Witam
Dziś po uruchomieniu komputera wyskoczył mi komunikat:
Nie można załadować modułu "C:\ProgramData\IacobOlusk"
Upewnij się, że plik binarny jest przechowywany w określonej ścieżce lub zdebuguj go aby sprawdzić czy występują problemy z plikiem binarnym lub zależnymi plikami DLL.
Nie można odnaleźć określonego modułu.
Moduł zawiera wirusa.
Nie jestem pewnie czy dokładnie o takiej treści ponieważ nie zrobiłem screena, a przy ponownym uruchomieniu już się nie pokazał.
Chcąc przeskanować Avastem dostałem kolejny komunikat:
"Ten program jest blokowany przez zasady grupy."
Udało mi się jednak go odblokować poprzez usunięcie wpisów
Następnie przeskanowałem MalwareBytes, który tak samo jak Avast nic nie znalazł.
I jeszcze ComboFixem z którego zamieszczam logi
I teraz pytanie czy jest to jednorazowy błąd i mam to zignorować, czy może jest to coś groźniejszego?
Dziś po uruchomieniu komputera wyskoczył mi komunikat:
Nie można załadować modułu "C:\ProgramData\IacobOlusk"
Upewnij się, że plik binarny jest przechowywany w określonej ścieżce lub zdebuguj go aby sprawdzić czy występują problemy z plikiem binarnym lub zależnymi plikami DLL.
Nie można odnaleźć określonego modułu.
Moduł zawiera wirusa.
Nie jestem pewnie czy dokładnie o takiej treści ponieważ nie zrobiłem screena, a przy ponownym uruchomieniu już się nie pokazał.
Chcąc przeskanować Avastem dostałem kolejny komunikat:
"Ten program jest blokowany przez zasady grupy."
Udało mi się jednak go odblokować poprzez usunięcie wpisów
Spoiler:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\0\Paths]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\0\Paths\{35405281-218B-46F6-8A4C-63FF707F501B}]
"SaferFlags"=dword:00000000
"ItemData"="C:\\Documents and Settings\\All Users\\Application Data\\AVAST Software"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\0\Paths\{647256FF-5F5C-472A-AA3F-19F506AC78E7}]
"SaferFlags"=dword:00000000
"ItemData"="C:\\Program Files\\AVAST Software"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\0\Paths]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\0\Paths\{35405281-218B-46F6-8A4C-63FF707F501B}]
"SaferFlags"=dword:00000000
"ItemData"="C:\\Documents and Settings\\All Users\\Application Data\\AVAST Software"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\0\Paths\{647256FF-5F5C-472A-AA3F-19F506AC78E7}]
"SaferFlags"=dword:00000000
"ItemData"="C:\\Program Files\\AVAST Software"
Następnie przeskanowałem MalwareBytes, który tak samo jak Avast nic nie znalazł.
I jeszcze ComboFixem z którego zamieszczam logi
Spoiler:
ComboFix 14-11-25.01 - Artur 2014-11-30 14:53:22.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.16328.12983 [GMT 1:00]
Uruchomiony z: c:\users\Artur\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk
.
.
((((((((((((((((((((((((( Pliki utworzone od 2014-10-28 do 2014-11-30 )))))))))))))))))))))))))))))))
.
.
2014-11-30 13:56 . 2014-11-30 13:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-30 12:29 . 2014-11-30 12:30 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-30 12:29 . 2014-11-30 12:29 -------- d-----w- c:\programdata\Malwarebytes
2014-11-30 12:29 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-30 12:29 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-30 12:29 . 2014-10-01 10:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-29 02:10 . 2014-11-30 11:37 -------- d-----w- c:\programdata\IacobOlusk
2014-11-28 20:41 . 2014-11-28 20:57 -------- d-----w- c:\users\Artur\AppData\Roaming\Audacity
2014-11-27 22:58 . 2014-11-27 22:58 -------- d-----w- c:\users\Artur\AppData\Local\Thunderbird
2014-11-27 22:58 . 2014-11-27 22:58 -------- d-----w- c:\users\Artur\AppData\Roaming\Thunderbird
2014-11-27 17:57 . 2014-11-27 17:57 -------- d-----w- c:\users\Artur\AppData\Local\Introversion
2014-11-23 20:20 . 2014-11-23 20:20 -------- d-----w- c:\users\Artur\AppData\Local\SCE
2014-11-23 16:22 . 2014-11-23 16:22 -------- d-----w- c:\programdata\Solidshield
2014-11-23 16:18 . 2014-11-23 16:51 -------- d-----w- c:\users\Artur\AppData\Roaming\Ubisoft
2014-11-23 16:16 . 2005-07-22 18:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2014-11-23 16:16 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2014-11-23 16:16 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2014-11-23 16:16 . 2005-03-18 16:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2014-11-23 16:16 . 2005-02-05 18:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2014-11-23 15:41 . 2014-11-23 15:41 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-23 15:41 . 2014-11-29 02:27 -------- d-----w- c:\users\Artur\AppData\Roaming\DAEMON Tools Lite
2014-11-23 15:40 . 2014-11-23 15:44 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-11-20 15:32 . 2014-11-27 17:48 -------- d-----w- c:\users\Artur\VirtualBox VMs
2014-11-20 15:30 . 2014-11-27 20:40 -------- d-----w- c:\users\Artur\.VirtualBox
2014-11-20 15:26 . 2014-10-11 12:29 917112 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-11-20 15:26 . 2014-11-20 15:26 -------- dc----w- c:\windows\system32\DRVSTORE
2014-11-20 15:26 . 2014-10-11 12:27 129168 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-11-19 14:33 . 2014-11-19 14:33 -------- d-----w- c:\programdata\APN
2014-11-17 00:23 . 2014-11-17 00:23 -------- d-----w- c:\users\Artur\AppData\Roaming\Mael
2014-11-15 13:33 . 2014-11-30 13:21 -------- d-----w- c:\users\Artur\AppData\Local\screenSHU
2014-11-12 22:18 . 2014-11-12 22:18 -------- d-----w- c:\programdata\Codemasters
2014-11-02 17:07 . 2014-11-02 17:07 -------- d-----w- c:\program files\MySQL
2014-11-02 17:07 . 2014-11-02 17:07 -------- d-----w- c:\program files (x86)\MySQL
2014-11-01 18:05 . 2014-11-01 18:05 -------- d-----w- c:\users\Artur\AppData\Roaming\Need for Speed World
2014-10-31 18:51 . 2014-10-31 18:51 -------- d-----w- c:\users\Artur\AppData\Local\webkit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-23 12:56 . 2014-09-19 17:28 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-23 12:56 . 2014-09-19 17:28 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-21 19:01 . 2014-09-19 19:00 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-01 18:24 . 2014-09-28 19:54 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-11-01 18:24 . 2014-09-28 15:19 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-11-01 18:23 . 2014-09-28 15:19 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-10-16 16:54 . 2014-10-27 18:13 962376 ----a-w- c:\windows\system32\NvIFR64.dll
2014-10-16 16:54 . 2014-10-27 18:13 921928 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-10-16 16:54 . 2014-10-27 18:13 870112 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-10-16 16:54 . 2014-10-27 18:13 392008 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-10-16 16:54 . 2014-10-27 18:13 352016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-10-16 16:54 . 2014-10-27 18:13 348488 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-10-16 16:54 . 2014-10-27 18:13 31890064 ----a-w- c:\windows\system32\nvoglv64.dll
2014-10-16 16:54 . 2014-10-27 18:13 303600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-10-16 16:54 . 2014-10-27 18:13 24555840 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-10-16 16:54 . 2014-10-27 18:13 18499648 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-10-16 16:54 . 2014-10-27 18:13 174856 ----a-w- c:\windows\system32\nvinitx.dll
2014-10-16 16:54 . 2014-10-27 18:13 156840 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-10-16 16:54 . 2014-10-27 18:13 14029400 ----a-w- c:\windows\system32\nvopencl.dll
2014-10-16 16:54 . 2014-10-27 18:13 13190288 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-10-16 16:54 . 2014-10-27 18:13 11395672 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-10-16 16:54 . 2014-10-27 18:13 931984 ----a-w- c:\windows\system32\NvFBC64.dll
2014-10-16 16:54 . 2014-10-27 18:13 895176 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-10-16 16:54 . 2014-10-27 18:13 500880 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-10-16 16:54 . 2014-10-27 18:13 4289856 ----a-w- c:\windows\system32\nvcuvid.dll
2014-10-16 16:54 . 2014-10-27 18:13 418112 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-10-16 16:54 . 2014-10-27 18:13 4009672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-10-16 16:54 . 2014-10-27 18:13 20922696 ----a-w- c:\windows\system32\nvcompiler.dll
2014-10-16 16:54 . 2014-10-27 18:13 19966856 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-10-16 16:54 . 2014-10-27 18:13 1876296 ----a-w- c:\windows\system32\nvdispco6434448.dll
2014-10-16 16:54 . 2014-10-27 18:13 17260864 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-10-16 16:54 . 2014-10-27 18:13 1539272 ----a-w- c:\windows\system32\nvdispgenco6434448.dll
2014-10-16 16:54 . 2014-10-27 18:13 13942368 ----a-w- c:\windows\system32\nvcuda.dll
2014-10-16 16:54 . 2014-10-27 18:13 11333848 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-10-16 16:54 . 2014-09-19 21:32 72904 ----a-w- c:\windows\system32\OpenCL.dll
2014-10-16 16:54 . 2014-09-19 21:32 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-10-16 16:54 . 2014-09-19 21:31 987008 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-10-16 16:54 . 2014-09-19 21:31 3237528 ----a-w- c:\windows\system32\nvapi64.dll
2014-10-16 16:54 . 2014-09-19 21:31 2849224 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-10-16 16:54 . 2014-09-19 21:31 16886168 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-10-16 16:54 . 2014-09-19 15:47 20968040 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-10-16 14:11 . 2014-09-19 21:32 6883136 ----a-w- c:\windows\system32\nvcpl.dll
2014-10-16 14:11 . 2014-09-19 21:32 3533632 ----a-w- c:\windows\system32\nvsvc64.dll
2014-10-16 14:11 . 2014-09-19 21:32 933064 ----a-w- c:\windows\system32\nvvsvc.exe
2014-10-16 14:11 . 2014-09-19 21:32 61640 ----a-w- c:\windows\system32\nvshext.dll
2014-10-16 14:11 . 2014-09-19 21:32 384200 ----a-w- c:\windows\system32\nvmctray.dll
2014-10-16 14:11 . 2014-09-19 21:32 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-10-16 12:27 . 2014-10-27 18:14 614544 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-10-15 13:43 . 2014-10-15 13:43 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-15 00:48 . 2014-09-19 21:32 4047877 ----a-w- c:\windows\system32\nvcoproc.bin
2014-10-11 12:27 . 2014-10-11 12:27 142528 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-10-11 12:27 . 2014-10-11 12:27 157448 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2014-10-11 12:26 . 2014-10-11 12:26 205352 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2014-10-04 06:42 . 2014-09-19 22:06 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-10-04 06:42 . 2014-09-19 22:06 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-10-04 06:41 . 2014-09-19 22:06 2800296 ----a-w- c:\windows\system32\nvspcap64.dll
2014-10-04 06:41 . 2014-09-19 22:06 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-09-28 20:00 . 2014-09-28 15:19 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-19 19:01 . 2014-09-19 19:00 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-09-19 19:00 . 2014-09-19 19:00 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-09-19 19:00 . 2014-09-19 19:00 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-09-19 19:00 . 2014-09-19 19:00 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-09-19 19:00 . 2014-09-19 19:00 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-09-19 19:00 . 2014-09-19 19:00 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-19 19:00 . 2014-09-19 19:00 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-09-19 19:00 . 2014-09-19 19:00 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-09-19 19:00 . 2014-09-19 19:00 43152 ----a-w- c:\windows\avastSS.scr
2014-09-17 04:51 . 2014-09-19 21:31 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-09-17 04:51 . 2014-09-19 15:47 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-09-17 04:51 . 2014-09-19 15:47 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-09-15 00:08 . 2014-09-19 22:20 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{012FE949-6DF5-4C47-B09C-D6EBB22EE512}\mpengine.dll
2014-09-13 23:48 . 2014-09-19 15:47 1876296 ----a-w- c:\windows\system32\nvdispco6434411.dll
2014-09-13 23:48 . 2014-09-19 15:47 1539272 ----a-w- c:\windows\system32\nvdispgenco6434411.dll
2014-09-04 19:14 . 2014-09-19 21:31 38048 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-09-04 19:14 . 2014-09-19 21:31 34976 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-09-04 19:14 . 2014-09-19 21:31 32416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-10-01 22065760]
"Steam"="d:\program files\Steam\steam.exe" [2014-11-18 1940160]
"FreeAC"="d:\program files\FreeAlarmClock\FreeAlarmClock.exe" [2014-02-20 1553688]
"screenSHU"="d:\program files\screenSHU\screenSHU.exe" [2013-09-04 2112000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-19 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"LogMeIn Hamachi Ui"="d:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-11-03 3835728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dual Smart Solution.lnk - c:\program files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe -startup [2014-9-19 1149440]
Killer Network Manager.lnk - c:\windows\Installer\{A003678C-C125-49A0-90D0-99AE485F6F92}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2014-9-19 72040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LGDDCDevice;LGDDCDevice;c:\windows\system32\LGI2CDriver.sys;c:\windows\SYSNATIVE\LGI2CDriver.sys [x]
R3 LGII2CDevice;LGII2CDevice;c:\windows\system32\LGPII2CDriver.sys;c:\windows\SYSNATIVE\LGPII2CDriver.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;d:\program files\Origin\OriginClientService.exe;d:\program files\Origin\OriginClientService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 Apache2.4;Apache2.4;d:\program files\xampp\apache\bin\httpd.exe;d:\program files\xampp\apache\bin\httpd.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files\LogMeIn Hamachi\hamachi-2.exe;d:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-09-19 19:00 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2463552]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:50000;https=127.0.0.1:50000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0qwvsqjl.default\
FF - prefs.js: browser.startup.homepage - google.pl
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@DenieD: (Full) (Everyone)
.
Czas ukończenia: 2014-11-30 14:57:03
ComboFix-quarantined-files.txt 2014-11-30 13:57
.
Przed: 130 228 633 600 bajtów wolnych
Po: 130 119 639 040 bajtów wolnych
.
- - End Of File - - 56E0E8DC423707CF86C813E3CCB4226B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.16328.12983 [GMT 1:00]
Uruchomiony z: c:\users\Artur\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk
.
.
((((((((((((((((((((((((( Pliki utworzone od 2014-10-28 do 2014-11-30 )))))))))))))))))))))))))))))))
.
.
2014-11-30 13:56 . 2014-11-30 13:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-30 12:29 . 2014-11-30 12:30 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-30 12:29 . 2014-11-30 12:29 -------- d-----w- c:\programdata\Malwarebytes
2014-11-30 12:29 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-30 12:29 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-30 12:29 . 2014-10-01 10:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-29 02:10 . 2014-11-30 11:37 -------- d-----w- c:\programdata\IacobOlusk
2014-11-28 20:41 . 2014-11-28 20:57 -------- d-----w- c:\users\Artur\AppData\Roaming\Audacity
2014-11-27 22:58 . 2014-11-27 22:58 -------- d-----w- c:\users\Artur\AppData\Local\Thunderbird
2014-11-27 22:58 . 2014-11-27 22:58 -------- d-----w- c:\users\Artur\AppData\Roaming\Thunderbird
2014-11-27 17:57 . 2014-11-27 17:57 -------- d-----w- c:\users\Artur\AppData\Local\Introversion
2014-11-23 20:20 . 2014-11-23 20:20 -------- d-----w- c:\users\Artur\AppData\Local\SCE
2014-11-23 16:22 . 2014-11-23 16:22 -------- d-----w- c:\programdata\Solidshield
2014-11-23 16:18 . 2014-11-23 16:51 -------- d-----w- c:\users\Artur\AppData\Roaming\Ubisoft
2014-11-23 16:16 . 2005-07-22 18:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2014-11-23 16:16 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2014-11-23 16:16 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2014-11-23 16:16 . 2005-03-18 16:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2014-11-23 16:16 . 2005-02-05 18:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2014-11-23 15:41 . 2014-11-23 15:41 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-23 15:41 . 2014-11-29 02:27 -------- d-----w- c:\users\Artur\AppData\Roaming\DAEMON Tools Lite
2014-11-23 15:40 . 2014-11-23 15:44 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-11-20 15:32 . 2014-11-27 17:48 -------- d-----w- c:\users\Artur\VirtualBox VMs
2014-11-20 15:30 . 2014-11-27 20:40 -------- d-----w- c:\users\Artur\.VirtualBox
2014-11-20 15:26 . 2014-10-11 12:29 917112 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-11-20 15:26 . 2014-11-20 15:26 -------- dc----w- c:\windows\system32\DRVSTORE
2014-11-20 15:26 . 2014-10-11 12:27 129168 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-11-19 14:33 . 2014-11-19 14:33 -------- d-----w- c:\programdata\APN
2014-11-17 00:23 . 2014-11-17 00:23 -------- d-----w- c:\users\Artur\AppData\Roaming\Mael
2014-11-15 13:33 . 2014-11-30 13:21 -------- d-----w- c:\users\Artur\AppData\Local\screenSHU
2014-11-12 22:18 . 2014-11-12 22:18 -------- d-----w- c:\programdata\Codemasters
2014-11-02 17:07 . 2014-11-02 17:07 -------- d-----w- c:\program files\MySQL
2014-11-02 17:07 . 2014-11-02 17:07 -------- d-----w- c:\program files (x86)\MySQL
2014-11-01 18:05 . 2014-11-01 18:05 -------- d-----w- c:\users\Artur\AppData\Roaming\Need for Speed World
2014-10-31 18:51 . 2014-10-31 18:51 -------- d-----w- c:\users\Artur\AppData\Local\webkit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-23 12:56 . 2014-09-19 17:28 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-23 12:56 . 2014-09-19 17:28 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-21 19:01 . 2014-09-19 19:00 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-01 18:24 . 2014-09-28 19:54 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-11-01 18:24 . 2014-09-28 15:19 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-11-01 18:23 . 2014-09-28 15:19 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-10-16 16:54 . 2014-10-27 18:13 962376 ----a-w- c:\windows\system32\NvIFR64.dll
2014-10-16 16:54 . 2014-10-27 18:13 921928 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-10-16 16:54 . 2014-10-27 18:13 870112 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-10-16 16:54 . 2014-10-27 18:13 392008 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-10-16 16:54 . 2014-10-27 18:13 352016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-10-16 16:54 . 2014-10-27 18:13 348488 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-10-16 16:54 . 2014-10-27 18:13 31890064 ----a-w- c:\windows\system32\nvoglv64.dll
2014-10-16 16:54 . 2014-10-27 18:13 303600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-10-16 16:54 . 2014-10-27 18:13 24555840 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-10-16 16:54 . 2014-10-27 18:13 18499648 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-10-16 16:54 . 2014-10-27 18:13 174856 ----a-w- c:\windows\system32\nvinitx.dll
2014-10-16 16:54 . 2014-10-27 18:13 156840 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-10-16 16:54 . 2014-10-27 18:13 14029400 ----a-w- c:\windows\system32\nvopencl.dll
2014-10-16 16:54 . 2014-10-27 18:13 13190288 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-10-16 16:54 . 2014-10-27 18:13 11395672 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-10-16 16:54 . 2014-10-27 18:13 931984 ----a-w- c:\windows\system32\NvFBC64.dll
2014-10-16 16:54 . 2014-10-27 18:13 895176 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-10-16 16:54 . 2014-10-27 18:13 500880 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-10-16 16:54 . 2014-10-27 18:13 4289856 ----a-w- c:\windows\system32\nvcuvid.dll
2014-10-16 16:54 . 2014-10-27 18:13 418112 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-10-16 16:54 . 2014-10-27 18:13 4009672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-10-16 16:54 . 2014-10-27 18:13 20922696 ----a-w- c:\windows\system32\nvcompiler.dll
2014-10-16 16:54 . 2014-10-27 18:13 19966856 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-10-16 16:54 . 2014-10-27 18:13 1876296 ----a-w- c:\windows\system32\nvdispco6434448.dll
2014-10-16 16:54 . 2014-10-27 18:13 17260864 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-10-16 16:54 . 2014-10-27 18:13 1539272 ----a-w- c:\windows\system32\nvdispgenco6434448.dll
2014-10-16 16:54 . 2014-10-27 18:13 13942368 ----a-w- c:\windows\system32\nvcuda.dll
2014-10-16 16:54 . 2014-10-27 18:13 11333848 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-10-16 16:54 . 2014-09-19 21:32 72904 ----a-w- c:\windows\system32\OpenCL.dll
2014-10-16 16:54 . 2014-09-19 21:32 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-10-16 16:54 . 2014-09-19 21:31 987008 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-10-16 16:54 . 2014-09-19 21:31 3237528 ----a-w- c:\windows\system32\nvapi64.dll
2014-10-16 16:54 . 2014-09-19 21:31 2849224 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-10-16 16:54 . 2014-09-19 21:31 16886168 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-10-16 16:54 . 2014-09-19 15:47 20968040 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-10-16 14:11 . 2014-09-19 21:32 6883136 ----a-w- c:\windows\system32\nvcpl.dll
2014-10-16 14:11 . 2014-09-19 21:32 3533632 ----a-w- c:\windows\system32\nvsvc64.dll
2014-10-16 14:11 . 2014-09-19 21:32 933064 ----a-w- c:\windows\system32\nvvsvc.exe
2014-10-16 14:11 . 2014-09-19 21:32 61640 ----a-w- c:\windows\system32\nvshext.dll
2014-10-16 14:11 . 2014-09-19 21:32 384200 ----a-w- c:\windows\system32\nvmctray.dll
2014-10-16 14:11 . 2014-09-19 21:32 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-10-16 12:27 . 2014-10-27 18:14 614544 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-10-15 13:43 . 2014-10-15 13:43 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-15 00:48 . 2014-09-19 21:32 4047877 ----a-w- c:\windows\system32\nvcoproc.bin
2014-10-11 12:27 . 2014-10-11 12:27 142528 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-10-11 12:27 . 2014-10-11 12:27 157448 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2014-10-11 12:26 . 2014-10-11 12:26 205352 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2014-10-04 06:42 . 2014-09-19 22:06 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-10-04 06:42 . 2014-09-19 22:06 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-10-04 06:41 . 2014-09-19 22:06 2800296 ----a-w- c:\windows\system32\nvspcap64.dll
2014-10-04 06:41 . 2014-09-19 22:06 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-09-28 20:00 . 2014-09-28 15:19 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-19 19:01 . 2014-09-19 19:00 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-09-19 19:00 . 2014-09-19 19:00 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-09-19 19:00 . 2014-09-19 19:00 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-09-19 19:00 . 2014-09-19 19:00 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-09-19 19:00 . 2014-09-19 19:00 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-09-19 19:00 . 2014-09-19 19:00 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-19 19:00 . 2014-09-19 19:00 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-09-19 19:00 . 2014-09-19 19:00 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-09-19 19:00 . 2014-09-19 19:00 43152 ----a-w- c:\windows\avastSS.scr
2014-09-17 04:51 . 2014-09-19 21:31 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-09-17 04:51 . 2014-09-19 15:47 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-09-17 04:51 . 2014-09-19 15:47 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-09-15 00:08 . 2014-09-19 22:20 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{012FE949-6DF5-4C47-B09C-D6EBB22EE512}\mpengine.dll
2014-09-13 23:48 . 2014-09-19 15:47 1876296 ----a-w- c:\windows\system32\nvdispco6434411.dll
2014-09-13 23:48 . 2014-09-19 15:47 1539272 ----a-w- c:\windows\system32\nvdispgenco6434411.dll
2014-09-04 19:14 . 2014-09-19 21:31 38048 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-09-04 19:14 . 2014-09-19 21:31 34976 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-09-04 19:14 . 2014-09-19 21:31 32416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-10-01 22065760]
"Steam"="d:\program files\Steam\steam.exe" [2014-11-18 1940160]
"FreeAC"="d:\program files\FreeAlarmClock\FreeAlarmClock.exe" [2014-02-20 1553688]
"screenSHU"="d:\program files\screenSHU\screenSHU.exe" [2013-09-04 2112000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-19 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"LogMeIn Hamachi Ui"="d:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-11-03 3835728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dual Smart Solution.lnk - c:\program files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe -startup [2014-9-19 1149440]
Killer Network Manager.lnk - c:\windows\Installer\{A003678C-C125-49A0-90D0-99AE485F6F92}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2014-9-19 72040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LGDDCDevice;LGDDCDevice;c:\windows\system32\LGI2CDriver.sys;c:\windows\SYSNATIVE\LGI2CDriver.sys [x]
R3 LGII2CDevice;LGII2CDevice;c:\windows\system32\LGPII2CDriver.sys;c:\windows\SYSNATIVE\LGPII2CDriver.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;d:\program files\Origin\OriginClientService.exe;d:\program files\Origin\OriginClientService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 Apache2.4;Apache2.4;d:\program files\xampp\apache\bin\httpd.exe;d:\program files\xampp\apache\bin\httpd.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files\LogMeIn Hamachi\hamachi-2.exe;d:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-09-19 19:00 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2013-01-17 14:43 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2463552]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:50000;https=127.0.0.1:50000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\0qwvsqjl.default\
FF - prefs.js: browser.startup.homepage - google.pl
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@DenieD: (Full) (Everyone)
.
Czas ukończenia: 2014-11-30 14:57:03
ComboFix-quarantined-files.txt 2014-11-30 13:57
.
Przed: 130 228 633 600 bajtów wolnych
Po: 130 119 639 040 bajtów wolnych
.
- - End Of File - - 56E0E8DC423707CF86C813E3CCB4226B
A36C5E4F47E84449FF07ED3517B43A31
I teraz pytanie czy jest to jednorazowy błąd i mam to zignorować, czy może jest to coś groźniejszego?
