SHARE
TWEET

Untitled

a guest Jun 2nd, 2016 92 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ComboFix 16-06-01.01 - Alpha 2016-06-02   9:16.1.4 - x64
  2. Microsoft Windows 8  6.2.9200.0.1250.48.1045.18.4094.2764 [GMT 2:00]
  3. Uruchomiony z: c:\users\Alpha\Downloads\ComboFix.exe
  4. AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  5. SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  6.  * Utworzono nowy punkt przywracania
  7. .
  8. .
  9. (((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
  10. .
  11. .
  12. c:\windows\SysWow64\Packet.dll
  13. c:\windows\SysWow64\pthreadVC.dll
  14. c:\windows\SysWow64\wpcap.dll
  15. .
  16. .
  17. (((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
  18. .
  19. .
  20. -------\Service_npf
  21. .
  22. .
  23. (((((((((((((((((((((((((   Pliki utworzone od 2016-05-02 do 2016-06-02  )))))))))))))))))))))))))))))))
  24. .
  25. .
  26. 2016-06-02 07:19 . 2016-06-02 07:21 --------    d-----w-    c:\users\Alpha\AppData\Local\temp
  27. 2016-06-01 20:33 . 2016-06-01 20:33 --------    d-----w-    c:\windows\ServiceProfiles\LocalService\winhttp
  28. 2016-06-01 17:50 . 2016-06-01 17:50 --------    d-----w-    c:\users\Public\temp
  29. 2016-06-01 15:49 . 2016-06-01 15:49 --------    d-----w-    c:\users\Alpha\AppData\Local\Overwolf
  30. 2016-05-31 18:50 . 2016-05-31 18:50 --------    d-----w-    c:\program files (x86)\Mirillis
  31. 2016-05-31 14:19 . 2016-06-01 16:51 --------    d-----w-    c:\users\Alpha\AppData\Roaming\vlc
  32. 2016-05-26 17:11 . 2016-06-01 19:07 --------    d-----w-    c:\users\Alpha\AppData\Roaming\.minecraft
  33. 2016-05-26 12:41 . 2016-05-26 12:41 98304   ----a-w-    c:\windows\SysWow64\CmdLineExt.dll
  34. 2016-05-24 14:25 . 2016-05-25 18:47 --------    d--h--w-    c:\program files (x86)\InstallShield Installation Information
  35. 2016-05-24 14:25 . 2016-05-24 14:25 --------    d-----w-    c:\program files (x86)\Common Files\InstallShield
  36. 2016-05-23 21:03 . 2016-05-23 21:06 --------    d-----w-    c:\users\Alpha\AppData\Local\NVIDIA
  37. 2016-05-23 21:03 . 2016-01-29 12:08 1756424 ----a-w-    c:\windows\system32\nvspbridge64.dll
  38. 2016-05-23 21:03 . 2016-01-29 12:08 1514528 ----a-w-    c:\windows\system32\nvspcap64.dll
  39. 2016-05-23 21:03 . 2016-01-29 12:08 1316184 ----a-w-    c:\windows\SysWow64\nvspbridge.dll
  40. 2016-05-23 21:03 . 2016-01-29 12:08 1278920 ----a-w-    c:\windows\SysWow64\nvspcap.dll
  41. 2016-05-23 21:02 . 2016-01-29 09:04 614848  ----a-w-    c:\windows\SysWow64\nvStreaming.exe
  42. 2016-05-23 21:02 . 2016-05-23 21:03 --------    d-----w-    c:\program files (x86)\NVIDIA Corporation
  43. 2016-05-17 19:43 . 2016-05-17 19:43 --------    d-----w-    c:\users\Alpha\Tracing
  44. 2016-05-17 19:42 . 2016-05-25 14:06 --------    d-----w-    c:\users\Alpha\AppData\Roaming\Skype
  45. 2016-05-17 19:42 . 2016-05-17 19:42 --------    d-----w-    c:\program files (x86)\Common Files\Skype
  46. 2016-05-17 19:42 . 2016-05-17 19:42 --------    d-----r-    c:\program files (x86)\Skype
  47. 2016-05-17 19:42 . 2016-05-17 19:42 --------    d-----w-    c:\programdata\Skype
  48. 2016-05-16 09:35 . 2016-06-01 13:11 --------    d-----w-    c:\users\Alpha\AppData\Roaming\Audacity
  49. 2016-05-16 09:35 . 2016-05-16 09:35 --------    d-----w-    c:\users\Alpha\AppData\Local\Audacity
  50. 2016-05-08 22:00 . 2016-05-08 22:00 --------    d-----w-    c:\windows\Hearts of Iron 2 Platynowa Edycja
  51. 2016-05-07 12:50 . 2016-05-07 12:50 --------    d-----w-    c:\program files\WinPcap
  52. 2016-05-07 12:50 . 2016-05-08 20:24 --------    d-----w-    c:\programdata\Freemake
  53. 2016-05-07 12:44 . 2016-05-07 12:44 --------    d-----w-    c:\program files (x86)\FreeCodecPack
  54. 2016-05-07 12:43 . 2016-05-08 20:24 --------    d-----w-    c:\users\Alpha\AppData\Roaming\DVDVideoSoft
  55. 2016-05-07 12:14 . 2016-05-07 12:14 --------    d-----w-    c:\program files\CPUID
  56. .
  57. .
  58. .
  59. ((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
  60. .
  61. 2016-05-19 13:44 . 2016-04-25 13:15 192216  ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
  62. 2016-04-24 22:35 . 2016-04-24 22:35 129152  ----a-w-    c:\windows\system32\drivers\ssudbus.sys
  63. 2016-04-22 07:57 . 2016-04-20 11:55 453288  ------w-    c:\windows\system32\MpSigStub.exe
  64. 2016-04-20 12:05 . 2016-04-20 12:04 135176864   ----a-w-    c:\windows\system32\MRT.exe
  65. 2016-04-20 10:57 . 2016-04-20 10:57 97856   ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
  66. 2016-04-19 19:55 . 2012-07-26 08:13 24288   ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  67. 2016-04-02 18:50 . 2016-04-19 22:07 46784   ----a-w-    c:\windows\system32\CompatTelRunner.exe
  68. 2016-04-02 17:55 . 2016-04-19 22:07 279040  ----a-w-    c:\windows\system32\invagent.dll
  69. 2016-04-02 17:55 . 2016-04-19 22:07 698368  ----a-w-    c:\windows\system32\generaltel.dll
  70. 2016-04-02 17:55 . 2016-04-19 22:07 499200  ----a-w-    c:\windows\system32\devinv.dll
  71. 2016-04-02 17:55 . 2016-04-19 22:07 1386496 ----a-w-    c:\windows\system32\appraiser.dll
  72. 2016-04-02 17:55 . 2016-04-19 22:07 215040  ----a-w-    c:\windows\system32\aepic.dll
  73. 2016-04-02 17:55 . 2016-04-19 22:07 76800   ----a-w-    c:\windows\system32\acmigration.dll
  74. 2016-04-02 15:24 . 2016-04-19 22:07 1169408 ----a-w-    c:\windows\system32\aeinv.dll
  75. 2016-03-16 16:45 . 2016-04-20 11:55 11686560    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{9DDF01C4-D349-4151-871D-CB63AA01B4A8}\mpengine.dll
  76. 2016-03-10 12:09 . 2016-04-25 13:15 65408   ----a-w-    c:\windows\system32\drivers\mwac.sys
  77. 2016-03-10 12:08 . 2016-04-25 13:15 140672  ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
  78. 2016-03-10 12:08 . 2016-04-25 13:15 27008   ----a-w-    c:\windows\system32\drivers\mbam.sys
  79. .
  80. .
  81. (((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
  82. .
  83. .
  84. *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
  85. REGEDIT4
  86. .
  87. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  88. "CCleaner Monitoring"="d:\ccleaner 5.17.5590\CCleaner64.exe" [2016-04-15 8698584]
  89. .
  90. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  91. "PromptOnSecureDesktop"= 0 (0x0)
  92. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  93. "EnableUIADesktopToggle"= 0 (0x0)
  94. "EnableCursorSuppression"= 1 (0x1)
  95. "ConsentPromptBehaviorUser"= 3 (0x3)
  96. .
  97. R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
  98. R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
  99. R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
  100. R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
  101. R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
  102. R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
  103. R4 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x]
  104. R4 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
  105. R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
  106. R4 MBAMService;MBAMService;d:\malwarebytes anti-malware\mbamservice.exe;d:\malwarebytes anti-malware\mbamservice.exe [x]
  107. R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
  108. R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
  109. R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
  110. R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
  111. S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
  112. S3 RTL8168;Sterownik Realtek 8168 NT;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
  113. S3 VBAudioVACMME;@oem9.inf,%DeviceName% (WDM);VB-Audio Virtual Cable (WDM);c:\windows\system32\DRIVERS\vbaudio_cable64_win7.sys;c:\windows\SYSNATIVE\DRIVERS\vbaudio_cable64_win7.sys [x]
  114. .
  115. .
  116. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
  117. 2016-05-07 12:53    1186968 ----a-w-    c:\program files (x86)\Google\Chrome\Application\50.0.2661.94\Installer\chrmstp.exe
  118. .
  119. Zawartość folderu 'Zaplanowane zadania'
  120. .
  121. 2016-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
  122. - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-23 13:02]
  123. .
  124. 2016-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  125. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-05-07 12:53]
  126. .
  127. 2016-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  128. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-05-07 12:53]
  129. .
  130. 2016-06-01 c:\windows\Tasks\Uninstaller_SkipUac_Alpha.job
  131. - d:\iobit uninstaller 5.3\IObitUninstaler.exe [2016-04-20 14:39]
  132. .
  133. .
  134. --------- X64 Entries -----------
  135. .
  136. .
  137. ------- Skan uzupełniający -------
  138. .
  139. uLocal Page = c:\windows\system32\blank.htm
  140. TCP: DhcpNameServer = 192.168.0.1
  141. FF - ProfilePath - c:\users\Alpha\AppData\Roaming\Mozilla\Firefox\Profiles\m4aaxh58.default\
  142. FF - prefs.js: browser.startup.homepage - google.pl
  143. .
  144. .
  145. --------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
  146. .
  147. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  148. @Denied: (Full) (Everyone)
  149. @SACL=(02 0000)
  150. .
  151. ------------------------ Pozostałe uruchomione procesy ------------------------
  152. .
  153. c:\windows\slsvc.exe
  154. c:\users\Public\temp\TeamViewer\TeamViewer_Service.exe
  155. .
  156. **************************************************************************
  157. .
  158. Czas ukończenia: 2016-06-02  09:24:41 - komputer został uruchomiony ponownie
  159. ComboFix-quarantined-files.txt  2016-06-02 07:24
  160. .
  161. Przed: 65 369 120 768 bytes free
  162. Po: 65 125 036 032 bytes free
  163. .
  164. - - End Of File - - 550A82E271DE48756EBFCE7BF655D049
  165. A36C5E4F47E84449FF07ED3517B43A31
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top