ComboFix 16-08-15.01 - Shiroe 2016-08-15  15:25:49.1.2 - x86
Microsoft Windows 8 Pro  6.2.9200.0.1250.48.1045.18.2046.1477 [GMT 2:00]
Uruchomiony z: c:\users\Shiroe\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2016-07-15 do 2016-08-15  )))))))))))))))))))))))))))))))
.
.
2016-08-15 13:29 . 2016-08-15 13:29	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-08-15 13:09 . 2016-08-15 13:09	29904	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3782BB6F-B5B3-4F54-A1F1-560003BA6E77}\MpKsl16d9b8f2.sys
2016-08-15 13:05 . 2016-08-15 13:06	--------	d-----w-	C:\FRST
2016-08-15 09:54 . 2012-06-23 23:25	6762896	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3782BB6F-B5B3-4F54-A1F1-560003BA6E77}\mpengine.dll
2016-08-14 17:26 . 2016-08-14 17:41	--------	d-----w-	c:\program files\Google
2016-08-10 18:24 . 2016-08-10 18:24	--------	d-----w-	c:\programdata\Riot Games
2016-08-09 23:32 . 2010-06-02 02:55	74072	----a-w-	c:\windows\system32\XAPOFX1_5.dll
2016-08-09 23:21 . 2016-08-09 22:37	--------	d-----w-	c:\windows\Panther
2016-08-09 23:14 . 2016-08-09 23:14	--------	d-----w-	c:\program files\Reference Assemblies
2016-08-09 23:14 . 2016-08-09 23:14	--------	d-----w-	c:\program files\MSBuild
2016-08-09 23:13 . 2016-08-09 23:13	--------	d-----w-	c:\windows\system32\XPSViewer
2016-08-09 23:12 . 2012-07-06 02:02	778856	----a-w-	c:\windows\system32\PresentationNative_v0300.dll
2016-08-09 23:12 . 2012-07-06 02:02	35400	----a-w-	c:\windows\system32\TsWpfWrp.exe
2016-08-09 23:12 . 2012-07-06 02:02	102528	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-09 23:05 . 2016-08-09 23:08	111960	----a-w-	c:\windows\dxsdkuninst.exe
2016-08-09 23:05 . 2016-08-09 23:33	--------	d-----w-	c:\program files\Microsoft DirectX SDK (June 2010)
2016-08-09 23:00 . 2009-09-04 15:29	1892184	----a-w-	c:\windows\system32\D3DX9_42.dll
2016-08-09 23:00 . 2006-09-28 14:05	2414360	----a-w-	c:\windows\system32\d3dx9_31.dll
2016-08-09 22:59 . 2016-08-09 22:59	--------	d-----w-	c:\program files\Common Files\PX Storage Engine
2016-08-09 22:56 . 2016-08-09 22:56	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2016-08-09 22:53 . 2010-05-26 09:41	470880	----a-w-	c:\windows\system32\d3dx10_43.dll
2016-08-09 22:53 . 2010-05-26 09:41	248672	----a-w-	c:\windows\system32\d3dx11_43.dll
2016-08-09 22:53 . 2010-05-26 09:41	1998168	----a-w-	c:\windows\system32\D3DX9_43.dll
2016-08-09 22:52 . 2014-07-25 14:01	1291280	----a-w-	c:\windows\system32\nvspbridge.dll
2016-08-09 22:52 . 2014-07-25 14:01	1126480	----a-w-	c:\windows\system32\nvspcap.dll
2016-08-09 22:52 . 2016-08-09 22:52	--------	d-----w-	c:\program files\AGEIA Technologies
2016-08-09 22:51 . 2014-07-02 17:39	609240	----a-w-	c:\windows\system32\nvStreaming.exe
2016-08-09 22:51 . 2016-08-15 12:43	--------	d-----w-	c:\programdata\NVIDIA
2016-08-09 22:51 . 2014-07-02 19:42	4389848	----a-w-	c:\windows\system32\nvcpl.dll
2016-08-09 22:51 . 2014-07-02 19:42	3063256	----a-w-	c:\windows\system32\nvsvc.dll
2016-08-09 22:51 . 2014-07-02 19:42	670552	----a-w-	c:\windows\system32\nvvsvc.exe
2016-08-09 22:51 . 2014-07-02 19:42	62936	----a-w-	c:\windows\system32\nvshext.dll
2016-08-09 22:51 . 2014-07-02 19:42	377288	----a-w-	c:\windows\system32\nvmctray.dll
2016-08-09 22:51 . 2014-07-02 19:42	2556360	----a-w-	c:\windows\system32\nvsvcr.dll
2016-08-09 22:51 . 2014-07-02 05:14	3826628	----a-w-	c:\windows\system32\nvcoproc.bin
2016-08-09 22:51 . 2014-07-02 20:54	61728	----a-w-	c:\windows\system32\OpenCL.dll
2016-08-09 22:51 . 2016-08-11 01:34	--------	d-----w-	c:\programdata\NVIDIA Corporation
2016-08-09 22:48 . 2016-08-09 22:52	--------	d-----w-	c:\program files\NVIDIA Corporation
2016-08-09 22:47 . 2016-08-09 22:47	--------	d-----w-	C:\NVIDIA
2016-08-09 22:47 . 2016-08-09 22:47	--------	d-----w-	c:\windows\system32\RTCOM
2016-08-09 22:43 . 2016-08-09 22:43	--------	d-----w-	c:\program files\Intel
2016-08-09 22:43 . 2010-03-02 08:04	53248	----a-w-	c:\windows\system32\CSVer.dll
2016-08-09 22:43 . 2016-08-09 22:43	--------	d-----w-	C:\Intel
2016-08-09 22:41 . 2016-08-09 22:41	--------	d-----r-	C:\Windows Activation Technologies
2016-08-09 22:41 . 2012-10-21 23:48	92160	----a-w-	c:\windows\system32\SLCHook.dll
2016-08-09 22:40 . 2016-08-09 22:40	--------	d-----w-	c:\windows\KJ
2016-08-09 22:37 . 2016-08-09 22:38	--------	d-----w-	c:\programdata\PRICache
2016-08-09 22:37 . 2016-08-09 22:37	--------	d-----w-	c:\users\Shiroe
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\users\Default\Ustawienia lokalne
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\users\Default\Szablony
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\users\Default\Menu Start
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\users\Default\Dane aplikacji
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\users\Default\AppData\Local\Historia
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\users\Default\AppData\Local\Dane aplikacji
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\programdata\Szablony
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\programdata\Pulpit
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\programdata\Menu Start
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\programdata\Dokumenty
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\programdata\Dane aplikacji
2016-08-09 22:28 . 2016-08-09 22:28	--------	d-sh--we	c:\users\Default\Moje dokumenty
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-08-09 22:37 . 2012-07-26 06:53	24800	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-07-25 1126480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"disablecad"= 1 (0x1)
.
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2015-09-16 1839000]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
S1 MpKsl16d9b8f2;MpKsl16d9b8f2;c:\programdata\Microsoft\Windows Defender\Definition Updates\{3782BB6F-B5B3-4F54-A1F1-560003BA6E77}\MpKsl16d9b8f2.sys [2016-08-15 29904]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 17536800]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 19232]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-03-31 34080]
S3 RTL8168;Sterownik Realtek 8168 NT;c:\windows\system32\DRIVERS\Rt630x86.sys [2012-07-25 495104]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-08-14 17:41	1262408	----a-w-	c:\program files\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2016-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-09 23:09]
.
2016-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-08-14 18:33]
.
2016-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-08-14 18:33]
.
.
------- Skan uzupełniający -------
.
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
FF - ProfilePath - c:\users\Shiroe\AppData\Roaming\Mozilla\Firefox\Profiles\8b1qnq2o.default\
FF - prefs.js: browser.search.selectedEngine - yessearches
FF - prefs.js: browser.startup.homepage - about:home
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'Explorer.exe'(4740)
c:\windows\system32\nvspcap.dll
.
Czas ukończenia: 2016-08-15  15:30:12
ComboFix-quarantined-files.txt  2016-08-15 13:30
.
Przed: 63 576 252 416 bytes free
Po: 63 502 876 672 bytes free
.
- - End Of File - - 350DFCC739E5328C94D532B668BE2431
A36C5E4F47E84449FF07ED3517B43A31