ComboFix 15-12-03.01 - userek 2015-12-04  16:38:26.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.8175.5794 [GMT 1:00]
Uruchomiony z: g:\programy instalki\Antyvir\ComboFix15.12.03.1.exe
AV: ESET Smart Security 9.0.318.20 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: Zapora osobista ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.318.20 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Uninstall.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
Zainfekowana kopia c:\windows\explorer.exe została znaleziona. Problem naprawiono 
Plik odzyskano z - c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe 
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-11-04 do 2015-12-04  )))))))))))))))))))))))))))))))
.
.
2015-12-04 15:35 . 2015-12-04 15:35	--------	d-----w-	C:\FRST
2015-12-04 15:25 . 2015-12-04 15:25	--------	d-----w-	c:\program files (x86)\PowerISO
2015-12-04 15:25 . 2010-04-12 08:55	91568	----a-w-	c:\windows\system32\drivers\scdemu.sys
2015-12-04 15:24 . 2015-12-04 15:24	--------	d-----w-	c:\programdata\Canneverbe Limited
2015-12-04 15:14 . 2015-12-04 15:14	--------	d-----w-	c:\program files\VLC Player
2015-12-03 20:15 . 2015-12-03 20:15	31136	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2015-12-03 19:46 . 2015-12-03 19:46	--------	d-----w-	c:\program files (x86)\HD Tune Pro
2015-12-03 18:24 . 2015-12-03 18:38	--------	d-----w-	c:\program files (x86)\Common Files\BattlEye
2015-12-03 18:09 . 2015-12-03 18:09	--------	d-----w-	c:\program files (x86)\CrystalDiskInfo
2015-12-02 19:20 . 2010-11-21 03:24	2872320	----a-w-	c:\windows\explorer.exe.Back
2015-12-02 19:17 . 2015-12-02 19:19	--------	d-----w-	c:\windows\system32\MRT
2015-12-02 19:04 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 19:04 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 19:03 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\programdata\Sony
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\program files\Sony
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\program files (x86)\Sony
2015-12-02 18:54 . 2015-12-02 18:54	878080	----a-w-	c:\windows\system32\advapi32.dll
2015-12-02 18:54 . 2015-12-02 18:54	859648	----a-w-	c:\windows\system32\tdh.dll
2015-12-02 18:54 . 2015-12-02 18:54	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-12-02 18:54 . 2015-12-02 18:54	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2015-12-02 18:53 . 2015-12-02 18:53	327168	----a-w-	c:\windows\system32\mswsock.dll
2015-12-02 18:53 . 2015-12-02 18:53	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2015-12-02 18:46 . 2015-12-02 18:46	1887232	----a-w-	c:\windows\system32\d3d11.dll
2015-12-02 18:46 . 2015-12-02 18:46	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2015-12-02 18:44 . 2015-12-03 17:03	--------	d-----w-	c:\program files (x86)\Notepad++
2015-12-02 18:36 . 2015-11-17 06:43	11138400	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7092C5F-2045-4A91-B13E-B0567BB3C62F}\mpengine.dll
2015-12-02 18:32 . 2015-12-02 18:32	--------	d-----w-	c:\program files\DIPS64
2015-12-02 18:31 . 2015-12-02 19:57	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2015-12-02 18:31 . 2015-12-02 18:31	--------	d-----w-	C:\Gry
2015-12-02 18:24 . 2015-12-04 15:16	--------	d-----w-	c:\program files (x86)\Sunrise Seven
2015-12-02 18:18 . 2015-12-02 18:23	--------	d-----w-	c:\program files (x86)\AIDA64 Extreme
2015-12-02 18:17 . 2015-12-02 18:17	--------	d-----w-	c:\program files\Core Temp
2015-12-02 18:16 . 2015-12-02 18:16	--------	d-----w-	c:\program files\CPU-Z
2015-12-02 18:15 . 2015-12-02 18:15	--------	d-----w-	c:\program files (x86)\HELP
2015-12-02 18:14 . 2015-12-02 18:14	--------	d-----w-	c:\program files (x86)\FurMark_1.13.0
2015-12-02 18:09 . 2015-12-04 14:56	--------	d-----w-	c:\program files (x86)\MSI Afterburner
2015-12-02 18:09 . 2015-12-02 18:09	--------	d-----w-	c:\program files (x86)\GPU-Z
2015-12-02 18:04 . 2015-12-03 19:27	--------	d-----w-	c:\program files\CrystalDiskMark5
2015-12-02 18:01 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2015-12-02 18:01 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2015-12-02 18:01 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2015-12-02 17:57 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2015-12-02 17:57 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2015-12-02 17:57 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2015-12-02 17:57 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2015-12-02 17:57 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2015-12-02 17:57 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2015-12-02 17:57 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2015-12-02 17:57 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2015-12-02 17:55 . 2015-07-15 03:19	52736	----a-w-	c:\windows\system32\basesrv.dll
2015-12-02 17:54 . 2014-10-14 02:13	683520	----a-w-	c:\windows\system32\termsrv.dll
2015-12-02 17:52 . 2014-07-17 02:07	235520	----a-w-	c:\windows\system32\winsta.dll
2015-12-02 17:51 . 2014-10-25 01:57	77824	----a-w-	c:\windows\system32\packager.dll
2015-12-02 17:51 . 2014-10-25 01:32	67584	----a-w-	c:\windows\SysWow64\packager.dll
2015-12-02 17:51 . 2011-12-16 08:46	634880	----a-w-	c:\windows\system32\msvcrt.dll
2015-12-02 17:51 . 2011-12-16 07:52	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2015-12-02 17:51 . 2011-02-23 04:55	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2015-12-02 17:51 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2015-12-02 17:51 . 2011-05-03 05:29	976896	----a-w-	c:\windows\system32\inetcomm.dll
2015-12-02 17:51 . 2011-05-03 04:30	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2015-12-02 17:47 . 2012-06-06 06:05	1499136	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2015-12-02 17:40 . 2015-12-02 17:40	--------	d-----w-	c:\program files\HWiNFO64
2015-12-02 17:37 . 2015-12-03 20:08	1024	---h--w-	C:\AMTAG.BIN
2015-12-02 17:37 . 2015-01-02 14:18	1811568	----a-w-	c:\windows\ampa.exe
2015-12-02 17:37 . 2013-12-18 10:33	17008	----a-w-	c:\windows\SysWow64\ampa.sys
2015-12-02 17:37 . 2013-12-18 10:33	17008	----a-w-	c:\windows\system32\ampa.sys
2015-12-02 17:37 . 2015-12-03 20:08	--------	d-----w-	c:\program files (x86)\AOMEI Partition Assistant Standard 5.6
2015-12-02 17:34 . 2015-12-04 15:21	--------	d-----w-	c:\program files\CCleaner
2015-12-02 17:33 . 2015-12-02 17:33	--------	d-----w-	c:\program files (x86)\Odkurzacz
2015-12-02 17:31 . 2015-12-02 17:31	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2015-12-02 17:31 . 2015-12-02 17:31	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2015-12-02 17:31 . 2015-12-02 17:31	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2015-12-02 17:30 . 2015-12-04 15:24	--------	d-----w-	c:\program files\CDBurnerXP
2015-12-02 17:25 . 2015-12-02 17:27	--------	d-----w-	c:\program files (x86)\CoolEditPro2
2015-12-02 17:16 . 2015-12-02 17:16	--------	d-----w-	c:\program files (x86)\AIMP3
2015-12-02 17:15 . 2015-12-02 17:15	--------	d-----w-	c:\program files\7-Zip
2015-12-02 17:12 . 2015-12-02 17:12	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2015-12-02 17:12 . 2015-12-02 17:12	--------	d-----w-	c:\programdata\Malwarebytes
2015-12-02 17:12 . 2011-12-10 14:24	23152	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-12-02 16:50 . 2015-12-02 16:50	--------	d-----w-	c:\program files\ESET
2015-12-02 16:43 . 2015-12-03 17:40	--------	d-----w-	c:\program files\TNod User & Password Finder
2015-12-02 16:41 . 2015-12-02 16:41	--------	d-----w-	c:\program files (x86)\Bino
2015-12-02 16:41 . 2015-12-02 16:41	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2015-12-02 16:41 . 2013-04-05 19:26	2106368	----a-w-	c:\windows\SysWow64\ac3filter.ax
2015-12-02 16:41 . 2013-04-05 19:26	276992	----a-w-	c:\windows\SysWow64\BugTrap.dll
2015-12-02 16:41 . 2011-06-02 01:10	644608	----a-w-	c:\windows\SysWow64\xvidcore.dll
2015-12-02 16:41 . 2007-10-07 14:36	258048	----a-w-	c:\windows\SysWow64\libFLAC.dll
2015-12-02 16:41 . 2015-12-03 15:46	--------	d-----w-	c:\programdata\ALLPlayer
2015-12-02 16:41 . 2015-12-03 15:35	--------	d-----w-	c:\program files (x86)\ALLPlayer
2015-12-02 16:40 . 2015-12-02 16:40	--------	d-----w-	c:\users\Public\QiYi
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\program files\Adobe
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\program files\Common Files\Adobe
2015-12-02 16:30 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2015-12-02 16:30 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2015-12-02 16:28 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2015-12-02 16:25 . 2015-12-03 17:04	--------	d-----w-	c:\program files (x86)\IrfanView
2015-12-02 16:22 . 2015-12-02 16:22	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2015-12-02 16:16 . 2015-12-03 16:57	--------	d-----w-	c:\program files\Totalcmd
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\UC.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\RAR.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\NOCLOSE.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\LHA.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\ARJ.PIF
2015-12-02 16:13 . 2015-12-02 16:13	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2015-12-02 16:13 . 2015-12-02 16:14	--------	d-----w-	c:\program files\TrueCrypt
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\program files\WinRAR
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\programdata\Ad Muncher
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\program files (x86)\Ad Muncher
2015-12-02 16:11 . 2015-12-02 16:11	--------	d-----w-	c:\program files (x86)\CWK
2015-12-02 16:10 . 2015-12-02 16:10	--------	d-----w-	c:\users\Public\Foxit Software
2015-12-02 16:10 . 2015-12-02 16:10	--------	d-----w-	c:\program files (x86)\Foxit Software
2015-12-02 16:08 . 2015-12-02 16:08	--------	d-----w-	c:\program files\Mozilla Firefox
2015-12-02 16:06 . 2015-12-02 16:06	--------	d-----w-	c:\programdata\Gadu-Gadu 10
2015-12-02 16:06 . 2015-12-02 16:06	--------	d-----w-	c:\windows\SysWow64\Macromed
2015-12-02 16:06 . 2015-12-02 16:06	--------	d-----w-	c:\program files (x86)\Gadu-Gadu 10
2015-12-02 16:05 . 2015-12-02 16:05	--------	d-----w-	c:\program files (x86)\MozBackup
2015-12-02 16:04 . 2015-12-02 16:04	--------	d-----w-	c:\program files (x86)\Tunatic
2015-12-02 16:03 . 2015-12-02 16:08	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2015-12-02 16:03 . 2015-12-02 16:03	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2015-12-02 15:49 . 2015-12-02 15:49	74272	----a-w-	c:\windows\system32\RtNicProp64.dll
2015-12-02 15:49 . 2015-12-02 15:49	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2015-12-02 15:49 . 2015-12-02 15:49	344680	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2015-12-02 15:49 . 2015-12-02 15:49	--------	d-----w-	c:\program files (x86)\Realtek
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 00:45 . 2015-12-02 17:55	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29	875720	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22	869568	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-07 05:16 . 2015-10-07 05:16	142976	----a-w-	c:\windows\system32\drivers\ekbdflt.sys
2015-09-23 08:30 . 2015-09-23 08:30	69840	----a-w-	c:\windows\system32\drivers\epfwwfp.sys
2015-09-23 08:30 . 2015-09-23 08:30	52872	----a-w-	c:\windows\system32\drivers\EpfwLWF.sys
2015-09-23 08:30 . 2015-09-23 08:30	264040	----a-w-	c:\windows\system32\drivers\eamonm.sys
2015-09-23 08:30 . 2015-09-23 08:30	206312	----a-w-	c:\windows\system32\drivers\epfw.sys
2015-09-23 08:30 . 2015-09-23 08:30	186784	----a-w-	c:\windows\system32\drivers\ehdrv.sys
2010-06-15 01:54 . 2010-06-15 01:54	153008	----a-w-	c:\program files (x86)\fraps64.dll
2010-06-15 01:54 . 2010-06-15 01:54	206768	----a-w-	c:\program files (x86)\fraps32.dll
2010-06-15 01:54 . 2010-06-15 01:54	74672	----a-w-	c:\program files (x86)\fraps64.dat
2010-06-15 01:54 . 2010-06-15 01:54	2320304	----a-w-	c:\program files (x86)\fraps.exe
2010-06-15 01:46 . 2010-06-15 01:46	163840	----a-w-	c:\program files (x86)\frapslcd.dll
2014-03-07 09:03	3109520	--sha-r-	c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03	98960	--sha-r-	c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03	550032	--sha-r-	c:\windows\SysWOW64\avformat-lav-55.dll
2014-03-07 09:03	59536	--sha-r-	c:\windows\SysWOW64\avresample-lav-1.dll
2014-03-07 09:03	181392	--sha-r-	c:\windows\SysWOW64\avutil-lav-52.dll
2014-03-07 09:03	122512	--sha-r-	c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03	203408	--sha-r-	c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03	313520	--sha-r-	c:\windows\SysWOW64\HLvideo.dll
2014-03-07 09:03	166544	--sha-r-	c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03	109712	--sha-r-	c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26	112128	--sha-r-	c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03	118416	--sha-r-	c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"="c:\program files (x86)\ALLPlayer\ALLUpdate.exe" [2015-07-28 3670472]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"StartCCC"="c:\program files (x86)\AMD ATI\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-07-28 767176]
"Ad Muncher"="c:\program files (x86)\Ad Muncher\AdMunch.exe" [2015-12-02 560760]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-21 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R1 swsedrvr_vt_1_10_0_25;swsedrvr_vt_1_10_0_25;c:\windows\system32\drivers\swsedrvr_vt_1_10_0_25.sys;c:\windows\SYSNATIVE\drivers\swsedrvr_vt_1_10_0_25.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ALSysIO;ALSysIO;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - SCDEMU
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2015-08-11 8048640]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\userek\AppData\Roaming\Mozilla\Firefox\Profiles\shk4hle9.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072013&q=
FF - prefs.js: network.proxy.ftp - 178.33.53.55
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 178.33.53.55
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 178.33.53.55
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 178.33.53.55
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Wow6432Node-HKCU-Run-ASRockXTU - (no file)
AddRemove-Fraps - c:\program files (x86)\uninstall.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2737083 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2742613 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2840642v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2861208 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2894854v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2898864 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2901118 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972107 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972216 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2978128 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074230 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074550 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3097996 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3098781 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\UNi Xonar Audio\Customapp\ASUSAUDIOCENTER.EXE
.
**************************************************************************
.
Czas ukończenia: 2015-12-04  16:42:47 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2015-12-04 15:42
.
Przed: 211 062 124 544 bajtów wolnych
Po: 210 899 619 840 bajtów wolnych
.
- - End Of File - - 9A227FEB21ADEE4E9A1AB572508A2709
ComboFix 15-12-07.01 - userek 2015-12-09  10:54:50.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.8175.6025 [GMT 1:00]
Uruchomiony z: g:\programy instalki\Antyvir\ComboFix15.12.07.1.exe
AV: ESET Smart Security 9.0.318.20 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: Zapora osobista ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.318.20 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-11-09 do 2015-12-09  )))))))))))))))))))))))))))))))
.
.
2015-12-09 09:57 . 2015-12-09 09:57	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-12-05 21:48 . 2015-12-05 21:48	--------	d-----w-	c:\program files\Common Files\AV
2015-12-05 21:43 . 2013-09-20 09:49	21040	----a-w-	c:\windows\system32\sdnclean64.exe
2015-12-05 21:43 . 2015-12-06 08:40	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-12-05 21:43 . 2015-12-05 22:02	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2015-12-05 19:03 . 2015-12-05 19:17	--------	d-----w-	c:\program files (x86)\Samsung
2015-12-05 19:03 . 2015-12-05 19:03	--------	d-----w-	c:\programdata\Samsung
2015-12-05 16:36 . 2015-12-05 16:36	--------	d-----w-	c:\program files\Mozilla Firefox
2015-12-05 15:17 . 2015-12-05 15:17	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-05 15:17 . 2015-12-05 15:17	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-05 15:17 . 2015-12-05 15:17	--------	d-----w-	c:\windows\system32\Macromed
2015-12-04 16:10 . 2015-12-09 09:50	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-04 16:10 . 2015-10-05 08:50	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-12-04 16:10 . 2015-10-05 08:50	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-12-04 15:25 . 2015-12-04 15:25	--------	d-----w-	c:\program files (x86)\PowerISO
2015-12-04 15:25 . 2010-04-12 08:55	91568	----a-w-	c:\windows\system32\drivers\scdemu.sys
2015-12-04 15:24 . 2015-12-04 15:24	--------	d-----w-	c:\programdata\Canneverbe Limited
2015-12-04 15:14 . 2015-12-04 15:14	--------	d-----w-	c:\program files\VLC Player
2015-12-03 20:15 . 2015-12-03 20:15	31136	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2015-12-03 19:46 . 2015-12-03 19:46	--------	d-----w-	c:\program files (x86)\HD Tune Pro
2015-12-03 18:24 . 2015-12-08 22:41	--------	d-----w-	c:\program files (x86)\Common Files\BattlEye
2015-12-03 18:09 . 2015-12-03 18:09	--------	d-----w-	c:\program files (x86)\CrystalDiskInfo
2015-12-02 19:20 . 2010-11-21 03:24	2872320	----a-w-	c:\windows\explorer.exe.Back
2015-12-02 19:17 . 2015-12-02 19:19	--------	d-----w-	c:\windows\system32\MRT
2015-12-02 19:04 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 19:04 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 19:03 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\programdata\Sony
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\program files\Sony
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\program files (x86)\Sony
2015-12-02 18:54 . 2015-12-02 18:54	878080	----a-w-	c:\windows\system32\advapi32.dll
2015-12-02 18:54 . 2015-12-02 18:54	859648	----a-w-	c:\windows\system32\tdh.dll
2015-12-02 18:54 . 2015-12-02 18:54	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-12-02 18:54 . 2015-12-02 18:54	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2015-12-02 18:53 . 2015-12-02 18:53	327168	----a-w-	c:\windows\system32\mswsock.dll
2015-12-02 18:53 . 2015-12-02 18:53	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2015-12-02 18:46 . 2015-12-02 18:46	1887232	----a-w-	c:\windows\system32\d3d11.dll
2015-12-02 18:46 . 2015-12-02 18:46	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2015-12-02 18:44 . 2015-12-03 17:03	--------	d-----w-	c:\program files (x86)\Notepad++
2015-12-02 18:36 . 2015-11-17 06:43	11138400	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7092C5F-2045-4A91-B13E-B0567BB3C62F}\mpengine.dll
2015-12-02 18:32 . 2015-12-02 18:32	--------	d-----w-	c:\program files\DIPS64
2015-12-02 18:31 . 2015-12-02 19:57	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2015-12-02 18:31 . 2015-12-02 18:31	--------	d-----w-	C:\Gry
2015-12-02 18:24 . 2015-12-04 15:16	--------	d-----w-	c:\program files (x86)\Sunrise Seven
2015-12-02 18:18 . 2015-12-02 18:23	--------	d-----w-	c:\program files (x86)\AIDA64 Extreme
2015-12-02 18:17 . 2015-12-02 18:17	--------	d-----w-	c:\program files\Core Temp
2015-12-02 18:16 . 2015-12-02 18:16	--------	d-----w-	c:\program files\CPU-Z
2015-12-02 18:15 . 2015-12-02 18:15	--------	d-----w-	c:\program files (x86)\HELP
2015-12-02 18:14 . 2015-12-02 18:14	--------	d-----w-	c:\program files (x86)\FurMark_1.13.0
2015-12-02 18:09 . 2015-12-08 11:13	--------	d-----w-	c:\program files (x86)\MSI Afterburner
2015-12-02 18:09 . 2015-12-02 18:09	--------	d-----w-	c:\program files (x86)\GPU-Z
2015-12-02 18:04 . 2015-12-03 19:27	--------	d-----w-	c:\program files\CrystalDiskMark5
2015-12-02 18:01 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2015-12-02 18:01 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2015-12-02 18:01 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2015-12-02 17:57 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2015-12-02 17:57 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2015-12-02 17:57 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2015-12-02 17:57 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2015-12-02 17:57 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2015-12-02 17:57 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2015-12-02 17:57 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2015-12-02 17:57 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2015-12-02 17:55 . 2015-07-15 03:19	52736	----a-w-	c:\windows\system32\basesrv.dll
2015-12-02 17:54 . 2014-10-14 02:13	683520	----a-w-	c:\windows\system32\termsrv.dll
2015-12-02 17:52 . 2014-07-17 02:07	235520	----a-w-	c:\windows\system32\winsta.dll
2015-12-02 17:51 . 2014-10-25 01:57	77824	----a-w-	c:\windows\system32\packager.dll
2015-12-02 17:51 . 2014-10-25 01:32	67584	----a-w-	c:\windows\SysWow64\packager.dll
2015-12-02 17:51 . 2011-12-16 08:46	634880	----a-w-	c:\windows\system32\msvcrt.dll
2015-12-02 17:51 . 2011-12-16 07:52	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2015-12-02 17:51 . 2011-02-23 04:55	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2015-12-02 17:51 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2015-12-02 17:51 . 2011-05-03 05:29	976896	----a-w-	c:\windows\system32\inetcomm.dll
2015-12-02 17:51 . 2011-05-03 04:30	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2015-12-02 17:47 . 2012-06-06 06:05	1499136	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2015-12-02 17:40 . 2015-12-02 17:40	--------	d-----w-	c:\program files\HWiNFO64
2015-12-02 17:37 . 2015-12-03 20:08	1024	---h--w-	C:\AMTAG.BIN
2015-12-02 17:37 . 2015-01-02 14:18	1811568	----a-w-	c:\windows\ampa.exe
2015-12-02 17:37 . 2013-12-18 10:33	17008	----a-w-	c:\windows\SysWow64\ampa.sys
2015-12-02 17:37 . 2013-12-18 10:33	17008	----a-w-	c:\windows\system32\ampa.sys
2015-12-02 17:37 . 2015-12-03 20:08	--------	d-----w-	c:\program files (x86)\AOMEI Partition Assistant Standard 5.6
2015-12-02 17:34 . 2015-12-04 15:21	--------	d-----w-	c:\program files\CCleaner
2015-12-02 17:33 . 2015-12-02 17:33	--------	d-----w-	c:\program files (x86)\Odkurzacz
2015-12-02 17:31 . 2015-12-02 17:31	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2015-12-02 17:31 . 2015-12-02 17:31	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2015-12-02 17:31 . 2015-12-02 17:31	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2015-12-02 17:30 . 2015-12-04 15:24	--------	d-----w-	c:\program files\CDBurnerXP
2015-12-02 17:25 . 2015-12-02 17:27	--------	d-----w-	c:\program files (x86)\CoolEditPro2
2015-12-02 17:16 . 2015-12-06 10:31	--------	d-----w-	c:\program files (x86)\AIMP3
2015-12-02 17:15 . 2015-12-02 17:15	--------	d-----w-	c:\program files\7-Zip
2015-12-02 17:12 . 2015-12-05 14:43	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2015-12-02 17:12 . 2015-12-04 16:10	--------	d-----w-	c:\programdata\Malwarebytes
2015-12-02 17:12 . 2015-10-05 08:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-12-02 16:50 . 2015-12-02 16:50	--------	d-----w-	c:\program files\ESET
2015-12-02 16:43 . 2015-12-08 10:13	--------	d-----w-	c:\program files\TNod User & Password Finder
2015-12-02 16:41 . 2015-12-02 16:41	--------	d-----w-	c:\program files (x86)\Bino
2015-12-02 16:41 . 2015-12-02 16:41	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2015-12-02 16:41 . 2013-04-05 19:26	2106368	----a-w-	c:\windows\SysWow64\ac3filter.ax
2015-12-02 16:41 . 2013-04-05 19:26	276992	----a-w-	c:\windows\SysWow64\BugTrap.dll
2015-12-02 16:41 . 2011-06-02 01:10	644608	----a-w-	c:\windows\SysWow64\xvidcore.dll
2015-12-02 16:41 . 2007-10-07 14:36	258048	----a-w-	c:\windows\SysWow64\libFLAC.dll
2015-12-02 16:41 . 2015-12-03 15:46	--------	d-----w-	c:\programdata\ALLPlayer
2015-12-02 16:41 . 2015-12-03 15:35	--------	d-----w-	c:\program files (x86)\ALLPlayer
2015-12-02 16:40 . 2015-12-02 16:40	--------	d-----w-	c:\users\Public\QiYi
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\program files\Adobe
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\program files\Common Files\Adobe
2015-12-02 16:30 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2015-12-02 16:30 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2015-12-02 16:28 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2015-12-02 16:25 . 2015-12-03 17:04	--------	d-----w-	c:\program files (x86)\IrfanView
2015-12-02 16:22 . 2015-12-07 08:31	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2015-12-02 16:16 . 2015-12-03 16:57	--------	d-----w-	c:\program files\Totalcmd
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\UC.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\RAR.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\NOCLOSE.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\LHA.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\ARJ.PIF
2015-12-02 16:13 . 2015-12-02 16:13	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2015-12-02 16:13 . 2015-12-02 16:14	--------	d-----w-	c:\program files\TrueCrypt
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\program files\WinRAR
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\programdata\Ad Muncher
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\program files (x86)\Ad Muncher
2015-12-02 16:11 . 2015-12-02 16:11	--------	d-----w-	c:\program files (x86)\CWK
2015-12-02 16:10 . 2015-12-02 16:10	--------	d-----w-	c:\users\Public\Foxit Software
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 00:45 . 2015-12-02 17:55	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29	875720	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22	869568	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-07 05:16 . 2015-10-07 05:16	142976	----a-w-	c:\windows\system32\drivers\ekbdflt.sys
2015-09-23 08:30 . 2015-09-23 08:30	69840	----a-w-	c:\windows\system32\drivers\epfwwfp.sys
2015-09-23 08:30 . 2015-09-23 08:30	52872	----a-w-	c:\windows\system32\drivers\EpfwLWF.sys
2015-09-23 08:30 . 2015-09-23 08:30	264040	----a-w-	c:\windows\system32\drivers\eamonm.sys
2015-09-23 08:30 . 2015-09-23 08:30	206312	----a-w-	c:\windows\system32\drivers\epfw.sys
2015-09-23 08:30 . 2015-09-23 08:30	186784	----a-w-	c:\windows\system32\drivers\ehdrv.sys
2010-06-15 01:54 . 2010-06-15 01:54	153008	----a-w-	c:\program files (x86)\fraps64.dll
2010-06-15 01:54 . 2010-06-15 01:54	206768	----a-w-	c:\program files (x86)\fraps32.dll
2010-06-15 01:54 . 2010-06-15 01:54	74672	----a-w-	c:\program files (x86)\fraps64.dat
2010-06-15 01:54 . 2010-06-15 01:54	2320304	----a-w-	c:\program files (x86)\fraps.exe
2010-06-15 01:46 . 2010-06-15 01:46	163840	----a-w-	c:\program files (x86)\frapslcd.dll
2014-03-07 09:03	3109520	--sha-r-	c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03	98960	--sha-r-	c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03	550032	--sha-r-	c:\windows\SysWOW64\avformat-lav-55.dll
2014-03-07 09:03	59536	--sha-r-	c:\windows\SysWOW64\avresample-lav-1.dll
2014-03-07 09:03	181392	--sha-r-	c:\windows\SysWOW64\avutil-lav-52.dll
2014-03-07 09:03	122512	--sha-r-	c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03	203408	--sha-r-	c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03	313520	--sha-r-	c:\windows\SysWOW64\HLvideo.dll
2014-03-07 09:03	166544	--sha-r-	c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03	109712	--sha-r-	c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26	112128	--sha-r-	c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03	118416	--sha-r-	c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"Ad Muncher"="c:\program files (x86)\Ad Muncher\AdMunch.exe" [2015-12-02 560760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ALSysIO;ALSysIO;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2015-08-11 8048640]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.pl/
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\userek\AppData\Roaming\Mozilla\Firefox\Profiles\9gy4symj.default-1449332321480\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072013&q=
FF - prefs.js: network.proxy.ftp - 178.33.53.55
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 178.33.53.55
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 178.33.53.55
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 178.33.53.55
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2737083 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2742613 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2840642v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2861208 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2894854v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2898864 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2901118 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972107 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972216 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2978128 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074230 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074550 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3097996 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3098781 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2015-12-09  10:58:58
ComboFix-quarantined-files.txt  2015-12-09 09:58
ComboFix2.txt  2015-12-04 15:42
.
Przed: 201 413 365 760 bajtów wolnych
Po: 201 198 338 048 bajtów wolnych
.
- - End Of File - - F541DADBEDD84307E9A8C94CA1D26573
ComboFix 15-12-12.01 - userek 2015-12-14  16:20:18.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.8175.6469 [GMT 1:00]
Uruchomiony z: g:\programy instalki\Antyvir\ComboFix15.12.12.1.exe
AV: ESET Smart Security 9.0.318.20 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: Zapora osobista ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.318.20 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-11-14 do 2015-12-14  )))))))))))))))))))))))))))))))
.
.
2015-12-14 15:23 . 2015-12-14 15:23	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-12-09 10:01 . 2015-12-09 10:02	--------	d-----w-	C:\FRST
2015-12-09 10:00 . 2015-12-14 15:17	--------	d-----w-	C:\AdwCleaner
2015-12-05 21:48 . 2015-12-05 21:48	--------	d-----w-	c:\program files\Common Files\AV
2015-12-05 21:43 . 2013-09-20 09:49	21040	----a-w-	c:\windows\system32\sdnclean64.exe
2015-12-05 21:43 . 2015-12-06 08:40	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-12-05 21:43 . 2015-12-05 22:02	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2015-12-05 19:03 . 2015-12-05 19:17	--------	d-----w-	c:\program files (x86)\Samsung
2015-12-05 19:03 . 2015-12-05 19:03	--------	d-----w-	c:\programdata\Samsung
2015-12-05 16:36 . 2015-12-05 16:36	--------	d-----w-	c:\program files\Mozilla Firefox
2015-12-05 15:17 . 2015-12-05 15:17	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-05 15:17 . 2015-12-05 15:17	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-05 15:17 . 2015-12-05 15:17	--------	d-----w-	c:\windows\system32\Macromed
2015-12-04 16:10 . 2015-12-14 14:46	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-04 16:10 . 2015-10-05 08:50	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-12-04 16:10 . 2015-10-05 08:50	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-12-04 15:25 . 2015-12-04 15:25	--------	d-----w-	c:\program files (x86)\PowerISO
2015-12-04 15:25 . 2010-04-12 08:55	91568	----a-w-	c:\windows\system32\drivers\scdemu.sys
2015-12-04 15:24 . 2015-12-04 15:24	--------	d-----w-	c:\programdata\Canneverbe Limited
2015-12-04 15:14 . 2015-12-04 15:14	--------	d-----w-	c:\program files\VLC Player
2015-12-03 20:15 . 2015-12-03 20:15	31136	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2015-12-03 19:46 . 2015-12-03 19:46	--------	d-----w-	c:\program files (x86)\HD Tune Pro
2015-12-03 18:24 . 2015-12-13 20:59	--------	d-----w-	c:\program files (x86)\Common Files\BattlEye
2015-12-03 18:09 . 2015-12-03 18:09	--------	d-----w-	c:\program files (x86)\CrystalDiskInfo
2015-12-02 19:20 . 2010-11-21 03:24	2872320	----a-w-	c:\windows\explorer.exe.Back
2015-12-02 19:17 . 2015-12-02 19:19	--------	d-----w-	c:\windows\system32\MRT
2015-12-02 19:04 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 19:04 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 19:03 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\programdata\Sony
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\program files\Sony
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\program files (x86)\Sony
2015-12-02 18:54 . 2015-12-02 18:54	878080	----a-w-	c:\windows\system32\advapi32.dll
2015-12-02 18:54 . 2015-12-02 18:54	859648	----a-w-	c:\windows\system32\tdh.dll
2015-12-02 18:54 . 2015-12-02 18:54	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-12-02 18:54 . 2015-12-02 18:54	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2015-12-02 18:53 . 2015-12-02 18:53	327168	----a-w-	c:\windows\system32\mswsock.dll
2015-12-02 18:53 . 2015-12-02 18:53	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2015-12-02 18:46 . 2015-12-02 18:46	1887232	----a-w-	c:\windows\system32\d3d11.dll
2015-12-02 18:46 . 2015-12-02 18:46	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2015-12-02 18:44 . 2015-12-03 17:03	--------	d-----w-	c:\program files (x86)\Notepad++
2015-12-02 18:36 . 2015-11-17 06:43	11138400	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7092C5F-2045-4A91-B13E-B0567BB3C62F}\mpengine.dll
2015-12-02 18:32 . 2015-12-02 18:32	--------	d-----w-	c:\program files\DIPS64
2015-12-02 18:31 . 2015-12-02 19:57	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2015-12-02 18:31 . 2015-12-02 18:31	--------	d-----w-	C:\Gry
2015-12-02 18:24 . 2015-12-04 15:16	--------	d-----w-	c:\program files (x86)\Sunrise Seven
2015-12-02 18:18 . 2015-12-02 18:23	--------	d-----w-	c:\program files (x86)\AIDA64 Extreme
2015-12-02 18:17 . 2015-12-02 18:17	--------	d-----w-	c:\program files\Core Temp
2015-12-02 18:16 . 2015-12-02 18:16	--------	d-----w-	c:\program files\CPU-Z
2015-12-02 18:15 . 2015-12-02 18:15	--------	d-----w-	c:\program files (x86)\HELP
2015-12-02 18:14 . 2015-12-02 18:14	--------	d-----w-	c:\program files (x86)\FurMark_1.13.0
2015-12-02 18:09 . 2015-12-13 21:41	--------	d-----w-	c:\program files (x86)\MSI Afterburner
2015-12-02 18:09 . 2015-12-02 18:09	--------	d-----w-	c:\program files (x86)\GPU-Z
2015-12-02 18:04 . 2015-12-03 19:27	--------	d-----w-	c:\program files\CrystalDiskMark5
2015-12-02 18:01 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2015-12-02 18:01 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2015-12-02 18:01 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2015-12-02 17:57 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2015-12-02 17:57 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2015-12-02 17:57 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2015-12-02 17:57 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2015-12-02 17:57 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2015-12-02 17:57 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2015-12-02 17:57 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2015-12-02 17:57 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2015-12-02 17:55 . 2015-07-15 03:19	52736	----a-w-	c:\windows\system32\basesrv.dll
2015-12-02 17:54 . 2014-10-14 02:13	683520	----a-w-	c:\windows\system32\termsrv.dll
2015-12-02 17:52 . 2014-07-17 02:07	235520	----a-w-	c:\windows\system32\winsta.dll
2015-12-02 17:51 . 2014-10-25 01:57	77824	----a-w-	c:\windows\system32\packager.dll
2015-12-02 17:51 . 2014-10-25 01:32	67584	----a-w-	c:\windows\SysWow64\packager.dll
2015-12-02 17:51 . 2011-12-16 08:46	634880	----a-w-	c:\windows\system32\msvcrt.dll
2015-12-02 17:51 . 2011-12-16 07:52	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2015-12-02 17:51 . 2011-02-23 04:55	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2015-12-02 17:51 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2015-12-02 17:51 . 2011-05-03 05:29	976896	----a-w-	c:\windows\system32\inetcomm.dll
2015-12-02 17:51 . 2011-05-03 04:30	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2015-12-02 17:47 . 2012-06-06 06:05	1499136	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2015-12-02 17:40 . 2015-12-02 17:40	--------	d-----w-	c:\program files\HWiNFO64
2015-12-02 17:37 . 2015-12-03 20:08	1024	---h--w-	C:\AMTAG.BIN
2015-12-02 17:37 . 2015-01-02 14:18	1811568	----a-w-	c:\windows\ampa.exe
2015-12-02 17:37 . 2013-12-18 10:33	17008	----a-w-	c:\windows\SysWow64\ampa.sys
2015-12-02 17:37 . 2013-12-18 10:33	17008	----a-w-	c:\windows\system32\ampa.sys
2015-12-02 17:37 . 2015-12-03 20:08	--------	d-----w-	c:\program files (x86)\AOMEI Partition Assistant Standard 5.6
2015-12-02 17:34 . 2015-12-04 15:21	--------	d-----w-	c:\program files\CCleaner
2015-12-02 17:33 . 2015-12-02 17:33	--------	d-----w-	c:\program files (x86)\Odkurzacz
2015-12-02 17:31 . 2015-12-02 17:31	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2015-12-02 17:31 . 2015-12-02 17:31	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2015-12-02 17:31 . 2015-12-02 17:31	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2015-12-02 17:30 . 2015-12-04 15:24	--------	d-----w-	c:\program files\CDBurnerXP
2015-12-02 17:25 . 2015-12-02 17:27	--------	d-----w-	c:\program files (x86)\CoolEditPro2
2015-12-02 17:16 . 2015-12-06 10:31	--------	d-----w-	c:\program files (x86)\AIMP3
2015-12-02 17:15 . 2015-12-02 17:15	--------	d-----w-	c:\program files\7-Zip
2015-12-02 17:12 . 2015-12-05 14:43	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2015-12-02 17:12 . 2015-12-04 16:10	--------	d-----w-	c:\programdata\Malwarebytes
2015-12-02 17:12 . 2015-10-05 08:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-12-02 16:50 . 2015-12-02 16:50	--------	d-----w-	c:\program files\ESET
2015-12-02 16:43 . 2015-12-09 12:14	--------	d-----w-	c:\program files\TNod User & Password Finder
2015-12-02 16:41 . 2015-12-02 16:41	--------	d-----w-	c:\program files (x86)\Bino
2015-12-02 16:41 . 2015-12-02 16:41	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2015-12-02 16:41 . 2013-04-05 19:26	2106368	----a-w-	c:\windows\SysWow64\ac3filter.ax
2015-12-02 16:41 . 2013-04-05 19:26	276992	----a-w-	c:\windows\SysWow64\BugTrap.dll
2015-12-02 16:41 . 2011-06-02 01:10	644608	----a-w-	c:\windows\SysWow64\xvidcore.dll
2015-12-02 16:41 . 2007-10-07 14:36	258048	----a-w-	c:\windows\SysWow64\libFLAC.dll
2015-12-02 16:41 . 2015-12-03 15:46	--------	d-----w-	c:\programdata\ALLPlayer
2015-12-02 16:41 . 2015-12-03 15:35	--------	d-----w-	c:\program files (x86)\ALLPlayer
2015-12-02 16:40 . 2015-12-02 16:40	--------	d-----w-	c:\users\Public\QiYi
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\program files\Adobe
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\program files\Common Files\Adobe
2015-12-02 16:30 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2015-12-02 16:30 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2015-12-02 16:28 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2015-12-02 16:25 . 2015-12-03 17:04	--------	d-----w-	c:\program files (x86)\IrfanView
2015-12-02 16:22 . 2015-12-07 08:31	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2015-12-02 16:16 . 2015-12-03 16:57	--------	d-----w-	c:\program files\Totalcmd
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\UC.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\RAR.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\NOCLOSE.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\LHA.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\ARJ.PIF
2015-12-02 16:13 . 2015-12-02 16:13	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2015-12-02 16:13 . 2015-12-02 16:14	--------	d-----w-	c:\program files\TrueCrypt
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\program files\WinRAR
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\programdata\Ad Muncher
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\program files (x86)\Ad Muncher
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 00:45 . 2015-12-02 17:55	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29	875720	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22	869568	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-07 05:16 . 2015-10-07 05:16	142976	----a-w-	c:\windows\system32\drivers\ekbdflt.sys
2015-09-23 08:30 . 2015-09-23 08:30	69840	----a-w-	c:\windows\system32\drivers\epfwwfp.sys
2015-09-23 08:30 . 2015-09-23 08:30	52872	----a-w-	c:\windows\system32\drivers\EpfwLWF.sys
2015-09-23 08:30 . 2015-09-23 08:30	264040	----a-w-	c:\windows\system32\drivers\eamonm.sys
2015-09-23 08:30 . 2015-09-23 08:30	206312	----a-w-	c:\windows\system32\drivers\epfw.sys
2015-09-23 08:30 . 2015-09-23 08:30	186784	----a-w-	c:\windows\system32\drivers\ehdrv.sys
2010-06-15 01:54 . 2010-06-15 01:54	153008	----a-w-	c:\program files (x86)\fraps64.dll
2010-06-15 01:54 . 2010-06-15 01:54	206768	----a-w-	c:\program files (x86)\fraps32.dll
2010-06-15 01:54 . 2010-06-15 01:54	74672	----a-w-	c:\program files (x86)\fraps64.dat
2010-06-15 01:54 . 2010-06-15 01:54	2320304	----a-w-	c:\program files (x86)\fraps.exe
2010-06-15 01:46 . 2010-06-15 01:46	163840	----a-w-	c:\program files (x86)\frapslcd.dll
2014-03-07 09:03	3109520	--sha-r-	c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03	98960	--sha-r-	c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03	550032	--sha-r-	c:\windows\SysWOW64\avformat-lav-55.dll
2014-03-07 09:03	59536	--sha-r-	c:\windows\SysWOW64\avresample-lav-1.dll
2014-03-07 09:03	181392	--sha-r-	c:\windows\SysWOW64\avutil-lav-52.dll
2014-03-07 09:03	122512	--sha-r-	c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03	203408	--sha-r-	c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03	313520	--sha-r-	c:\windows\SysWOW64\HLvideo.dll
2014-03-07 09:03	166544	--sha-r-	c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03	109712	--sha-r-	c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26	112128	--sha-r-	c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03	118416	--sha-r-	c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"Ad Muncher"="c:\program files (x86)\Ad Muncher\AdMunch.exe" [2015-12-02 560760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ALSysIO;ALSysIO;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2015-08-11 8048640]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.pl/
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\userek\AppData\Roaming\Mozilla\Firefox\Profiles\9gy4symj.default-1449332321480\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072013&q=
FF - prefs.js: network.proxy.ftp - 178.33.53.55
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 178.33.53.55
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 178.33.53.55
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 178.33.53.55
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2737083 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2742613 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2840642v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2861208 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2894854v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2898864 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2901118 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972107 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972216 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2978128 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074230 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074550 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3097996 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3098781 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2015-12-14  16:24:25
ComboFix-quarantined-files.txt  2015-12-14 15:24
ComboFix2.txt  2015-12-09 09:58
ComboFix3.txt  2015-12-04 15:42
.
Przed: 199 383 977 984 bajtów wolnych
Po: 199 316 639 744 bajtów wolnych
.
- - End Of File - - 9595F8E32707C6932FA54D0CE1171EDB
ComboFix 15-12-16.01 - userek 2015-12-20   9:02.4.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.8174.6481 [GMT 1:00]
Uruchomiony z: g:\programy instalki\Antyvir\ComboFix15.12.16.1.exe
AV: ESET Smart Security 9.0.318.20 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: Zapora osobista ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.318.20 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-11-20 do 2015-12-20  )))))))))))))))))))))))))))))))
.
.
2015-12-20 08:04 . 2015-12-20 08:04	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-12-19 08:58 . 2015-12-19 08:58	--------	d-----w-	C:\Intel
2015-12-18 22:54 . 2015-12-19 09:06	--------	d-----w-	c:\program files\Mozilla Firefox
2015-12-15 16:59 . 2015-12-15 16:59	--------	d-----w-	c:\users\Public\Foxit Software
2015-12-09 10:01 . 2015-12-14 15:30	--------	d-----w-	C:\FRST
2015-12-09 10:00 . 2015-12-14 15:17	--------	d-----w-	C:\AdwCleaner
2015-12-05 21:48 . 2015-12-05 21:48	--------	d-----w-	c:\program files\Common Files\AV
2015-12-05 21:43 . 2013-09-20 09:49	21040	----a-w-	c:\windows\system32\sdnclean64.exe
2015-12-05 21:43 . 2015-12-06 08:40	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-12-05 21:43 . 2015-12-05 22:02	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2015-12-05 19:03 . 2015-12-05 19:17	--------	d-----w-	c:\program files (x86)\Samsung
2015-12-05 19:03 . 2015-12-05 19:03	--------	d-----w-	c:\programdata\Samsung
2015-12-05 15:17 . 2015-12-05 15:17	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-05 15:17 . 2015-12-05 15:17	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-05 15:17 . 2015-12-05 15:17	--------	d-----w-	c:\windows\system32\Macromed
2015-12-04 16:10 . 2015-12-20 07:46	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-04 16:10 . 2015-10-05 08:50	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-12-04 16:10 . 2015-10-05 08:50	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-12-04 15:25 . 2015-12-04 15:25	--------	d-----w-	c:\program files (x86)\PowerISO
2015-12-04 15:25 . 2010-04-12 08:55	91568	----a-w-	c:\windows\system32\drivers\scdemu.sys
2015-12-04 15:24 . 2015-12-04 15:24	--------	d-----w-	c:\programdata\Canneverbe Limited
2015-12-04 15:14 . 2015-12-04 15:14	--------	d-----w-	c:\program files\VLC Player
2015-12-03 20:15 . 2015-12-03 20:15	31136	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2015-12-03 19:46 . 2015-12-03 19:46	--------	d-----w-	c:\program files (x86)\HD Tune Pro
2015-12-03 18:24 . 2015-12-19 22:21	--------	d-----w-	c:\program files (x86)\Common Files\BattlEye
2015-12-03 18:09 . 2015-12-03 18:09	--------	d-----w-	c:\program files (x86)\CrystalDiskInfo
2015-12-02 19:20 . 2010-11-21 03:24	2872320	----a-w-	c:\windows\explorer.exe.Back
2015-12-02 19:17 . 2015-12-02 19:19	--------	d-----w-	c:\windows\system32\MRT
2015-12-02 19:04 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 19:04 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 19:03 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\programdata\Sony
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\program files\Sony
2015-12-02 19:00 . 2015-12-02 19:00	--------	d-----w-	c:\program files (x86)\Sony
2015-12-02 18:54 . 2015-12-02 18:54	878080	----a-w-	c:\windows\system32\advapi32.dll
2015-12-02 18:54 . 2015-12-02 18:54	859648	----a-w-	c:\windows\system32\tdh.dll
2015-12-02 18:54 . 2015-12-02 18:54	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-12-02 18:54 . 2015-12-02 18:54	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2015-12-02 18:53 . 2015-12-02 18:53	327168	----a-w-	c:\windows\system32\mswsock.dll
2015-12-02 18:53 . 2015-12-02 18:53	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2015-12-02 18:46 . 2015-12-02 18:46	1887232	----a-w-	c:\windows\system32\d3d11.dll
2015-12-02 18:46 . 2015-12-02 18:46	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2015-12-02 18:44 . 2015-12-03 17:03	--------	d-----w-	c:\program files (x86)\Notepad++
2015-12-02 18:36 . 2015-11-17 06:43	11138400	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7092C5F-2045-4A91-B13E-B0567BB3C62F}\mpengine.dll
2015-12-02 18:32 . 2015-12-02 18:32	--------	d-----w-	c:\program files\DIPS64
2015-12-02 18:31 . 2015-12-02 19:57	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2015-12-02 18:31 . 2015-12-02 18:31	--------	d-----w-	C:\Gry
2015-12-02 18:24 . 2015-12-04 15:16	--------	d-----w-	c:\program files (x86)\Sunrise Seven
2015-12-02 18:18 . 2015-12-02 18:23	--------	d-----w-	c:\program files (x86)\AIDA64 Extreme
2015-12-02 18:17 . 2015-12-02 18:17	--------	d-----w-	c:\program files\Core Temp
2015-12-02 18:16 . 2015-12-02 18:16	--------	d-----w-	c:\program files\CPU-Z
2015-12-02 18:15 . 2015-12-02 18:15	--------	d-----w-	c:\program files (x86)\HELP
2015-12-02 18:14 . 2015-12-02 18:14	--------	d-----w-	c:\program files (x86)\FurMark_1.13.0
2015-12-02 18:09 . 2015-12-18 22:12	--------	d-----w-	c:\program files (x86)\MSI Afterburner
2015-12-02 18:09 . 2015-12-02 18:09	--------	d-----w-	c:\program files (x86)\GPU-Z
2015-12-02 18:04 . 2015-12-03 19:27	--------	d-----w-	c:\program files\CrystalDiskMark5
2015-12-02 18:01 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2015-12-02 18:01 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2015-12-02 18:01 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2015-12-02 17:57 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2015-12-02 17:57 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2015-12-02 17:57 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2015-12-02 17:57 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2015-12-02 17:57 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2015-12-02 17:57 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2015-12-02 17:57 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2015-12-02 17:57 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2015-12-02 17:55 . 2015-07-15 03:19	52736	----a-w-	c:\windows\system32\basesrv.dll
2015-12-02 17:54 . 2014-10-14 02:13	683520	----a-w-	c:\windows\system32\termsrv.dll
2015-12-02 17:52 . 2014-07-17 02:07	235520	----a-w-	c:\windows\system32\winsta.dll
2015-12-02 17:51 . 2014-10-25 01:57	77824	----a-w-	c:\windows\system32\packager.dll
2015-12-02 17:51 . 2014-10-25 01:32	67584	----a-w-	c:\windows\SysWow64\packager.dll
2015-12-02 17:51 . 2011-12-16 08:46	634880	----a-w-	c:\windows\system32\msvcrt.dll
2015-12-02 17:51 . 2011-12-16 07:52	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2015-12-02 17:51 . 2011-02-23 04:55	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2015-12-02 17:51 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2015-12-02 17:51 . 2011-05-03 05:29	976896	----a-w-	c:\windows\system32\inetcomm.dll
2015-12-02 17:51 . 2011-05-03 04:30	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2015-12-02 17:47 . 2012-06-06 06:05	1499136	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2015-12-02 17:40 . 2015-12-02 17:40	--------	d-----w-	c:\program files\HWiNFO64
2015-12-02 17:37 . 2015-12-03 20:08	1024	---h--w-	C:\AMTAG.BIN
2015-12-02 17:37 . 2015-01-02 14:18	1811568	----a-w-	c:\windows\ampa.exe
2015-12-02 17:37 . 2013-12-18 10:33	17008	----a-w-	c:\windows\SysWow64\ampa.sys
2015-12-02 17:37 . 2013-12-18 10:33	17008	----a-w-	c:\windows\system32\ampa.sys
2015-12-02 17:37 . 2015-12-03 20:08	--------	d-----w-	c:\program files (x86)\AOMEI Partition Assistant Standard 5.6
2015-12-02 17:34 . 2015-12-04 15:21	--------	d-----w-	c:\program files\CCleaner
2015-12-02 17:33 . 2015-12-02 17:33	--------	d-----w-	c:\program files (x86)\Odkurzacz
2015-12-02 17:31 . 2015-12-02 17:31	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2015-12-02 17:31 . 2015-12-02 17:31	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2015-12-02 17:31 . 2015-12-02 17:31	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2015-12-02 17:30 . 2015-12-04 15:24	--------	d-----w-	c:\program files\CDBurnerXP
2015-12-02 17:25 . 2015-12-02 17:27	--------	d-----w-	c:\program files (x86)\CoolEditPro2
2015-12-02 17:16 . 2015-12-06 10:31	--------	d-----w-	c:\program files (x86)\AIMP3
2015-12-02 17:15 . 2015-12-02 17:15	--------	d-----w-	c:\program files\7-Zip
2015-12-02 17:12 . 2015-12-05 14:43	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2015-12-02 17:12 . 2015-12-04 16:10	--------	d-----w-	c:\programdata\Malwarebytes
2015-12-02 17:12 . 2015-10-05 08:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-12-02 16:50 . 2015-12-02 16:50	--------	d-----w-	c:\program files\ESET
2015-12-02 16:43 . 2015-12-17 19:03	--------	d-----w-	c:\program files\TNod User & Password Finder
2015-12-02 16:41 . 2015-12-02 16:41	--------	d-----w-	c:\program files (x86)\Bino
2015-12-02 16:41 . 2015-12-02 16:41	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2015-12-02 16:41 . 2013-04-05 19:26	2106368	----a-w-	c:\windows\SysWow64\ac3filter.ax
2015-12-02 16:41 . 2013-04-05 19:26	276992	----a-w-	c:\windows\SysWow64\BugTrap.dll
2015-12-02 16:41 . 2011-06-02 01:10	644608	----a-w-	c:\windows\SysWow64\xvidcore.dll
2015-12-02 16:41 . 2007-10-07 14:36	258048	----a-w-	c:\windows\SysWow64\libFLAC.dll
2015-12-02 16:41 . 2015-12-03 15:46	--------	d-----w-	c:\programdata\ALLPlayer
2015-12-02 16:41 . 2015-12-03 15:35	--------	d-----w-	c:\program files (x86)\ALLPlayer
2015-12-02 16:40 . 2015-12-02 16:40	--------	d-----w-	c:\users\Public\QiYi
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\program files\Adobe
2015-12-02 16:31 . 2015-12-02 16:31	--------	d-----w-	c:\program files\Common Files\Adobe
2015-12-02 16:30 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2015-12-02 16:30 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2015-12-02 16:28 . 2015-12-02 16:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2015-12-02 16:25 . 2015-12-03 17:04	--------	d-----w-	c:\program files (x86)\IrfanView
2015-12-02 16:22 . 2015-12-07 08:31	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2015-12-02 16:16 . 2015-12-03 16:57	--------	d-----w-	c:\program files\Totalcmd
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\UC.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\RAR.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\NOCLOSE.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\LHA.PIF
2015-12-02 16:16 . 2009-09-09 06:50	545	----a-w-	c:\windows\ARJ.PIF
2015-12-02 16:13 . 2015-12-02 16:13	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2015-12-02 16:13 . 2015-12-02 16:14	--------	d-----w-	c:\program files\TrueCrypt
2015-12-02 16:12 . 2015-12-02 16:12	--------	d-----w-	c:\program files\WinRAR
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 00:45 . 2015-12-02 17:55	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29	875720	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22	869568	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-07 05:16 . 2015-10-07 05:16	142976	----a-w-	c:\windows\system32\drivers\ekbdflt.sys
2015-09-23 08:30 . 2015-09-23 08:30	69840	----a-w-	c:\windows\system32\drivers\epfwwfp.sys
2015-09-23 08:30 . 2015-09-23 08:30	52872	----a-w-	c:\windows\system32\drivers\EpfwLWF.sys
2015-09-23 08:30 . 2015-09-23 08:30	264040	----a-w-	c:\windows\system32\drivers\eamonm.sys
2015-09-23 08:30 . 2015-09-23 08:30	206312	----a-w-	c:\windows\system32\drivers\epfw.sys
2015-09-23 08:30 . 2015-09-23 08:30	186784	----a-w-	c:\windows\system32\drivers\ehdrv.sys
2010-06-15 01:54 . 2010-06-15 01:54	153008	----a-w-	c:\program files (x86)\fraps64.dll
2010-06-15 01:54 . 2010-06-15 01:54	206768	----a-w-	c:\program files (x86)\fraps32.dll
2010-06-15 01:54 . 2010-06-15 01:54	74672	----a-w-	c:\program files (x86)\fraps64.dat
2010-06-15 01:54 . 2010-06-15 01:54	2320304	----a-w-	c:\program files (x86)\fraps.exe
2010-06-15 01:46 . 2010-06-15 01:46	163840	----a-w-	c:\program files (x86)\frapslcd.dll
2014-03-07 09:03	3109520	--sha-r-	c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03	98960	--sha-r-	c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03	550032	--sha-r-	c:\windows\SysWOW64\avformat-lav-55.dll
2014-03-07 09:03	59536	--sha-r-	c:\windows\SysWOW64\avresample-lav-1.dll
2014-03-07 09:03	181392	--sha-r-	c:\windows\SysWOW64\avutil-lav-52.dll
2014-03-07 09:03	122512	--sha-r-	c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03	203408	--sha-r-	c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03	313520	--sha-r-	c:\windows\SysWOW64\HLvideo.dll
2014-03-07 09:03	166544	--sha-r-	c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03	109712	--sha-r-	c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26	112128	--sha-r-	c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03	118416	--sha-r-	c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad Muncher"="c:\program files (x86)\Ad Muncher\AdMunch.exe" [2015-12-02 560760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ALSysIO;ALSysIO;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys;c:\users\userek\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x]
R3 AxtuDrv;AxtuDrv;c:\windows\SysWOW64\Drivers\AxtuDrv.sys;c:\windows\SysWOW64\Drivers\AxtuDrv.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2015-08-11 8048640]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.pl/
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\userek\AppData\Roaming\Mozilla\Firefox\Profiles\9gy4symj.default-1449332321480\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072013&q=
FF - prefs.js: network.proxy.ftp - 178.33.53.55
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 178.33.53.55
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 178.33.53.55
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 178.33.53.55
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2737083 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2742613 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2840642v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2861208 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2894854v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2898864 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2901118 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972107 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972216 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2978128 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074230 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074550 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3097996 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3098781 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2015-12-20  09:06:08
ComboFix-quarantined-files.txt  2015-12-20 08:06
ComboFix2.txt  2015-12-14 15:24
ComboFix3.txt  2015-12-09 09:58
ComboFix4.txt  2015-12-04 15:42
.
Przed: 198 395 854 848 bajtów wolnych
Po: 198 418 583 552 bajtów wolnych
.
- - End Of File - - B2069A3D51DF89EDFC5E0A20F03763D4