Hold Page - proszę o pomoc

Dla specjalistów Bezpieczeństwo
#1

Dobry wieczór.

Mam do was prośbę, czy moglibyście powiedzieć mi jak usunąć tego wirusa HOLD PAGE (podobne coś do strong signal)

 

Oto skany FRST

Additional.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2015 01
Ran by komp at 2015-02-19 18:50:10
Running from C:\Users\komp\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVS Video Editor 7.0 (HKLM\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)
Click Caption 1.10.0.2 (HKLM\...\ClickCaption_1.10.0.2) (Version: 1.10.0.2 - ClickCaption) <==== ATTENTION
Farming Simulator 15 (HKLM\...\FarmingSimulator2015PL_is1) (Version: 1.2.0.0 - GIANTS Software)
Farming Simulator 2013 (HKLM\...\FarmingSimulator2013PL_is1) (Version: 1.0 - GIANTS Software)
Fraps (HKLM\...\Fraps) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
K-Lite Codec Pack 10.3.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
LG United Mobile Drivers (HKLM\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
NVIDIA Sterownik 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
omiga-plus uninstall (HKLM\...\omiga-plus uninstall) (Version: - omiga-plus) <==== ATTENTION
Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Symulator Farmy 2011 (HKLM\...\FarmingSimulator2011PL_is1) (Version: 1.0 - GIANTS Software)
TeamSpeak 3 Client (HKU\S-1-5-21-877709464-2453382027-2957049181-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Vegas Pro 10.0 (HKLM\...\Vegas Pro 10.0) (Version: 10.0 - Salai Thawng Za Lian)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

23-01-2015 02:58:08 Zaplanowany punkt kontrolny
30-01-2015 06:01:28 Zaplanowany punkt kontrolny
07-02-2015 04:01:32 Zaplanowany punkt kontrolny
14-02-2015 23:17:33 Zaplanowany punkt kontrolny

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____ A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16D1EC66-295E-4DFA-BA0C-269500140F0F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-17] (AVAST Software)
Task: {56D41707-CFDA-4CF7-B7F5-4AA4686F1641} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {A15BA833-D2D3-485E-A857-2B179E3FCC90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-17 11:59 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-02-15 10:44 - 2015-02-15 10:44 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021500\algo.dll
2015-02-19 10:36 - 2015-02-19 10:36 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021900\algo.dll
2014-11-17 11:56 - 2014-11-17 11:56 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-24 08:10 - 2015-02-18 03:31 - 01649904 _____ () C:\Program Files\Hold Page\bin\HoldPage.BOASHelper.exe
2014-12-22 08:32 - 2015-02-18 22:26 - 00296688 _____ () C:\Program Files\Hold Page\bin\HoldPage.PurBrowse.exe
2015-01-31 07:46 - 2015-02-19 06:33 - 00101616 _____ () C:\Program Files\Hold Page\bin\HoldPage.expext.exe
2015-01-31 07:46 - 2015-02-19 06:33 - 00081648 _____ () C:\Program Files\Hold Page\bin\HoldPage.expextdll.dll
2014-12-24 08:10 - 2015-02-18 03:31 - 01786608 _____ () C:\Program Files\Hold Page\bin\HoldPage.BOASPRT.exe
2015-01-27 08:43 - 2015-01-27 08:43 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-877709464-2453382027-2957049181-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\komp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.10.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-877709464-2453382027-2957049181-500 - Administrator - Disabled)
Gość (S-1-5-21-877709464-2453382027-2957049181-501 - Limited - Disabled)
komp (S-1-5-21-877709464-2453382027-2957049181-1000 - Administrator - Enabled) => C:\Users\komp

==================== Faulty Device Manager Devices =============

Name: Kontroler multimediów audio
Description: Kontroler multimediów audio
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/19/2015 06:38:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 35.0.1.5500, sygnatura czasowa: 0x54c1f9f3
Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 35.0.1.5500, sygnatura czasowa: 0x54c1f224
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x00001425
Identyfikator procesu powodującego błąd: 0x11c4
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3

Error: (02/18/2015 06:19:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program AVSVideoEditor.exe w wersji 7.0.1.258 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.

Identyfikator procesu: 1350

Godzina rozpoczęcia: 01d04b9d1a61bdc7

Godzina zakończenia: 1323

Ścieżka aplikacji: C:\Program Files\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe

Identyfikator raportu: 384d5645-b792-11e4-bb30-001a4d5e988c

Error: (02/18/2015 05:20:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (02/18/2015 05:20:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (02/18/2015 05:20:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (02/18/2015 05:20:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (02/18/2015 05:20:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (02/17/2015 06:54:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (02/16/2015 09:16:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (02/16/2015 09:15:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.


System errors:
=============
Error: (02/19/2015 06:38:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Update Hold Page z powodu następującego błędu: 
%%1053

Error: (02/19/2015 06:38:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Update Hold Page.

Error: (02/19/2015 06:38:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Update Hold Page niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/19/2015 06:38:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Util Hold Page z powodu następującego błędu: 
%%1053

Error: (02/19/2015 06:38:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Util Hold Page.

Error: (02/19/2015 06:38:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Util Hold Page niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/19/2015 06:31:45 PM) (Source: DCOM) (EventID: 10016) (User: komp-Komputer)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}komp-KomputerkompS-1-5-21-877709464-2453382027-2957049181-1000LocalHost (użycie LRPC)

Error: (02/19/2015 06:27:45 PM) (Source: DCOM) (EventID: 10016) (User: komp-Komputer)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}komp-KomputerkompS-1-5-21-877709464-2453382027-2957049181-1000LocalHost (użycie LRPC)

Error: (02/19/2015 06:27:02 PM) (Source: DCOM) (EventID: 10016) (User: komp-Komputer)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}komp-KomputerkompS-1-5-21-877709464-2453382027-2957049181-1000LocalHost (użycie LRPC)

Error: (02/19/2015 06:26:47 PM) (Source: DCOM) (EventID: 10016) (User: komp-Komputer)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}komp-KomputerkompS-1-5-21-877709464-2453382027-2957049181-1000LocalHost (użycie LRPC)


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E4700 @ 2.60GHz
Percentage of memory in use: 89%
Total physical RAM: 2046.49 MB
Available physical RAM: 215.65 MB
Total Pagefile: 4593.82 MB
Available Pagefile: 1932.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:195.21 GB) (Free:162.79 GB) NTFS
Drive d: () (Fixed) (Total:270.44 GB) (Free:265.15 GB) NTFS
Drive e: (farming15_pl) (CDROM) (Total:1.89 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 23D623D5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=270.4 GB) - (Type=OF Extended)

==================== End Of Log ============================
FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by komp (administrator) on KOMP-KOMPUTER on 19-02-2015 18:49:20
Running from C:\Users\komp\Downloads
Loaded Profiles: komp (Available profiles: komp)
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Polski (Polska)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(ClickCaption) C:\Program Files\ClickCaption_1.10.0.2\Service\ccsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Program Files\Hold Page\bin\HoldPage.BOASHelper.exe
() C:\Program Files\Hold Page\bin\HoldPage.PurBrowse.exe
() C:\Program Files\Hold Page\bin\HoldPage.expext.exe
() C:\Program Files\Hold Page\bin\HoldPage.BOASPRT.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1795872 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\f4d62731-aa22-4901-b395-12874da95ba2.exe [183232 2015-02-18] (AVAST Software)
HKU\S-1-5-21-877709464-2453382027-2957049181-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-877709464-2453382027-2957049181-1000\...\Run: [RGSC] => D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-877709464-2453382027-2957049181-1000\...\MountPoints2: {3a454036-8dbf-11e4-b28a-001a4d5e988c} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-877709464-2453382027-2957049181-1000\...\MountPoints2: {b6eb6385-6e3f-11e4-8c2e-806e6f6e6963} - E:\autorun.exe
Startup: C:\Users\komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215&q={searchTerms}
HKU\S-1-5-21-877709464-2453382027-2957049181-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215
HKU\S-1-5-21-877709464-2453382027-2957049181-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215&q={searchTerms}
SearchScopes: HKU\S-1-5-21-877709464-2453382027-2957049181-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215&q={searchTerms}
SearchScopes: HKU\S-1-5-21-877709464-2453382027-2957049181-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: ClickCaption -> {A18EA34C-6D33-4298-8A54-7F16499904C0} -> C:\Program Files\ClickCaption_1.10.0.2\IE\ClickCaptionClientIE.dll (ClickCaption)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215

FireFox:
========
FF ProfilePath: C:\Users\komp\AppData\Roaming\Mozilla\Firefox\Profiles\xxud03vi.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\komp\AppData\Roaming\Mozilla\Firefox\Profiles\xxud03vi.default\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF Extension: Fast Start - C:\Users\komp\AppData\Roaming\Mozilla\Firefox\Profiles\xxud03vi.default\Extensions\faststartff@gmail.com [2014-12-22]
FF Extension: Hold Page 1.0.1 - C:\Users\komp\AppData\Roaming\Mozilla\Firefox\Profiles\xxud03vi.default\Extensions\{27899312-155f-40f3-8661-fb6675d82b4b}.xpi [2014-12-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-17]
FF HKLM\...\Firefox\Extensions: [{190bc294-c8e5-471c-9466-3eb945b09542}] - C:\Program Files\Mozilla Firefox\extensions\{190bc294-c8e5-471c-9466-3eb945b09542}
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\komp\AppData\Roaming\Mozilla\Firefox\Profiles\xxud03vi.default\extensions\faststartff@gmail.com

Chrome: 
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419234317&from=cor&uid=SAMSUNGXHD502IJ_S13TJDWQ517215"
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\komp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-22]
CHR Extension: (Avast Online Security) - C:\Users\komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-23]
CHR Extension: (Hold Page) - C:\Users\komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhippelchacimnkamngddemhkifekini [2014-12-23]
CHR Extension: (Google Wallet) - C:\Users\komp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-17] (AVAST Software)
R2 ccsvc_1.10.0.2; C:\Program Files\ClickCaption_1.10.0.2\Service\ccsvc.exe [277584 2014-10-30] (ClickCaption)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-22] (Fuyu LIMITED) [File not signed]
S2 Update Hold Page; "C:\Program Files\Hold Page\updateHoldPage.exe" [X]
S2 Util Hold Page; "C:\Program Files\Hold Page\bin\utilHoldPage.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-17] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-17] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-17] ()
R1 ccnfd_1_10_0_2; C:\Windows\System32\drivers\ccnfd_1_10_0_2.sys [52728 2014-10-30] (ClickCaption)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 {27899312-155f-40f3-8661-fb6675d82b4b}Gw; C:\Windows\System32\drivers\{27899312-155f-40f3-8661-fb6675d82b4b}Gw.sys [43152 2014-12-21] (StdLib)
R1 {40d1e549-9fca-4f25-a19d-d845842dd635}Gw; C:\Windows\System32\drivers\{40d1e549-9fca-4f25-a19d-d845842dd635}Gw.sys [43152 2014-12-30] (StdLib)
R1 {84edc66f-0e16-4519-bd1a-cead01f243ac}Gw; C:\Windows\System32\drivers\{84edc66f-0e16-4519-bd1a-cead01f243ac}Gw.sys [43152 2015-01-02] (StdLib)
R1 {91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw; C:\Windows\System32\drivers\{91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw.sys [43152 2015-01-05] (StdLib)
R1 {c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw; C:\Windows\System32\drivers\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw.sys [43152 2014-12-27] (StdLib)
R1 {ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}Gw; C:\Windows\System32\drivers\{ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}Gw.sys [43152 2014-12-24] (StdLib)
R3 XFDriver; \??\C:\Program Files\Xfire2\XFDriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 18:35 - 2015-02-19 18:36 - 00018817 _____ () C:\Users\komp\Downloads\Addition.txt
2015-02-19 18:33 - 2015-02-19 18:49 - 00013603 _____ () C:\Users\komp\Downloads\FRST.txt
2015-02-19 18:33 - 2015-02-19 18:49 - 00000000 ____ D () C:\FRST
2015-02-19 18:32 - 2015-02-19 18:32 - 01126400 _____ (Farbar) C:\Users\komp\Downloads\FRST.exe
2015-02-19 18:31 - 2015-02-19 18:31 - 02086912 _____ (Farbar) C:\Users\komp\Downloads\FRST64.exe
2015-02-19 18:23 - 2015-02-19 18:23 - 00000025 _____ () C:\Users\komp\Desktop\klucz norton.txt
2015-02-19 18:22 - 2015-02-19 18:38 - 227028809 _____ () C:\Users\komp\Downloads\NIS-ESD-21.6.0.32-PL.exe.part
2015-02-19 18:22 - 2015-02-19 18:22 - 00000000 _____ () C:\Users\komp\Downloads\NIS-ESD-21.6.0.32-PL.exe
2015-02-18 19:50 - 2015-02-18 19:53 - 00000000 ____ D () C:\Users\komp\AppData\Roaming\Xfire
2015-02-18 19:49 - 2015-02-18 19:53 - 00000000 ____ D () C:\ProgramData\Xfire
2015-02-18 19:45 - 2015-02-18 19:48 - 16336696 _____ (Xfire, Inc. ) C:\Users\komp\Downloads\xfire_installer.exe
2015-02-16 21:14 - 2015-02-16 21:14 - 00002186 _____ () C:\Users\komp\Desktop\Salai Thawng Za Lian.lnk
2015-02-16 21:14 - 2015-02-16 21:14 - 00001110 _____ () C:\Users\komp\Desktop\Vegas Pro 10.0.lnk
2015-02-16 21:14 - 2015-02-16 21:14 - 00000000 ____ D () C:\Users\komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vegas Pro 10.0
2015-02-16 21:14 - 2015-02-16 21:14 - 00000000 ____ D () C:\Program Files\Sony
2015-02-16 20:08 - 2015-02-16 21:13 - 118956222 _____ () C:\Users\komp\Downloads\trollu106pl Sony Vegas Pro 10.0.zip
2015-02-16 18:33 - 2015-02-16 20:05 - 243058468 _____ (Sony Creative Software Inc.) C:\Users\komp\Downloads\vegaspro12.0.770.exe
2015-02-14 22:25 - 2015-02-17 19:23 - 00000000 ____ D () C:\Fraps
2015-02-14 22:25 - 2015-02-14 22:25 - 02326976 _____ (Beepa Pty Ltd) C:\Users\komp\Downloads\Fraps_www.INSTALKI.pl.exe
2015-02-14 22:25 - 2015-02-14 22:25 - 00000562 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-02-14 22:25 - 2015-02-14 22:25 - 00000000 ____ D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-02-14 18:58 - 2015-02-14 18:58 - 00722376 _____ ( ) C:\Users\komp\Downloads\IDM2-Win-EN(1).exe
2015-02-12 20:23 - 2015-02-12 20:23 - 00001166 _____ () C:\Users\komp\Desktop\TeamSpeak 3 Client.lnk
2015-02-12 20:23 - 2015-02-12 20:23 - 00000000 ____ D () C:\Users\komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-02-12 20:23 - 2015-02-12 20:23 - 00000000 ____ D () C:\Users\komp\AppData\Local\TeamSpeak 3 Client
2015-02-12 20:19 - 2015-02-12 20:22 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\komp\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2015-02-12 20:18 - 2015-02-12 20:18 - 00722376 _____ ( ) C:\Users\komp\Downloads\IDM2-Win-EN.exe
2015-02-07 08:50 - 2015-02-07 09:37 - 143613129 _____ () C:\Users\komp\Downloads\wypakowac.rar
2015-02-07 08:13 - 2014-12-22 23:01 - 00004760 _____ () C:\Users\komp\Downloads\SampleModMap.lua
2015-02-07 08:12 - 2015-02-07 08:12 - 00000647 _____ () C:\Users\komp\Desktop\7-Zip File Manager.lnk
2015-02-07 08:11 - 2015-02-07 08:11 - 00293354 _____ () C:\Users\komp\Downloads\LysaPolana_Reactivation_SampleModMap(2).rar
2015-02-07 07:54 - 2015-02-07 07:54 - 00000000 ____ D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-07 07:54 - 2015-02-07 07:54 - 00000000 ____ D () C:\Program Files\7-Zip
2015-02-07 07:53 - 2015-02-07 07:53 - 01110476 _____ () C:\Users\komp\Downloads\7z920(dobreprogramy.pl).exe
2015-02-07 07:53 - 2015-02-07 07:53 - 00728784 _____ (Web ) C:\Users\komp\Downloads\7Zip(12559)-dp.exe
2015-02-07 07:51 - 2015-02-07 07:51 - 00293354 _____ () C:\Users\komp\Downloads\LysaPolana_Reactivation_SampleModMap(1).rar
2015-02-06 20:13 - 2015-02-06 20:13 - 00293354 _____ () C:\Users\komp\Downloads\LysaPolana_Reactivation_SampleModMap.rar
2015-02-06 18:50 - 2015-02-06 18:50 - 00000000 ____ D () C:\Users\komp\Documents\AVS4YOU
2015-02-06 18:26 - 2015-02-06 18:26 - 00000000 ____ D () C:\Users\komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-02-06 18:26 - 2015-02-06 18:26 - 00000000 ____ D () C:\Users\komp\AppData\Roaming\AVS4YOU
2015-02-06 18:26 - 2015-02-06 18:26 - 00000000 ____ D () C:\ProgramData\AVS4YOU
2015-02-06 18:25 - 2015-02-06 18:26 - 00000000 ____ D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-02-06 18:25 - 2015-02-06 18:25 - 00001159 _____ () C:\Users\komp\Desktop\AVS Video Editor.lnk
2015-02-06 18:24 - 2015-02-06 18:26 - 00000000 ____ D () C:\Program Files\Common Files\AVSMedia
2015-02-06 18:23 - 2015-02-06 18:26 - 00000000 ____ D () C:\Program Files\AVS4YOU
2015-02-06 18:23 - 2011-06-23 12:26 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-02-06 18:23 - 2011-06-23 12:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll
2015-02-06 17:47 - 2015-02-06 18:17 - 154787896 _____ (Online Media Technologies Ltd. ) C:\Users\komp\Downloads\AVSVideoEditor.exe
2015-02-05 17:31 - 2015-02-05 17:57 - 138796375 _____ () C:\Users\komp\Downloads\sredniawies.zip
2015-02-05 09:54 - 2015-02-05 09:55 - 00000000 ____ D () C:\Users\komp\Desktop\Extras
2015-01-29 21:43 - 2015-01-29 21:43 - 476509232 _____ (Sony Creative Software Inc.) C:\Users\komp\Downloads\moviestudiope13.0.931_32bit.exe
2015-01-29 20:55 - 2015-01-29 20:55 - 00730528 _____ ( ) C:\Users\komp\Downloads\Sony-Vegas-Movie-Studio-Platinum(12465)-dp.exe
2015-01-28 20:26 - 2015-01-28 21:01 - 354230360 _____ (Sony Creative Software Inc.) C:\Users\komp\Downloads\vegaspro13-0-310_64bit.exe
2015-01-27 08:43 - 2015-01-27 08:43 - 00000000 ____ D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 18:46 - 2014-11-17 19:07 - 00000000 ____ D () C:\Users\komp\AppData\Roaming\Skype
2015-02-19 18:38 - 2014-12-22 08:21 - 00000000 ____ D () C:\Program Files\Hold Page
2015-02-19 17:55 - 2014-11-22 18:40 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-19 17:46 - 2014-11-17 10:57 - 00615758 _____ () C:\Windows\WindowsUpdate.log
2015-02-19 13:52 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2015-02-19 04:55 - 2014-11-22 18:40 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-18 18:18 - 2014-11-18 16:14 - 00000000 ____ D () C:\Users\komp\Desktop\Zdjęcia
2015-02-17 06:28 - 2009-07-14 05:39 - 00033081 _____ () C:\Windows\setupact.log
2015-02-15 19:03 - 2009-07-14 05:34 - 00014336 ____ H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 19:03 - 2009-07-14 05:34 - 00014336 ____ H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 19:02 - 2014-11-17 11:08 - 01523412 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 19:02 - 2009-07-14 09:07 - 00687590 _____ () C:\Windows\system32\perfh015.dat
2015-02-15 19:02 - 2009-07-14 09:07 - 00131176 _____ () C:\Windows\system32\perfc015.dat
2015-02-15 18:56 - 2014-11-17 12:00 - 00000000 ____ D () C:\ProgramData\NVIDIA
2015-02-15 18:56 - 2009-07-14 05:53 - 00000006 ____ H () C:\Windows\Tasks\SA.DAT
2015-02-15 09:22 - 2015-01-18 08:14 - 00000000 ____ D () C:\Users\komp\Desktop\mody
2015-02-10 10:41 - 2009-07-14 05:33 - 00414824 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-06 18:26 - 2014-11-17 11:47 - 00109232 _____ () C:\Users\komp\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 18:23 - 2009-07-14 03:37 - 00000000 ____ D () C:\Program Files\Common Files\microsoft shared
2015-02-06 16:18 - 2014-11-22 18:43 - 00002329 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-05 22:45 - 2014-12-27 12:55 - 559185777 _____ () C:\Windows\MEMORY.DMP
2015-02-05 22:45 - 2014-12-27 12:55 - 00000000 ____ D () C:\Windows\Minidump
2015-01-29 22:59 - 2014-12-22 09:47 - 860203000 _____ (Acresso Software Inc.) C:\Users\komp\Downloads\VSX7_Pro_TBYB.exe
2015-01-28 14:59 - 2014-11-17 11:55 - 00000000 ____ D () C:\Program Files\Mozilla Maintenance Service
2015-01-20 05:17 - 2014-11-17 12:13 - 00101034 _____ () C:\Windows\PFRO.log

Some content of TEMP:
====================
C:\Users\komp\AppData\Local\Temp\ICReinstall_Skype(13018)-dp.exe
C:\Users\komp\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 06:03

==================== End Of Log ============================

FRST.ex

#2

Wklej do systemowego notatnika i zapisz jako fixlist: