Firefox muli np, brak odpowiedzi, dodatkowo traus rating


(fazi83) #1

Jak w temacie


(Atis) #2

Przeczytaj regulamin działu, bo tam znajdziesz informację jakie logi są obowiązkowe.


(fazi83) #3

Sorry nie dotyczałem…

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-06-2015

Ran by Łukasz (administrator) on ŁUKASZ-KOMPUTER on 05-06-2015 21:32:46

Running from C:\Dokumenty\różne\rozne

Loaded Profiles: Łukasz (Available Profiles: Łukasz)

Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Polski (Polska)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Electronic Arts) C:\Program Files\Origin\Origin.exe

(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe

() C:\Windows\System32\PnkBstrA.exe

() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe

(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe

() C:\Program Files\Swift Record\updateSwiftRecord.exe

(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

() C:\Users\Łukasz\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe

() C:\Program Files\Swift Record\bin\utilSwiftRecord.exe

() C:\Program Files\Swift Record\bin\SwiftRecord.expext.exe

() C:\Program Files\Swift Record\bin\SwiftRecord.BrowserAdapter.exe

() C:\Program Files\Swift Record\bin\SwiftRecord.PurBrowse.exe

() C:\Users\Łukasz\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe

(Oracle Corporation) C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-04] (Avast Software s.r.o.)

HKLM…\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3632472 2015-06-03] (Electronic Arts)

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3579120 2015-05-21] (Disc Soft Ltd)

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [GenieoUpdaterService] => C:\Users\Łukasz\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe [294240 2014-10-20] ()

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\Run: [GenieoSystemTray] => C:\Users\Łukasz\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe [539488 2014-10-20] ()

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe [927920 2015-04-16] (Adobe Systems Incorporated)

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\MountPoints2: {30621727-062f-11e5-b502-6cf049dda8be} - J:\setup.exe

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\MountPoints2: {30621730-062f-11e5-b502-6cf049dda8be} - K:\setup.exe

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\MountPoints2: {88fedd80-0a90-11e5-8a6a-6cf049dda8be} - J:\setup.exe

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\MountPoints2: {d3c806b6-9d46-11e4-86fd-6cf049dda8be} - J:\SETUP.EXE

HKU\S-1-5-18…\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-28] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-04] (Avast Software s.r.o.)

ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150425

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515&q={searchTerms}

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515&q={searchTerms}

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [https://pl.search.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150529__yaie](https://pl.search.yahoo.com/?fr=vmn&type=vmn webcompa 1_0 ya hp_WCYID10099_swoc_campaign_150529__yaie)

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1429964897&from=cor&uid=SAMSUNGXHD502HI_S1VZJ90Z649515&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = [https://pl.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150529__yaie&p={searchTerms}](https://pl.search.yahoo.com/search?fr=vmn&type=vmn webcompa 1_0 ya ch_WCYID10099_swoc_campaign_150529__yaie&p=%7BsearchTerms%7D)

BHO: Swift Record 1.0.0.7 -> {0759d61f-3673-416f-85d2-58b847e78ddf} -> C:\Program Files\Swift Record\SwiftRecordbho.dll [2015-05-04] (Swift Record)

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-04] (Avast Software s.r.o.)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)

Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)

Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)

Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)

Winsock: Catalog9 21 C:\Windows\system32\LavasoftTcpService.dll [347976 2015-05-29] (Lavasoft Limited)

Tcpip\Parameters: [DhcpNameServer] 172.20.0.1

FireFox:

========

FF ProfilePath: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default

FF NewTab: [https://pl.search.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150529__yaff](https://pl.search.yahoo.com/?fr=vmn&type=vmn webcompa 1_0 ya hp_WCYID10099_swoc_campaign_150529__yaff)

FF DefaultSearchEngine: Google encrypted

FF SelectedSearchEngine: Yahoo

FF Homepage: hxxp://www.interia.pl/

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()

FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)

FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2855642920-2160073068-4100759413-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Łukasz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)

FF user.js: detected! => C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default\user.js [2015-06-04]

FF SearchPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default\searchplugins\google-encrypted.xml [2015-05-30]

FF Extension: Swift Record 1.0.1 - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default\Extensions{a1469707-fecc-4e6d-be13-e11acacabc84}.xpi [2015-06-04]

FF Extension: Adblock Plus - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\3b5mler4.default\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-27]

FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]

FF HKLM…\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-28]

Chrome:

=======

CHR Profile: C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-14]

CHR Extension: (Swift Record) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfgphdklgockflchaejindiafjcbbdl [2015-06-04]

CHR Extension: (Google Docs) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-14]

CHR Extension: (Google Drive) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-14]

CHR Extension: (YouTube) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-14]

CHR Extension: (Adblock Plus) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-04]

CHR Extension: (Google Search) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-14]

CHR Extension: (Google Sheets) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-14]

CHR Extension: (Bookmark Manager) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]

CHR Extension: (Avast Online Security) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-14]

CHR Extension: (Google Wallet) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-14]

CHR Extension: (Gmail) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-14]

CHR HKLM…\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-04]

CHR HKLM…\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-04] (Avast Software s.r.o.)

R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-06-04] (Avast Software)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1026288 2015-05-21] (Disc Soft Ltd)

R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)

S3 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)

S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1997168 2015-06-03] (Electronic Arts)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-12-04] ()

R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()

R2 Update Swift Record; C:\Program Files\Swift Record\updateSwiftRecord.exe [462576 2015-06-05] ()

R2 Util Swift Record; C:\Program Files\Swift Record\bin\utilSwiftRecord.exe [462576 2015-06-05] ()

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2014-10-28] (Advanced Micro Devices Inc.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-04] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-04] (Avast Software s.r.o.)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-06-04] (Avast Software s.r.o.)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-04] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-04] (Avast Software s.r.o.)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-06-04] (Avast Software s.r.o.)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-04] (Avast Software s.r.o.)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-04] ()

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-05-29] (Disc Soft Ltd)

R1 networx; C:\Windows\System32\drivers\networx.sys [55288 2014-08-01] (NetFilterSDK.com)

S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204448 2010-05-24] (Realtek Semiconductor Corp.)

R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-04] (Avast Software)

R1 {a1469707-fecc-4e6d-be13-e11acacabc84}Gw; C:\Windows\System32\drivers{a1469707-fecc-4e6d-be13-e11acacabc84}Gw.sys [43152 2015-06-03] (StdLib)

S1 iSafeKrnlMon; ??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 17:33 - 2015-06-04 17:33 - 00000000 ____D C:\Windows\system32\vbox

2015-06-04 12:55 - 2015-06-04 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 2

2015-06-04 12:55 - 2015-06-04 12:55 - 00000776 _____ C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk

2015-06-04 12:39 - 2015-06-04 12:39 - 00002225 _____ C:\Users\Łukasz\Desktop\Genieo.lnk

2015-06-04 12:39 - 2015-06-04 12:39 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Genieo

2015-06-04 12:36 - 2015-06-03 22:38 - 00043152 _____ (StdLib) C:\Windows\system32\Drivers{a1469707-fecc-4e6d-be13-e11acacabc84}Gw.sys

2015-06-04 12:35 - 2015-06-04 13:32 - 00000000 ____D C:\Program Files\Wiedźmin 2

2015-06-04 12:34 - 2015-06-04 12:34 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Genieo

2015-06-04 12:33 - 2015-06-05 21:10 - 00000000 ____D C:\Program Files\Swift Record

2015-06-04 12:33 - 2015-06-04 12:33 - 00001931 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk

2015-06-04 12:33 - 2015-06-04 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

2015-06-04 12:33 - 2015-06-04 12:33 - 00000000 ____D C:\Program Files\DAEMON Tools Lite

2015-06-04 11:02 - 2015-06-04 11:02 - 00000000 ____D C:\Users\Łukasz\AppData\Local\GWX

2015-06-04 10:11 - 2015-06-04 10:11 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe

2015-06-04 10:11 - 2015-06-04 10:11 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr

2015-05-30 12:33 - 2015-05-30 12:33 - 00000000 _____ C:\Users\Łukasz\Desktop\Nowy dokument tekstowy.txt

2015-05-30 07:22 - 2015-05-30 07:22 - 00000000 ____D C:\Users\Łukasz\AppData\Local\Disc_Soft_Ltd

2015-05-29 21:00 - 2015-05-29 21:00 - 00000000 ____D C:\Users\Łukasz\AppData\Local\The Witcher 2

2015-05-29 20:46 - 2015-05-29 20:46 - 00002880 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini

2015-05-29 20:46 - 2015-05-29 20:46 - 00000000 ____D C:\Users\Łukasz\AppData\Local\Lavasoft

2015-05-29 20:45 - 2015-05-29 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft

2015-05-29 20:45 - 2015-05-29 20:45 - 00000000 ____D C:\Program Files\Lavasoft

2015-05-29 20:45 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll

2015-05-29 20:42 - 2015-05-29 20:43 - 00025016 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys

2015-05-29 20:42 - 2015-05-29 20:42 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\RHEng

2015-05-29 20:42 - 2015-05-29 20:42 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Lavasoft

2015-05-29 20:42 - 2015-05-29 20:42 - 00000000 ____D C:\ProgramData\Lavasoft

2015-05-29 20:19 - 2015-06-05 20:06 - 00000952 _____ C:\Windows\setupact.log

2015-05-29 20:19 - 2015-06-04 17:26 - 00008024 _____ C:\Windows\PFRO.log

2015-05-29 20:19 - 2015-05-29 20:19 - 00000000 _____ C:\Windows\setuperr.log

2015-05-29 17:48 - 2015-05-29 17:48 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-05-29 17:48 - 2015-05-29 17:48 - 00001110 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-05-29 17:48 - 2015-05-29 17:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

2015-05-29 17:47 - 2015-05-29 17:47 - 00243560 _____ C:\Users\Łukasz\Downloads\Firefox Setup Stub 38.0.1.exe

2015-05-13 03:11 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-05-12 21:59 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-05-12 21:59 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2015-05-12 21:59 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll

2015-05-12 21:58 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2015-05-12 21:58 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-05-12 21:58 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-05-12 21:58 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-05-12 21:58 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-05-12 21:58 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-05-12 21:58 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-05-12 21:58 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2015-05-12 21:58 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-05-12 21:58 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe

2015-05-12 21:58 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-05-12 21:58 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe

2015-05-12 21:58 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-05-12 21:58 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe

2015-05-12 21:58 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-05-12 21:58 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe

2015-05-12 21:58 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-05-12 21:58 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-05-12 21:58 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-05-12 21:58 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe

2015-05-12 21:58 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-05-12 21:58 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-05-12 21:58 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-05-12 21:58 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-05-12 21:58 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll

2015-05-12 21:58 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2015-05-12 21:58 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2015-05-12 21:58 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-05-12 21:57 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-05-12 21:57 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-05-12 21:57 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-05-12 21:57 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-05-12 21:57 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-05-12 21:57 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-05-12 21:57 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-05-12 21:57 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-05-12 21:57 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-05-12 21:57 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-05-12 21:57 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-05-12 21:57 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-05-12 21:57 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-05-12 21:57 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-05-12 21:57 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-05-12 21:57 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-05-12 21:57 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-05-12 21:57 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-05-12 21:57 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-05-12 21:57 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-05-12 21:57 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-05-12 21:57 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-05-12 21:57 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-05-12 21:57 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-05-12 21:57 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-05-12 21:57 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-05-12 21:57 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-05-12 21:57 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-05-12 21:57 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-05-12 21:57 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-05-12 21:57 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-05-12 21:57 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-05-12 21:57 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe

2015-05-12 21:35 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll

2015-05-12 21:35 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll

2015-05-12 21:35 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll

2015-05-12 21:35 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll

2015-05-12 21:35 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll

2015-05-12 21:35 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe

2015-05-12 21:34 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 21:32 - 2015-03-11 22:52 - 00000000 ____D C:\FRST

2015-06-05 21:32 - 2014-10-27 23:06 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-06-05 21:13 - 2014-12-14 14:55 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-05 21:13 - 2014-10-27 22:17 - 01208795 _____ C:\Windows\WindowsUpdate.log

2015-06-05 20:18 - 2014-12-14 14:55 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-05 20:15 - 2009-07-14 06:34 - 00022240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-06-05 20:15 - 2009-07-14 06:34 - 00022240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-06-05 20:10 - 2009-07-14 04:04 - 00000505 _____ C:\Windows\win.ini

2015-06-05 20:07 - 2014-10-28 18:09 - 00000000 ____D C:\ProgramData\Origin

2015-06-05 20:06 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-06-04 17:30 - 2014-10-29 22:37 - 00000266 __RSH C:\ProgramData\ntuser.pol

2015-06-04 13:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\GroupPolicy

2015-06-04 12:56 - 2014-10-28 21:57 - 00000000 ___RD C:\Dokumenty

2015-06-04 10:11 - 2014-10-28 00:09 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys

2015-06-04 10:11 - 2014-10-28 00:09 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys

2015-06-04 10:11 - 2014-10-28 00:09 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys

2015-06-04 10:11 - 2014-10-28 00:09 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys

2015-06-04 10:11 - 2014-10-28 00:09 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys

2015-06-04 10:11 - 2014-10-28 00:09 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys

2015-06-04 10:11 - 2014-10-28 00:09 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys

2015-06-04 10:11 - 2014-10-28 00:09 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys

2015-06-03 16:27 - 2014-10-28 18:11 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Origin

2015-06-03 16:26 - 2015-03-12 12:08 - 00000000 ____D C:\Program Files\Origin

2015-05-31 05:25 - 2014-10-27 23:50 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\vlc

2015-05-30 07:33 - 2014-10-27 23:37 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2015-05-29 20:48 - 2014-11-04 13:54 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Azureus

2015-05-29 20:44 - 2015-01-16 13:32 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite

2015-05-29 17:48 - 2015-03-29 06:31 - 00000000 ____D C:\Program Files\Mozilla Firefox

2015-05-28 13:19 - 2014-10-28 16:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2015-05-27 22:07 - 2015-04-02 19:59 - 00000000 ___RD C:\Program Files\Skype

2015-05-26 05:15 - 2014-12-14 14:56 - 00002136 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-05-21 03:01 - 2015-04-04 21:16 - 00000000 ___SD C:\Windows\system32\GWX

2015-05-14 20:48 - 2014-10-27 22:43 - 01670518 _____ C:\Windows\system32\PerfStringBackup.INI

2015-05-14 20:48 - 2009-09-21 16:32 - 00740422 _____ C:\Windows\system32\perfh015.dat

2015-05-14 20:48 - 2009-09-21 16:32 - 00155996 _____ C:\Windows\system32\perfc015.dat

2015-05-13 21:02 - 2014-10-28 16:22 - 00000000 ____D C:\Windows\system32\MRT

2015-05-13 20:59 - 2014-10-28 16:21 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-05-13 17:19 - 2014-10-29 22:55 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\GG

2015-05-13 17:15 - 2014-10-29 22:55 - 00000000 ____D C:\Users\Łukasz\AppData\Local\GG

2015-05-13 04:08 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache

2015-05-13 03:39 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET

2015-05-13 03:30 - 2009-07-14 06:33 - 00267480 _____ C:\Windows\system32\FNTCACHE.DAT

2015-05-13 03:29 - 2014-10-27 23:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-05-13 03:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL

2015-05-13 03:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers

2015-05-13 03:06 - 2009-07-14 09:49 - 00000000 ____D C:\Program Files\Windows Journal

2015-05-13 03:05 - 2014-10-27 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-05-12 21:53 - 2014-10-27 22:39 - 00000000 ____D C:\Users\Łukasz

2015-05-07 18:39 - 2015-04-25 14:44 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Raptr

==================== Files in the root of some directories =======

2014-12-04 12:30 - 2014-12-04 12:30 - 0138904 _____ () C:\Users\Łukasz\AppData\Roaming\PnkBstrK.sys

2014-10-30 07:31 - 2014-10-30 07:31 - 0000130 _____ () C:\Users\Łukasz\AppData\Roaming\tmp_register.bat

2014-12-28 19:37 - 2014-12-28 19:37 - 0000000 ____H () C:\Users\Łukasz\AppData\Local\BITFD75.tmp

2014-12-28 19:37 - 2014-12-28 19:39 - 0000000 _____ () C:\Users\Łukasz\AppData\Local{24E96B0B-B7FE-4EE6-928B-014850CE81C8}

Some files in TEMP:

====================

C:\Users\Łukasz\AppData\Local\Temp\bitool.dll

C:\Users\Łukasz\AppData\Local\Temp\i4jdel0.exe

C:\Users\Łukasz\AppData\Local\Temp\InstallGenieo.exe

C:\Users\Łukasz\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-03 16:54

==================== End of log ============================

drugi Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-06-2015

Ran by Łukasz at 2015-06-05 21:33:53

Running from C:\Dokumenty\różne\rozne

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2855642920-2160073068-4100759413-500 - Administrator - Disabled)

Gość (S-1-5-21-2855642920-2160073068-4100759413-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2855642920-2160073068-4100759413-1002 - Limited - Enabled)

Łukasz (S-1-5-21-2855642920-2160073068-4100759413-1001 - Administrator - Enabled) => C:\Users\Łukasz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with “hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)

Ad-Aware Web Companion (Version: 2.0.1013.2086 - Lavasoft) Hidden

Adobe Flash Player 17 ActiveX (HKLM…\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM…\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.11) - Polish (HKLM…{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)

ALLPlayer Pilot (HKLM…{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.2 - ALLPlayer Group, Ltd.)

ALLPlayer V6.X (HKLM…\ALLPlayer_is1) (Version:  - ALLPlayer Group, Ltd.)

AMD Catalyst Install Manager (HKLM…{DE7D695C-2EC7-AFDF-F786-6E938DE83175}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

ATI AVIVO Codecs (Version: 11.6.0.50527 - ATI Technologies Inc.) Hidden

Avast Free Antivirus (HKLM…\Avast) (Version: 10.2.2218 - AVAST Software)

CCleaner (HKLM…\CCleaner) (Version: 4.19 - Piriform)

DAEMON Tools Lite (HKLM…\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)

do-search uninstall (HKLM…\do-search uninstall) (Version:  - do-search) <==== ATTENTION!

Driver Booster 2 (HKLM…\Driver Booster_is1) (Version: 2.0 - IObit)

EA SPORTS FIFA World (HKLM…{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.5.0.61021 - Electronic Arts, Inc.)

e-pity 6.5.1 za rok 2014 (HKLM…{80D8170E-5590-218-B9ED-E24E4C99A18C}_is1) (Version: 6.5.1 - e-file sp. z o.o.)

EVEREST Home Edition v2.20 (HKLM…\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)

ffdshow v1.3.4533 [2014-09-29] (HKLM…\ffdshow_is1) (Version: 1.3.4533.0 - )

Genieo (HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\genieo) (Version: 1.0.400 - Genieo Innovation Ltd.) <==== ATTENTION!

GG (HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\GG) (Version: 12 - GG Network S.A.)

Google Chrome (HKLM…\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden

Java 8 Update 45 (HKLM…{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)

LavasoftTcpService (Version: 2.3.4.2 - Lavasoft) Hidden

Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM…\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Silverlight (HKLM…{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM…{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM…{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM…{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Mozilla Firefox 38.0.1 (x86 pl) (HKLM…\Mozilla Firefox 38.0.1 (x86 pl)) (Version: 38.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM…\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM…{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM…{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NapiProjekt 2.0.0 (build 2151) (HKLM…\NapiProjekt_is1) (Version:  - )

Napisy24 (HKLM…{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 0.95 - Napisy24.pl)

Nero BurnRights 10 (HKLM…{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11200.14.100 - Nero AG)

Nero DiscSpeed 10 (HKLM…{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.11100.9.100 - Nero AG)

Nero InfoTool 10 (HKLM…{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11000.12.100 - Nero AG)

Nero MediaHub 10 (HKLM…{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14400.24.100 - Nero AG)

Nero Multimedia Suite 10 Essentials (HKLM…{93C987F5-6563-4D29-A7C0-7DC85471D7C3}) (Version: 10.0.14200 - Nero AG)

Nero StartSmart 10 (HKLM…{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11500.18.100 - Nero AG)

Nero Update (HKLM…{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)

NetWorx 5.3.3 (HKLM…\NetWorx_is1) (Version:  - Softperfect Research)

OpenFM (HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\OpenFM) (Version: 2 - GG Network S.A.)

Origin (HKLM…\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)

Raptr (HKLM…\Raptr) (Version:  - )

Realtek HDMI Audio Driver for ATI (HKLM…{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)

SimCity 2000 Special Edition (HKLM…{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)

Skype Click to Call (HKLM…{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)

Skype™ 7.3 (HKLM…{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)

SWFPlayer 2.6.2.0 (HKLM…\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)

Swift Record (HKLM…\Swift Record) (Version: 2015.06.04.072503 - Swift Record) <==== ATTENTION

VLC media player (HKLM…\VLC media player) (Version: 2.1.5 - VideoLAN)

Vuze (HKLM…\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)

Web Companion (HKLM…{7ADC1B3B-06CB-4EC2-80A7-F063B2C5FE42}_WebCompanion) (Version: 2.0.1013.2086 - Lavasoft)

Wiedźmin 2 (HKLM…{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)

WinRAR 5.21 (32-bitowy) (HKLM…\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001_Classes\CLSID{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Łukasz\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Restore Points =========================

05-06-2015 20:14:42 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1938650C-B4EB-49E0-9F33-EAC92C0D4954} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)

Task: {4D02BD89-060B-4BFC-BDE5-54C37416EFDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-14] (Google Inc.)

Task: {5F4516A5-559C-4EBD-9A65-01E5E324821F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)

Task: {618E32AA-FDE1-4D31-A194-6EB2B2782FF1} - System32\Tasks\Driver Booster SkipUAC (Łukasz) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2014-10-22] (IObit)

Task: {6FC44F14-06AD-47A6-A229-39E6E48EFAA5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)

Task: {7DD033BD-12D3-41C0-8EA6-9C5D6203C702} - System32\Tasks\e-pity2015_styczen => C:\Program Files\e-file\e-pity2014\Assets\signxml.exe [2015-04-22] (e-file sp. z o.o.)

Task: {988D1482-D881-4069-A9FB-4BEE369501A6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2855642920-2160073068-4100759413-1001

Task: {ACDC16EC-13EF-4849-B890-E33359D5FCF5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)

Task: {B0A67280-6AB8-4846-9576-8858C691177B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)

Task: {B2AAAC17-9274-44E8-941C-CBCEF4921949} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-04] (Avast Software s.r.o.)

Task: {F719D741-6104-49F6-B8F2-CE4CD0C70553} - System32\Tasks\e-pity2015_kwiecien => C:\Program Files\e-file\e-pity2014\Assets\signxml.exe [2015-04-22] (e-file sp. z o.o.)

Task: {F96BDE1B-2325-451A-A523-A15FEB8A549A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-14] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-04 10:11 - 2015-06-04 10:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2015-06-04 10:11 - 2015-06-04 10:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2015-06-04 12:40 - 2015-06-04 12:40 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060400\algo.dll

2015-06-05 20:07 - 2015-06-05 20:07 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060501\algo.dll

2015-06-04 10:11 - 2015-06-04 10:11 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 01007104 _____ () C:\Program Files\Origin\platforms\qwindows.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 00023552 _____ () C:\Program Files\Origin\imageformats\qgif.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 00024576 _____ () C:\Program Files\Origin\imageformats\qico.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 00216576 _____ () C:\Program Files\Origin\imageformats\qjpeg.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 00261120 _____ () C:\Program Files\Origin\imageformats\qmng.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 00019456 _____ () C:\Program Files\Origin\imageformats\qtga.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 00337408 _____ () C:\Program Files\Origin\imageformats\qtiff.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 00018944 _____ () C:\Program Files\Origin\imageformats\qwbmp.dll

2015-03-12 12:09 - 2015-06-03 16:25 - 00228352 _____ () C:\Program Files\Origin\mediaservice\wmfengine.dll

2014-12-04 12:29 - 2014-12-04 12:29 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe

2015-05-25 10:23 - 2015-05-25 10:23 - 00019816 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe

2015-05-25 10:23 - 2015-05-25 10:23 - 00012144 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll

2015-05-25 10:23 - 2015-05-25 10:23 - 00034664 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll

2014-10-23 21:19 - 2014-10-23 21:19 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll

2015-05-25 10:23 - 2015-05-25 10:23 - 00078656 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll

2015-05-25 10:23 - 2015-05-25 10:23 - 00183656 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll

2015-05-25 10:23 - 2015-05-25 10:23 - 00046920 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll

2015-05-25 10:23 - 2015-05-25 10:23 - 00033136 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll

2015-05-25 10:23 - 2015-05-25 10:23 - 00015696 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll

2015-05-25 10:24 - 2015-05-25 10:24 - 00123736 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll

2015-05-25 10:24 - 2015-05-25 10:24 - 00073544 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll

2015-05-25 10:23 - 2015-05-25 10:23 - 00039256 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll

2015-06-04 12:35 - 2015-06-05 20:05 - 00462576 _____ () C:\Program Files\Swift Record\updateSwiftRecord.exe

2014-10-20 11:45 - 2014-10-20 11:45 - 00539488 _____ () C:\Users\Łukasz\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe

2015-06-04 12:25 - 2015-06-05 20:10 - 00462576 _____ () C:\Program Files\Swift Record\bin\utilSwiftRecord.exe

2015-06-04 12:36 - 2015-06-05 08:30 - 00101616 _____ () C:\Program Files\Swift Record\bin\SwiftRecord.expext.exe

2015-06-04 12:36 - 2015-06-05 08:30 - 00081648 _____ () C:\Program Files\Swift Record\bin\SwiftRecord.expextdll.dll

2015-06-04 12:36 - 2015-06-05 10:34 - 00108272 _____ () C:\Program Files\Swift Record\bin\SwiftRecord.BrowserAdapter.exe

2015-06-04 12:36 - 2015-06-05 01:35 - 00296688 _____ () C:\Program Files\Swift Record\bin\SwiftRecord.PurBrowse.exe

2014-10-20 11:45 - 2014-10-20 11:45 - 00294240 _____ () C:\Users\Łukasz\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe

2015-06-04 12:41 - 2015-06-04 12:41 - 00541696 _____ () C:\Users\Łukasz\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

2015-04-16 13:32 - 2015-04-16 13:32 - 16863920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\localhost -> localhost

IE trusted site: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001…\webcompanion.com -> hxxp://webcompanion.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Control Panel\Desktop\Wallpaper -> C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 172.20.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

MSCONFIG\startupreg: ALLPlayer WiFi Remote => C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe

MSCONFIG\startupreg: ALLUpdate => “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”

MSCONFIG\startupreg: BCU => “C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe”

MSCONFIG\startupreg: CCleaner Monitoring => “C:\Program Files\CCleaner\CCleaner.exe” /MONITOR

MSCONFIG\startupreg: GG => “C:\Users\Łukasz\AppData\Local\GG\Application\gghub.exe”

MSCONFIG\startupreg: HydraVisionDesktopManager => “C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe”

MSCONFIG\startupreg: Napisy24.pl => “C:\Program Files\Napisy24\Napisy24.exe” AutoStart

MSCONFIG\startupreg: Raptr => C:\PROGRA~1\Raptr\raptrstub.exe --startup

MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

MSCONFIG\startupreg: StartCCC => “C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe” MSRun

MSCONFIG\startupreg: SunJavaUpdateSched => “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{782E9C5C-CE6E-405A-B0BC-A4E53264664C}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

FirewallRules: [TCP Query User{907D57E7-57AF-4ED0-B742-62E5246AB94C}C:\program files\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files\origin games\fifa world\fifaworld.exe

FirewallRules: [uDP Query User{4E0A3A47-FC4F-4AD6-A6BD-B94B6EAB4952}C:\program files\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files\origin games\fifa world\fifaworld.exe

FirewallRules: [TCP Query User{15172FE4-E679-4EFC-8B8C-00382E128497}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe

FirewallRules: [uDP Query User{C099CE7A-6166-4D5A-ABA3-0340619FA4E1}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe

FirewallRules: [TCP Query User{683A39F3-6A9B-4894-BE26-3407CE1BFEA8}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files\allplayer remote\allplayerremotecontrol.exe

FirewallRules: [uDP Query User{4D79B4FD-EC84-4FFB-B1CD-2452219F7CC3}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files\allplayer remote\allplayerremotecontrol.exe

FirewallRules: [TCP Query User{34873C19-3A2F-4E98-A4F3-4F0DC5405D92}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files\allplayer remote\allplayerremotecontrol.exe

FirewallRules: [uDP Query User{74048D59-1521-45C5-8D85-4E1239A696B9}C:\program files\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files\allplayer remote\allplayerremotecontrol.exe

FirewallRules: [{A1FC1C8D-F4EA-4AAE-A8DA-618795DC1372}] => (Allow) C:\Windows\System32\PnkBstrA.exe

FirewallRules: [{C1CBE87A-6F15-4417-9789-030DE6C6C959}] => (Allow) C:\Windows\System32\PnkBstrA.exe

FirewallRules: [{D8859277-18C2-4C0B-A102-E5ED04EF034E}] => (Allow) C:\Windows\System32\PnkBstrB.exe

FirewallRules: [{7CC4C5F6-94D4-49D0-9D0A-5350507366B3}] => (Allow) C:\Windows\System32\PnkBstrB.exe

FirewallRules: [{4A892F06-B52E-49C9-8739-06FEA4B31F84}] => (Allow) C:\Program Files\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe

FirewallRules: [{D6B987D2-9500-4E0A-B4AA-ADC262A82836}] => (Allow) C:\Program Files\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe

FirewallRules: [{8AE678C7-6C4F-4613-8EF9-A69448BB5650}] => (Allow) C:\Program Files\Vuze\Azureus.exe

FirewallRules: [{D320F843-DEF6-4349-854E-32BE5DF010E0}] => (Allow) C:\Program Files\Vuze\Azureus.exe

FirewallRules: [{AC7FB2D0-1F5E-49AF-998D-D44F59B7B3E6}] => (Allow) C:\Users\Łukasz\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{57FB699C-22A4-4F75-B64D-B3BDAE5CB5CE}] => (Allow) C:\Users\Łukasz\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [TCP Query User{9AA6C641-0B30-4A09-AEDE-EE5758687FFE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe

FirewallRules: [uDP Query User{E8E4E63D-6CD4-45E8-A32B-4CD2309AD1B4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe

FirewallRules: [{81FEEABB-CED3-41CB-8E55-44EFC5523D3E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

FirewallRules: [{DDB03716-9B0A-4134-91A3-18C9A741B55E}] => (Allow) C:\Program Files\Raptr\raptr.exe

FirewallRules: [{E3DB9AE9-03A1-4309-89F4-16DCC8B69F36}] => (Allow) C:\Program Files\Raptr\raptr.exe

FirewallRules: [{7E922A81-357A-4B98-BCA6-6C85A105848C}] => (Allow) C:\Program Files\Raptr\raptr_im.exe

FirewallRules: [{7843781F-BCE2-4228-8EC8-277A8D620DEB}] => (Allow) C:\Program Files\Raptr\raptr_im.exe

FirewallRules: [{561CB6FF-0F2E-4E7D-A525-66E10D85E2DF}] => (Allow) C:\Program Files\NetWorx\networx.exe

FirewallRules: [{D06FE112-556B-4992-9C93-7DEB5BD49040}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

FirewallRules: [{7CE6A0C1-7EB0-4EA0-8812-30218F8CAD3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{94B8A032-CB14-41EE-998E-8B29371F8412}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{4D903E77-C44C-4403-B1D5-12E96C02D161}C:\program files\wiedźmin 2\bin\witcher2.exe] => (Allow) C:\program files\wiedźmin 2\bin\witcher2.exe

FirewallRules: [uDP Query User{F3D57281-9969-4A00-A41D-06C76F6CA319}C:\program files\wiedźmin 2\bin\witcher2.exe] => (Allow) C:\program files\wiedźmin 2\bin\witcher2.exe

FirewallRules: [TCP Query User{2F840E28-52C1-4C8C-A14C-0753A9A60345}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe

FirewallRules: [uDP Query User{E1A57C01-62F5-43B7-ACEF-36A7A448EB56}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe

FirewallRules: [{87FB2976-C638-4596-8B27-5B4F666F7033}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{1616D00C-28AC-489A-9AFC-E91FF67CA9B5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [TCP Query User{24ADA160-C4AC-431A-9C03-29C215F22D76}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe

FirewallRules: [uDP Query User{5ADF188A-08AE-45A2-8071-783CD46FEE7D}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface

Description: Karta tunelowania Teredo firmy Microsoft

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.

On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (06/05/2015 08:09:47 PM) (Source: ESENT) (EventID: 490) (User: )

Description: Windows (4276) Windows: Próba otwarcia pliku “C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk” w trybie odczytu lub zapisu zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): "Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ". Operacja otwierania pliku zostanie zakończona z błędem -1032 (0xfffffbf8).

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt.

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Nie można zainicjować indeksu.

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Nie można zainicjować aplikacji.

Kontekst: aplikacja Windows

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Nie można zainicjować obiektu programu zbierającego.

Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Nie można zainicjować dodatku typu plug-in w <Search.TripoliIndexer>.

Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:

    Nie można odnaleźć elementu.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Nie można zainicjować dodatku typu plug-in w <Search.JetPropStore>.

Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości.

Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:

    Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości.  (HRESULT : 0x8004117f) (0x8004117f)

Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=1100}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu.

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )

Description: Usługa Windows Search nie może otworzyć magazynu właściwości aparatu Jet.

Szczegóły:

    0x%08x (0x8004117f - Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości.  (HRESULT : 0x8004117f))

System errors:

=============

Error: (06/05/2015 08:08:27 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie:

%%1056.

Error: (06/05/2015 08:07:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (06/05/2015 08:07:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535.

Error: (06/05/2015 08:07:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:

iSafeKrnlMon

Error: (06/04/2015 06:45:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:

iSafeKrnlMon

Error: (06/04/2015 06:45:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Nie można uruchomić usługi Update Swift Record z powodu następującego błędu:

%%1053

Error: (06/04/2015 06:45:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Update Swift Record.

Error: (06/04/2015 06:45:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą IE Search Set.

Error: (06/04/2015 05:34:01 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {26C7AFDB-3690-449E-B979-B0AF5CC56DD4}

Error: (06/04/2015 05:27:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:

iSafeKrnlMon

Microsoft Office:

=========================

Error: (06/05/2015 08:09:47 PM) (Source: ESENT) (EventID: 490) (User: )

Description: Windows4276Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032 (0xfffffbf8)32 (0x00000020)Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

The catalog is corrupt

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Kontekst: aplikacja Windows

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/05/2015 08:07:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:

    Nie można odnaleźć elementu.  (HRESULT : 0x80070490) (0x80070490)

Search.TripoliIndexer

Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Search.JetPropStore

Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:

    Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości.  (HRESULT : 0x8004117f) (0x8004117f)

Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: Szczegóły:

    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

1100

Error: (06/05/2015 08:07:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )

Description: Szczegóły:

    0x%08x (0x8004117f - Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości.  (HRESULT : 0x8004117f))

==================== Memory info ===========================

Processor: AMD Athlon II X3 440 Processor

Percentage of memory in use: 76%

Total physical RAM: 3069.55 MB

Available physical RAM: 726.16 MB

Total Pagefile: 6137.42 MB

Available Pagefile: 2925.45 MB

Total Virtual: 2047.88 MB

Available Virtual: 1895.99 MB

==================== Drives ================================

Drive c: © (Fixed) (Total:235.93 GB) (Free:90.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Nowy) (Fixed) (Total:222.01 GB) (Free:29.9 GB) NTFS

Drive j: (The Witcher 2) (CDROM) (Total:7.81 GB) (Free:0 GB) UDF

Drive k: (TW2_PL_Disc2) (CDROM) (Total:5.29 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F71BE444)

Partition 1: (Active) - (Size=235.9 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=222 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=7.8 GB) - (Type=27)

==================== End of log ============================


(Spandau) #4

Że sorry co. Radzę doczytać, edytować posta i wkleić prawidłowo raporty na www.wklej.org a w poście zamieścić linki do wklejek. W przeciwnym razie temat trafi do śmietnika. Tym bardziej że już robiłeś to na tym forum.


(fazi83) #5

http://wklej.org/id/1730601/  

 

http://wklej.org/id/1730615/


(Atis) #6

Przestań wreszcie zaśmiecać forum i zacznij samodzielnie myśleć.

Wkleiłeś dwa razy ten sam log.

W panelu sterowania odinstaluj:

Ad-Aware Web Companion

do-search uninstall

LavasoftTcpService

Swift Record

Web Companion

Pobierz i uruchom AdwCleaner Kliknij Scan i później Cleaning.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.


(fazi83) #7

Jestem laikiem komputerowym, więc proszę o poradę dzięki wielkie że mi pomagacie.


(Atis) #8

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-28] (Microsoft Corporation)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150425
HKU\S-1-5-21-2855642920-2160073068-4100759413-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://pl.search.yahoo.com/?fr=vmn&type=vmn __webcompa__ 1_0 __ya__ hp_WCYID10099_swoc_campaign_150529__yaie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2855642920-2160073068-4100759413-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://pl.search.yahoo.com/search?fr=vmn&type=vmn __webcompa__ 1_0 __ya__ ch_WCYID10099_swoc_campaign_150529__yaie&p={searchTerms}
CHR Extension: (Swift Record) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfgphdklgockflchaejindiafjcbbdl [2015-06-04]
CHR Extension: (Bookmark Manager) - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]
S2 Update Swift Record; "C:\Program Files\Swift Record\updateSwiftRecord.exe" [X]
2015-05-29 20:45 - 2015-05-29 20:45 - 00000000 ____ D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-29 20:45 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2015-06-05 23:49 - 2015-03-11 22:47 - 00000000 ____ D C:\AdwCleaner
2014-10-30 07:31 - 2014-10-30 07:31 - 0000130 _____ () C:\Users\Łukasz\AppData\Roaming\tmp_register.bat
2014-12-28 19:37 - 2014-12-28 19:37 - 0000000 ____ H () C:\Users\Łukasz\AppData\Local\BITFD75.tmp
2014-12-28 19:37 - 2014-12-28 19:39 - 0000000 _____ () C:\Users\Łukasz\AppData\Local\{24E96B0B-B7FE-4EE6-928B-014850CE81C8}
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.