ComboFix 16-01-07.01 - userek 2016-01-09  12:42:29.7.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.8175.5677 [GMT 1:00]
Uruchomiony z: g:\programy instalki\Antyvir\ComboFix15.01.07.1.exe
AV: ESET Smart Security 9.0.318.20 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: Zapora osobista ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.318.20 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-12-09 do 2016-01-09  )))))))))))))))))))))))))))))))
.
.
2016-01-09 11:45 . 2016-01-09 11:45	--------	d-----w-	c:\users\Public\AppData\Local\temp
2016-01-09 11:45 . 2016-01-09 11:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-01-09 11:38 . 2016-01-09 11:38	--------	d-----w-	C:\AdwCleaner
2016-01-09 11:04 . 2012-08-23 13:24	15360	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2016-01-09 11:04 . 2012-08-23 14:13	243200	----a-w-	c:\windows\system32\rdpudd.dll
2016-01-09 11:04 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2016-01-09 11:04 . 2012-08-23 14:08	30208	----a-w-	c:\windows\system32\drivers\TsUsbGD.sys
2016-01-09 11:04 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2016-01-09 11:04 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2016-01-09 11:04 . 2012-08-23 09:51	3174912	----a-w-	c:\windows\system32\rdpcorets.dll
2016-01-09 11:03 . 2015-11-25 11:02	11154520	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB09590A-9538-4C63-B37C-6BFD90143C8D}\mpengine.dll
2016-01-09 11:01 . 2015-10-29 17:50	6656	----a-w-	c:\windows\system32\shimeng.dll
2016-01-09 10:58 . 2011-02-18 10:51	31232	----a-w-	c:\windows\system32\prevhost.exe
2016-01-09 10:58 . 2011-02-18 05:39	31232	----a-w-	c:\windows\SysWow64\prevhost.exe
2016-01-09 10:58 . 2014-01-24 02:37	1684928	----a-w-	c:\windows\system32\drivers\ntfs.sys
2016-01-08 09:53 . 2016-01-08 09:53	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-08 09:53 . 2016-01-08 09:53	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-01-07 11:19 . 2016-01-07 11:19	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2016-01-06 23:09 . 2016-01-07 08:31	--------	d-----w-	c:\program files\Mozilla Firefox
2015-12-22 09:13 . 2010-08-25 04:00	361472	----a-w-	c:\windows\system32\CNMXLMAA.DLL
2015-12-22 09:13 . 2015-12-22 09:13	--------	d-----w-	c:\programdata\CanonIJMSetup
2015-12-22 09:13 . 2015-12-22 09:13	--------	d-----w-	c:\program files\Common Files\CANON
2015-12-22 09:12 . 2015-12-22 09:12	--------	d-----w-	c:\program files\Canon
2015-12-22 09:09 . 2015-12-22 09:13	--------	d-----w-	c:\program files (x86)\Canon
2015-12-22 08:45 . 2015-12-22 08:45	--------	d-----w-	c:\users\userek\AppData\Roaming\OpenOffice
2015-12-22 08:45 . 2015-12-22 08:45	--------	d-----w-	c:\program files (x86)\OpenOffice 4
2015-12-21 07:54 . 2016-01-04 12:37	--------	d-----w-	c:\windows\Migration
2015-12-21 07:54 . 2012-07-26 05:05	2560	----a-w-	c:\windows\system32\drivers\pl-PL\wdf01000.sys.mui
2015-12-21 07:52 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2015-12-21 07:52 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2015-12-21 07:52 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2015-12-21 07:52 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2015-12-21 07:52 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2015-12-21 07:52 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2015-12-21 07:52 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2015-12-21 07:49 . 2015-07-30 18:06	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2015-12-21 07:49 . 2015-07-30 17:57	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2015-12-21 07:49 . 2015-02-03 03:31	1424896	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-12-21 07:49 . 2015-02-03 03:12	1230848	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2015-12-21 07:48 . 2015-02-04 03:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-12-21 07:48 . 2015-02-04 02:54	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2015-12-20 23:37 . 2015-11-10 18:55	1648128	----a-w-	c:\windows\system32\DWrite.dll
2015-12-15 16:59 . 2015-12-15 16:59	--------	d-----w-	c:\users\Public\Foxit Software
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-09 11:30 . 2015-12-04 16:10	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-20 23:39 . 2015-12-02 19:17	140158008	----a-w-	c:\windows\system32\MRT.exe
2015-12-03 20:15 . 2015-12-03 20:15	31136	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2015-12-02 18:55 . 2015-12-02 18:55	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2015-12-02 18:55 . 2015-12-02 18:55	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-12-02 18:55 . 2015-12-02 18:55	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2015-12-02 18:55 . 2015-12-02 18:55	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2015-12-02 18:55 . 2015-12-02 18:55	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2015-12-02 18:55 . 2015-12-02 18:55	235008	----a-w-	c:\windows\system32\elshyph.dll
2015-12-02 18:55 . 2015-12-02 18:55	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2015-12-02 18:55 . 2015-12-02 18:55	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2015-12-02 18:55 . 2015-12-02 18:55	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2015-12-02 18:55 . 2015-12-02 18:55	942592	----a-w-	c:\windows\system32\jsIntl.dll
2015-12-02 18:55 . 2015-12-02 18:55	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2015-12-02 18:55 . 2015-12-02 18:55	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2015-12-02 18:55 . 2015-12-02 18:55	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2015-12-02 18:55 . 2015-12-02 18:55	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2015-12-02 18:55 . 2015-12-02 18:55	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2015-12-02 18:55 . 2015-12-02 18:55	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2015-12-02 18:55 . 2015-12-02 18:55	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2015-12-02 18:55 . 2015-12-02 18:55	247808	----a-w-	c:\windows\system32\msls31.dll
2015-12-02 18:55 . 2015-12-02 18:55	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2015-12-02 18:55 . 2015-12-02 18:55	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2015-12-02 18:55 . 2015-12-02 18:55	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2015-12-02 18:55 . 2015-12-02 18:55	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2015-12-02 18:55 . 2015-12-02 18:55	81408	----a-w-	c:\windows\system32\icardie.dll
2015-12-02 18:55 . 2015-12-02 18:55	77312	----a-w-	c:\windows\system32\tdc.ocx
2015-12-02 18:55 . 2015-12-02 18:55	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2015-12-02 18:55 . 2015-12-02 18:55	48640	----a-w-	c:\windows\system32\mshtmler.dll
2015-12-02 18:55 . 2015-12-02 18:55	30208	----a-w-	c:\windows\system32\licmgr10.dll
2015-12-02 18:55 . 2015-12-02 18:55	235520	----a-w-	c:\windows\system32\url.dll
2015-12-02 18:55 . 2015-12-02 18:55	167424	----a-w-	c:\windows\system32\iexpress.exe
2015-12-02 18:55 . 2015-12-02 18:55	143872	----a-w-	c:\windows\system32\wextract.exe
2015-12-02 18:55 . 2015-12-02 18:55	105984	----a-w-	c:\windows\system32\iesysprep.dll
2015-12-02 18:55 . 2015-12-02 18:55	101376	----a-w-	c:\windows\system32\inseng.dll
2015-12-02 18:55 . 2015-12-02 18:55	62464	----a-w-	c:\windows\system32\pngfilt.dll
2015-12-02 18:55 . 2015-12-02 18:55	48128	----a-w-	c:\windows\system32\imgutil.dll
2015-12-02 18:55 . 2015-12-02 18:55	13824	----a-w-	c:\windows\system32\mshta.exe
2015-12-02 18:55 . 2015-12-02 18:55	135680	----a-w-	c:\windows\system32\iepeers.dll
2015-12-02 18:53 . 2015-12-02 18:53	327168	----a-w-	c:\windows\system32\mswsock.dll
2015-12-02 18:53 . 2015-12-02 18:53	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2015-12-02 18:47 . 2015-12-02 18:47	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2015-12-02 18:47 . 2015-12-02 18:47	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2015-12-02 18:47 . 2015-12-02 18:47	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2015-12-02 18:47 . 2015-12-02 18:47	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2015-12-02 18:47 . 2015-12-02 18:47	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-12-02 18:47 . 2015-12-02 18:47	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2015-12-02 18:47 . 2015-12-02 18:47	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2015-12-02 18:47 . 2015-12-02 18:47	363008	----a-w-	c:\windows\system32\dxgi.dll
2015-12-02 18:47 . 2015-12-02 18:47	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2015-12-02 18:47 . 2015-12-02 18:47	296960	----a-w-	c:\windows\system32\d3d10core.dll
2015-12-02 18:47 . 2015-12-02 18:47	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2015-12-02 18:47 . 2015-12-02 18:47	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2015-12-02 18:47 . 2015-12-02 18:47	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2015-12-02 18:47 . 2015-12-02 18:47	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2015-12-02 18:47 . 2015-12-02 18:47	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2015-12-02 18:47 . 2015-12-02 18:47	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2015-12-02 18:47 . 2015-12-02 18:47	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2015-12-02 18:47 . 2015-12-02 18:47	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2015-12-02 18:47 . 2015-12-02 18:47	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2015-12-02 18:47 . 2015-12-02 18:47	1238528	----a-w-	c:\windows\system32\d3d10.dll
2015-12-02 18:47 . 2015-12-02 18:47	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2015-12-02 18:46 . 2015-12-02 18:46	1887232	----a-w-	c:\windows\system32\d3d11.dll
2015-12-02 18:46 . 2015-12-02 18:46	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2015-12-02 17:31 . 2015-12-02 17:31	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2015-12-02 16:13 . 2015-12-02 16:13	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2015-12-02 15:49 . 2015-12-02 15:49	74272	----a-w-	c:\windows\system32\RtNicProp64.dll
2015-12-02 15:49 . 2015-12-02 15:49	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2015-12-02 15:49 . 2015-12-02 15:49	344680	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2015-12-02 15:39 . 2015-12-02 15:39	466520	----a-w-	c:\windows\system32\wrap_oal.dll
2015-12-02 15:39 . 2015-12-02 15:39	445016	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2015-12-02 15:39 . 2015-12-02 15:39	123480	----a-w-	c:\windows\system32\OpenAL32.dll
2015-12-02 15:39 . 2015-12-02 15:39	109144	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2015-12-02 12:18 . 2010-11-21 03:27	301728	------w-	c:\windows\system32\MpSigStub.exe
2015-10-29 17:50 . 2016-01-09 11:01	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2016-01-09 11:01	309248	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2016-01-09 11:01	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2016-01-09 11:01	103424	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2016-01-09 11:01	562176	----a-w-	c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2016-01-09 11:01	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2016-01-09 11:01	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2016-01-09 11:01	211968	----a-w-	c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2016-01-09 11:01	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2014-03-07 09:03	3109520	--sha-r-	c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03	98960	--sha-r-	c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03	550032	--sha-r-	c:\windows\SysWOW64\avformat-lav-55.dll
2014-03-07 09:03	59536	--sha-r-	c:\windows\SysWOW64\avresample-lav-1.dll
2014-03-07 09:03	181392	--sha-r-	c:\windows\SysWOW64\avutil-lav-52.dll
2014-03-07 09:03	122512	--sha-r-	c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03	203408	--sha-r-	c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03	313520	--sha-r-	c:\windows\SysWOW64\HLvideo.dll
2014-03-07 09:03	166544	--sha-r-	c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03	109712	--sha-r-	c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26	112128	--sha-r-	c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03	118416	--sha-r-	c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad Muncher"="c:\program files (x86)\Ad Muncher\AdMunch.exe" [2015-12-02 560760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ALSysIO;ALSysIO;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x]
R3 AxtuDrv;AxtuDrv;c:\windows\SysWOW64\Drivers\AxtuDrv.sys;c:\windows\SysWOW64\Drivers\AxtuDrv.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 Survarium Update Service;Survarium Update Service;i:\gry\Survarium\game\binaries\x86\survarium_service.exe Survarium;i:\gry\Survarium\game\binaries\x86\survarium_service.exe Survarium [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - MBAMSWISSARMY
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2015-08-11 8048640]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"TNOD UP"="c:\program files\TNod User & Password Finder\TNODUP.exe" [2013-07-01 1024748]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.pl/
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\userek\AppData\Roaming\Mozilla\Firefox\Profiles\9gy4symj.default-1449332321480\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072013&q=
FF - prefs.js: network.proxy.ftp - 178.33.53.55
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 178.33.53.55
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 178.33.53.55
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 178.33.53.55
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2016-01-09  12:46:37
ComboFix-quarantined-files.txt  2016-01-09 11:46
ComboFix2.txt  2016-01-04 10:01
ComboFix3.txt  2015-12-31 09:08
ComboFix4.txt  2015-12-20 08:06
ComboFix5.txt  2016-01-09 11:41
.
Przed: 196 115 738 624 bajtów wolnych
Po: 195 917 090 816 bajtów wolnych
.
- - End Of File - - 201A922B1C7EBBD3735507DF577D6615