ComboFix 16-11-13.01 - familia żuk 2016-11-24  12:57:35.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.2428.1268 [GMT 1:00]
Uruchomiony z: c:\users\familia żuk\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2016-10-24 do 2016-11-24  )))))))))))))))))))))))))))))))
.
.
2016-11-24 12:09 . 2016-11-24 12:09	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-11-24 10:32 . 2016-11-24 10:32	--------	d-----w-	c:\users\familia żuk\AppData\Roaming\Malwarebytes
2016-11-24 10:32 . 2012-12-14 15:49	21104	----a-w-	c:\windows\system32\drivers\mbam.sys
2016-11-24 10:27 . 2016-11-24 10:40	--------	d-----w-	C:\FRST
2016-11-03 07:32 . 2016-11-03 07:32	--------	d-----w-	c:\windows\Options
2016-11-03 07:32 . 2016-11-03 07:32	--------	d-----w-	c:\program files\Atheros
2016-11-03 07:32 . 2016-11-03 07:33	--------	d-----w-	c:\programdata\Atheros
2016-11-03 07:32 . 2016-11-03 07:32	--------	d-----w-	c:\users\familia żuk\AppData\Roaming\InstallShield
2016-11-02 23:36 . 2011-03-07 10:22	1801216	----a-w-	c:\windows\system32\drivers\athr.sys
2016-11-02 23:36 . 2011-03-07 10:22	1801216	----a-w-	c:\windows\system32\athr.sys
2016-11-02 23:29 . 2016-11-02 23:29	--------	d-----w-	c:\programdata\CrystalIdea Software
2016-11-01 23:34 . 2016-11-01 23:40	--------	d-----w-	c:\program files\CCleaner
2016-11-01 23:33 . 2016-11-01 23:39	--------	d-----w-	c:\users\familia żuk\AppData\Local\Google
2016-11-01 23:33 . 2016-11-01 23:34	--------	d-----w-	c:\program files\Google
2016-11-01 22:39 . 2016-11-01 22:39	--------	d-----w-	c:\program files\MSXML 4.0
2016-10-28 10:03 . 2009-08-24 19:08	28160	----a-w-	c:\windows\system32\DfSdkBt.exe
2016-10-28 09:46 . 2016-10-28 10:11	--------	d-----w-	c:\programdata\Malwarebytes
2016-10-28 09:25 . 2016-10-28 09:25	--------	d-----w-	c:\users\familia żuk\AppData\Local\Programs
2016-10-28 09:17 . 2016-11-02 07:36	--------	d-----w-	c:\users\familia żuk\AppData\Local\CrashDumps
2016-10-28 09:17 . 2016-11-01 22:43	--------	d-----w-	c:\users\familia żuk\AppData\Local\OLYMPUS
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-07 19:16 . 2016-10-07 12:09	796352	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2016-11-07 19:16 . 2016-10-07 12:09	142528	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2016-10-14 09:07 . 2016-10-14 09:07	646144	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2016-10-14 09:07 . 2016-10-14 09:07	194048	----a-w-	c:\windows\system32\elshyph.dll
2016-10-14 09:07 . 2016-10-14 09:07	645120	----a-w-	c:\windows\system32\jsIntl.dll
2016-10-14 09:07 . 2016-10-14 09:07	1950720	----a-w-	c:\windows\system32\wininet.dll
2016-10-14 09:07 . 2016-10-14 09:07	182272	----a-w-	c:\windows\system32\msls31.dll
2016-10-14 09:07 . 2016-10-14 09:07	62464	----a-w-	c:\windows\system32\tdc.ocx
2016-10-14 09:07 . 2016-10-14 09:07	60416	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2016-10-14 09:07 . 2016-10-14 09:07	341504	----a-w-	c:\windows\system32\html.iec
2016-10-14 09:07 . 2016-10-14 09:07	62464	----a-w-	c:\windows\system32\iesetup.dll
2016-10-14 09:07 . 2016-10-14 09:07	24576	----a-w-	c:\windows\system32\licmgr10.dll
2016-10-14 09:07 . 2016-10-14 09:07	2052608	----a-w-	c:\windows\system32\inetcpl.cpl
2016-10-14 09:07 . 2016-10-14 09:07	1155072	----a-w-	c:\windows\system32\mshtmlmedia.dll
2016-10-14 09:07 . 2016-10-14 09:07	503808	----a-w-	c:\windows\system32\vbscript.dll
2016-10-14 09:07 . 2016-10-14 09:07	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2016-10-14 09:07 . 2016-10-14 09:07	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2016-10-14 09:07 . 2016-10-14 09:07	151552	----a-w-	c:\windows\system32\iexpress.exe
2016-10-14 09:07 . 2016-10-14 09:07	139264	----a-w-	c:\windows\system32\wextract.exe
2016-10-14 09:07 . 2016-10-14 09:07	13312	----a-w-	c:\windows\system32\mshta.exe
2016-10-14 09:07 . 2016-10-14 09:07	115712	----a-w-	c:\windows\system32\ieUnatt.exe
2016-10-14 09:07 . 2016-10-14 09:07	74240	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2016-10-14 09:07 . 2016-10-14 09:07	64000	----a-w-	c:\windows\system32\MshtmlDac.dll
2016-10-14 09:07 . 2016-10-14 09:07	620032	----a-w-	c:\windows\system32\jscript9diag.dll
2016-10-14 09:07 . 2016-10-14 09:07	47616	----a-w-	c:\windows\system32\ieetwproxystub.dll
2016-10-14 09:07 . 2016-10-14 09:07	36352	----a-w-	c:\windows\system32\imgutil.dll
2016-10-14 09:07 . 2016-10-14 09:07	111616	----a-w-	c:\windows\system32\IEAdvpack.dll
2016-10-14 09:07 . 2016-10-14 09:07	102912	----a-w-	c:\windows\system32\ieetwcollector.exe
2016-10-14 09:07 . 2016-10-14 09:07	86016	----a-w-	c:\windows\system32\iesysprep.dll
2016-10-14 09:07 . 2016-10-14 09:07	48640	----a-w-	c:\windows\system32\mshtmler.dll
2016-10-14 09:07 . 2016-10-14 09:07	4305920	----a-w-	c:\windows\system32\jscript9.dll
2016-10-14 09:02 . 2016-10-14 09:02	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-10-14 09:02 . 2016-10-14 09:02	1158144	----a-w-	c:\windows\system32\XpsPrint.dll
2016-10-14 09:02 . 2016-10-14 09:02	364544	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2016-10-14 09:02 . 2016-10-14 09:02	3419136	----a-w-	c:\windows\system32\d2d1.dll
2016-10-14 09:02 . 2016-10-14 09:02	249856	----a-w-	c:\windows\system32\d3d10_1core.dll
2016-10-14 09:02 . 2016-10-14 09:02	220160	----a-w-	c:\windows\system32\d3d10core.dll
2016-10-14 09:02 . 2016-10-14 09:02	207872	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2016-10-14 09:02 . 2016-10-14 09:02	161792	----a-w-	c:\windows\system32\d3d10_1.dll
2016-10-14 09:02 . 2016-10-14 09:02	1080832	----a-w-	c:\windows\system32\d3d10.dll
2016-10-14 09:02 . 2016-10-14 09:02	293376	----a-w-	c:\windows\system32\dxgi.dll
2016-10-14 09:02 . 2016-10-14 09:02	187392	----a-w-	c:\windows\system32\UIAnimation.dll
2016-10-08 13:49 . 2009-07-14 02:05	152576	----a-w-	c:\windows\system32\msclmd.dll
2016-09-22 09:58 . 2016-10-07 12:19	9837072	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{20156CB3-E1B4-4F31-94EB-1DA5932CECC3}\mpengine.dll
2016-09-02 15:21 . 2016-10-11 15:38	4000488	----a-w-	c:\windows\system32\ntkrnlpa.exe
2016-09-02 15:21 . 2016-10-11 15:38	3944680	----a-w-	c:\windows\system32\ntoskrnl.exe
2016-09-02 15:21 . 2016-10-11 15:38	67304	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2016-09-02 15:21 . 2016-10-11 15:38	137960	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2016-09-02 15:18 . 2016-10-11 15:38	1310528	----a-w-	c:\windows\system32\ntdll.dll
2016-09-02 15:16 . 2016-10-11 15:38	172032	----a-w-	c:\windows\system32\wdigest.dll
2016-09-02 15:16 . 2016-10-11 15:38	65536	----a-w-	c:\windows\system32\TSpkg.dll
2016-09-02 15:16 . 2016-10-11 15:38	400896	----a-w-	c:\windows\system32\srcore.dll
2016-09-02 15:16 . 2016-10-11 15:38	99840	----a-w-	c:\windows\system32\sspicli.dll
2016-09-02 15:16 . 2016-10-11 15:38	43008	----a-w-	c:\windows\system32\srclient.dll
2016-09-02 15:16 . 2016-10-11 15:38	50176	----a-w-	c:\windows\system32\setbcdlocale.dll
2016-09-02 15:16 . 2016-10-11 15:38	254464	----a-w-	c:\windows\system32\schannel.dll
2016-09-02 15:16 . 2016-10-11 15:38	22016	----a-w-	c:\windows\system32\secur32.dll
2016-09-02 15:16 . 2016-10-11 15:38	655360	----a-w-	c:\windows\system32\rpcrt4.dll
2016-09-02 15:16 . 2016-10-11 15:38	141312	----a-w-	c:\windows\system32\rpchttp.dll
2016-09-02 15:16 . 2016-10-11 15:38	260608	----a-w-	c:\windows\system32\msv1_0.dll
2016-09-02 15:16 . 2016-10-11 15:38	223232	----a-w-	c:\windows\system32\ncrypt.dll
2016-09-02 15:16 . 2016-10-11 15:38	60416	----a-w-	c:\windows\system32\msobjs.dll
2016-09-02 15:16 . 2016-10-11 15:38	146432	----a-w-	c:\windows\system32\msaudite.dll
2016-09-02 15:16 . 2016-10-11 15:38	1062912	----a-w-	c:\windows\system32\lsasrv.dll
2016-09-02 15:16 . 2016-10-11 15:38	553472	----a-w-	c:\windows\system32\kerberos.dll
2016-09-02 15:16 . 2016-10-11 15:38	38912	----a-w-	c:\windows\system32\csrsrv.dll
2016-09-02 15:16 . 2016-10-11 15:38	17408	----a-w-	c:\windows\system32\credssp.dll
2016-09-02 15:16 . 2016-10-11 15:38	690688	----a-w-	c:\windows\system32\adtschema.dll
2016-09-02 15:16 . 2016-10-11 15:38	644096	----a-w-	c:\windows\system32\advapi32.dll
2016-09-02 15:16 . 2016-10-11 15:38	6656	----a-w-	c:\windows\system32\apisetschema.dll
2016-09-02 15:16 . 2016-10-11 15:38	50688	----a-w-	c:\windows\system32\appidapi.dll
2016-09-02 14:53 . 2016-10-11 15:38	97792	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2016-09-02 14:53 . 2016-10-11 15:38	29696	----a-w-	c:\windows\system32\appidsvc.dll
2016-09-02 14:53 . 2016-10-11 15:38	16896	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2016-09-02 14:53 . 2016-10-11 15:38	50688	----a-w-	c:\windows\system32\drivers\appid.sys
2016-09-02 14:53 . 2016-10-11 15:38	50176	----a-w-	c:\windows\system32\auditpol.exe
2016-09-02 14:51 . 2016-10-11 15:38	262656	----a-w-	c:\windows\system32\rstrui.exe
2016-09-02 14:49 . 2016-10-11 15:38	226304	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2016-09-02 14:49 . 2016-10-11 15:38	98304	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2016-09-02 14:49 . 2016-10-11 15:38	124416	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2016-09-02 14:49 . 2016-10-11 15:38	36352	----a-w-	c:\windows\system32\cryptbase.dll
2016-09-02 14:49 . 2016-10-11 15:38	22016	----a-w-	c:\windows\system32\lsass.exe
2016-09-02 14:49 . 2016-10-11 15:38	15872	----a-w-	c:\windows\system32\sspisrv.dll
2016-09-02 14:49 . 2016-10-11 15:38	69632	----a-w-	c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-09-28 6889176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-22 343168]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2011-10-14 1571432]
"fspuip"="c:\program files\FSP\fspuip.exe" [2011-08-19 3983216]
"Avira SystrayStartTrigger"="c:\program files\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2016-11-15 60136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2016-10-08 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2010-10-07 12:05	170624	----a-w-	c:\program files\ASUS\ATK Package\ATK Media\DMedia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2010-08-17 12:55	5732992	----a-w-	c:\program files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
2009-06-19 08:29	105016	----a-w-	c:\program files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
.
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
R3 DfSdkS;Defragmentation-Service;d:\programy\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe [2009-08-24 406016]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-10-14 102912]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2011-01-18 197224]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-22 163328]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [2010-07-26 14080]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-03-21 291840]
S2 Avira.ServiceHost;Avira Service Host;c:\program files\Avira\Launcher\Avira.ServiceHost.exe [2016-11-15 349512]
S2 MBAMScheduler;MBAMScheduler;d:\programy\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;d:\programy\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2016-03-01 87568]
S3 fspad_win732;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win732;c:\windows\system32\DRIVERS\fspad_win732.sys [2011-08-19 53616]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 21104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-29 35968]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-11-15 06:55	1364072	----a-w-	c:\program files\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2016-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-07 19:16]
.
2016-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-11-01 23:38]
.
2016-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-11-01 23:38]
.
.
------- Skan uzupełniający -------
.
TCP: DhcpNameServer = 192.168.100.1
FF - ProfilePath - c:\users\familia żuk\AppData\Roaming\Mozilla\Firefox\Profiles\6uz46i6t.default-1479336814404\
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
d:\programy\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Avira\Launcher\Avira.Systray.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\DllHost.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Czas ukończenia: 2016-11-24  13:18:19 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2016-11-24 12:18
.
Przed: 51 538 952 192 bajtów wolnych
Po: 51 309 494 272 bajtów wolnych
.
- - End Of File - - B2B2A7D5EAB2F83351CE24BBC00F4712
A36C5E4F47E84449FF07ED3517B43A31