 ComboFix 14-05-07.03 - Marek 2014-05-09  21:43:33.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.3039.2085 [GMT 2:00]
Uruchomiony z: c:\users\Marek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2014-04-09 do 2014-05-09  )))))))))))))))))))))))))))))))
.
.
2014-05-09 19:50 . 2014-05-09 19:50	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-05-09 19:50 . 2014-05-09 19:50	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-09 19:12 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-05-09 19:11 . 2014-05-09 19:18	--------	d-----w-	C:\AdwCleaner
2014-05-06 19:51 . 2014-05-06 19:51	--------	d-s---w-	c:\windows\system32\CompatTel
2014-05-06 10:59 . 2014-04-14 02:24	465408	----a-w-	c:\windows\system32\aepdu.dll
2014-05-06 10:59 . 2014-04-14 02:19	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-04 17:35 . 2014-05-04 17:35	--------	d-----w-	c:\users\Marek\AppData\Roaming\Curiolab
2014-05-04 15:52 . 2014-05-09 19:33	--------	d-----w-	c:\program files (x86)\Exterminate It!
2014-05-04 15:20 . 2014-05-04 15:20	--------	d-----w-	c:\program files\ExterminateIt
2014-05-04 14:32 . 2014-05-04 14:38	--------	d-----w-	c:\programdata\Max Secure
2014-05-04 14:07 . 2014-05-04 18:46	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2014-05-04 14:06 . 2014-05-05 12:47	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2014-05-04 14:05 . 2014-05-04 15:52	--------	d-----w-	c:\users\Marek\AppData\Roaming\GetRightToGo
2014-05-03 00:26 . 2014-04-29 14:14	19275264	----a-w-	c:\windows\system32\mshtml.dll
2014-05-03 00:26 . 2014-04-29 12:36	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-03 00:26 . 2014-04-29 12:25	2706432	----a-w-	c:\windows\SysWow64\mshtml.tlb
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-29 13:32 . 2014-03-24 20:25	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-29 13:32 . 2014-03-24 20:25	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-13 19:17 . 2014-03-24 18:47	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-03 07:51 . 2014-03-24 18:46	63192	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-04-03 07:51 . 2014-03-24 18:46	88280	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-04-03 07:50 . 2014-03-24 18:46	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-03-31 01:51 . 2014-03-06 00:20	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-03-29 12:15 . 2014-03-29 12:15	2106216	----a-w-	c:\windows\SysWow64\D3DCompiler_43.dll
2014-03-20 20:29 . 2014-03-20 20:38	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-03-20 20:29 . 2014-03-20 20:38	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-03-20 20:29 . 2014-03-20 20:38	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-03-20 20:29 . 2014-03-20 20:38	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-03-13 06:33 . 2014-04-09 15:33	51712	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-13 06:33 . 2014-04-09 15:33	2238976	----a-w-	c:\windows\system32\wininet.dll
2014-03-13 06:33 . 2014-04-09 15:33	1365504	----a-w-	c:\windows\system32\urlmon.dll
2014-03-13 06:32 . 2014-04-09 15:33	197120	----a-w-	c:\windows\system32\msrating.dll
2014-03-13 06:32 . 2014-04-09 15:33	603136	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-13 06:32 . 2014-04-09 15:33	53760	----a-w-	c:\windows\system32\jsproxy.dll
2014-03-13 06:32 . 2014-04-09 15:33	855552	----a-w-	c:\windows\system32\jscript.dll
2014-03-13 06:32 . 2014-04-09 15:33	3959808	----a-w-	c:\windows\system32\jscript9.dll
2014-03-13 06:31 . 2014-04-09 15:33	526336	----a-w-	c:\windows\system32\ieui.dll
2014-03-13 06:31 . 2014-04-09 15:33	67072	----a-w-	c:\windows\system32\iesetup.dll
2014-03-13 06:31 . 2014-04-09 15:33	15404544	----a-w-	c:\windows\system32\ieframe.dll
2014-03-13 06:31 . 2014-04-09 15:33	2648576	----a-w-	c:\windows\system32\iertutil.dll
2014-03-13 06:31 . 2014-04-09 15:33	39936	----a-w-	c:\windows\system32\iernonce.dll
2014-03-13 06:31 . 2014-04-09 15:33	136704	----a-w-	c:\windows\system32\iesysprep.dll
2014-03-13 05:10 . 2014-04-09 15:33	1766400	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-13 05:09 . 2014-04-09 15:33	2877952	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-13 05:09 . 2014-04-09 15:33	61440	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-03-13 05:09 . 2014-04-09 15:33	109056	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-03-07 04:43 . 2014-03-20 12:30	10521840	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7B2691B-421F-44B0-9DA6-DA4CC5494EE6}\mpengine.dll
2014-03-06 11:06 . 2014-03-06 11:06	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-06 11:06 . 2014-03-06 11:06	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-03-06 11:06 . 2014-03-06 11:06	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-03-06 11:06 . 2014-03-06 11:06	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-03-06 11:06 . 2014-03-06 11:06	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-03-06 11:06 . 2014-03-06 11:06	361984	----a-w-	c:\windows\SysWow64\html.iec
2014-03-06 11:06 . 2014-03-06 11:06	226304	----a-w-	c:\windows\system32\elshyph.dll
2014-03-06 11:06 . 2014-03-06 11:06	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-03-06 11:06 . 2014-03-06 11:06	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2014-03-06 11:06 . 2014-03-06 11:06	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-03-06 11:06 . 2014-03-06 11:06	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2014-03-06 11:06 . 2014-03-06 11:06	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-03-06 11:06 . 2014-03-06 11:06	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2014-03-06 11:06 . 2014-03-06 11:06	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-03-06 11:06 . 2014-03-06 11:06	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 11:06 . 2014-03-06 11:06	97280	----a-w-	c:\windows\system32\mshtmled.dll
2014-03-06 11:06 . 2014-03-06 11:06	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-03-06 11:06 . 2014-03-06 11:06	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-03-06 11:06 . 2014-03-06 11:06	81408	----a-w-	c:\windows\system32\icardie.dll
2014-03-06 11:06 . 2014-03-06 11:06	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-03-06 11:06 . 2014-03-06 11:06	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2014-03-06 11:06 . 2014-03-06 11:06	62976	----a-w-	c:\windows\system32\pngfilt.dll
2014-03-06 11:06 . 2014-03-06 11:06	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-03-06 11:06 . 2014-03-06 11:06	51200	----a-w-	c:\windows\system32\imgutil.dll
2014-03-06 11:06 . 2014-03-06 11:06	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-03-06 11:06 . 2014-03-06 11:06	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2014-03-06 11:06 . 2014-03-06 11:06	441856	----a-w-	c:\windows\system32\html.iec
2014-03-06 11:06 . 2014-03-06 11:06	281600	----a-w-	c:\windows\system32\dxtrans.dll
2014-03-06 11:06 . 2014-03-06 11:06	27648	----a-w-	c:\windows\system32\licmgr10.dll
2014-03-06 11:06 . 2014-03-06 11:06	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2014-03-06 11:06 . 2014-03-06 11:06	247296	----a-w-	c:\windows\system32\webcheck.dll
2014-03-06 11:06 . 2014-03-06 11:06	235008	----a-w-	c:\windows\system32\url.dll
2014-03-06 11:06 . 2014-03-06 11:06	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-03-06 11:06 . 2014-03-06 11:06	216064	----a-w-	c:\windows\system32\msls31.dll
2014-03-06 11:06 . 2014-03-06 11:06	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2014-03-06 11:06 . 2014-03-06 11:06	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-03-06 11:06 . 2014-03-06 11:06	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2014-03-06 11:06 . 2014-03-06 11:06	149504	----a-w-	c:\windows\system32\occache.dll
2014-03-06 11:06 . 2014-03-06 11:06	144896	----a-w-	c:\windows\system32\wextract.exe
2014-03-06 11:06 . 2014-03-06 11:06	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-03-06 11:06 . 2014-03-06 11:06	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2014-03-06 11:06 . 2014-03-06 11:06	13824	----a-w-	c:\windows\system32\mshta.exe
2014-03-06 11:06 . 2014-03-06 11:06	136192	----a-w-	c:\windows\system32\iepeers.dll
2014-03-06 11:06 . 2014-03-06 11:06	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-03-06 11:06 . 2014-03-06 11:06	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2014-03-06 11:06 . 2014-03-06 11:06	102912	----a-w-	c:\windows\system32\inseng.dll
2014-03-06 09:35 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2014-03-06 09:35 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2014-03-05 22:23 . 2014-03-05 22:23	525792	----a-w-	c:\windows\DIFxAPI.dll
2014-03-05 22:23 . 2014-03-05 22:23	319488	----a-w-	c:\windows\HideWin.exe
2014-03-04 09:44 . 2014-04-09 15:27	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 15:27	243712	----a-w-	c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 15:27	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-09 15:27	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 15:27	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-09 15:27	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 15:27	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 15:27	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 15:27	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 15:27	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 15:27	2048	----a-w-	c:\windows\SysWow64\user.exe
2014-02-21 06:04 . 2014-03-29 12:15	74432	----a-w-	c:\windows\system32\drivers\RzFilter.sys
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-03-20 689744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 netw5v64;Sterownik karty Intel(R) Wireless WiFi Link 5000 Series dla systemu Windows Vista w wersji 64-bitowej;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 RzFilter;RzFilter;c:\windows\system32\drivers\RzFilter.sys;c:\windows\SYSNATIVE\drivers\RzFilter.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 NETw5s64;Sterownik karty Intel(R) Wireless WiFi Link dla systemu Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-29 22:22	1078088	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2014-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-24 13:32]
.
2014-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20 11:09]
.
2014-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20 11:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-09-09 6477344]
"Skytel"="Skytel.exe" [2008-09-09 1833504]
.
------- Skan uzupełniający -------
.
IE: E&ksport do programu Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.88.1 192.168.2.1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2014-05-09  21:52:46
ComboFix-quarantined-files.txt  2014-05-09 19:52
.
Przed: 71 186 833 408 bajtów wolnych
Po: 72 768 712 704 bajtów wolnych
.
- - End Of File - - AE20C1D2A7B593A330605EEAB59D475C
A36C5E4F47E84449FF07ED3517B43A31