ComboFix 14-05-26.02 - Nash 26.05.2014 21:13:55.1.2 - x64
Microsoft Windows 7 Максимальная 6.1.7600.0.1251.7.1049.18.4048.2886 [GMT 4:00]
Running from: c:\users\Nash\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nash\AppData\Roaming\Temp\TasksHost\Software_Updater_x86.exe
c:\users\Nash\AppData\Roaming\Temp\TasksHost\thost32.dll
c:\users\Nash\AppData\Roaming\Temp\TasksHost\thostmgr.exe
.
.
((((((((((((((((((((((((( Files Created from 2014-04-26 to 2014-05-26 )))))))))))))))))))))))))))))))
.
.
2014-05-26 17:17 . 2014-05-26 17:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-25 18:31 . 2014-05-25 18:31 -------- d-----w- c:\users\Nash\AppData\Local\Game Updater
2014-05-25 17:33 . 2014-05-25 17:33 -------- d-----w- c:\users\Nash\AppData\Local\Setup Integrity Check
2014-05-19 20:23 . 2014-05-19 20:23 -------- d-----w- c:\users\Nash\Doctor Web
2014-05-19 20:04 . 2014-05-19 20:13 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-19 20:03 . 2014-05-19 20:03 -------- d-----w- c:\programdata\Malwarebytes
2014-05-17 14:00 . 2014-05-17 14:00 -------- d-----w- c:\windows\system32\wbem\Framework
2014-05-09 21:04 . 2014-05-09 21:04 -------- d-----w- c:\users\LOCAL SERVICE
2014-05-07 15:11 . 2014-05-07 15:12 -------- d-----w- c:\programdata\Media Get LLC
2014-05-07 14:00 . 2014-05-07 14:00 -------- d-----w- c:\users\Nash\AppData\Roaming\TeamViewer
2014-05-07 13:45 . 2014-05-07 13:45 -------- d-----w- c:\program files (x86)\TeamViewer
2014-05-04 15:08 . 2014-05-19 19:57 -------- d-----w- c:\programdata\WarThunder
2014-05-04 15:08 . 2014-05-04 15:08 -------- d-----w- c:\users\Nash\AppData\Local\WarThunder
2014-05-04 13:16 . 2014-05-04 13:15 24576 --sh--w- c:\users\Default\AppData\Roaming\Microsoft\Windows\Microsoap File Manager\MicrosoapFileManager.exe
2014-05-04 13:16 . 2014-05-04 13:15 24576 --sh--w- c:\users\Default\AppData\Roaming\Microsoft\Windows\Loadmnge32\Loadmnge32.exe
2014-05-04 13:16 . 2014-05-04 13:16 -------- d-sh--w- c:\programdata\Firewall Integrity Checker
2014-05-04 13:16 . 2014-05-04 13:16 -------- d-sh--w- c:\programdata\Disk Analysis
2014-05-04 13:16 . 2014-05-04 13:16 -------- d-sh--w- c:\programdata\Sysconfig
2014-05-04 13:16 . 2014-05-04 13:16 -------- d-sh--w- c:\programdata\Host32manager
2014-05-04 13:16 . 2014-05-04 13:16 -------- d-sh--w- c:\programdata\Files Manager
2014-05-04 13:16 . 2014-05-04 13:15 6656 ------w- c:\users\Default\AppData\Roaming\Microsoft\Windows\Templates\systemstr\systemstr_Part1.dll
2014-05-04 13:16 . 2014-05-04 13:15 51712 ------w- c:\users\Default\AppData\Roaming\Microsoft\Windows\Templates\systemstr\systemstr_Part3.dll
2014-05-04 13:16 . 2014-05-04 13:15 183808 ------w- c:\users\Default\AppData\Roaming\Microsoft\Windows\Templates\systemstr\systemstr_Part2.dll
2014-05-03 20:29 . 2014-05-03 20:29 -------- d-----w- c:\program files (x86)\Google
2014-05-03 20:29 . 2014-05-03 20:29 -------- d-----w- c:\users\Nash\AppData\Local\Google
2014-05-02 21:27 . 2014-05-02 21:27 -------- d-----w- c:\users\Nash\AppData\Roaming\Publish Providers
2014-05-02 21:27 . 2014-05-03 12:54 -------- d-----w- c:\users\Nash\AppData\Roaming\Sony
2014-05-02 21:25 . 2014-05-02 21:27 -------- d-----w- c:\users\Nash\AppData\Local\Sony
2014-05-02 21:25 . 2014-05-02 21:25 -------- d-----w- c:\programdata\Sony
2014-05-02 21:25 . 2014-05-02 21:25 -------- d-----w- c:\program files (x86)\Sony
2014-05-02 21:25 . 2014-05-02 21:25 -------- d-----w- c:\program files\Sony
2014-05-01 16:24 . 2014-05-01 16:25 -------- d-----w- c:\users\Nash\AppData\Roaming\DarkSoulsII
2014-05-01 15:28 . 2014-05-01 15:28 -------- d-----w- c:\users\Nash\AppData\Local\PunkBuster
2014-05-01 15:28 . 2014-05-01 15:28 -------- d-----w- c:\users\Nash\AppData\Local\CrashRpt
2014-04-27 13:51 . 2014-04-27 13:51 -------- d-----w- c:\users\Nash\AppData\Roaming\Apple Computer
2014-04-27 10:42 . 2014-04-27 10:42 -------- d-----w- c:\users\Nash\AppData\Local\Apple Computer
2014-04-27 10:40 . 2014-04-27 10:40 159744 ----a-w- c:\program files (x86)\Internet Explorer\Модули\npqtplugin7.dll
2014-04-27 10:40 . 2014-04-27 10:40 159744 ----a-w- c:\program files (x86)\Internet Explorer\Модули\npqtplugin6.dll
2014-04-27 10:40 . 2014-04-27 10:40 159744 ----a-w- c:\program files (x86)\Internet Explorer\Модули\npqtplugin5.dll
2014-04-27 10:40 . 2014-04-27 10:40 159744 ----a-w- c:\program files (x86)\Internet Explorer\Модули\npqtplugin4.dll
2014-04-27 10:40 . 2014-04-27 10:40 159744 ----a-w- c:\program files (x86)\Internet Explorer\Модули\npqtplugin3.dll
2014-04-27 10:40 . 2014-04-27 10:40 159744 ----a-w- c:\program files (x86)\Internet Explorer\Модули\npqtplugin2.dll
2014-04-27 10:40 . 2014-04-27 10:40 159744 ----a-w- c:\program files (x86)\Internet Explorer\Модули\npqtplugin.dll
2014-04-27 10:39 . 2014-04-27 10:41 -------- d-----w- c:\programdata\Apple Computer
2014-04-27 10:39 . 2014-04-27 10:40 -------- d-----w- c:\program files (x86)\QuickTime
2014-04-27 10:39 . 2014-04-27 10:39 -------- d-----w- c:\program files (x86)\Common Files\Apple
2014-04-27 10:39 . 2014-04-27 10:39 -------- d-----w- c:\users\Nash\AppData\Local\Apple
2014-04-27 10:39 . 2014-04-27 10:39 -------- d-----w- c:\programdata\Apple
2014-04-27 10:39 . 2014-04-27 10:39 -------- d-----w- c:\program files (x86)\Apple Software Update
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-20 13:59 . 2014-04-19 17:00 91008 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-05-20 13:59 . 2014-04-19 17:00 628320 ----a-w- c:\windows\system32\drivers\klif.sys
2014-05-13 19:31 . 2014-04-19 17:34 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 19:31 . 2014-04-19 17:34 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-20 11:08 . 2014-04-20 11:08 53248 ----a-r- c:\users\Nash\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2014-04-19 17:36 . 2013-02-28 19:20 54368 ----a-w- c:\windows\system32\drivers\kltdi.sys
2014-04-19 17:36 . 2013-02-28 19:20 29280 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2014-04-19 17:36 . 2013-02-28 19:20 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2014-04-19 17:36 . 2012-08-13 12:49 178448 ----a-w- c:\windows\system32\drivers\kneps.sys
2014-04-19 17:36 . 2012-08-02 11:09 29792 ----a-w- c:\windows\system32\drivers\klim6.sys
2014-04-19 17:36 . 2012-06-19 13:28 458336 ----a-w- c:\windows\system32\drivers\kl1.sys
2014-04-19 16:50 . 2014-04-19 16:50 16896 ----a-w- c:\windows\AsTaskSched.dll
2014-04-18 02:43 . 2014-04-18 02:43 127872 ----a-w- c:\windows\system32\amdhcp64.dll
2014-04-18 02:43 . 2014-04-18 02:43 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-04-18 02:43 . 2014-04-18 02:43 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-04-18 02:43 . 2014-04-18 02:43 117560 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-04-18 02:43 . 2014-04-18 02:43 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-04-18 02:43 . 2014-04-18 02:43 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-04-18 02:43 . 2013-12-06 22:04 143304 ----a-w- c:\windows\system32\atiuxp64.dll
2014-04-18 02:42 . 2014-04-18 02:42 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-04-18 02:42 . 2014-04-18 02:42 117584 ----a-w- c:\windows\system32\atiu9p64.dll
2014-04-18 02:42 . 2013-12-06 22:02 99520 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-04-18 02:42 . 2013-12-06 22:01 1343272 ----a-w- c:\windows\system32\aticfx64.dll
2014-04-18 02:42 . 2013-12-06 22:01 1117184 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-04-18 02:42 . 2013-12-06 22:00 10335208 ----a-w- c:\windows\system32\atidxx64.dll
2014-04-18 02:42 . 2014-04-18 02:42 8866928 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-04-18 02:42 . 2013-12-06 21:59 6796592 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-04-18 02:42 . 2013-12-06 21:58 6799688 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-04-18 02:42 . 2014-04-18 02:42 7520200 ----a-w- c:\windows\system32\atiumd6a.dll
2014-04-18 02:42 . 2014-04-18 02:42 8010968 ----a-w- c:\windows\system32\atiumd64.dll
2014-04-18 02:39 . 2014-04-18 02:39 274656 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-04-18 02:36 . 2014-04-18 02:36 15376384 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-04-18 02:23 . 2014-04-18 02:23 231424 ----a-w- c:\windows\system32\clinfo.exe
2014-04-18 02:22 . 2014-04-18 02:22 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-04-18 02:22 . 2014-04-18 02:22 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-04-18 02:22 . 2014-04-18 02:22 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-04-18 02:22 . 2014-04-18 02:22 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-04-18 02:22 . 2014-04-18 02:22 28685824 ----a-w- c:\windows\system32\amdocl64.dll
2014-04-18 02:19 . 2014-04-18 02:19 24107520 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-04-18 02:17 . 2014-04-18 02:17 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-04-18 02:17 . 2014-04-18 02:17 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-04-18 02:13 . 2014-04-18 02:13 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-04-18 02:13 . 2014-04-18 02:13 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-04-18 02:12 . 2014-04-18 02:12 27907584 ----a-w- c:\windows\system32\atio6axx.dll
2014-04-18 02:12 . 2014-04-18 02:12 5442048 ----a-w- c:\windows\system32\amdmantle64.dll
2014-04-18 01:58 . 2014-04-18 01:58 4358656 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-04-18 01:51 . 2014-04-18 01:51 23409152 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-04-18 01:46 . 2014-04-18 01:46 368128 ----a-w- c:\windows\system32\atiapfxx.exe
2014-04-18 01:46 . 2014-04-18 01:46 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-04-18 01:46 . 2014-04-18 01:46 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-04-18 01:46 . 2014-04-18 01:46 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-04-18 01:46 . 2014-04-18 01:46 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-04-18 01:46 . 2014-04-18 01:46 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-04-18 01:45 . 2014-04-18 01:45 91136 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-04-18 01:45 . 2014-04-18 01:45 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-04-18 01:42 . 2014-04-18 01:42 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-04-18 01:33 . 2014-04-18 01:33 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-04-18 01:33 . 2014-04-18 01:33 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-04-18 01:30 . 2014-04-18 01:30 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-04-18 01:30 . 2014-04-18 01:30 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-04-18 01:29 . 2014-04-18 01:29 586240 ----a-w- c:\windows\system32\atieclxx.exe
2014-04-18 01:29 . 2014-04-18 01:29 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-04-18 01:28 . 2014-04-18 01:28 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-04-18 01:21 . 2014-04-18 01:21 806912 ----a-w- c:\windows\system32\coinst_14.100.dll
2014-04-18 01:09 . 2014-04-18 01:09 1177600 ----a-w- c:\windows\system32\atiadlxx.dll
2014-04-18 01:09 . 2014-04-18 01:09 848896 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-04-18 01:08 . 2014-04-18 01:08 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-04-18 01:08 . 2014-04-18 01:08 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-04-18 01:08 . 2014-04-18 01:08 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-04-18 01:08 . 2014-04-18 01:08 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-04-18 01:07 . 2014-04-18 01:07 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-04-18 01:07 . 2014-04-18 01:07 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 638976 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-04-18 01:04 . 2014-04-18 01:04 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-04-17 18:33 . 2014-04-17 18:33 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-04-17 18:28 . 2014-04-17 18:28 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-04-17 01:31 . 2014-04-19 17:29 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{13EEC87F-CC0A-4C4E-BED7-5DA929888D17}\mpengine.dll
2014-03-31 05:35 . 2014-04-19 17:29 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2014-04-19 356128]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-17 767200]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 DiskAnalysis;Disk Analysis;c:\programdata\Disk Analysis\DiskAnalysis.exe;c:\programdata\Disk Analysis\DiskAnalysis.exe [x]
S2 dsp;Контроль доступа к конфигурации по умолчанию;c:\users\Default\AppData\Local\Microsoft\Windows\Default settings protector\dsp.exe;c:\users\Default\AppData\Local\Microsoft\Windows\Default settings protector\dsp.exe [x]
S2 FirewallIntegrityChecker;Firewall Integrity Checker;c:\programdata\Firewall Integrity Checker\FirewallIntegrityChecker.exe;c:\programdata\Firewall Integrity Checker\FirewallIntegrityChecker.exe [x]
S2 Host32manager;Host32manager;c:\programdata\Host32manager\Host32manager.exe;c:\programdata\Host32manager\Host32manager.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Loadmnge32;Loadmnge32;c:\users\Default\AppData\Roaming\Microsoft\Windows\Loadmnge32\Loadmnge32.exe;c:\users\Default\AppData\Roaming\Microsoft\Windows\Loadmnge32\Loadmnge32.exe [x]
S2 MicrosoapFileManager;Microsoap File Manager;c:\users\Default\AppData\Roaming\Microsoft\Windows\Microsoap File Manager\MicrosoapFileManager.exe;c:\users\Default\AppData\Roaming\Microsoft\Windows\Microsoap File Manager\MicrosoapFileManager.exe [x]
S2 Officecompiler;Officecompiler;c:\users\Default\AppData\Local\Microsoft\Windows\Officecompiler\Officecompiler.exe;c:\users\Default\AppData\Local\Microsoft\Windows\Officecompiler\Officecompiler.exe [x]
S2 SuperFitch_x86;Super Fitch x86;c:\users\Default\AppData\Local\Microsoft\Super Fitch x86\SuperFitch_x86.exe;c:\users\Default\AppData\Local\Microsoft\Super Fitch x86\SuperFitch_x86.exe [x]
S2 Sysconfig;Sysconfig;c:\programdata\Sysconfig\Sysconfig.exe;c:\programdata\Sysconfig\Sysconfig.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 15:26 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-19 19:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://mail.ru/cnt/10445?gp=custom1
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-MailRuUpdater - c:\users\Nash\AppData\Local\MailRu\MailRuUpdater.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-05-26 21:18:49
ComboFix-quarantined-files.txt 2014-05-26 17:18
.
Pre-Run: 66*931*400*704 байт свободно
Post-Run: 66*800*599*040 байт свободно
.
- - End Of File - - 8C70DE3A922F7C776CB5D47C357E23EF
A36C5E4F47E84449FF07ED3517B43A31
Скрыть