Jak w temacie
Przeczytaj regulamin działu, bo tam znajdziesz informację jakie logi są obowiązkowe.
Sorry nie dotyczałem…
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-06-2015
Ran by Łukasz (administrator) on ŁUKASZ-KOMPUTER on 05-06-2015 21:32:46
Running from C:\Dokumenty\różne\rozne
Loaded Profiles: Łukasz (Available Profiles: Łukasz)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Electronic Arts) C:\Program Files\Origin\Origin.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
() C:\Program Files\Swift Record\updateSwiftRecord.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Łukasz\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\Swift Record\bin\utilSwiftRecord.exe
() C:\Program Files\Swift Record\bin\SwiftRecord.expext.exe
() C:\Program Files\Swift Record\bin\SwiftRecord.BrowserAdapter.exe
() C:\Program Files\Swift Record\bin\SwiftRecord.PurBrowse.exe
() C:\Users\Łukasz\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-04] (Avast Software s.r.o.)
HKLM…\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3632472 2015-06-03] (Electronic Arts)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3579120 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [GenieoUpdaterService] => C:\Users\Łukasz\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe [294240 2014-10-20] ()
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [GenieoSystemTray] => C:\Users\Łukasz\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe [539488 2014-10-20] ()
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe [927920 2015-04-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\MountPoints2: {30621727-062f-11e5-b502-6cf049dda8be} - J:\setup.exe
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\MountPoints2: {30621730-062f-11e5-b502-6cf049dda8be} - K:\setup.exe
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\MountPoints2: {88fedd80-0a90-11e5-8a6a-6cf049dda8be} - J:\setup.exe
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\MountPoints2: {d3c806b6-9d46-11e4-86fd-6cf049dda8be} - J:\SETUP.EXE
HKU\S-1-5-18…\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-04] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150425
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515&q={searchTerms}
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515&q={searchTerms}
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [https://pl.search.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150529__yaie](https://pl.search.yahoo.com/?fr=vmn&type=vmn webcompa 1_0 ya hp_WCYID10099_swoc_campaign_150529__yaie)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = [https://pl.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150529__yaie&p={searchTerms}](https://pl.search.yahoo.com/search?fr=vmn&type=vmn webcompa 1_0 ya ch_WCYID10099_swoc_campaign_150529__yaie&p=%7BsearchTerms%7D)
BHO: Swift Record 1.0.0.7 -> {0759d61f-3673-416f-85d2-58b847e78ddf} -> C:\Program Files\Swift Record\SwiftRecordbho.dll [2015-05-04] (Swift Record)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-04] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)
Winsock: Catalog9 21 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 172.20.0.1
FireFox:
========
FF ProfilePath: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default
FF NewTab: [https://pl.search.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150529__yaff](https://pl.search.yahoo.com/?fr=vmn&type=vmn webcompa 1_0 ya hp_WCYID10099_swoc_campaign_150529__yaff)
FF DefaultSearchEngine: Google encrypted
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.interia.pl/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2855642920-2160073068-4100759413-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Łukasz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default\user.js [2015-06-04]
FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default\searchplugins\google-encrypted.xml [2015-05-30]
FF Extension: Swift Record 1.0.1 - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default\Extensions{a1469707-fecc-4e6d-be13-e11acacabc84}.xpi [2015-06-04]
FF Extension: Adblock Plus - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-27]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM…\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-28]
Chrome:
=======
CHR Profile: C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-14]
CHR Extension: (Swift Record) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfgphdklgockflchaejindiafjcbbdl [2015-06-04]
CHR Extension: (Google Docs) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-14]
CHR Extension: (Google Drive) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-14]
CHR Extension: (YouTube) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-14]
CHR Extension: (Adblock Plus) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-04]
CHR Extension: (Google Search) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-14]
CHR Extension: (Google Sheets) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-14]
CHR Extension: (Bookmark Manager) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]
CHR Extension: (Avast Online Security) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-14]
CHR Extension: (Google Wallet) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-14]
CHR Extension: (Gmail) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-14]
CHR HKLM…\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-04]
CHR HKLM…\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-04] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-06-04] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1026288 2015-05-21] (Disc Soft Ltd)
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
S3 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1997168 2015-06-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-12-04] ()
R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
R2 Update Swift Record; C:\Program Files\Swift Record\updateSwiftRecord.exe [462576 2015-06-05] ()
R2 Util Swift Record; C:\Program Files\Swift Record\bin\utilSwiftRecord.exe [462576 2015-06-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2014-10-28] (Advanced Micro Devices Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-06-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-06-04] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-04] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-04] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-05-29] (Disc Soft Ltd)
R1 networx; C:\Windows\System32\drivers\networx.sys [55288 2014-08-01] (NetFilterSDK.com)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204448 2010-05-24] (Realtek Semiconductor Corp.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-04] (Avast Software)
R1 {a1469707-fecc-4e6d-be13-e11acacabc84}Gw; C:\Windows\System32\drivers{a1469707-fecc-4e6d-be13-e11acacabc84}Gw.sys [43152 2015-06-03] (StdLib)
S1 iSafeKrnlMon; ??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-04 17:33 - 2015-06-04 17:33 - 00000000 ____D C:\Windows\system32\vbox
2015-06-04 12:55 - 2015-06-04 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 2
2015-06-04 12:55 - 2015-06-04 12:55 - 00000776 _____ C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk
2015-06-04 12:39 - 2015-06-04 12:39 - 00002225 _____ C:\Users\Łukasz\Desktop\Genieo.lnk
2015-06-04 12:39 - 2015-06-04 12:39 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Genieo
2015-06-04 12:36 - 2015-06-03 22:38 - 00043152 _____ (StdLib) C:\Windows\system32\Drivers{a1469707-fecc-4e6d-be13-e11acacabc84}Gw.sys
2015-06-04 12:35 - 2015-06-04 13:32 - 00000000 ____D C:\Program Files\Wiedźmin 2
2015-06-04 12:34 - 2015-06-04 12:34 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Genieo
2015-06-04 12:33 - 2015-06-05 21:10 - 00000000 ____D C:\Program Files\Swift Record
2015-06-04 12:33 - 2015-06-04 12:33 - 00001931 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-06-04 12:33 - 2015-06-04 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-06-04 12:33 - 2015-06-04 12:33 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-06-04 11:02 - 2015-06-04 11:02 - 00000000 ____D C:\Users\Łukasz\AppData\Local\GWX
2015-06-04 10:11 - 2015-06-04 10:11 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-04 10:11 - 2015-06-04 10:11 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-30 12:33 - 2015-05-30 12:33 - 00000000 _____ C:\Users\Łukasz\Desktop\Nowy dokument tekstowy.txt
2015-05-30 07:22 - 2015-05-30 07:22 - 00000000 ____D C:\Users\Łukasz\AppData\Local\Disc_Soft_Ltd
2015-05-29 21:00 - 2015-05-29 21:00 - 00000000 ____D C:\Users\Łukasz\AppData\Local\The Witcher 2
2015-05-29 20:46 - 2015-05-29 20:46 - 00002880 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-05-29 20:46 - 2015-05-29 20:46 - 00000000 ____D C:\Users\Łukasz\AppData\Local\Lavasoft
2015-05-29 20:45 - 2015-05-29 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-29 20:45 - 2015-05-29 20:45 - 00000000 ____D C:\Program Files\Lavasoft
2015-05-29 20:45 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2015-05-29 20:42 - 2015-05-29 20:43 - 00025016 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-05-29 20:42 - 2015-05-29 20:42 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\RHEng
2015-05-29 20:42 - 2015-05-29 20:42 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Lavasoft
2015-05-29 20:42 - 2015-05-29 20:42 - 00000000 ____D C:\ProgramData\Lavasoft
2015-05-29 20:19 - 2015-06-05 20:06 - 00000952 _____ C:\Windows\setupact.log
2015-05-29 20:19 - 2015-06-04 17:26 - 00008024 _____ C:\Windows\PFRO.log
2015-05-29 20:19 - 2015-05-29 20:19 - 00000000 _____ C:\Windows\setuperr.log
2015-05-29 17:48 - 2015-05-29 17:48 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-29 17:48 - 2015-05-29 17:48 - 00001110 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-29 17:48 - 2015-05-29 17:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-05-29 17:47 - 2015-05-29 17:47 - 00243560 _____ C:\Users\Łukasz\Downloads\Firefox Setup Stub 38.0.1.exe
2015-05-13 03:11 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:59 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 21:59 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 21:59 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 21:58 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-12 21:58 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-12 21:58 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 21:58 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 21:58 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 21:58 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 21:58 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 21:58 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-12 21:58 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 21:58 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-12 21:58 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-12 21:58 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-12 21:58 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-12 21:58 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-12 21:58 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-12 21:58 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-12 21:58 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 21:58 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 21:58 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 21:58 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-12 21:58 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 21:58 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 21:58 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 21:58 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-12 21:58 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-12 21:58 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 21:58 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 21:58 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 21:57 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 21:57 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 21:57 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 21:57 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 21:57 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 21:57 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 21:57 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 21:57 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 21:57 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 21:57 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 21:57 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 21:57 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 21:57 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 21:57 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 21:57 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 21:57 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 21:57 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 21:57 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 21:57 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 21:57 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 21:57 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 21:57 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 21:57 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 21:57 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 21:57 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 21:57 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 21:57 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 21:57 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 21:57 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 21:57 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 21:57 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 21:57 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 21:57 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 21:35 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 21:35 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 21:35 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-12 21:35 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-12 21:35 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-12 21:35 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 21:34 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-05 21:32 - 2015-03-11 22:52 - 00000000 ____D C:\FRST
2015-06-05 21:32 - 2014-10-27 23:06 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-05 21:13 - 2014-12-14 14:55 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-05 21:13 - 2014-10-27 22:17 - 01208795 _____ C:\Windows\WindowsUpdate.log
2015-06-05 20:18 - 2014-12-14 14:55 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-05 20:15 - 2009-07-14 06:34 - 00022240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-05 20:15 - 2009-07-14 06:34 - 00022240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-05 20:10 - 2009-07-14 04:04 - 00000505 _____ C:\Windows\win.ini
2015-06-05 20:07 - 2014-10-28 18:09 - 00000000 ____D C:\ProgramData\Origin
2015-06-05 20:06 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-04 17:30 - 2014-10-29 22:37 - 00000266 __RSH C:\ProgramData\ntuser.pol
2015-06-04 13:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-06-04 12:56 - 2014-10-28 21:57 - 00000000 ___RD C:\Dokumenty
2015-06-04 10:11 - 2014-10-28 00:09 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-06-04 10:11 - 2014-10-28 00:09 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-06-04 10:11 - 2014-10-28 00:09 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-06-04 10:11 - 2014-10-28 00:09 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-06-04 10:11 - 2014-10-28 00:09 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-06-04 10:11 - 2014-10-28 00:09 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-06-04 10:11 - 2014-10-28 00:09 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-06-04 10:11 - 2014-10-28 00:09 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-06-03 16:27 - 2014-10-28 18:11 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Origin
2015-06-03 16:26 - 2015-03-12 12:08 - 00000000 ____D C:\Program Files\Origin
2015-05-31 05:25 - 2014-10-27 23:50 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\vlc
2015-05-30 07:33 - 2014-10-27 23:37 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-05-29 20:48 - 2014-11-04 13:54 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Azureus
2015-05-29 20:44 - 2015-01-16 13:32 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite
2015-05-29 17:48 - 2015-03-29 06:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-05-28 13:19 - 2014-10-28 16:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-27 22:07 - 2015-04-02 19:59 - 00000000 ___RD C:\Program Files\Skype
2015-05-26 05:15 - 2014-12-14 14:56 - 00002136 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-21 03:01 - 2015-04-04 21:16 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-14 20:48 - 2014-10-27 22:43 - 01670518 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-14 20:48 - 2009-09-21 16:32 - 00740422 _____ C:\Windows\system32\perfh015.dat
2015-05-14 20:48 - 2009-09-21 16:32 - 00155996 _____ C:\Windows\system32\perfc015.dat
2015-05-13 21:02 - 2014-10-28 16:22 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 20:59 - 2014-10-28 16:21 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 17:19 - 2014-10-29 22:55 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\GG
2015-05-13 17:15 - 2014-10-29 22:55 - 00000000 ____D C:\Users\Łukasz\AppData\Local\GG
2015-05-13 04:08 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-05-13 03:39 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-13 03:30 - 2009-07-14 06:33 - 00267480 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-13 03:29 - 2014-10-27 23:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 03:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-05-13 03:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 03:06 - 2009-07-14 09:49 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 03:05 - 2014-10-27 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 21:53 - 2014-10-27 22:39 - 00000000 ____D C:\Users\Łukasz
2015-05-07 18:39 - 2015-04-25 14:44 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Raptr
==================== Files in the root of some directories =======
2014-12-04 12:30 - 2014-12-04 12:30 - 0138904 _____ () C:\Users\Łukasz\AppData\Roaming\PnkBstrK.sys
2014-10-30 07:31 - 2014-10-30 07:31 - 0000130 _____ () C:\Users\Łukasz\AppData\Roaming\tmp_register.bat
2014-12-28 19:37 - 2014-12-28 19:37 - 0000000 ____H () C:\Users\Łukasz\AppData\Local\BITFD75.tmp
2014-12-28 19:37 - 2014-12-28 19:39 - 0000000 _____ () C:\Users\Łukasz\AppData\Local{24E96B0B-B7FE-4EE6-928B-014850CE81C8}
Some files in TEMP:
====================
C:\Users\Łukasz\AppData\Local\Temp\bitool.dll
C:\Users\Łukasz\AppData\Local\Temp\i4jdel0.exe
C:\Users\Łukasz\AppData\Local\Temp\InstallGenieo.exe
C:\Users\Łukasz\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-03 16:54
==================== End of log ============================
drugi Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-06-2015
Ran by Łukasz at 2015-06-05 21:33:53
Running from C:\Dokumenty\różne\rozne
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2855642920-2160073068-4100759413-500 - Administrator - Disabled)
Gość (S-1-5-21-2855642920-2160073068-4100759413-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2855642920-2160073068-4100759413-1002 - Limited - Enabled)
Łukasz (S-1-5-21-2855642920-2160073068-4100759413-1001 - Administrator - Enabled) => C:\Users\Łukasz
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with “hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
Ad-Aware Web Companion (Version: 2.0.1013.2086 - Lavasoft) Hidden
Adobe Flash Player 17 ActiveX (HKLM…\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM…\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Polish (HKLM…{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ALLPlayer Pilot (HKLM…{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.2 - ALLPlayer Group, Ltd.)
ALLPlayer V6.X (HKLM…\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.)
AMD Catalyst Install Manager (HKLM…{DE7D695C-2EC7-AFDF-F786-6E938DE83175}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ATI AVIVO Codecs (Version: 11.6.0.50527 - ATI Technologies Inc.) Hidden
Avast Free Antivirus (HKLM…\Avast) (Version: 10.2.2218 - AVAST Software)
CCleaner (HKLM…\CCleaner) (Version: 4.19 - Piriform)
DAEMON Tools Lite (HKLM…\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
do-search uninstall (HKLM…\do-search uninstall) (Version: - do-search) <==== ATTENTION!
Driver Booster 2 (HKLM…\Driver Booster_is1) (Version: 2.0 - IObit)
EA SPORTS FIFA World (HKLM…{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.5.0.61021 - Electronic Arts, Inc.)
e-pity 6.5.1 za rok 2014 (HKLM…{80D8170E-5590-218-B9ED-E24E4C99A18C}_is1) (Version: 6.5.1 - e-file sp. z o.o.)
EVEREST Home Edition v2.20 (HKLM…\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
ffdshow v1.3.4533 [2014-09-29] (HKLM…\ffdshow_is1) (Version: 1.3.4533.0 - )
Genieo (HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\genieo) (Version: 1.0.400 - Genieo Innovation Ltd.) <==== ATTENTION!
GG (HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\GG) (Version: 12 - GG Network S.A.)
Google Chrome (HKLM…\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Java 8 Update 45 (HKLM…{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LavasoftTcpService (Version: 2.3.4.2 - Lavasoft) Hidden
Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM…\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM…{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM…{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM…{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM…{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 pl) (HKLM…\Mozilla Firefox 38.0.1 (x86 pl)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM…\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM…{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM…{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NapiProjekt 2.0.0 (build 2151) (HKLM…\NapiProjekt_is1) (Version: - )
Napisy24 (HKLM…{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 0.95 - Napisy24.pl)
Nero BurnRights 10 (HKLM…{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11200.14.100 - Nero AG)
Nero DiscSpeed 10 (HKLM…{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.11100.9.100 - Nero AG)
Nero InfoTool 10 (HKLM…{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11000.12.100 - Nero AG)
Nero MediaHub 10 (HKLM…{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14400.24.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM…{93C987F5-6563-4D29-A7C0-7DC85471D7C3}) (Version: 10.0.14200 - Nero AG)
Nero StartSmart 10 (HKLM…{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11500.18.100 - Nero AG)
Nero Update (HKLM…{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NetWorx 5.3.3 (HKLM…\NetWorx_is1) (Version: - Softperfect Research)
OpenFM (HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\OpenFM) (Version: 2 - GG Network S.A.)
Origin (HKLM…\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Raptr (HKLM…\Raptr) (Version: - )
Realtek HDMI Audio Driver for ATI (HKLM…{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SimCity 2000 Special Edition (HKLM…{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype Click to Call (HKLM…{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.3 (HKLM…{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SWFPlayer 2.6.2.0 (HKLM…\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)
Swift Record (HKLM…\Swift Record) (Version: 2015.06.04.072503 - Swift Record) <==== ATTENTION
VLC media player (HKLM…\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM…\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
Web Companion (HKLM…{7ADC1B3B-06CB-4EC2-80A7-F063B2C5FE42}_WebCompanion) (Version: 2.0.1013.2086 - Lavasoft)
Wiedźmin 2 (HKLM…{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
WinRAR 5.21 (32-bitowy) (HKLM…\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001_Classes\CLSID{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Łukasz\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
==================== Restore Points =========================
05-06-2015 20:14:42 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1938650C-B4EB-49E0-9F33-EAC92C0D4954} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {4D02BD89-060B-4BFC-BDE5-54C37416EFDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-14] (Google Inc.)
Task: {5F4516A5-559C-4EBD-9A65-01E5E324821F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {618E32AA-FDE1-4D31-A194-6EB2B2782FF1} - System32\Tasks\Driver Booster SkipUAC (Łukasz) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2014-10-22] (IObit)
Task: {6FC44F14-06AD-47A6-A229-39E6E48EFAA5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: {7DD033BD-12D3-41C0-8EA6-9C5D6203C702} - System32\Tasks\e-pity2015_styczen => C:\Program Files\e-file\e-pity2014\Assets\signxml.exe [2015-04-22] (e-file sp. z o.o.)
Task: {988D1482-D881-4069-A9FB-4BEE369501A6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2855642920-2160073068-4100759413-1001
Task: {ACDC16EC-13EF-4849-B890-E33359D5FCF5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B0A67280-6AB8-4846-9576-8858C691177B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {B2AAAC17-9274-44E8-941C-CBCEF4921949} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-04] (Avast Software s.r.o.)
Task: {F719D741-6104-49F6-B8F2-CE4CD0C70553} - System32\Tasks\e-pity2015_kwiecien => C:\Program Files\e-file\e-pity2014\Assets\signxml.exe [2015-04-22] (e-file sp. z o.o.)
Task: {F96BDE1B-2325-451A-A523-A15FEB8A549A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-14] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-04 10:11 - 2015-06-04 10:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-04 10:11 - 2015-06-04 10:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-04 12:40 - 2015-06-04 12:40 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060400\algo.dll
2015-06-05 20:07 - 2015-06-05 20:07 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060501\algo.dll
2015-06-04 10:11 - 2015-06-04 10:11 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 01007104 _____ () C:\Program Files\Origin\platforms\qwindows.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 00023552 _____ () C:\Program Files\Origin\imageformats\qgif.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 00024576 _____ () C:\Program Files\Origin\imageformats\qico.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 00216576 _____ () C:\Program Files\Origin\imageformats\qjpeg.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 00261120 _____ () C:\Program Files\Origin\imageformats\qmng.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 00019456 _____ () C:\Program Files\Origin\imageformats\qtga.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 00337408 _____ () C:\Program Files\Origin\imageformats\qtiff.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 00018944 _____ () C:\Program Files\Origin\imageformats\qwbmp.dll
2015-03-12 12:09 - 2015-06-03 16:25 - 00228352 _____ () C:\Program Files\Origin\mediaservice\wmfengine.dll
2014-12-04 12:29 - 2014-12-04 12:29 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2015-05-25 10:23 - 2015-05-25 10:23 - 00019816 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-05-25 10:23 - 2015-05-25 10:23 - 00012144 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00034664 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00078656 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00183656 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00046920 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00033136 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00015696 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-05-25 10:24 - 2015-05-25 10:24 - 00123736 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-05-25 10:24 - 2015-05-25 10:24 - 00073544 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00039256 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2015-06-04 12:35 - 2015-06-05 20:05 - 00462576 _____ () C:\Program Files\Swift Record\updateSwiftRecord.exe
2014-10-20 11:45 - 2014-10-20 11:45 - 00539488 _____ () C:\Users\Łukasz\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
2015-06-04 12:25 - 2015-06-05 20:10 - 00462576 _____ () C:\Program Files\Swift Record\bin\utilSwiftRecord.exe
2015-06-04 12:36 - 2015-06-05 08:30 - 00101616 _____ () C:\Program Files\Swift Record\bin\SwiftRecord.expext.exe
2015-06-04 12:36 - 2015-06-05 08:30 - 00081648 _____ () C:\Program Files\Swift Record\bin\SwiftRecord.expextdll.dll
2015-06-04 12:36 - 2015-06-05 10:34 - 00108272 _____ () C:\Program Files\Swift Record\bin\SwiftRecord.BrowserAdapter.exe
2015-06-04 12:36 - 2015-06-05 01:35 - 00296688 _____ () C:\Program Files\Swift Record\bin\SwiftRecord.PurBrowse.exe
2014-10-20 11:45 - 2014-10-20 11:45 - 00294240 _____ () C:\Users\Łukasz\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
2015-06-04 12:41 - 2015-06-04 12:41 - 00541696 _____ () C:\Users\Łukasz\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
2015-04-16 13:32 - 2015-04-16 13:32 - 16863920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\webcompanion.com -> hxxp://webcompanion.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Control Panel\Desktop\Wallpaper -> C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.20.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
MSCONFIG\startupreg: ALLPlayer WiFi Remote => C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe
MSCONFIG\startupreg: ALLUpdate => “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”
MSCONFIG\startupreg: BCU => “C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe”
MSCONFIG\startupreg: CCleaner Monitoring => “C:\Program Files\CCleaner\CCleaner.exe” /MONITOR
MSCONFIG\startupreg: GG => “C:\Users\Łukasz\AppData\Local\GG\Application\gghub.exe”
MSCONFIG\startupreg: HydraVisionDesktopManager => “C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe”
MSCONFIG\startupreg: Napisy24.pl => “C:\Program Files\Napisy24\Napisy24.exe” AutoStart
MSCONFIG\startupreg: Raptr => C:\PROGRA~1\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: StartCCC => “C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe” MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{782E9C5C-CE6E-405A-B0BC-A4E53264664C}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{907D57E7-57AF-4ED0-B742-62E5246AB94C}C:\program files\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files\origin games\fifa world\fifaworld.exe
FirewallRules: [uDP Query User{4E0A3A47-FC4F-4AD6-A6BD-B94B6EAB4952}C:\program files\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files\origin games\fifa world\fifaworld.exe
FirewallRules: [TCP Query User{15172FE4-E679-4EFC-8B8C-00382E128497}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [uDP Query User{C099CE7A-6166-4D5A-ABA3-0340619FA4E1}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{683A39F3-6A9B-4894-BE26-3407CE1BFEA8}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files\allplayer remote\allplayerremotecontrol.exe
FirewallRules: [uDP Query User{4D79B4FD-EC84-4FFB-B1CD-2452219F7CC3}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files\allplayer remote\allplayerremotecontrol.exe
FirewallRules: [TCP Query User{34873C19-3A2F-4E98-A4F3-4F0DC5405D92}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files\allplayer remote\allplayerremotecontrol.exe
FirewallRules: [uDP Query User{74048D59-1521-45C5-8D85-4E1239A696B9}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files\allplayer remote\allplayerremotecontrol.exe
FirewallRules: [{A1FC1C8D-F4EA-4AAE-A8DA-618795DC1372}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{C1CBE87A-6F15-4417-9789-030DE6C6C959}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{D8859277-18C2-4C0B-A102-E5ED04EF034E}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{7CC4C5F6-94D4-49D0-9D0A-5350507366B3}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{4A892F06-B52E-49C9-8739-06FEA4B31F84}] => (Allow) C:\Program Files\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{D6B987D2-9500-4E0A-B4AA-ADC262A82836}] => (Allow) C:\Program Files\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{8AE678C7-6C4F-4613-8EF9-A69448BB5650}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{D320F843-DEF6-4349-854E-32BE5DF010E0}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{AC7FB2D0-1F5E-49AF-998D-D44F59B7B3E6}] => (Allow) C:\Users\Łukasz\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{57FB699C-22A4-4F75-B64D-B3BDAE5CB5CE}] => (Allow) C:\Users\Łukasz\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{9AA6C641-0B30-4A09-AEDE-EE5758687FFE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [uDP Query User{E8E4E63D-6CD4-45E8-A32B-4CD2309AD1B4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{81FEEABB-CED3-41CB-8E55-44EFC5523D3E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{DDB03716-9B0A-4134-91A3-18C9A741B55E}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{E3DB9AE9-03A1-4309-89F4-16DCC8B69F36}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{7E922A81-357A-4B98-BCA6-6C85A105848C}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{7843781F-BCE2-4228-8EC8-277A8D620DEB}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{561CB6FF-0F2E-4E7D-A525-66E10D85E2DF}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{D06FE112-556B-4992-9C93-7DEB5BD49040}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{7CE6A0C1-7EB0-4EA0-8812-30218F8CAD3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{94B8A032-CB14-41EE-998E-8B29371F8412}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4D903E77-C44C-4403-B1D5-12E96C02D161}C:\program files\wiedźmin 2\bin\witcher2.exe] => (Allow) C:\program files\wiedźmin 2\bin\witcher2.exe
FirewallRules: [uDP Query User{F3D57281-9969-4A00-A41D-06C76F6CA319}C:\program files\wiedźmin 2\bin\witcher2.exe] => (Allow) C:\program files\wiedźmin 2\bin\witcher2.exe
FirewallRules: [TCP Query User{2F840E28-52C1-4C8C-A14C-0753A9A60345}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [uDP Query User{E1A57C01-62F5-43B7-ACEF-36A7A448EB56}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{87FB2976-C638-4596-8B27-5B4F666F7033}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1616D00C-28AC-489A-9AFC-E91FF67CA9B5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{24ADA160-C4AC-431A-9C03-29C215F22D76}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [uDP Query User{5ADF188A-08AE-45A2-8071-783CD46FEE7D}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/05/2015 08:09:47 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (4276) Windows: Próba otwarcia pliku “C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk” w trybie odczytu lub zapisu zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): "Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ". Operacja otwierania pliku zostanie zakończona z błędem -1032 (0xfffffbf8).
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt.
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Nie można zainicjować indeksu.
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Nie można zainicjować aplikacji.
Kontekst: aplikacja Windows
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Nie można zainicjować obiektu programu zbierającego.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Nie można zainicjować dodatku typu plug-in w <Search.TripoliIndexer>.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490)
Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Nie można zainicjować dodatku typu plug-in w <Search.JetPropStore>.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości.
Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości. (HRESULT : 0x8004117f) (0x8004117f)
Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=1100}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu.
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Usługa Windows Search nie może otworzyć magazynu właściwości aparatu Jet.
Szczegóły:
0x%08x (0x8004117f - Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości. (HRESULT : 0x8004117f))
System errors:
=============
Error: (06/05/2015 08:08:27 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie:
%%1056.
Error: (06/05/2015 08:07:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (06/05/2015 08:07:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535.
Error: (06/05/2015 08:07:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (06/04/2015 06:45:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (06/04/2015 06:45:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Update Swift Record z powodu następującego błędu:
%%1053
Error: (06/04/2015 06:45:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Update Swift Record.
Error: (06/04/2015 06:45:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą IE Search Set.
Error: (06/04/2015 05:34:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Error: (06/04/2015 05:27:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Microsoft Office:
=========================
Error: (06/05/2015 08:09:47 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows4276Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032 (0xfffffbf8)32 (0x00000020)Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontekst: aplikacja Windows
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex
Szczegóły:
Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości. (HRESULT : 0x8004117f) (0x8004117f)
Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Szczegóły:
Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801)
1100
Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Szczegóły:
0x%08x (0x8004117f - Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości. (HRESULT : 0x8004117f))
==================== Memory info ===========================
Processor: AMD Athlon II X3 440 Processor
Percentage of memory in use: 76%
Total physical RAM: 3069.55 MB
Available physical RAM: 726.16 MB
Total Pagefile: 6137.42 MB
Available Pagefile: 2925.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.99 MB
==================== Drives ================================
Drive c: © (Fixed) (Total:235.93 GB) (Free:90.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Nowy) (Fixed) (Total:222.01 GB) (Free:29.9 GB) NTFS
Drive j: (The Witcher 2) (CDROM) (Total:7.81 GB) (Free:0 GB) UDF
Drive k: (TW2_PL_Disc2) (CDROM) (Total:5.29 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F71BE444)
Partition 1: (Active) - (Size=235.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=7.8 GB) - (Type=27)
==================== End of log ============================
Że sorry co. Radzę doczytać, edytować posta i wkleić prawidłowo raporty na www.wklej.org a w poście zamieścić linki do wklejek. W przeciwnym razie temat trafi do śmietnika. Tym bardziej że już robiłeś to na tym forum.
Przestań wreszcie zaśmiecać forum i zacznij samodzielnie myśleć.
Wkleiłeś dwa razy ten sam log.
W panelu sterowania odinstaluj:
Ad-Aware Web Companion
do-search uninstall
LavasoftTcpService
Swift Record
Web Companion
Pobierz i uruchom AdwCleaner Kliknij Scan i później Cleaning.
Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.
Jestem laikiem komputerowym, więc proszę o poradę dzięki wielkie że mi pomagacie.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-28] (Microsoft Corporation)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150425
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://pl.search.yahoo.com/?fr=vmn&type=vmn __webcompa__ 1_0 __ya__ hp_WCYID10099_swoc_campaign_150529__yaie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://pl.search.yahoo.com/search?fr=vmn&type=vmn __webcompa__ 1_0 __ya__ ch_WCYID10099_swoc_campaign_150529__yaie&p={searchTerms}
CHR Extension: (Swift Record) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfgphdklgockflchaejindiafjcbbdl [2015-06-04]
CHR Extension: (Bookmark Manager) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]
S2 Update Swift Record; "C:\Program Files\Swift Record\updateSwiftRecord.exe" [X]
2015-05-29 20:45 - 2015-05-29 20:45 - 00000000 ____ D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-29 20:45 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2015-06-05 23:49 - 2015-03-11 22:47 - 00000000 ____ D C:\AdwCleaner
2014-10-30 07:31 - 2014-10-30 07:31 - 0000130 _____ () C:\Users\Łukasz\AppData\Roaming\tmp_register.bat
2014-12-28 19:37 - 2014-12-28 19:37 - 0000000 ____ H () C:\Users\Łukasz\AppData\Local\BITFD75.tmp
2014-12-28 19:37 - 2014-12-28 19:39 - 0000000 _____ () C:\Users\Łukasz\AppData\Local\{24E96B0B-B7FE-4EE6-928B-014850CE81C8}
EmptyTemp:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.