ComboFix 14-12-14.01 - Pablo 2014-12-19   6:30.3.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1033.18.8086.6379 [GMT 1:00]
Uruchomiony z: c:\users\Pablo\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2014-11-19 do 2014-12-19  )))))))))))))))))))))))))))))))
.
.
2014-12-19 05:41 . 2014-12-19 05:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-19 04:31 . 2014-12-19 04:31 -------- d-s---w- c:\windows\SysWow64\Microsoft
2014-12-19 03:36 . 2014-12-19 03:36 -------- d-----w- c:\programdata\Malwarebytes
2014-12-19 03:11 . 2014-12-19 03:11 -------- d-----w- c:\program files (x86)\ESET
2014-12-19 02:59 . 2014-12-19 03:02 -------- d-----w- c:\windows\SysWow64\vbox
2014-12-19 02:59 . 2014-12-19 03:02 -------- d-----w- c:\windows\system32\vbox
2014-12-19 02:57 . 2014-12-19 02:57 43152 ----a-w- c:\windows\avastSS.scr
2014-12-19 02:55 . 2014-12-19 02:55 -------- d-----w- c:\program files\AVAST Software
2014-12-19 02:54 . 2014-12-19 02:55 -------- d-----w- c:\programdata\AVAST Software
2014-12-19 01:39 . 2014-12-19 01:39 -------- d-----w- c:\windows\system32\log
2014-12-19 01:39 . 2014-12-19 03:07 -------- d-----w- c:\program files (x86)\Elex-tech
2014-12-19 01:14 . 2014-12-19 02:09 -------- d-----w- c:\programdata\Package Cache
2014-12-19 00:11 . 2013-10-31 15:08 134144 ----a-w- c:\windows\SysWow64\GFSDK_SSAO.win32.dll
2014-12-19 00:11 . 2013-10-31 15:08 134144 ----a-w- c:\windows\system32\GFSDK_SSAO.win32.dll
2014-12-19 00:05 . 2014-11-22 10:46 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-12-19 00:05 . 2014-11-22 10:46 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-12-18 23:36 . 2014-12-18 23:36 -------- d-----w- c:\programdata\Orbit
2014-12-18 23:27 . 2014-12-18 23:34 -------- d-----w- c:\programdata\Origin
2014-12-18 23:27 . 2014-12-18 23:27 -------- d-----w- c:\programdata\Electronic Arts
2014-12-18 02:24 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2014-12-18 02:19 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-12-18 02:19 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-12-18 02:14 . 2014-12-15 03:13 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52044393-30BD-4515-9596-310F172D2778}\mpengine.dll
2014-12-18 01:32 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-12-18 01:32 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-12-18 01:32 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-12-18 01:32 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-12-18 01:32 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-12-18 01:32 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-12-18 01:32 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-12-18 01:32 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-12-17 21:59 . 2010-06-02 03:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2014-12-17 21:59 . 2010-06-02 03:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2014-12-17 19:41 . 2014-12-05 11:45 528184 ----a-w- c:\windows\system32\uplay_r1_loader64.dll
2014-12-17 19:40 . 2014-12-05 11:45 528184 ----a-w- c:\windows\SysWow64\uplay_r1_loader64.dll
2014-12-17 18:23 . 2014-12-17 20:21 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-12-17 15:31 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2014-12-17 15:31 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2014-12-17 15:31 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-12-17 15:31 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-12-17 13:46 . 2014-12-17 13:46 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-12-17 13:46 . 2014-12-17 13:46 -------- d-----w- c:\programdata\Napisy24
2014-12-17 13:46 . 2014-12-17 13:46 -------- d-----w- c:\program files (x86)\Napisy24
2014-12-17 13:46 . 2014-12-17 13:50 -------- d-----w- c:\program files (x86)\NapiProjekt
2014-12-17 13:46 . 2013-04-05 19:26 276992 ----a-w- c:\windows\SysWow64\BugTrap.dll
2014-12-17 13:46 . 2011-06-02 00:10 644608 ----a-w- c:\windows\SysWow64\xvidcore.dll
2014-12-17 13:46 . 2007-10-07 13:36 258048 ----a-w- c:\windows\SysWow64\libFLAC.dll
2014-12-17 13:46 . 2013-04-05 19:26 2106368 ----a-w- c:\windows\SysWow64\ac3filter.ax
2014-12-17 13:45 . 2014-12-17 13:46 -------- d-----w- c:\program files (x86)\ALLPlayer
2014-12-17 13:45 . 2014-12-17 13:46 -------- d-----w- c:\programdata\ALLPlayer
2014-12-17 13:23 . 2014-12-17 13:23 -------- d-----w- c:\program files\ESET
2014-12-13 01:24 . 2014-12-12 16:31 -------- d-----w- c:\windows\Panther
2014-12-12 22:34 . 2014-12-17 13:13 -------- d-----w- c:\program files (x86)\Opera
2014-12-12 21:54 . 2014-12-12 21:54 -------- d-----w- c:\program files\TeamSpeak 3 Client
2014-12-12 19:41 . 2014-12-12 19:41 -------- d-----w- c:\windows\SysWow64\Macromed
2014-12-12 19:41 . 2014-12-12 19:41 -------- d-----w- c:\windows\system32\Macromed
2014-12-12 19:19 . 2014-12-12 19:19 -------- d-----w- c:\windows\SysWow64\NV
2014-12-12 19:19 . 2014-12-12 19:19 -------- d-----w- c:\windows\system32\NV
2014-12-12 19:16 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-12-12 19:16 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-12-12 19:16 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-12-12 19:16 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-12-12 19:15 . 2014-12-13 00:12 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-12-12 19:15 . 2014-12-13 00:12 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-12-12 19:15 . 2014-12-13 00:12 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-12 19:15 . 2014-12-13 00:12 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-12-12 19:15 . 2014-12-12 19:15 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-12-12 19:14 . 2014-11-12 20:46 615624 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-12 19:01 . 2014-12-12 19:01 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-12-12 18:54 . 2014-12-12 18:54 -------- d-----w- C:\NVIDIA
2014-12-12 18:41 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2014-12-12 18:41 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2014-12-12 17:56 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2014-12-12 17:56 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2014-12-12 17:56 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2014-12-12 17:56 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2014-12-12 17:56 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-12-12 17:56 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2014-12-12 17:56 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-12-12 17:56 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-12-12 17:56 . 2010-02-04 09:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2014-12-12 17:56 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2014-12-12 17:56 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2014-12-12 17:56 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-12-12 17:47 . 2014-12-12 21:51 -------- d-----w- c:\program files (x86)\Farming Simulator 2015
2014-12-12 17:46 . 2014-12-12 17:46 -------- d-----w- c:\programdata\IHProtectUpDate
2014-12-12 17:43 . 2014-12-12 17:43 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-12-12 17:43 . 2014-12-12 17:43 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-12-12 17:43 . 2014-12-12 17:43 -------- d-----w- c:\program files\WinRAR
2014-12-12 17:43 . 2014-12-12 17:44 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-12-12 17:29 . 2014-12-12 17:30 -------- d-----w- c:\program files (x86)\Google
2014-12-12 17:26 . 2014-12-12 17:26 -------- d--h--w- c:\windows\system32\WLANProfiles
2014-12-12 17:26 . 2014-12-12 17:26 -------- d-----w- c:\users\Public\Roaming
2014-12-12 17:26 . 2014-12-12 17:26 -------- d-----w- c:\users\Default\Roaming
2014-12-12 17:24 . 2014-12-12 17:27 -------- d-----w- c:\program files\Intel
2014-12-12 17:24 . 2014-12-12 17:24 -------- d-----w- c:\programdata\Intel
2014-12-12 17:24 . 2014-12-12 17:24 -------- d-----w- c:\program files (x86)\Cisco
2014-12-12 17:12 . 2014-12-19 04:15 -------- d-----w- c:\programdata\NVIDIA
2014-12-12 17:10 . 2014-11-13 00:20 989056 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-12-12 17:10 . 2014-11-13 00:20 871648 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-12-12 17:10 . 2014-11-13 00:20 3262784 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-12 17:10 . 2014-11-13 00:20 174856 ----a-w- c:\windows\system32\nvinitx.dll
2014-12-12 17:10 . 2014-11-13 00:20 16884632 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-12 17:10 . 2014-11-13 00:20 156840 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-12-12 17:10 . 2013-01-11 04:45 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2014-12-12 17:10 . 2013-01-11 04:45 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2014-12-12 17:10 . 2014-12-12 19:16 -------- d-----w- c:\program files\NVIDIA Corporation
2014-12-12 17:04 . 2014-12-12 17:16 -------- d-----w- c:\programdata\Dell
2014-12-12 17:03 . 2014-12-12 17:03 -------- d-----w- c:\windows\system32\SRSLabs
2014-12-12 17:03 . 2014-12-12 17:03 -------- d-----w- c:\windows\SysWow64\RTCOM
2014-12-12 17:03 . 2014-12-12 17:03 -------- d-----w- c:\program files\Realtek
2014-12-12 17:01 . 2014-12-12 17:24 -------- d-----w- c:\program files\Common Files\Intel
2014-12-12 17:01 . 2014-12-12 17:01 -------- d-----w- c:\program files (x86)\Common Files\Intel
2014-12-12 16:59 . 2010-11-30 13:02 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-12-12 16:59 . 2010-11-30 13:02 412264 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-12-12 16:59 . 2010-11-30 13:02 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-12-12 16:59 . 2014-12-12 17:02 -------- d-----w- c:\program files (x86)\Realtek
2014-12-12 16:57 . 2014-12-12 17:24 -------- d-----w- c:\program files (x86)\Intel
2014-12-12 16:57 . 2010-10-04 12:02 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2014-12-12 16:56 . 2014-12-12 16:56 -------- d-----w- C:\Dell
2014-12-12 16:40 . 2014-12-12 16:40 -------- d-----w- c:\programdata\Qualcomm Atheros
2014-12-12 16:39 . 2014-12-12 16:39 -------- d-----w- c:\program files (x86)\Marvell
2014-12-12 16:38 . 2014-12-12 16:38 -------- d-----w- c:\program files (x86)\Atheros
2014-12-12 16:37 . 2014-12-12 16:37 -------- d-----w- c:\windows\Options
2014-12-12 16:37 . 2012-04-19 21:56 2811392 ------w- c:\windows\system32\athrx.sys
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - ASWRVRT
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
*Deregistered* - aswHwid
*Deregistered* - aswStm
*Deregistered* - VBoxAswDrv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 17:30 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2014-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 17:29]
.
2014-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 17:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-07 391512]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-05-25 7214696]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2840352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.pl/
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=st9500325as_s2w7qa51xxxxs2w7qa51
mStart Page = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=st9500325as_s2w7qa51xxxxs2w7qa51
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000415
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{109E296E-EC1F-4AE3-98F6-037626BBFE82}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.2.42.3"
"UniqueId"="000EA543549183DD"
"ScannerBuild"=dword:00001aec
"ScannerVersionId"=dword:00001390
"ScannerVersion"="Open window for status."
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2014-12-19  06:45:49
ComboFix-quarantined-files.txt  2014-12-19 05:45
ComboFix2.txt  2014-12-19 03:46
.
Przed: 136 035 147 776 bytes free
Po: 135 814 238 208 bytes free
.
- - End Of File - - FA99F77FA459D76628BEAC13DA854A53
A36C5E4F47E84449FF07ED3517B43A31