ComboFix 15-04-19.01 - nikan 2015-04-22  16:45:59.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1250.48.1045.18.3070.2204 [GMT 2:00]
Uruchomiony z: c:\users\nikan\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: STOPzilla AntiVirus *Disabled/Updated* {17032AB1-6644-0721-EEB5-A39B8B646009}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: STOPzilla AntiVirus *Disabled/Updated* {AC62CB55-407E-08AF-D405-98E9F0E32AB4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-03-22 do 2015-04-22  )))))))))))))))))))))))))))))))
.
.
2015-04-22 14:55 . 2015-04-22 14:55	--------	d-----w-	c:\users\nikan\AppData\Local\temp
2015-04-22 14:55 . 2015-04-22 14:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-22 10:46 . 2015-04-22 10:53	--------	d-----w-	C:\AdwCleaner
2015-04-22 10:15 . 2015-04-22 10:15	--------	d-----w-	C:\sh4ldr
2015-04-22 10:14 . 2015-04-22 10:14	19984	----a-w-	c:\windows\system32\drivers\EsgScanner.sys
2015-04-22 10:14 . 2015-04-22 10:14	--------	d-----w-	c:\program files\Enigma Software Group
2015-04-22 09:27 . 2013-09-04 12:57	24040	----a-w-	c:\windows\system32\drivers\gfiutil.sys
2015-04-22 09:27 . 2013-05-23 06:39	43368	----a-w-	c:\windows\system32\drivers\gfiark.sys
2015-04-22 08:58 . 2013-10-01 14:31	96720	----a-w-	c:\windows\system32\drivers\sbhips.sys
2015-04-22 08:57 . 2013-10-01 14:31	228048	----a-w-	c:\windows\system32\drivers\SbFw.sys
2015-04-22 08:57 . 2013-03-26 13:58	96288	----a-w-	c:\windows\system32\drivers\SbFwIm.sys
2015-04-22 08:57 . 2015-04-22 14:06	--------	d-----w-	c:\programdata\STOPzilla!
2015-04-22 08:57 . 2015-04-22 08:57	--------	d-----w-	c:\windows\system32\drivers\VDD
2015-04-22 08:57 . 2015-04-22 14:29	--------	d-----w-	c:\program files\STOPzilla
2015-04-21 16:41 . 2014-10-13 05:57	89856	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2015-04-21 16:41 . 2014-10-13 05:57	184192	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2015-04-21 16:40 . 2015-04-21 16:40	--------	d-----w-	c:\program files\MyFree Codec
2015-04-21 16:36 . 2015-04-21 16:40	--------	d-----w-	c:\programdata\Samsung
2015-04-21 13:42 . 2015-04-21 13:42	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2015-04-21 13:41 . 2015-04-21 13:41	--------	d-----w-	C:\Quarantine
2015-04-21 13:36 . 2015-04-21 13:36	238288	----a-w-	c:\windows\system32\mfevtps.exe
2015-04-21 13:36 . 2015-04-21 13:36	91840	----a-w-	c:\windows\system32\drivers\mferkdet.sys
2015-04-21 13:36 . 2015-04-21 13:36	648552	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2015-04-21 13:36 . 2015-04-21 13:41	--------	d-----w-	c:\program files\stinger
2015-04-21 12:52 . 2015-04-21 14:42	--------	d-----w-	c:\users\nikan\AppData\Roaming\ViberPC
2015-04-21 12:52 . 2015-04-21 14:41	--------	d-----w-	c:\users\nikan\AppData\Local\Viber
2015-04-21 12:52 . 2015-04-21 12:52	--------	d-----w-	c:\programdata\Lavasoft
2015-04-21 12:50 . 2015-04-21 12:51	--------	d-----w-	c:\users\nikan\AppData\Roaming\{5E65DA1A-7738-49A0-9919-2752043BAF40}
2015-04-21 12:35 . 2015-04-22 09:01	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-04-21 12:15 . 2013-04-29 06:17	47632	----a-w-	c:\windows\system32\drivers\PSKMAD.sys
2015-04-21 12:14 . 2015-04-21 12:29	--------	d-----w-	c:\program files\Panda Security
2015-04-21 10:28 . 2015-04-21 10:28	--------	d-----w-	C:\RegBackup
2015-04-21 08:11 . 2015-04-04 06:39	9201616	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{66FCBA0A-D301-4124-9870-4183D065D930}\mpengine.dll
2015-04-20 21:58 . 2015-04-20 21:58	--------	d-----w-	c:\programdata\Malwarebytes
2015-04-15 09:25 . 2015-03-09 01:01	1249280	----a-w-	c:\windows\system32\msxml3.dll
2015-04-15 09:21 . 2015-03-05 02:24	297984	----a-w-	c:\windows\system32\gdi32.dll
2015-04-15 09:21 . 2015-03-05 02:32	244152	----a-w-	c:\windows\system32\clfs.sys
2015-04-15 09:21 . 2015-03-05 02:23	57344	----a-w-	c:\windows\system32\clfsw32.dll
2015-04-15 09:20 . 2015-03-14 02:21	1205168	----a-w-	c:\windows\system32\ntdll.dll
2015-04-15 09:20 . 2015-03-13 01:51	3604920	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-04-15 09:20 . 2015-03-13 01:51	3552184	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-04-15 09:08 . 2015-04-15 09:08	17593008	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 09:08 . 2015-01-12 20:32	778416	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-04-15 09:08 . 2015-01-12 20:32	142512	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-19 04:23 . 2015-03-19 04:23	76872	----a-w-	c:\windows\system32\RtNicProp32.dll
2015-03-19 04:23 . 2015-03-19 04:23	584920	----a-w-	c:\windows\system32\drivers\Rtlh86.sys
2015-03-19 04:23 . 2015-01-12 20:29	100896	----a-w-	c:\windows\system32\RTNUninst32.dll
2015-03-19 04:17 . 2012-02-09 21:43	16128576	----a-w-	c:\windows\system32\nvwgf2um.dll
2015-03-19 04:17 . 2015-03-19 04:17	11272048	----a-w-	c:\windows\system32\nvopencl.dll
2015-03-19 04:17 . 2015-03-19 04:17	24199824	----a-w-	c:\windows\system32\nvoglv32.dll
2015-03-19 04:17 . 2015-03-19 04:17	911504	----a-w-	c:\windows\system32\nvdispgenco3234144.dll
2015-03-19 04:17 . 2015-03-19 04:17	10702664	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2015-03-19 04:17 . 2015-03-19 04:17	1060680	----a-w-	c:\windows\system32\nvdispco3234144.dll
2015-03-19 04:17 . 2010-01-12 11:03	14497760	----a-w-	c:\windows\system32\nvd3dum.dll
2015-03-19 04:17 . 2015-03-19 04:17	3987784	----a-w-	c:\windows\system32\nvcuvid.dll
2015-03-19 04:17 . 2015-03-19 04:17	11209376	----a-w-	c:\windows\system32\nvcuda.dll
2015-03-19 04:17 . 2015-03-19 04:17	15294096	----a-w-	c:\windows\system32\nvcompiler.dll
2015-03-19 04:17 . 2010-01-12 11:03	2824176	----a-w-	c:\windows\system32\nvapi.dll
2015-03-16 07:28 . 2015-01-12 20:51	22816	----a-w-	c:\windows\system32\RegBootDefrag.exe
2015-03-10 17:13 . 2015-01-11 22:28	57888	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2015-03-10 17:13 . 2015-01-11 22:28	206976	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-03-10 17:13 . 2015-01-11 22:28	427480	----a-w-	c:\windows\system32\drivers\aswSP.sys
2015-03-10 17:13 . 2015-01-11 22:28	49904	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-03-10 17:13 . 2015-01-11 22:28	73440	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2015-03-10 17:13 . 2015-01-11 22:28	24144	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-03-10 17:13 . 2015-01-11 22:28	55200	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2015-03-10 17:12 . 2015-03-10 17:13	291312	----a-w-	c:\windows\system32\aswBoot.exe
2015-03-10 17:12 . 2015-03-10 17:12	43112	----a-w-	c:\windows\avastSS.scr
2015-03-10 17:12 . 2015-01-11 22:28	788272	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2015-03-06 04:01 . 2015-03-11 13:41	279040	----a-w-	c:\windows\system32\schannel.dll
2015-02-26 00:18 . 2015-03-11 13:46	2064384	----a-w-	c:\windows\system32\win32k.sys
2015-02-24 02:23 . 2015-01-12 08:31	246920	------w-	c:\windows\system32\MpSigStub.exe
2015-02-20 02:03 . 2015-03-11 13:42	34304	----a-w-	c:\windows\system32\atmlib.dll
2015-02-20 00:28 . 2015-03-11 13:42	296960	----a-w-	c:\windows\system32\atmfd.dll
2015-02-04 10:23 . 2015-02-04 10:23	875688	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 02:06 . 2010-01-11 21:18	4388040	----a-w-	c:\windows\system32\nvcpl.dll
2015-02-04 02:06 . 2010-01-11 21:18	3060936	----a-w-	c:\windows\system32\nvsvc.dll
2015-02-04 02:05 . 2010-01-11 21:18	670536	----a-w-	c:\windows\system32\nvvsvc.exe
2015-02-04 02:05 . 2015-03-19 04:22	2553032	----a-w-	c:\windows\system32\nvsvcr.dll
2015-02-04 02:05 . 2010-01-11 21:18	61584	----a-w-	c:\windows\system32\nvshext.dll
2015-02-04 02:05 . 2010-01-11 21:18	374928	----a-w-	c:\windows\system32\nvmctray.dll
2015-01-29 01:35 . 2015-03-11 13:47	369664	----a-w-	c:\windows\system32\WMPhoto.dll
2015-01-29 01:35 . 2015-03-11 13:46	975360	----a-w-	c:\windows\system32\WindowsCodecs.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-03-10 17:12	644608	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-19 5511352]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2015-02-24 311616]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk * \0BootDefrag.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe"
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe"
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-15 09:46	988488	----a-w-	c:\program files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2015-04-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-12 09:08]
.
2015-04-21 c:\windows\Tasks\DiskDefrag.job
- c:\program files\Glary Utilities 5\DiskDefrag.exe [2015-04-13 07:55]
.
2015-04-22 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files\Glary Utilities 5\Initialize.exe [2015-04-13 07:56]
.
2015-04-21 c:\windows\Tasks\GlaryOneClickOptimizer 5.job
- c:\program files\Glary Utilities 5\OneClickMaintenance.exe [2015-04-13 07:56]
.
2015-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-01-11 22:28]
.
2015-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-01-11 22:28]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.onet.pl/
mStart Page = https://www.google.com/?trackid=sp-006
mSearch Bar = https://www.google.com/?trackid=sp-006
TCP: DhcpNameServer = 89.231.1.206 217.172.224.160
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
SafeBoot-MBAMSwissArmy
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-SBAMSvc
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-04-22 16:55
Windows 6.0.6002 Service Pack 2 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Czas ukończenia: 2015-04-22  16:57:24
ComboFix-quarantined-files.txt  2015-04-22 14:57
.
Przed: 356 072 108 032 bajtów wolnych
Po: 355 295 051 776 bajtów wolnych
.
- - End Of File - - 871579E5054E5ACB4F2B4E2F4B5D0FA6
5C616939100B85E558DA92B899A0FC36