ComboFix 15-09-07.01 - Kuba 2015-09-08 18:12:34.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1250.48.1045.18.8108.5689 [GMT 2:00] Uruchomiony z: c:\users\Kuba\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\SysWow64\SET4867.tmp c:\windows\SysWow64\SET4B39.tmp c:\windows\SysWow64\SET4B4B.tmp c:\windows\SysWow64\SET4CB7.tmp . . ((((((((((((((((((((((((( Pliki utworzone od 2015-08-08 do 2015-09-08 ))))))))))))))))))))))))))))))) . . 2015-09-08 16:14 . 2015-09-08 16:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-09-08 15:34 . 2015-09-08 15:34 -------- d-----w- c:\windows\SysWow64\NV 2015-09-08 15:34 . 2015-09-08 15:34 -------- d-----w- c:\windows\system32\NV 2015-09-08 15:34 . 2015-08-25 14:08 574072 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2015-09-08 15:28 . 2015-09-08 15:34 -------- d-----w- c:\programdata\NVIDIA 2015-09-08 15:28 . 2015-08-25 14:24 937776 ----a-w- c:\windows\system32\nvvsvc.exe 2015-09-08 15:28 . 2015-08-25 14:24 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll 2015-09-08 15:28 . 2015-08-25 14:24 62584 ----a-w- c:\windows\system32\nvshext.dll 2015-09-08 15:28 . 2015-08-25 14:24 582448 ----a-w- c:\windows\SysWow64\oemdspif.dll 2015-09-08 15:28 . 2015-08-25 14:24 385144 ----a-w- c:\windows\system32\nvmctray.dll 2015-09-08 15:28 . 2015-08-25 14:24 3496752 ----a-w- c:\windows\system32\nvsvc64.dll 2015-09-08 15:28 . 2015-08-25 14:24 2558584 ----a-w- c:\windows\system32\nvsvcr.dll 2015-09-08 15:28 . 2015-08-25 14:24 1062520 ----a-w- c:\windows\system32\nv3dappshext.dll 2015-09-08 15:28 . 2015-08-25 14:24 6884984 ----a-w- c:\windows\system32\nvcpl.dll 2015-09-08 15:28 . 2015-08-25 12:35 5165808 ----a-w- c:\windows\system32\nvcoproc.bin 2015-09-08 15:27 . 2015-08-25 18:46 944736 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2015-09-08 15:27 . 2015-08-25 18:46 3527696 ----a-w- c:\windows\system32\nvapi64.dll 2015-09-08 15:27 . 2015-08-25 18:46 3112904 ----a-w- c:\windows\SysWow64\nvapi.dll 2015-09-08 15:27 . 2015-08-25 18:46 176904 ----a-w- c:\windows\system32\nvinitx.dll 2015-09-08 15:27 . 2015-08-25 18:46 155792 ----a-w- c:\windows\SysWow64\nvinit.dll 2015-09-08 15:27 . 2015-08-25 18:46 12515016 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2015-09-08 15:27 . 2015-08-25 18:46 1106672 ----a-w- c:\windows\system32\nvumdshimx.dll 2015-09-08 15:27 . 2015-08-07 11:06 3518248 ----a-w- c:\windows\system32\SET40B6.tmp 2015-09-08 15:27 . 2015-08-07 11:06 1898104 ----a-w- c:\windows\system32\nvdispco6435560.dll 2015-09-08 15:27 . 2015-08-07 11:06 177088 ----a-w- c:\windows\system32\SET44B3.tmp 2015-09-08 15:27 . 2015-08-07 11:06 1558832 ----a-w- c:\windows\system32\nvdispgenco6435560.dll 2015-09-08 15:27 . 2015-08-07 11:06 1104440 ----a-w- c:\windows\system32\SET46DA.tmp 2015-09-08 15:11 . 2015-09-08 15:12 -------- d-----w- c:\program files\CCleaner 2015-09-08 15:00 . 2015-09-08 15:00 -------- d-----w- c:\programdata\Orbit 2015-09-08 14:56 . 2015-09-08 15:34 -------- d-----w- c:\windows\Panther 2015-09-08 14:46 . 2015-09-08 14:46 -------- d-----w- c:\programdata\RegInOut 2015-09-08 14:46 . 2015-09-08 14:46 -------- d-----w- c:\program files (x86)\RegInOut System Utilities 2015-09-08 14:28 . 2010-05-26 09:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll 2015-09-08 14:28 . 2010-05-26 09:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll 2015-09-08 14:28 . 2010-05-26 09:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll 2015-09-08 14:28 . 2010-05-26 09:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll 2015-09-08 14:28 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll 2015-09-08 14:28 . 2010-05-26 09:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll 2015-09-08 14:28 . 2015-08-27 00:37 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll 2015-09-08 14:28 . 2015-08-27 00:37 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2015-09-08 14:28 . 2015-08-27 00:36 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll 2015-09-08 14:28 . 2015-08-27 00:36 1710568 ----a-w- c:\windows\system32\nvspcap64.dll 2015-09-08 14:28 . 2015-09-08 14:28 -------- d-----w- C:\Gry 2015-09-08 14:17 . 2015-08-20 02:18 11745192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A78FDA67-719D-45C9-A8C9-C8AD467F1313}\mpengine.dll 2015-09-08 14:17 . 2015-06-23 11:30 300704 ------w- c:\windows\system32\MpSigStub.exe 2015-09-08 14:12 . 2015-09-08 14:35 -------- d-----w- c:\program files (x86)\SpeedFan 2015-09-08 14:12 . 2015-09-08 14:12 -------- d-----w- C:\Fraps 2015-09-08 14:08 . 2015-09-08 14:08 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2015-09-08 14:08 . 2015-09-08 14:09 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro 2015-09-08 14:08 . 2015-09-08 14:27 -------- d-----w- c:\programdata\DAEMON Tools Pro 2015-09-08 14:08 . 2015-08-11 12:18 86528 ----a-w- c:\windows\SysWow64\OpenCL.DLL 2015-09-08 14:08 . 2015-08-11 12:18 82432 ----a-w- c:\windows\system32\OpenCL.DLL 2015-09-08 14:06 . 2015-09-08 15:28 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2015-09-08 14:06 . 2015-09-08 15:34 -------- d-----w- c:\programdata\NVIDIA Corporation 2015-09-08 14:06 . 2015-08-11 04:52 72504 ----a-w- c:\windows\system32\nvaudcap64v.dll 2015-09-08 14:06 . 2015-08-11 04:52 69416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2015-09-08 14:06 . 2015-08-11 04:52 50472 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2015-09-08 14:06 . 2015-09-08 15:28 -------- d-----w- c:\program files\NVIDIA Corporation 2015-09-08 14:05 . 2015-09-08 14:05 -------- d-----w- c:\program files\WinRAR 2015-09-08 14:03 . 2015-09-08 14:03 -------- d-----w- c:\program files (x86)\Google 2015-09-08 14:01 . 2015-09-08 14:01 -------- d-----w- c:\program files (x86)\TP-LINK 2015-09-08 14:01 . 2014-03-25 18:14 9113304 ----a-w- c:\windows\system32\drivers\rtsuvc.sys 2015-09-08 14:01 . 2015-09-08 14:01 -------- d-----w- c:\program files (x86)\Realtek 2015-09-08 14:01 . 2014-03-25 18:14 6340312 ----a-w- c:\windows\RTFTrack.exe 2015-09-08 14:01 . 2014-03-25 18:14 472792 ----a-w- c:\windows\system32\RtCamX64.dll 2015-09-08 14:01 . 2014-03-25 18:14 419032 ----a-w- c:\windows\SysWow64\RtCamX.dll 2015-09-08 14:01 . 2014-03-25 18:14 2628312 ----a-w- c:\windows\RtCamU64.exe 2015-09-08 14:00 . 2015-09-08 14:01 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information 2015-09-08 14:00 . 2014-05-23 14:37 1930240 ----a-w- c:\windows\system32\drivers\athurx.sys 2015-09-08 14:00 . 2014-05-23 14:37 1930240 ----a-w- c:\windows\system32\athurx.sys 2015-09-08 14:00 . 2015-09-08 14:01 -------- d-----w- c:\programdata\TP-LINK 2015-09-08 14:00 . 2013-08-21 13:16 53248 ----a-w- c:\windows\SysWow64\CSVer.dll 2015-09-08 13:59 . 2015-09-08 14:08 -------- d-----w- c:\program files (x86)\Intel 2015-09-08 13:59 . 2014-03-06 08:08 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll 2015-09-08 13:59 . 2015-09-08 14:26 -------- d-----w- C:\Intel 2015-09-08 13:59 . 2015-09-08 14:00 -------- d-----w- C:\drivers 2015-09-08 13:59 . 2014-03-06 08:08 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2015-09-08 13:59 . 2014-03-06 08:08 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys 2015-09-08 13:59 . 2014-03-06 08:08 791024 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys 2015-09-08 13:59 . 2014-03-06 08:08 370672 ----a-w- c:\windows\system32\drivers\iusb3hub.sys 2015-09-05 08:09 . 2015-09-05 08:09 105984 ----a-w- c:\windows\system32\frapsv64.dll 2015-09-05 08:09 . 2015-09-05 08:09 94208 ----a-w- c:\windows\SysWow64\frapsvid.dll . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480] "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-08-19 8455960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-03-06 292848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2015-9-8 847872] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . R3 IntcDAud;Audio dla wyświetlaczy Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x] S3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-09-08 14:03 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\45.0.2454.85\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2015-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08 14:03] . 2015-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08 14:03] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-27 2634872] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-27 1710568] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.0.1 . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2015-09-08 18:15:26 ComboFix-quarantined-files.txt 2015-09-08 16:15 . Przed: 174 950 629 376 bajtów wolnych Po: 174 886 039 552 bajtów wolnych . - - End Of File - - EFE5F62D9C154CE250B1FA570D33AC69 A36C5E4F47E84449FF07ED3517B43A31