ComboFix 17-12-11.01 - Piojuve 2018-01-04 9:19.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.48.1045.18.8191.5015 [GMT 1:00] Uruchomiony z: c:\users\Piojuve\Downloads\Combofix.exe AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} FW: Avast Antivirus *Disabled* {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Pliki utworzone od 2017-12-04 do 2018-01-04 ))))))))))))))))))))))))))))))) . . 2018-01-04 08:34 . 2018-01-04 08:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2018-01-04 08:03 . 2018-01-04 08:03 -------- d-----w- c:\program files (x86)\Origin 2018-01-04 06:58 . 2018-01-04 06:58 204456 ----a-w- c:\windows\system32\drivers\aswStm.sys 2018-01-04 06:56 . 2018-01-04 06:56 38152 ----a-w- c:\windows\system32\drivers\aswNetNd6.sys 2018-01-04 06:55 . 2018-01-04 06:55 -------- d-----w- c:\program files\AVAST Software 2018-01-04 05:56 . 2018-01-04 08:03 -------- d-----w- c:\programdata\Origin 2018-01-03 15:35 . 2018-01-03 15:35 -------- d-----w- C:\$WINDOWS.~BT 2018-01-03 13:46 . 2015-02-18 07:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe 2018-01-03 13:46 . 2015-02-18 07:04 142336 ----a-w- c:\windows\system32\poqexec.exe 2018-01-03 13:34 . 2016-08-10 12:50 11616 ----a-w- c:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2018-01-03 13:33 . 2016-09-30 15:50 18624 ----a-w- c:\windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll 2018-01-03 07:31 . 2018-01-03 07:31 -------- d-sh--w- c:\programdata\SecuROM 2018-01-03 07:26 . 2018-01-03 07:26 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll 2018-01-03 06:26 . 2015-11-05 07:00 617896 ----a-w- c:\windows\SysWow64\comctl32.ocx 2018-01-03 06:26 . 2015-03-27 01:54 163480 ----a-w- c:\windows\SysWow64\comDlg32.ocx 2018-01-03 06:26 . 2014-11-12 07:46 354944 ----a-w- c:\windows\SysWow64\msvcr71.dll 2018-01-03 06:26 . 2011-01-12 04:06 1054208 ----a-w- c:\windows\SysWow64\mfc71u.dll 2018-01-03 06:26 . 2011-01-12 03:49 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll 2018-01-03 06:26 . 2011-01-12 03:23 90112 ----a-w- c:\windows\SysWow64\atl71.dll 2018-01-03 06:26 . 2007-02-01 12:43 503808 ----a-w- c:\windows\SysWow64\msvcp71.dll 2018-01-03 05:48 . 2017-12-31 02:38 2560 ----a-w- c:\windows\SysWow64\api-ms-win-core-file-l1-2-0.dll 2018-01-03 05:47 . 2017-12-31 02:38 2560 ----a-w- c:\windows\system32\api-ms-win-core-file-l1-2-0.dll 2018-01-03 05:32 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll 2018-01-03 05:32 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe 2018-01-03 05:32 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll 2018-01-03 05:32 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll 2018-01-03 05:30 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll 2018-01-03 05:30 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll 2018-01-03 05:30 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll 2018-01-03 05:30 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll 2018-01-03 05:30 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll 2018-01-03 05:30 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll 2018-01-03 05:30 . 2014-05-14 08:23 198600 ----a-w- c:\windows\system32\wuwebv.dll 2018-01-03 05:30 . 2014-05-14 08:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll 2018-01-03 05:30 . 2014-05-14 08:20 36864 ----a-w- c:\windows\system32\wuapp.exe 2018-01-03 05:30 . 2014-05-14 08:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe 2018-01-02 16:07 . 2018-01-02 16:07 -------- d-----w- c:\windows\system32\SPReview 2018-01-02 12:29 . 2018-01-02 12:29 -------- d-----w- c:\windows\CheckSur 2018-01-01 16:28 . 2018-01-01 16:28 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2018-01-01 16:28 . 2018-01-01 16:28 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2018-01-01 16:28 . 2018-01-01 16:28 -------- d-----w- c:\windows\system32\Macromed 2018-01-01 16:28 . 2018-01-01 16:28 -------- d-----w- c:\windows\SysWow64\Macromed 2017-12-31 10:53 . 2017-12-31 10:53 -------- d-----w- c:\windows\SysWow64\Wat 2017-12-31 10:53 . 2017-12-31 10:53 -------- d-----w- c:\windows\system32\Wat 2017-12-31 10:37 . 2017-05-15 14:28 11168 ----a-w- c:\windows\SysWow64\API-MS-Win-core-file-l2-1-0.dll 2017-12-31 10:36 . 2016-08-10 11:53 11616 ----a-w- c:\windows\system32\API-MS-Win-core-file-l2-1-0.dll 2017-12-31 10:28 . 2016-08-12 15:11 3584 ----a-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-2-0.dll 2017-12-31 10:27 . 2016-08-12 15:11 3584 ----a-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-2-0.dll 2017-12-31 10:13 . 2016-09-19 01:59 4608 ----a-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll 2017-12-29 20:13 . 2017-12-29 20:13 -------- d-----w- c:\programdata\KONAMI 2017-12-29 16:12 . 2010-11-20 04:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui 2017-12-29 16:12 . 2010-11-20 04:13 6144 ----a-w- c:\windows\system32\drivers\en-US\rdvgkmd.sys.mui 2017-12-29 16:12 . 2010-11-20 03:57 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui 2017-12-29 16:12 . 2010-11-20 04:11 4096 ----a-w- c:\windows\system32\drivers\en-US\tsusbhub.sys.mui 2017-12-29 16:11 . 2010-11-20 04:11 6144 ----a-w- c:\windows\system32\drivers\en-US\IPMIDrv.sys.mui 2017-12-29 16:10 . 2010-11-20 04:10 4608 ----a-w- c:\windows\system32\drivers\en-US\kbdclass.sys.mui 2017-12-29 16:06 . 2010-11-20 04:27 287744 ----a-w- c:\windows\system32\lzhfldr2.dll 2017-12-29 16:06 . 2010-11-20 03:20 266240 ----a-w- c:\windows\SysWow64\lzhfldr2.dll 2017-12-29 15:53 . 2010-11-20 04:41 6656 ----a-w- c:\windows\system32\drivers\pl-PL\rdvgkmd.sys.mui 2017-12-29 15:53 . 2010-11-20 04:45 2560 ----a-w- c:\windows\system32\drivers\pl-PL\rdpwd.sys.mui 2017-12-29 15:53 . 2010-11-20 04:41 3072 ----a-w- c:\windows\system32\drivers\pl-PL\NV_AGP.SYS.mui 2017-12-29 15:52 . 2010-11-20 04:38 7680 ----a-w- c:\windows\system32\drivers\pl-PL\luafv.sys.mui 2017-12-29 15:52 . 2010-11-20 04:43 3584 ----a-w- c:\windows\system32\drivers\pl-PL\tsusbflt.sys.mui 2017-12-29 15:52 . 2010-11-20 04:38 4608 ----a-w- c:\windows\system32\drivers\pl-PL\tsusbhub.sys.mui 2017-12-29 15:48 . 2010-11-20 03:08 7168 ----a-w- c:\windows\SysWow64\KBDINORI.DLL 2017-12-29 15:47 . 2010-11-20 04:34 46464 ----a-w- c:\windows\system32\drivers\vmstorfl.sys 2017-12-29 15:46 . 2010-11-20 04:27 154624 ----a-w- c:\windows\system32\uxlib.dll 2017-12-29 15:05 . 2013-07-25 20:58 5632 ----a-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2017-12-29 14:59 . 2016-08-10 12:56 14176 ----a-w- c:\windows\system32\api-ms-win-core-localization-l1-2-0.dll 2017-12-29 14:59 . 2016-10-12 12:09 14176 ----a-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll 2017-12-29 14:57 . 2016-09-30 10:50 23232 ----a-w- c:\windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll 2017-12-29 14:56 . 2016-08-10 16:27 7680 ----a-w- c:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2017-12-29 12:13 . 2017-12-29 12:13 -------- d-----w- c:\program files (x86)\Microsoft XNA 2017-12-29 09:18 . 2017-12-29 09:18 -------- d-----w- c:\windows\SysWow64\nl 2017-12-29 09:18 . 2017-12-29 09:18 -------- d-----w- c:\windows\SysWow64\0413 2017-12-29 09:18 . 2017-12-29 09:18 -------- d-----w- c:\windows\nl-NL 2017-12-29 09:18 . 2017-12-29 09:18 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\nl-NL 2017-12-29 09:18 . 2017-12-29 09:18 -------- d-----w- c:\windows\SysWow64\drivers\nl-NL 2017-12-29 09:18 . 2018-01-02 21:02 -------- d-----w- c:\windows\SysWow64\wbem\nl-NL 2017-12-29 09:18 . 2017-12-29 09:18 -------- d-----w- c:\windows\system32\nl 2017-12-29 09:18 . 2017-12-29 09:18 -------- d-----w- c:\windows\system32\0413 2017-12-29 09:17 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\drivers\nl-NL 2017-12-29 09:17 . 2017-12-29 09:17 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL 2017-12-29 09:17 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\wbem\nl-NL 2017-12-29 09:17 . 2018-01-02 21:02 -------- d-----w- c:\windows\SysWow64\wbem\sv-SE 2017-12-29 09:17 . 2017-12-29 09:17 -------- d-----w- c:\windows\SysWow64\sv 2017-12-29 09:17 . 2017-12-29 09:17 -------- d-----w- c:\windows\SysWow64\drivers\sv-SE 2017-12-29 09:16 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\sv 2017-12-29 09:16 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\drivers\sv-SE 2017-12-29 09:16 . 2017-12-29 09:16 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE 2017-12-29 09:16 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\wbem\sv-SE 2017-12-29 09:16 . 2017-12-29 09:16 -------- d-----w- c:\windows\sv-SE 2017-12-29 09:15 . 2018-01-02 21:03 -------- d-----w- c:\windows\de-DE 2017-12-29 09:15 . 2017-12-29 09:15 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\de-DE 2017-12-29 09:15 . 2017-12-29 09:15 -------- d-----w- c:\windows\SysWow64\drivers\de-DE 2017-12-29 09:15 . 2017-12-29 09:15 -------- d-----w- c:\windows\SysWow64\de 2017-12-29 09:15 . 2017-12-29 09:15 -------- d-----w- c:\windows\SysWow64\0407 2017-12-29 09:15 . 2018-01-02 21:02 -------- d-----w- c:\windows\SysWow64\wbem\de-DE 2017-12-29 09:15 . 2017-12-29 09:15 -------- d-----w- c:\windows\system32\0407 2017-12-29 09:15 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\drivers\de-DE 2017-12-29 09:15 . 2017-12-29 09:15 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE 2017-12-29 09:15 . 2017-12-29 09:15 -------- d-----w- c:\windows\system32\de 2017-12-29 09:15 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\wbem\de-DE 2017-12-29 09:14 . 2018-01-02 21:02 -------- d-----w- c:\windows\SysWow64\cs 2017-12-29 09:14 . 2017-12-29 09:14 -------- d-----w- c:\windows\SysWow64\drivers\cs-CZ 2017-12-29 09:14 . 2018-01-02 21:02 -------- d-----w- c:\windows\SysWow64\wbem\cs-CZ 2017-12-29 09:14 . 2017-12-29 09:14 -------- d-----w- c:\windows\cs-CZ 2017-12-29 09:14 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\cs 2017-12-29 09:13 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\drivers\cs-CZ 2017-12-29 09:13 . 2017-12-29 09:13 -------- d-----w- c:\windows\system32\drivers\UMDF\cs-CZ 2017-12-29 09:13 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\wbem\cs-CZ 2017-12-29 09:13 . 2017-12-29 09:13 -------- d-----w- c:\windows\lt-LT 2017-12-29 09:13 . 2018-01-02 21:02 -------- d-----w- c:\windows\SysWow64\wbem\lt-LT 2017-12-29 09:13 . 2017-12-29 09:13 -------- d-----w- c:\windows\SysWow64\drivers\lt-LT 2017-12-29 09:13 . 2017-12-29 09:13 -------- d-----w- c:\windows\system32\drivers\lt-LT 2017-12-29 09:13 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\wbem\lt-LT 2017-12-29 09:13 . 2017-12-29 09:13 -------- d-----w- c:\windows\SysWow64\drivers\hr-HR 2017-12-29 09:12 . 2018-01-02 21:02 -------- d-----w- c:\windows\SysWow64\wbem\hr-HR 2017-12-29 09:12 . 2017-12-29 09:12 -------- d-----w- c:\windows\system32\drivers\hr-HR 2017-12-29 09:12 . 2017-12-29 09:12 -------- d-----w- c:\windows\hr-HR 2017-12-29 09:12 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\wbem\hr-HR 2017-12-29 09:12 . 2017-12-29 09:12 -------- d-----w- c:\windows\SysWow64\ru 2017-12-29 09:12 . 2017-12-29 09:12 -------- d-----w- c:\windows\SysWow64\drivers\ru-RU 2017-12-29 09:12 . 2018-01-02 21:02 -------- d-----w- c:\windows\SysWow64\wbem\ru-RU 2017-12-29 09:11 . 2018-01-02 21:00 -------- d-----w- c:\windows\system32\drivers\ru-RU . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2018-01-02 17:23 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2018-01-02 17:23 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2017-10-10 09:31 . 2017-10-10 09:31 92808 ----a-w- c:\windows\SysWow64\mfcm140u.dll 2017-10-10 09:31 . 2017-10-10 09:31 92296 ----a-w- c:\windows\SysWow64\mfcm140.dll 2017-10-10 09:31 . 2017-10-10 09:31 86840 ----a-w- c:\windows\SysWow64\vcruntime140.dll 2017-10-10 09:31 . 2017-10-10 09:31 75408 ----a-w- c:\windows\SysWow64\mfc140fra.dll 2017-10-10 09:31 . 2017-10-10 09:31 75400 ----a-w- c:\windows\SysWow64\mfc140deu.dll 2017-10-10 09:31 . 2017-10-10 09:31 74384 ----a-w- c:\windows\SysWow64\mfc140esn.dll 2017-10-10 09:31 . 2017-10-10 09:31 73360 ----a-w- c:\windows\SysWow64\mfc140ita.dll 2017-10-10 09:31 . 2017-10-10 09:31 71312 ----a-w- c:\windows\SysWow64\mfc140rus.dll 2017-10-10 09:31 . 2017-10-10 09:31 65680 ----a-w- c:\windows\SysWow64\mfc140enu.dll 2017-10-10 09:31 . 2017-10-10 09:31 54928 ----a-w- c:\windows\SysWow64\mfc140jpn.dll 2017-10-10 09:31 . 2017-10-10 09:31 53904 ----a-w- c:\windows\SysWow64\mfc140kor.dll 2017-10-10 09:31 . 2017-10-10 09:31 5124744 ----a-w- c:\windows\SysWow64\mfc140u.dll 2017-10-10 09:31 . 2017-10-10 09:31 4821632 ----a-w- c:\windows\SysWow64\mfc140.dll 2017-10-10 09:31 . 2017-10-10 09:31 46736 ----a-w- c:\windows\SysWow64\mfc140cht.dll 2017-10-10 09:31 . 2017-10-10 09:31 46736 ----a-w- c:\windows\SysWow64\mfc140chs.dll 2017-10-10 09:31 . 2017-10-10 09:31 457000 ----a-w- c:\windows\SysWow64\msvcp140.dll 2017-10-10 09:31 . 2017-10-10 09:31 404104 ----a-w- c:\windows\SysWow64\vcamp140.dll 2017-10-10 09:31 . 2017-10-10 09:31 273560 ----a-w- c:\windows\SysWow64\vccorlib140.dll 2017-10-10 09:31 . 2017-10-10 09:31 248616 ----a-w- c:\windows\SysWow64\concrt140.dll 2017-10-10 09:31 . 2017-10-10 09:31 138376 ----a-w- c:\windows\SysWow64\vcomp140.dll 2017-10-10 09:22 . 2017-10-10 09:22 89752 ----a-w- c:\windows\system32\vcruntime140.dll 2017-10-10 09:22 . 2017-10-10 09:22 75408 ----a-w- c:\windows\system32\mfc140fra.dll 2017-10-10 09:22 . 2017-10-10 09:22 75408 ----a-w- c:\windows\system32\mfc140deu.dll 2017-10-10 09:22 . 2017-10-10 09:22 74384 ----a-w- c:\windows\system32\mfc140esn.dll 2017-10-10 09:22 . 2017-10-10 09:22 73360 ----a-w- c:\windows\system32\mfc140ita.dll 2017-10-10 09:22 . 2017-10-10 09:22 71312 ----a-w- c:\windows\system32\mfc140rus.dll 2017-10-10 09:22 . 2017-10-10 09:22 687240 ----a-w- c:\windows\system32\msvcp140.dll 2017-10-10 09:22 . 2017-10-10 09:22 65680 ----a-w- c:\windows\system32\mfc140enu.dll 2017-10-10 09:22 . 2017-10-10 09:22 6122120 ----a-w- c:\windows\system32\mfc140u.dll 2017-10-10 09:22 . 2017-10-10 09:22 6089344 ----a-w- c:\windows\system32\mfc140.dll 2017-10-10 09:22 . 2017-10-10 09:22 54928 ----a-w- c:\windows\system32\mfc140jpn.dll 2017-10-10 09:22 . 2017-10-10 09:22 547464 ----a-w- c:\windows\system32\vcamp140.dll 2017-10-10 09:22 . 2017-10-10 09:22 53896 ----a-w- c:\windows\system32\mfc140kor.dll 2017-10-10 09:22 . 2017-10-10 09:22 46736 ----a-w- c:\windows\system32\mfc140cht.dll 2017-10-10 09:22 . 2017-10-10 09:22 46736 ----a-w- c:\windows\system32\mfc140chs.dll 2017-10-10 09:22 . 2017-10-10 09:22 391832 ----a-w- c:\windows\system32\vccorlib140.dll 2017-10-10 09:22 . 2017-10-10 09:22 344712 ----a-w- c:\windows\system32\concrt140.dll 2017-10-10 09:22 . 2017-10-10 09:22 155784 ----a-w- c:\windows\system32\vcomp140.dll 2017-10-10 09:22 . 2017-10-10 09:22 103048 ----a-w- c:\windows\system32\mfcm140u.dll 2017-10-10 09:22 . 2017-10-10 09:22 102528 ----a-w- c:\windows\system32\mfcm140.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-01-15 8619224] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-05-24 2439072] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208] "StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2013-04-18 313656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x] R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x] R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x] R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsha.sys;c:\windows\SYSNATIVE\drivers\aswbidsha.sys [x] S0 aswblog;aswblog;c:\windows\system32\drivers\aswbloga.sys;c:\windows\SYSNATIVE\drivers\aswbloga.sys [x] S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniva.sys;c:\windows\SYSNATIVE\drivers\aswbuniva.sys [x] S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys;c:\windows\SYSNATIVE\drivers\aswRvrt.sys [x] S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys;c:\windows\SYSNATIVE\drivers\aswVmm.sys [x] S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys;c:\windows\SYSNATIVE\drivers\aswArPot.sys [x] S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x] S1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys;c:\windows\SYSNATIVE\drivers\aswNetSec.sys [x] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 avast! Firewall;Avast Firewall Service;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x] S2 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x] S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x] S2 MSSQL$ELISOFT;SQL Server (ELISOFT);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x] S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x] S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x] S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x] S3 aswNetNd6;Avast Firewall NDIS6 Helper;c:\windows\system32\DRIVERS\aswNetNd6.sys;c:\windows\SYSNATIVE\DRIVERS\aswNetNd6.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2017-12-27 18:00 1538904 ----a-w- c:\program files (x86)\Google\Chrome\Application\63.0.3239.108\Installer\chrmstp.exe . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2018-01-04 06:58 1757400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2018-01-04 246120] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 0.0.0.0 . - - - - USUNIĘTO PUSTE WPISY - - - - . Wow6432Node-HKLM-Run- - (no file) Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-2339305498-3737831894-1099467929-1000\Software\SecuROM\License information*] "datasecu"=hex:39,20,68,04,b9,a2,9d,87,45,ed,98,e3,cc,7d,3b,cc,38,02,be,36,fa, de,83,cd,d3,8c,8c,3f,72,1a,d6,86,6c,3c,d1,84,c2,37,6c,ed,7d,09,01,fc,e5,2c,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2018-01-04 09:51:09 ComboFix-quarantined-files.txt 2018-01-04 08:51 . Przed: 166 726 643 712 bajtów wolnych Po: 166 852 907 008 bajtów wolnych . - - End Of File - - C4A8B98CAAA91F56A298C2C9700718F9 A36C5E4F47E84449FF07ED3517B43A31