomione procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\AUDIODG.EXE
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\taskhost.exe
d:\steam\SteamApps\common\HiPatchService.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Splashtop\Splashtop Remote\SERVER\SRServer.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\rundll32.exe
c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Splashtop\Splashtop Remote\SERVER\SRFeature.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\TortoiseSVN\bin\TSVNCache.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Czas ukoñczenia: 2013-11-29 19:30:09 - komputer zosta³ uruchomiony ponownie
ComboFix-quarantined-files.txt 2013-11-29 18:30
ComboFix2.txt 2013-11-03 10:26
ComboFix3.txt 2013-09-07 22:57
ComboFix4.txt 2013-06-27 19:38
ComboFix5.txt 2013-11-29 18:11
.
Przed: 92 799 496 192 bajtów wolnych
Po: 92 842 172 416 bajtów wolnych
.
- - End Of File - - DF4A076B1471D8FE3BB33D1EDA41D903
A36C5E4F47E84449FF07ED3517B43A31