API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 28th, 2018
282
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 24.91 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 18-06-17.01 - Mateusz 2018-06-28 13:38:16.1.4 - x64
  2. Microsoft Windows 7 Professional 6.1.7600.0.1250.48.1045.18.2486.612 [GMT 2:00]
  3. Uruchomiony z: c:\users\Mateusz\AppData\Local\Temp\scoped_dir3136_2927\ComboFix.exe
  4. AV: AVG Antivirus *Enabled/Updated* {C50510DE-367A-330C-FD5C-556ACFB11243}
  5. SP: AVG Antivirus *Enabled/Updated* {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
  6. SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  7. .
  8. .
  9. ((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
  10. .
  11. .
  12. c:\windows\SysWow64\SET298D.tmp
  13. c:\windows\SysWow64\SETD95B.tmp
  14. c:\windows\SysWow64\SETF835.tmp
  15. .
  16. .
  17. ((((((((((((((((((((((((( Pliki utworzone od 2018-05-28 do 2018-06-28 )))))))))))))))))))))))))))))))
  18. .
  19. .
  20. 2018-06-28 11:42 . 2018-06-28 11:42 -------- d-----w- c:\users\Default\AppData\Local\temp
  21. 2018-06-28 10:56 . 2006-03-31 10:39 83664 ----a-w- c:\windows\system32\xinput1_1.dll
  22. 2018-06-28 10:56 . 2006-03-31 10:40 352464 ----a-w- c:\windows\system32\xactengine2_1.dll
  23. 2018-06-28 10:56 . 2006-03-31 10:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
  24. 2018-06-28 10:46 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
  25. 2018-06-28 10:22 . 2018-06-28 10:22 -------- d-----w- c:\users\Mateusz\AppData\Local\Steam
  26. 2018-06-28 10:17 . 2018-06-28 11:07 -------- d-----w- c:\program files (x86)\Common Files\Steam
  27. 2018-06-28 10:17 . 2018-06-28 11:23 -------- d-----w- c:\program files (x86)\Steam
  28. 2018-06-04 11:08 . 2018-06-04 11:16 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
  29. 2018-06-04 11:08 . 2018-06-04 11:08 -------- d-----w- c:\users\Mateusz\AppData\Local\BattlEye
  30. 2018-06-04 11:07 . 2018-06-04 11:07 -------- d-----w- c:\users\Mateusz\AppData\Local\Tibia
  31. .
  32. .
  33. .
  34. (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
  35. .
  36. 2018-06-10 08:57 . 2018-04-10 13:48 842240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
  37. 2018-06-10 08:57 . 2018-04-10 13:48 175104 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  38. 2018-05-17 13:31 . 2018-04-09 14:09 198368 ----a-w- c:\windows\system32\drivers\avgStm.sys
  39. 2018-05-17 13:31 . 2018-05-17 13:31 377584 ----a-w- c:\windows\system32\avgBoot.exe
  40. 2018-05-17 13:31 . 2018-04-09 14:09 373944 ----a-w- c:\windows\system32\drivers\avgVmm.sys
  41. 2018-05-17 13:31 . 2018-04-09 14:09 78352 ----a-w- c:\windows\system32\drivers\avgRvrt.sys
  42. 2018-05-17 13:31 . 2018-04-09 14:09 452904 ----a-w- c:\windows\system32\drivers\avgSP.sys
  43. 2018-05-17 13:31 . 2018-04-09 14:09 151504 ----a-w- c:\windows\system32\drivers\avgMonFlt.sys
  44. 2018-05-17 13:31 . 2018-04-09 14:09 39352 ----a-w- c:\windows\system32\drivers\avgHwid.sys
  45. 2018-05-17 13:31 . 2018-04-09 14:09 189032 ----a-w- c:\windows\system32\drivers\avgArPot.sys
  46. 2018-05-17 13:31 . 2018-04-09 14:09 103744 ----a-w- c:\windows\system32\drivers\avgRdr2.sys
  47. 2018-05-17 13:31 . 2018-04-09 14:09 1020112 ----a-w- c:\windows\system32\drivers\avgSnx.sys
  48. 2018-05-17 13:31 . 2018-04-09 14:09 50776 ----a-w- c:\windows\system32\drivers\avgbuniva.sys
  49. 2018-05-17 13:31 . 2018-04-09 14:09 336848 ----a-w- c:\windows\system32\drivers\avgbloga.sys
  50. 2018-05-17 13:31 . 2018-04-09 14:09 220600 ----a-w- c:\windows\system32\drivers\avgbidsdrivera.sys
  51. 2018-05-17 13:31 . 2018-04-09 14:09 192536 ----a-w- c:\windows\system32\drivers\avgbidsha.sys
  52. 2018-05-16 19:25 . 2018-05-16 19:25 1232264 ----a-w- c:\windows\system32\coinst_18.10.dll
  53. 2018-05-16 19:24 . 2018-05-16 19:24 9936 ----a-w- c:\windows\SysWow64\detoured.dll
  54. 2018-05-16 19:24 . 2018-05-16 19:24 9936 ----a-w- c:\windows\system32\detoured.dll
  55. 2018-05-16 19:24 . 2018-05-16 19:24 164440 ----a-w- c:\windows\SysWow64\atiuxpag.dll
  56. 2018-05-16 19:24 . 2018-04-09 12:54 200008 ----a-w- c:\windows\system32\atiuxp64.dll
  57. 2018-05-16 19:24 . 2018-04-09 12:54 9990664 ----a-w- c:\windows\SysWow64\atiumdag.dll
  58. 2018-05-16 19:24 . 2018-04-09 12:54 12517800 ----a-w- c:\windows\system32\atiumd64.dll
  59. 2018-05-16 19:24 . 2018-04-09 12:54 146960 ----a-w- c:\windows\SysWow64\atiu9pag.dll
  60. 2018-05-16 19:24 . 2018-04-09 12:54 177312 ----a-w- c:\windows\system32\atiu9p64.dll
  61. 2018-05-16 19:23 . 2018-05-16 19:23 448392 ----a-w- c:\windows\system32\GameManager64.dll
  62. 2018-05-16 19:23 . 2018-05-16 19:23 356744 ----a-w- c:\windows\SysWow64\GameManager32.dll
  63. 2018-05-16 19:23 . 2018-05-16 19:23 469896 ----a-w- c:\windows\system32\dgtrayicon.exe
  64. 2018-05-16 19:23 . 2018-05-16 19:23 476552 ----a-w- c:\windows\system32\atitmm64.dll
  65. 2018-05-16 19:23 . 2018-05-16 19:23 115592 ----a-w- c:\windows\system32\atimuixx.dll
  66. 2018-05-16 19:23 . 2018-05-16 19:23 544136 ----a-w- c:\windows\system32\drivers\atikmpag.sys
  67. 2018-05-16 19:23 . 2018-05-16 19:23 126344 ----a-w- c:\windows\SysWow64\atiglpxx.dll
  68. 2018-05-16 19:23 . 2018-05-16 19:23 126344 ----a-w- c:\windows\system32\atiglpxx.dll
  69. 2018-05-16 19:23 . 2018-05-16 19:23 11894144 ----a-w- c:\windows\SysWow64\atiumdvt.dll
  70. 2018-05-16 19:22 . 2018-05-16 19:22 196488 ----a-w- c:\windows\SysWow64\atigktxx.dll
  71. 2018-05-16 19:22 . 2018-05-16 19:22 11882832 ----a-w- c:\windows\SysWow64\atiumdva.dll
  72. 2018-05-16 19:22 . 2018-04-09 12:54 226184 ----a-w- c:\windows\system32\atig6txx.dll
  73. 2018-05-16 19:22 . 2018-04-09 12:54 146824 ----a-w- c:\windows\system32\atig6pxx.dll
  74. 2018-05-16 19:22 . 2018-05-16 19:22 472968 ----a-w- c:\windows\system32\atiesrxx.exe
  75. 2018-05-16 19:22 . 2018-05-16 19:22 12427184 ----a-w- c:\windows\system32\atiumd6t.dll
  76. 2018-05-16 19:22 . 2018-05-16 19:22 704392 ----a-w- c:\windows\system32\atieclxx.exe
  77. 2018-05-16 19:22 . 2018-05-16 19:22 12412240 ----a-w- c:\windows\system32\atiumd6a.dll
  78. 2018-05-16 19:22 . 2018-05-16 19:22 92328 ----a-w- c:\windows\SysWow64\atimpc32.dll
  79. 2018-05-16 19:22 . 2018-05-16 19:22 92328 ----a-w- c:\windows\SysWow64\amdpcom32.dll
  80. 2018-05-16 19:22 . 2018-05-16 19:22 111440 ----a-w- c:\windows\system32\atimpc64.dll
  81. 2018-05-16 19:22 . 2018-05-16 19:22 111440 ----a-w- c:\windows\system32\amdpcom64.dll
  82. 2018-05-16 19:22 . 2018-05-16 19:22 405896 ----a-w- c:\windows\system32\atieah64.exe
  83. 2018-05-16 19:22 . 2018-05-16 19:22 175288 ----a-w- c:\windows\system32\amdhcp64.dll
  84. 2018-05-16 19:22 . 2018-05-16 19:22 153640 ----a-w- c:\windows\SysWow64\amdhcp32.dll
  85. 2018-05-16 19:22 . 2018-05-16 19:22 326024 ----a-w- c:\windows\SysWow64\atieah32.exe
  86. 2018-05-16 19:22 . 2018-05-16 19:22 458632 ----a-w- c:\windows\system32\atidemgy.dll
  87. 2018-05-16 19:22 . 2018-05-16 19:22 342920 ----a-w- c:\windows\system32\clinfo.exe
  88. 2018-05-16 19:22 . 2018-05-16 19:22 166280 ----a-w- c:\windows\system32\OpenCL.dll
  89. 2018-05-16 19:22 . 2018-05-16 19:22 142216 ----a-w- c:\windows\SysWow64\OpenCL.dll
  90. 2018-05-16 19:22 . 2018-04-09 12:54 16363808 ----a-w- c:\windows\system32\atidxx64.dll
  91. 2018-05-16 19:22 . 2018-05-16 19:22 120680 ----a-w- c:\windows\system32\amdave64.dll
  92. 2018-05-16 19:22 . 2018-05-16 19:22 105736 ----a-w- c:\windows\SysWow64\amdave32.dll
  93. 2018-05-16 19:22 . 2018-05-16 19:22 13544168 ----a-w- c:\windows\SysWow64\atidxx32.dll
  94. 2018-05-16 19:21 . 2018-05-16 19:21 1059720 ----a-w- c:\windows\SysWow64\atiadlxy.dll
  95. 2018-05-16 19:21 . 2018-05-16 19:21 1059720 ----a-w- c:\windows\SysWow64\atiadlxx.dll
  96. 2018-05-16 19:21 . 2018-04-09 12:54 1997352 ----a-w- c:\windows\system32\aticfx64.dll
  97. 2018-05-16 19:21 . 2018-04-09 12:54 1581720 ----a-w- c:\windows\SysWow64\aticfx32.dll
  98. 2018-05-16 19:21 . 2018-04-09 12:54 1468808 ----a-w- c:\windows\system32\atiadlxx.dll
  99. 2018-05-16 19:21 . 2018-05-16 19:21 148360 ----a-w- c:\windows\system32\atisamu64.dll
  100. 2018-05-16 19:21 . 2018-05-16 19:21 36744 ----a-w- c:\windows\system32\RapidFireServer64.dll
  101. 2018-05-16 19:21 . 2018-05-16 19:21 124296 ----a-w- c:\windows\SysWow64\atisamu32.dll
  102. 2018-05-16 19:21 . 2018-05-16 19:21 33672 ----a-w- c:\windows\SysWow64\RapidFireServer.dll
  103. 2018-05-16 19:21 . 2018-05-16 19:21 556936 ----a-w- c:\windows\system32\Rapidfire64.dll
  104. 2018-05-16 19:21 . 2018-05-16 19:21 467848 ----a-w- c:\windows\SysWow64\Rapidfire.dll
  105. 2018-05-16 19:21 . 2018-05-16 19:21 150920 ----a-w- c:\windows\system32\mantleaxl64.dll
  106. 2018-05-16 19:21 . 2018-05-16 19:21 67909512 ----a-w- c:\windows\system32\amdocl64.dll
  107. 2018-05-16 19:21 . 2018-05-16 19:21 126344 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
  108. 2018-05-16 19:21 . 2018-05-16 19:21 44673416 ----a-w- c:\windows\system32\drivers\atikmdag.sys
  109. 2018-05-16 19:21 . 2018-05-16 19:21 171400 ----a-w- c:\windows\system32\mantle64.dll
  110. 2018-05-16 19:21 . 2018-05-16 19:21 141704 ----a-w- c:\windows\SysWow64\mantle32.dll
  111. 2018-05-16 19:21 . 2018-05-16 19:21 349064 ----a-w- c:\windows\system32\ATIODE.exe
  112. 2018-05-16 19:21 . 2018-05-16 19:21 67464 ----a-w- c:\windows\system32\ATIODCLI.exe
  113. 2018-05-16 19:21 . 2018-05-16 19:21 60296 ----a-w- c:\windows\system32\drivers\ati2erec.dll
  114. 2018-05-16 19:21 . 2018-05-16 19:21 3128200 ----a-w- c:\windows\system32\amfrt64.dll
  115. 2018-05-16 19:21 . 2018-05-16 19:21 31604104 ----a-w- c:\windows\system32\amdocl12cl64.dll
  116. 2018-05-16 19:21 . 2018-05-16 19:21 2726792 ----a-w- c:\windows\SysWow64\amfrt32.dll
  117. 2018-05-16 19:21 . 2018-05-16 19:21 437128 ----a-w- c:\windows\system32\amdgfxinfo64.dll
  118. 2018-05-16 19:21 . 2018-05-16 19:21 352648 ----a-w- c:\windows\SysWow64\amdgfxinfo32.dll
  119. 2018-05-16 19:21 . 2018-05-16 19:21 16489352 ----a-w- c:\windows\system32\amdvlk64.dll
  120. 2018-05-16 19:21 . 2018-05-16 19:21 305544 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
  121. 2018-05-16 19:20 . 2018-05-16 19:20 16095624 ----a-w- c:\windows\system32\amdmantle64.dll
  122. 2018-05-16 19:20 . 2018-05-16 19:20 25181064 ----a-w- c:\windows\SysWow64\amdocl12cl.dll
  123. 2018-05-16 19:20 . 2018-05-16 19:20 14063496 ----a-w- c:\windows\SysWow64\amdvlk32.dll
  124. 2018-05-16 19:20 . 2018-05-16 19:20 13600136 ----a-w- c:\windows\SysWow64\amdmantle32.dll
  125. 2018-05-16 19:20 . 2018-05-16 19:20 866184 ----a-w- c:\windows\system32\amdlvr64.dll
  126. 2018-05-16 19:20 . 2018-05-16 19:20 157576 ----a-w- c:\windows\system32\amduve64.dll
  127. 2018-05-16 19:20 . 2018-05-16 19:20 135560 ----a-w- c:\windows\SysWow64\amduve32.dll
  128. 2018-05-16 19:20 . 2018-05-16 19:20 694152 ----a-w- c:\windows\SysWow64\amdlvr32.dll
  129. 2018-05-16 19:20 . 2018-05-16 19:20 139144 ----a-w- c:\windows\system32\amdmmcl6.dll
  130. 2018-05-16 19:20 . 2018-05-16 19:20 53600648 ----a-w- c:\windows\SysWow64\amdocl.dll
  131. 2018-05-16 19:20 . 2018-05-16 19:20 117128 ----a-w- c:\windows\SysWow64\amdmmcl.dll
  132. 2018-05-16 19:20 . 2018-05-16 19:20 543624 ----a-w- c:\windows\system32\amdmcl64.dll
  133. 2018-05-16 19:20 . 2018-05-16 19:20 373640 ----a-w- c:\windows\SysWow64\amdmcl32.dll
  134. 2018-05-16 19:20 . 2018-05-16 19:20 29714312 ----a-w- c:\windows\SysWow64\atioglxx.dll
  135. 2018-05-16 19:19 . 2018-05-16 19:19 35889032 ----a-w- c:\windows\system32\atio6axx.dll
  136. .
  137. .
  138. ------- Sigcheck -------
  139. Note: Unsigned files aren't necessarily malware.
  140. .
  141. [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
  142. [-] 2009-07-14 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
  143. .
  144. [-] 2018-05-10 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
  145. [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
  146. .
  147. ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
  148. .
  149. .
  150. *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
  151. REGEDIT4
  152. .
  153. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  154. "Steam"="c:\program files (x86)\Steam\steam.exe" [2018-06-08 3201312]
  155. .
  156. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  157. "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
  158. "331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2013-03-01 552960]
  159. "Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-08-31 508656]
  160. "DSATray"="c:\program files (x86)\Intel Driver and Support Assistant\DsaTray.exe" [2018-03-15 135968]
  161. "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
  162. .
  163. c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
  164. Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2013-2-19 1393880]
  165. .
  166. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  167. "ConsentPromptBehaviorAdmin"= 5 (0x5)
  168. "ConsentPromptBehaviorUser"= 3 (0x3)
  169. "EnableUIADesktopToggle"= 0 (0x0)
  170. .
  171. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  172. Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
  173. .
  174. R2 avgStm;avgStm;c:\windows\system32\drivers\avgStm.sys;c:\windows\SYSNATIVE\drivers\avgStm.sys [x]
  175. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
  176. R3 avgbIDSAgent;avgbIDSAgent;c:\program files (x86)\AVG\Antivirus\x64\aswidsagenta.exe;c:\program files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [x]
  177. R3 avgHwid;avgHwid;c:\windows\system32\drivers\avgHwid.sys;c:\windows\SYSNATIVE\drivers\avgHwid.sys [x]
  178. R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
  179. R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
  180. R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
  181. R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
  182. R3 EasyAntiCheat;EasyAntiCheat;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe [x]
  183. R3 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek;c:\program files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe;c:\program files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [x]
  184. R3 IntcDAud;Audio dla wyświetlaczy Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
  185. R3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager;c:\program files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe;c:\program files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [x]
  186. R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
  187. R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
  188. R3 USER_ESRV_SVC_QUEENCREEK;User Energy Server Service queencreek;c:\program files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe;c:\program files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [x]
  189. S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
  190. S0 avgbidsh;avgbidsh;c:\windows\system32\drivers\avgbidsha.sys;c:\windows\SYSNATIVE\drivers\avgbidsha.sys [x]
  191. S0 avgblog;avgblog;c:\windows\system32\drivers\avgbloga.sys;c:\windows\SYSNATIVE\drivers\avgbloga.sys [x]
  192. S0 avgbuniv;avgbuniv;c:\windows\system32\drivers\avgbuniva.sys;c:\windows\SYSNATIVE\drivers\avgbuniva.sys [x]
  193. S0 avgRvrt;avgRvrt;c:\windows\system32\drivers\avgRvrt.sys;c:\windows\SYSNATIVE\drivers\avgRvrt.sys [x]
  194. S0 avgVmm;avgVmm;c:\windows\system32\drivers\avgVmm.sys;c:\windows\SYSNATIVE\drivers\avgVmm.sys [x]
  195. S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
  196. S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
  197. S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
  198. S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
  199. S1 avgArPot;avgArPot;c:\windows\system32\drivers\avgArPot.sys;c:\windows\SYSNATIVE\drivers\avgArPot.sys [x]
  200. S1 avgbidsdriver;avgbidsdriver;c:\windows\system32\drivers\avgbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\avgbidsdrivera.sys [x]
  201. S1 avgRdr;avgRdr;c:\windows\system32\drivers\avgRdr2.sys;c:\windows\SYSNATIVE\drivers\avgRdr2.sys [x]
  202. S1 avgSnx;avgSnx;c:\windows\system32\drivers\avgSnx.sys;c:\windows\SYSNATIVE\drivers\avgSnx.sys [x]
  203. S1 avgSP;avgSP;c:\windows\system32\drivers\avgSP.sys;c:\windows\SYSNATIVE\drivers\avgSP.sys [x]
  204. S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
  205. S2 AVG Antivirus;AVG Antivirus;c:\program files (x86)\AVG\Antivirus\AVGSvc.exe;c:\program files (x86)\AVG\Antivirus\AVGSvc.exe [x]
  206. S2 avgMonFlt;avgMonFlt;c:\windows\system32\drivers\avgMonFlt.sys;c:\windows\SYSNATIVE\drivers\avgMonFlt.sys [x]
  207. S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
  208. S2 DSAService;Intel(R) Driver & Support Assistant;c:\program files (x86)\Intel Driver and Support Assistant\DSAService.exe;c:\program files (x86)\Intel Driver and Support Assistant\DSAService.exe [x]
  209. S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
  210. S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
  211. S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
  212. S2 SystemUsageReportSvc_QUEENCREEK;Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK;c:\program files\Intel\SUR\QUEENCREEK\SurSvc.exe;c:\program files\Intel\SUR\QUEENCREEK\SurSvc.exe [x]
  213. S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
  214. S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
  215. S3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
  216. S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
  217. S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
  218. S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
  219. .
  220. .
  221. .
  222. --------- X64 Entries -----------
  223. .
  224. .
  225. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  226. "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352]
  227. "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2018-04-09 8079408]
  228. "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2018-04-09 6199128]
  229. "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2013-02-04 899680]
  230. "SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2013-03-05 1647616]
  231. "AVGUI.exe"="c:\program files (x86)\AVG\Antivirus\AvLaunch.exe" [2018-05-17 291568]
  232. .
  233. ------- Skan uzupełniający -------
  234. .
  235. uLocal Page = c:\windows\system32\blank.htm
  236. mLocal Page = c:\windows\SysWOW64\blank.htm
  237. IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
  238. TCP: DhcpNameServer = 192.168.1.1
  239. FF - ProfilePath - c:\users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\drtxprsa.default\
  240. .
  241. - - - - USUNIĘTO PUSTE WPISY - - - -
  242. .
  243. ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
  244. HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
  245. .
  246. .
  247. .
  248. --------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
  249. .
  250. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
  251. @Denied: (A 2) (Everyone)
  252. @="FlashBroker"
  253. "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_30_0_0_113_ActiveX.exe,-101"
  254. .
  255. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
  256. "Enabled"=dword:00000001
  257. .
  258. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
  259. @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_30_0_0_113_ActiveX.exe"
  260. .
  261. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
  262. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  263. .
  264. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
  265. @Denied: (A 2) (Everyone)
  266. @="IFlashBroker6"
  267. .
  268. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
  269. @="{00020424-0000-0000-C000-000000000046}"
  270. .
  271. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
  272. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  273. "Version"="1.0"
  274. .
  275. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
  276. @Denied: (A 2) (Everyone)
  277. @="FlashBroker"
  278. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_30_0_0_113_ActiveX.exe,-101"
  279. .
  280. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
  281. "Enabled"=dword:00000001
  282. .
  283. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
  284. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_30_0_0_113_ActiveX.exe"
  285. .
  286. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
  287. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  288. .
  289. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  290. @Denied: (A 2) (Everyone)
  291. @="Shockwave Flash Object"
  292. .
  293. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  294. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_30_0_0_113.ocx"
  295. "ThreadingModel"="Apartment"
  296. .
  297. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  298. @="0"
  299. .
  300. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  301. @="ShockwaveFlash.ShockwaveFlash.30"
  302. .
  303. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  304. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_30_0_0_113.ocx, 1"
  305. .
  306. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  307. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  308. .
  309. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  310. @="1.0"
  311. .
  312. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  313. @="ShockwaveFlash.ShockwaveFlash"
  314. .
  315. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  316. @Denied: (A 2) (Everyone)
  317. @="Macromedia Flash Factory Object"
  318. .
  319. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  320. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_30_0_0_113.ocx"
  321. "ThreadingModel"="Apartment"
  322. .
  323. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  324. @="FlashFactory.FlashFactory.1"
  325. .
  326. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  327. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_30_0_0_113.ocx, 1"
  328. .
  329. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  330. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  331. .
  332. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  333. @="1.0"
  334. .
  335. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  336. @="FlashFactory.FlashFactory"
  337. .
  338. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
  339. @Denied: (A 2) (Everyone)
  340. @="IFlashBroker6"
  341. .
  342. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
  343. @="{00020424-0000-0000-C000-000000000046}"
  344. .
  345. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
  346. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  347. "Version"="1.0"
  348. .
  349. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  350. @Denied: (Full) (Everyone)
  351. .
  352. Czas ukończenia: 2018-06-28 13:44:54
  353. ComboFix-quarantined-files.txt 2018-06-28 11:44
  354. .
  355. Przed: 226 305 253 376 bajtów wolnych
  356. Po: 227 080 089 600 bajtów wolnych
  357. .
  358. - - End Of File - - A39D88CDD788E378A301028175275DC3
  359. A36C5E4F47E84449FF07ED3517B43A31
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!