Skocz do zawartości

  • 👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz
  • 0

Dziwny śmieć z nikąd

DostawcaPizzy

Pytanie zadane przez DostawcaPizzy ,

Pytanie

DostawcaPizzy Budowniczy

DostawcaPizzy

Opublikowano
Budowniczy

DostawcaPizzy

Opublikowano

Witam, mam pewien problem, który jest uciążliwy, mianowicie po graniu w civiwilization V na komputerze pojawiły się śmieci typu myspace itp. Użyłem programu adwcleaner. Problem jest taki że nie wiem skąd to się pojawiło i spowodowało znaczne spowolnienie systemu.

b6b78815.png

12 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

DostawcaPizzy Budowniczy

DostawcaPizzy

Opublikowano
Budowniczy

DostawcaPizzy

  • Autor
Opublikowano

Logi z frst

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by Adam (administrator) on ADAM-KOMPUTER on 02-03-2015 22:05:15
Running from C:\Users\Adam\Downloads
Loaded Profiles: Adam (Available profiles: Adam)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\SIV\thermald.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\RunOnce: [sIV] => C:\Program Files (x86)\Gigabyte\SIV\sivro.exe [12096 2014-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3631448 2015-02-24] (Electronic Arts)
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-650939117-3586436885-2187705258-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Battlefield Play4Free - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected] [2014-12-31]
FF Extension: MEGA - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected] [2015-01-16]
FF Extension: Adblock Plus - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-17]

Chrome:
=======
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-01]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-01]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-01]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-01]
CHR Extension: (Adblock Plus) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-01]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-01]
CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-01]
CHR Extension: (Google Wallet) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-01]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16384 2014-04-16] () [File not signed]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-09-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-01] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-05] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-28] (Disc Soft Ltd)
S3 etocdrv; C:\Windows\etocdrv.sys [15584 2013-10-30] (Giga-Byte Technology CO., LTD.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R4 epp64; system32\DRIVERS\epp64.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-02 21:26 - 2015-03-02 21:26 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-03-02 21:06 - 2015-03-02 22:02 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-03-02 21:03 - 2015-03-02 21:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-02 20:57 - 2015-03-02 20:57 - 00003270 _____ () C:\Windows\System32\Tasks\{DE617C85-4365-4CA8-82B9-4752535C375F}
2015-03-02 17:12 - 2015-03-02 17:12 - 00000963 _____ () C:\Users\Adam\Desktop\Graph.lnk
2015-03-02 17:12 - 2015-03-02 17:12 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graph
2015-03-02 17:12 - 2015-03-02 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graph
2015-03-02 17:12 - 2015-03-02 17:12 - 00000000 ____D () C:\Program Files (x86)\Graph
2015-03-01 22:31 - 2015-03-01 22:31 - 00000000 __SHD () C:\Users\Adam\AppData\Local\EmieBrowserModeList
2015-03-01 07:07 - 2015-03-01 07:10 - 00028147 _____ () C:\Users\Adam\Downloads\Addition.txt
2015-03-01 07:06 - 2015-03-02 22:05 - 00011069 _____ () C:\Users\Adam\Downloads\FRST.txt
2015-03-01 07:06 - 2015-03-01 07:06 - 02092544 _____ (Farbar) C:\Users\Adam\Downloads\FRST64.exe
2015-02-28 23:16 - 2015-02-28 23:16 - 02126848 _____ () C:\Users\Adam\Downloads\adwcleaner_4.111.exe
2015-02-28 22:36 - 2015-03-01 20:07 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-02-23 16:50 - 2015-02-23 16:50 - 00000000 ____D () C:\Users\Adam\AppData\Local\My Games
2015-02-23 16:44 - 2015-02-23 16:44 - 00000949 _____ () C:\Users\Adam\Desktop\Sid Meier's Civilization 5.lnk
2015-02-23 16:44 - 2015-02-23 16:44 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Sid Meier's Civilization 5
2015-02-19 15:31 - 2015-02-19 15:31 - 00000000 ____D () C:\Users\Adam\AppData\Local\Steam
2015-02-12 19:57 - 2015-02-12 19:57 - 00000000 ____D () C:\Users\Adam\Documents\FLiNGTrainer
2015-02-12 13:26 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 13:26 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 13:26 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 13:26 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 21:19 - 2015-02-14 17:11 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-11 19:11 - 2015-02-11 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2015-02-11 14:41 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:41 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:41 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:41 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:41 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:41 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:41 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:41 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:41 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:41 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:41 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:41 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:41 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:41 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:41 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:41 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:41 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:41 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:41 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:41 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:41 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:41 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:41 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:41 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:41 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:41 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:41 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:41 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:41 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:41 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:41 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:41 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:41 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:41 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:41 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:41 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:41 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:41 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:41 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:41 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:41 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:41 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:41 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:41 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:41 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:41 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:41 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:41 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:41 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:41 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:41 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:41 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:41 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:41 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:40 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:40 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:40 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:40 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:40 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:40 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:40 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:40 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:40 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:40 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:40 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:40 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:40 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:40 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:40 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:40 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:40 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:40 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:40 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:40 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:40 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:40 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-09 15:29 - 2015-02-09 15:29 - 03318644 _____ () C:\Users\Adam\Downloads\Piotr Obara.rar
2015-02-09 15:29 - 2014-08-30 16:37 - 00000000 ____D () C:\Users\Adam\Downloads\Piotr Obara
2015-02-05 17:52 - 2015-02-05 17:54 - 00000000 ____D () C:\Users\Adam\Documents\BFH Beta 2
2015-02-04 19:32 - 2015-02-04 19:32 - 00000000 ____D () C:\Users\Adam\Documents\DyingLight
2015-02-04 19:32 - 2015-02-04 19:32 - 00000000 ____D () C:\ProgramData\Steam
2015-02-04 19:29 - 2015-02-04 19:29 - 00001010 _____ () C:\Users\Adam\Desktop\Dying Light.lnk
2015-02-04 19:29 - 2015-02-04 19:29 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Dying Light
2015-02-01 16:42 - 2015-02-01 17:16 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\www.gtavicecity.ru
2015-02-01 16:17 - 2015-02-01 16:17 - 00000826 _____ () C:\Users\Adam\Desktop\GTA SA.lnk
2015-02-01 07:55 - 2015-02-01 07:55 - 00000812 _____ () C:\Users\Adam\Desktop\µTorrent.lnk
2015-02-01 07:55 - 2015-02-01 07:55 - 00000792 _____ () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-31 16:53 - 2015-02-15 10:55 - 00000000 ____D () C:\Users\Adam\Documents\GTA San Andreas User Files

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-02 22:05 - 2014-11-08 07:09 - 00000000 ____D () C:\FRST
2015-03-02 22:03 - 2014-12-17 15:43 - 00000000 ____D () C:\AdwCleaner
2015-03-02 22:02 - 2014-11-01 13:47 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log
2015-03-02 22:01 - 2014-11-10 20:17 - 00000000 ____D () C:\ProgramData\Origin
2015-03-02 22:01 - 2014-10-31 22:21 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-03-02 22:00 - 2014-11-07 22:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-02 22:00 - 2014-11-01 13:04 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-02 22:00 - 2014-11-01 11:49 - 00022480 _____ () C:\Windows\setupact.log
2015-03-02 22:00 - 2010-11-21 04:47 - 00025016 _____ () C:\Windows\PFRO.log
2015-03-02 22:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-02 21:59 - 2014-01-01 04:52 - 01793637 _____ () C:\Windows\WindowsUpdate.log
2015-03-02 21:21 - 2014-11-01 13:04 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-02 21:13 - 2014-11-01 20:54 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-02 20:53 - 2014-10-31 21:46 - 00000000 ____D () C:\Users\Adam
2015-03-02 13:26 - 2009-07-14 05:45 - 00026208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-02 13:26 - 2009-07-14 05:45 - 00026208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-01 20:03 - 2014-11-07 19:26 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-01 20:03 - 2014-11-02 07:21 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\uTorrent
2015-03-01 20:03 - 2014-11-01 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-01 19:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-28 23:23 - 2014-11-10 20:22 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-28 23:23 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-24 06:35 - 2014-11-10 20:17 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-23 18:11 - 2011-04-12 14:21 - 00739694 _____ () C:\Windows\system32\perfh015.dat
2015-02-23 18:11 - 2011-04-12 14:21 - 00155268 _____ () C:\Windows\system32\perfc015.dat
2015-02-23 18:11 - 2009-07-14 06:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-23 16:44 - 2015-01-16 13:22 - 00000000 ____D () C:\Users\Adam\Documents\My Games
2015-02-23 16:44 - 2015-01-16 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-02-21 16:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-15 18:08 - 2015-01-06 20:04 - 00000000 ____D () C:\Fraps
2015-02-14 22:29 - 2014-11-02 09:24 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\TS3Client
2015-02-12 13:19 - 2009-07-14 05:45 - 00308840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 13:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-11 21:59 - 2014-11-04 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 21:58 - 2014-11-01 12:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 21:56 - 2014-11-01 12:50 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 20:43 - 2014-11-01 21:54 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:43 - 2014-11-01 21:54 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-11 18:34 - 2014-11-07 22:16 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-02-05 17:53 - 2014-11-01 22:01 - 00000000 ____D () C:\Users\Adam\AppData\Local\PunkBuster
2015-02-05 16:18 - 2014-11-01 21:54 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-05 16:17 - 2014-11-11 04:42 - 00080595 _____ () C:\Windows\DirectX.log
2015-02-05 16:17 - 2014-11-01 13:25 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-04 21:13 - 2014-11-01 20:54 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 21:13 - 2014-11-01 20:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 21:13 - 2014-11-01 20:54 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 20:16 - 2014-11-01 13:04 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 20:16 - 2014-11-01 13:04 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 19:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-03 21:29 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-01 20:49 - 2014-11-19 19:10 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-02-01 17:04 - 2014-10-31 21:46 - 00000000 ____D () C:\Users\Adam\AppData\Local\VirtualStore
2015-02-01 15:34 - 2015-01-28 21:46 - 00000000 ____D () C:\Users\Adam\Downloads\Scarface+Spolszczenie_Kadele
2015-01-31 16:53 - 2015-01-28 22:18 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-21 13:43

==================== End Of Log ============================

 

b6b78815.png

DostawcaPizzy Budowniczy

DostawcaPizzy

Opublikowano
Budowniczy

DostawcaPizzy

  • Autor
Opublikowano

Chodzi o to?

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-02-2015
Ran by Adam at 2015-03-01 22:29:45 Run:1
Running from C:\Users\Adam\Downloads
Loaded Profiles: Adam (Available profiles: Adam)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
Task: {0D65E69F-D242-466A-A0CC-61942357B64C} - System32\Tasks\WINshell Event Notification => C:\Users\Adam\AppData\Local\Temp\SBCint2.exe [2014-10-03] (Sun Micro Systems Inc.) <==== ATTENTION
Task: {110E4A8F-01D0-439B-858A-458B44B1413A} - System32\Tasks\RPMKXY => C:\Users\Adam\AppData\Roaming\RPMKXY.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {5685EC2C-DA17-40F9-AB37-1F194D2D4C4C} - System32\Tasks\{08B6A94B-1504-4C43-A761-A309760F74F9} => pcalua.exe -a C:\Users\Adam\Downloads\jxpiinstall.exe -d C:\Users\Adam\Downloads
Task: {69501B94-E6D1-4862-86EA-EF6955A6741A} - System32\Tasks\XJ => C:\Users\Adam\AppData\Roaming\XJ.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {7A6B7DE2-11A0-4ED3-9E44-C5AB7BE4467B} - System32\Tasks\WINshell Event Logging => C:\Users\Adam\AppData\Local\Temp\Dscp1.exe [2014-10-26] () <==== ATTENTION
Task: {D4017962-C536-4AF2-9905-E82A4CE50B39} - System32\Tasks\{D389374A-2DF3-4546-8746-05BD760C3878} => pcalua.exe -a E:\setup.exe -d E:\
Task: C:\Windows\Tasks\RPMKXY.job => C:\Users\Adam\AppData\Roaming\RPMKXY.exe <==== ATTENTION
Task: C:\Windows\Tasks\XJ.job => C:\Users\Adam\AppData\Roaming\XJ.exe <==== ATTENTION
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe [1838376 2015-02-28] ()
HKLM-x32\...\Run: [NetworkSaver] => C:\Windows\TEMP\spdc32.exe [1490944 2015-02-28] (EFD Software) <===== ATTENTION
HKLM-x32\...\Run: [mbot_pl_181] => [X]
HKLM-x32\...\Run: [sPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.exe [3224576 2015-02-28] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-02-28] (YTDownloader)
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [Tiny download manager] => "C:\Users\Adam\AppData\Local\DM\TinyDM.exe" /M
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\MountPoints2: {0815e801-668e-11e4-b3aa-fcaa1420d205} - F:\autorun.exe
HKU\S-1-5-18\...\Run: [sPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.exe [3224576 2015-02-28] ()
HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-02-28] (YTDownloader)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fury-pol-5984277.lnk
ShortcutTarget: fury-pol-5984277.lnk -> C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}\fury-pol-5984277.exe ()
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...C3FHR2H1LV2H1LV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...C3FHR2H1LV2H1LV
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartse...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...C3FHR2H1LV2H1LV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...C3FHR2H1LV2H1LV
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartse...q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...C3FHR2H1LV2H1LV
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...C3FHR2H1LV2H1LV
SearchScopes: HKU\.DEFAULT -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: PriCeeLeSs -> {8f011aa0-a26a-4e3f-9dcd-672835673335} -> C:\Program Files (x86)\PriCeeLeSs\IUigAqVb3nidqW.x64.dll ()
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: PriCeeLeSs -> {8f011aa0-a26a-4e3f-9dcd-672835673335} -> C:\Program Files (x86)\PriCeeLeSs\IUigAqVb3nidqW.dll ()
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartse...C3FHR2H1LV2H1LV
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF user.js: detected! => C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\user.js
FF Extension: iWebar - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\<script cf-hash='f9e31' type="text/javascript"> /* */</script> [2015-03-01]
FF Extension: Object Browser - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\36311db9.com [2015-03-01]
FF Extension: PriCeeLeSs - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[2015-03-01]
FF Extension: Zoom It - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\{27d1dbcf-53a2-b589-3ea5-f41b1db41461} [2015-03-01]
FF Extension: MEGA - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[2015-01-16]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{0293E99F-EEC4-37CA-8FD2-1E89B11A26CF}] - C:\Program Files (x86)\ver5SpeeditUp\189.xpi
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartse...C3FHR2H1LV2H1LV
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1419231069&from=wpc&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1419231069&from=wpc&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV"
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR DefaultSuggestURL: Default ->
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartse...C3FHR2H1LV2H1LV
S2 078b2995; c:\Program Files (x86)\StatMaker\StatMaker.dll [1947648 2015-02-26] () [File not signed]
R2 be0fb33b; c:\Program Files (x86)\Supporter\Supporter.dll [4214272 2015-03-01] () [File not signed]
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-02-28] ()
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-01] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-01] (globalUpdate) [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2015-02-28] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [487056 2015-03-01] (SysTool PasSame LIMITED)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58520 2015-02-28] (YTDownloader)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2015-02-28] ()
R2 SPDRIVER_1521.0.0.0; C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.sys [52584 2015-02-28] ()
R2 webTinstMK; C:\Windows\system32\Drivers\webTinstMK.sys [50800 2015-02-28] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
2015-03-01 19:38 - 2015-03-01 19:38 - 00000000 ____D () C:\Program Files (x86)\Supporter
2015-03-01 19:37 - 2015-03-01 19:40 - 00000000 ____D () C:\Users\Adam\AppData\Local\BrowserHelper
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\5058266746139987241
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\YTDownloader
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\PriCeeLeSs
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-03-01 19:35 - 2015-03-01 19:40 - 00000916 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-01 19:35 - 2015-03-01 19:40 - 00000912 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-01 19:35 - 2015-03-01 19:35 - 02020824 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\AXWMMZ.exe
2015-03-01 19:35 - 2015-03-01 19:35 - 01526232 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\LL.exe
2015-03-01 19:35 - 2015-03-01 19:35 - 00009206 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00008878 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00008864 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00008536 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00007512 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-4
2015-03-01 19:35 - 2015-03-01 19:35 - 00007496 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-4
2015-03-01 19:35 - 2015-03-01 19:35 - 00006820 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00006492 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00006474 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00006178 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00006154 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00005850 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005834 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005792 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5
2015-03-01 19:35 - 2015-03-01 19:35 - 00005506 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005464 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5
2015-03-01 19:35 - 2015-03-01 19:35 - 00004482 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-4.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00004466 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-4.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003914 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-03-01 19:35 - 2015-03-01 19:35 - 00003790 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003660 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-03-01 19:35 - 2015-03-01 19:35 - 00003462 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003446 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003126 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002762 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5_user.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002762 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002434 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5_user.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002434 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00001338 _____ () C:\Windows\Tasks\AXWMMZ.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00001330 _____ () C:\Windows\Tasks\LL.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\Object Browser
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\iWebar
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\a79b2544-c798-45d6-99c4-b210ff61a9f9
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\39ae7594-5166-4942-a5e5-35d101bbb8cd
2015-02-28 23:21 - 2015-03-01 19:27 - 00001326 _____ () C:\Windows\Tasks\XJ.job
2015-02-28 23:21 - 2015-03-01 14:55 - 00001334 _____ () C:\Windows\Tasks\RPMKXY.job
2015-02-28 23:21 - 2015-02-28 23:21 - 01977304 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\RPMKXY.exe
2015-02-28 23:21 - 2015-02-28 23:21 - 01490904 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\XJ.exe
2015-02-28 23:21 - 2015-02-28 23:21 - 00004368 _____ () C:\Windows\System32\Tasks\RPMKXY
2015-02-28 23:21 - 2015-02-28 23:21 - 00004360 _____ () C:\Windows\System32\Tasks\XJ
2015-02-28 22:36 - 2015-02-28 22:36 - 00050800 _____ () C:\Windows\system32\Drivers\webTinstMK.sys
2015-02-28 22:36 - 2015-02-28 22:36 - 00000000 __SHD () C:\Users\Adam\AppData\Local\EmieBrowserModeList
2015-02-28 22:36 - 2015-02-28 22:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMK_01009.Wdf
2015-02-28 17:12 - 2015-02-28 17:12 - 01838376 _____ () C:\Windows\system32\cpuminer-gw64.exe
2015-02-28 17:11 - 2015-02-28 17:11 - 00000470 _____ () C:\Windows\system32\cpuminer-conf.json
2015-02-26 19:40 - 2015-02-26 19:40 - 00000000 ____D () C:\ProgramData\NoMore Ads
2015-02-26 19:20 - 2015-02-26 19:20 - 00000000 ____D () C:\Program Files (x86)\StatMaker
2015-02-23 20:31 - 2015-02-24 06:33 - 00000000 ____D () C:\Users\Adam\AppData\Local\DM
2015-02-23 16:33 - 2015-02-23 16:33 - 00003372 _____ () C:\Windows\System32\Tasks\WINshell Event Notification
2015-02-23 16:33 - 2015-02-23 16:33 - 00003368 _____ () C:\Windows\System32\Tasks\WINshell Event Logging
2015-02-22 18:46 - 2015-02-22 18:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2015-02-19 20:22 - 2015-02-26 19:19 - 00000000 ____D () C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}
2015-02-12 21:12 - 2015-02-12 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnH Solutions
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Adam\AppData\Roaming\AXWMMZ
2015-03-01 19:35 - 2015-03-01 19:35 - 2020824 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\AXWMMZ.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Adam\AppData\Roaming\LL
2015-03-01 19:35 - 2015-03-01 19:35 - 1526232 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\LL.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Adam\AppData\Roaming\RPMKXY
2015-02-28 23:21 - 2015-02-28 23:21 - 1977304 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\RPMKXY.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Adam\AppData\Roaming\XJ
2015-02-28 23:21 - 2015-02-28 23:21 - 1490904 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\XJ.exe
2014-10-31 22:00 - 2014-10-31 22:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-30 12:23 - 2014-11-30 12:23 - 0000331 _____ () C:\ProgramData\hpzinstall.log

CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Users\Adam\AppData\Roaming"
CMD: dir /a "C:\Users\Adam\AppData\Local"
CMD: dir /a "C:\Users\Adam\AppData"
EmptyTemp:
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D65E69F-D242-466A-A0CC-61942357B64C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D65E69F-D242-466A-A0CC-61942357B64C}" => Key deleted successfully.
C:\Windows\System32\Tasks\WINshell Event Notification => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Notification" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{110E4A8F-01D0-439B-858A-458B44B1413A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{110E4A8F-01D0-439B-858A-458B44B1413A}" => Key deleted successfully.
C:\Windows\System32\Tasks\RPMKXY => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RPMKXY" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5685EC2C-DA17-40F9-AB37-1F194D2D4C4C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5685EC2C-DA17-40F9-AB37-1F194D2D4C4C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{08B6A94B-1504-4C43-A761-A309760F74F9} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{08B6A94B-1504-4C43-A761-A309760F74F9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69501B94-E6D1-4862-86EA-EF6955A6741A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69501B94-E6D1-4862-86EA-EF6955A6741A}" => Key deleted successfully.
C:\Windows\System32\Tasks\XJ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\XJ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A6B7DE2-11A0-4ED3-9E44-C5AB7BE4467B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A6B7DE2-11A0-4ED3-9E44-C5AB7BE4467B}" => Key deleted successfully.
C:\Windows\System32\Tasks\WINshell Event Logging => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Logging" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4017962-C536-4AF2-9905-E82A4CE50B39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4017962-C536-4AF2-9905-E82A4CE50B39}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D389374A-2DF3-4546-8746-05BD760C3878} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D389374A-2DF3-4546-8746-05BD760C3878}" => Key deleted successfully.
C:\Windows\Tasks\RPMKXY.job => Moved successfully.
C:\Windows\Tasks\XJ.job => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cpuminer => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NetworkSaver => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_pl_181 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SPDriver => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => Value not found.
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Tiny download manager => value deleted successfully.
"HKU\S-1-5-21-650939117-3586436885-2187705258-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0815e801-668e-11e4-b3aa-fcaa1420d205}" => Key deleted successfully.
HKCR\CLSID\{0815e801-668e-11e4-b3aa-fcaa1420d205} => Key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\SPDriver => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => value deleted successfully.
C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fury-pol-5984277.lnk => Moved successfully.
C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}\fury-pol-5984277.exe => Moved successfully.
C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk => Moved successfully.
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => Key deleted successfully.
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => Key deleted successfully.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8f011aa0-a26a-4e3f-9dcd-672835673335} => Key not found.
HKCR\CLSID\{8f011aa0-a26a-4e3f-9dcd-672835673335} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} => Key not found.
HKCR\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key not found.
HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8f011aa0-a26a-4e3f-9dcd-672835673335} => Key not found.
HKCR\Wow6432Node\CLSID\{8f011aa0-a26a-4e3f-9dcd-672835673335} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} => Key not found.
HKCR\Wow6432Node\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} => Key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 => Key not found.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 => Key not found.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found.
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\user.js not found.
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\<script cf-hash='f9e31' type="text/javascript"> /* */</script> not found.
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\36311db9.com not found.
FF Extension: PriCeeLeSs - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[2015-03-01] not found.
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\{27d1dbcf-53a2-b589-3ea5-f41b1db41461} => Moved successfully.
FF Extension: MEGA - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[2015-01-16] not found.
HKU\.DEFAULT\Software\Mozilla\Firefox\Extensions\\{0293E99F-EEC4-37CA-8FD2-1E89B11A26CF} => value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully.
078b2995 => Service deleted successfully.
be0fb33b => Service not found.
BrsHelper => Service not found.
globalUpdate => Service not found.
globalUpdatem => Service not found.
IHProtect Service => Service not found.
SPBIUpd => Service not found.
WindowsMangerProtect => Service not found.
sbmntr => Service not found.
SPBIUpdd => Service not found.
SPDRIVER_1521.0.0.0 => Service deleted successfully.
webTinstMK => Service stopped successfully.
webTinstMK => Service deleted successfully.
esgiguard => Service deleted successfully.
"C:\Program Files (x86)\Supporter" => File/Directory not found.
"C:\Users\Adam\AppData\Local\BrowserHelper" => File/Directory not found.
"C:\ProgramData\WindowsMangerProtect" => File/Directory not found.
"C:\ProgramData\IHProtectUpDate" => File/Directory not found.
"C:\ProgramData\5058266746139987241" => File/Directory not found.
"C:\Program Files (x86)\YTDownloader" => File/Directory not found.
"C:\Program Files (x86)\XTab" => File/Directory not found.
"C:\Program Files (x86)\PriCeeLeSs" => File/Directory not found.
C:\Users\Public\Documents\ShopperPro => Moved successfully.
"C:\ProgramData\ShopperPro" => File/Directory not found.
C:\Program Files\Common Files\ShopperPro => Moved successfully.
"C:\Program Files (x86)\ShopperPro" => File/Directory not found.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" => File/Directory not found.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" => File/Directory not found.
C:\Users\Adam\AppData\Roaming\AXWMMZ.exe => Moved successfully.
C:\Users\Adam\AppData\Roaming\LL.exe => Moved successfully.
"C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-6" => File/Directory not found.
"C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-6" => File/Directory not found.
"C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-7" => File/Directory not found.
"C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-7" => File/Directory not found.
"C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-4" => File/Directory not found.
"C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-4" => File/Directory not found.
"C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-7" => File/Directory not found.
"C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-7" => File/Directory not found.
"C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-6" => File/Directory not found.
"C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-6.job" => File/Directory not found.
"C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-6" => File/Directory not found.
"C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-6.job" => File/Directory not found.
"C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-7.job" => File/Directory not found.
"C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5" => File/Directory not found.
"C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-7.job" => File/Directory not found.
"C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5" => File/Directory not found.
"C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-4.job" => File/Directory not found.
"C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-4.job" => File/Directory not found.
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA" => File/Directory not found.
"C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-7.job" => File/Directory not found.
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore" => File/Directory not found.
"C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-7.job" => File/Directory not found.
"C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-6.job" => File/Directory not found.
"C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-6.job" => File/Directory not found.
"C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5_user.job" => File/Directory not found.
"C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5.job" => File/Directory not found.
"C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5_user.job" => File/Directory not found.
"C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5.job" => File/Directory not found.
C:\Windows\Tasks\AXWMMZ.job => Moved successfully.
C:\Windows\Tasks\LL.job => Moved successfully.
"C:\Program Files (x86)\Object Browser" => File/Directory not found.
"C:\Program Files (x86)\iWebar" => File/Directory not found.
"C:\Program Files (x86)\globalUpdate" => File/Directory not found.
C:\Program Files (x86)\a79b2544-c798-45d6-99c4-b210ff61a9f9 => Moved successfully.
C:\Program Files (x86)\39ae7594-5166-4942-a5e5-35d101bbb8cd => Moved successfully.
"C:\Windows\Tasks\XJ.job" => File/Directory not found.
"C:\Windows\Tasks\RPMKXY.job" => File/Directory not found.
C:\Users\Adam\AppData\Roaming\RPMKXY.exe => Moved successfully.
C:\Users\Adam\AppData\Roaming\XJ.exe => Moved successfully.
"C:\Windows\System32\Tasks\RPMKXY" => File/Directory not found.
"C:\Windows\System32\Tasks\XJ" => File/Directory not found.
C:\Windows\system32\Drivers\webTinstMK.sys => Moved successfully.
C:\Users\Adam\AppData\Local\EmieBrowserModeList => Moved successfully.
C:\Windows\system32\Drivers\Msft_Kernel_webTinstMK_01009.Wdf => Moved successfully.
C:\Windows\system32\cpuminer-gw64.exe => Moved successfully.
C:\Windows\system32\cpuminer-conf.json => Moved successfully.
C:\ProgramData\NoMore Ads => Moved successfully.
C:\Program Files (x86)\StatMaker => Moved successfully.
C:\Users\Adam\AppData\Local\DM => Moved successfully.
"C:\Windows\System32\Tasks\WINshell Event Notification" => File/Directory not found.
"C:\Windows\System32\Tasks\WINshell Event Logging" => File/Directory not found.
C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf => Moved successfully.
C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5} => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnH Solutions => Moved successfully.
C:\Users\Adam\AppData\Roaming\AXWMMZ => Moved successfully.
"C:\Users\Adam\AppData\Roaming\AXWMMZ.exe" => File/Directory not found.
C:\Users\Adam\AppData\Roaming\LL => Moved successfully.
"C:\Users\Adam\AppData\Roaming\LL.exe" => File/Directory not found.
C:\Users\Adam\AppData\Roaming\RPMKXY => Moved successfully.
"C:\Users\Adam\AppData\Roaming\RPMKXY.exe" => File/Directory not found.
C:\Users\Adam\AppData\Roaming\XJ => Moved successfully.
"C:\Users\Adam\AppData\Roaming\XJ.exe" => File/Directory not found.
C:\ProgramData\DP45977C.lfl => Moved successfully.
C:\ProgramData\hpzinstall.log => Moved successfully.

=========  dir /a "C:\Program Files (x86)" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Program Files (x86)

2015-03-01  22:29    <DIR>          .
2015-03-01  22:29    <DIR>          ..
2015-01-28  15:03    <DIR>          3DRipperDX
2014-12-07  12:55    <DIR>          AGEIA Technologies
2014-12-13  08:31    <DIR>          AMD
2014-12-13  08:31    <DIR>          AMD AVT
2014-11-15  15:27    <DIR>          ATI Technologies
2014-12-13  08:26    <DIR>          Battlelog Web Plugins
2015-01-06  18:22    <DIR>          Common Files
2015-01-28  22:01    <DIR>          DAEMON Tools Lite
2009-07-14  05:54               174 desktop.ini
2014-11-01  13:52    <DIR>          Gigabyte
2014-11-01  13:06    <DIR>          Google
2014-11-22  10:19    <DIR>          GPU-Z
2015-01-28  22:07    <DIR>          InstallShield Installation Information
2014-11-01  13:07    <DIR>          Intel
2015-02-12  13:19    <DIR>          Internet Explorer
2014-11-30  18:41    <DIR>          Java
2014-11-01  21:23    <DIR>          Lavalys
2014-11-05  14:43    <DIR>          Microsoft Office
2014-11-04  21:52    <DIR>          Microsoft Works
2014-11-04  18:10    <DIR>          Microsoft.NET
2015-01-27  11:05    <DIR>          Mozilla Firefox
2015-01-28  07:57    <DIR>          Mozilla Maintenance Service
2009-07-14  06:32    <DIR>          MSBuild
2014-11-22  11:09    <DIR>          MSI Afterburner
2015-01-06  18:24    <DIR>          Nero
2015-01-06  18:24    <DIR>          Nero2015
2014-12-07  12:55    <DIR>          NVIDIA Corporation
2014-11-01  21:18    <DIR>          Opera
2015-02-24  06:35    <DIR>          Origin
2015-02-28  23:23    <DIR>          Origin Games
2015-01-31  08:18    <DIR>          Raptr
2014-10-31  22:01    <DIR>          Realtek
2009-07-14  06:32    <DIR>          Reference Assemblies
2014-10-31  22:01    <DIR>          Temp
2009-07-14  05:57    <DIR>          Uninstall Information
2015-03-01  20:07    <DIR>          VideoLAN
2014-11-07  22:16    <DIR>          VS Revo Group
2014-11-01  12:37    <DIR>          Windows Defender
2011-04-12  14:21    <DIR>          Windows Mail
2014-11-01  13:01    <DIR>          Windows Media Player
2009-07-14  06:32    <DIR>          Windows NT
2011-04-12  14:21    <DIR>          Windows Photo Viewer
2010-11-21  04:31    <DIR>          Windows Portable Devices
2011-04-12  14:21    <DIR>          Windows Sidebar
2014-11-05  18:33    <DIR>          WinRAR
               1 plik(�w)                174 bajt�w
              46 katalog(�w)  191�990�652�928 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Program Files" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Program Files

2014-12-03  14:48    <DIR>          .
2014-12-03  14:48    <DIR>          ..
2014-12-13  08:28    <DIR>          AMD
2014-11-15  15:26    <DIR>          ATI
2014-11-15  15:25    <DIR>          ATI Technologies
2015-03-01  22:29    <DIR>          Common Files
2014-11-02  09:17    <DIR>          CPUID
2009-07-14  05:54               174 desktop.ini
2011-04-12  14:32    <DIR>          DVD Maker
2014-11-07  19:39    <DIR>          Enigma Software Group
2014-11-01  13:25    <DIR>          Intel
2015-02-12  13:19    <DIR>          Internet Explorer
2014-11-04  18:09    <DIR>          Microsoft Office
2015-01-08  17:03    <DIR>          MotioninJoy
2009-07-14  06:32    <DIR>          MSBuild
2014-10-31  22:00    <DIR>          Realtek
2009-07-14  06:32    <DIR>          Reference Assemblies
2009-07-14  06:09    <DIR>          Uninstall Information
2014-11-01  12:37    <DIR>          Windows Defender
2014-11-01  12:37    <DIR>          Windows Journal
2011-04-12  14:21    <DIR>          Windows Mail
2014-11-01  13:01    <DIR>          Windows Media Player
2014-10-31  21:46    <DIR>          Windows NT
2011-04-12  14:21    <DIR>          Windows Photo Viewer
2010-11-21  04:31    <DIR>          Windows Portable Devices
2011-04-12  14:21    <DIR>          Windows Sidebar
               1 plik(�w)                174 bajt�w
              25 katalog(�w)  191�990�657�024 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Users\Adam\AppData\Roaming" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Users\Adam\AppData\Roaming

2015-03-01  22:29    <DIR>          .
2015-03-01  22:29    <DIR>          ..
2014-11-30  18:51    <DIR>          .minecraft
2014-11-30  18:48    <DIR>          .minecraftzyczu
2014-12-01  20:55    <DIR>          11bitstudios
2014-11-01  12:12    <DIR>          Adobe
2014-11-30  18:51    <DIR>          AMD
2014-11-15  15:28    <DIR>          ATI
2014-11-07  19:04    <DIR>          DAEMON Tools Lite
2015-02-04  19:29    <DIR>          Dying Light
2015-01-23  22:17    <DIR>          Far Cry 4
2014-10-31  21:46    <DIR>          Identities
2014-10-31  21:59    <DIR>          InstallShield
2014-12-13  08:32    <DIR>          library_dir
2014-11-01  20:55    <DIR>          Macromedia
2011-04-12  14:32    <DIR>          Media Center Programs
2014-12-01  19:28    <DIR>          Microsoft
2014-12-03  15:00    <DIR>          MotioninJoy
2014-11-01  13:05    <DIR>          Mozilla
2015-01-16  07:50    <DIR>          Need for Speed Most Wanted Black Edition
2015-01-10  19:11    <DIR>          Nero
2014-11-01  21:18    <DIR>          Opera Software
2014-11-11  06:18    <DIR>          Origin
2014-11-07  17:49    <DIR>          PowerISO
2015-03-01  20:34    <DIR>          Raptr
2015-02-23  16:44    <DIR>          Sid Meier's Civilization 5
2014-12-03  14:42    <DIR>          Steam
2015-02-14  22:29    <DIR>          TS3Client
2014-11-21  19:18    <DIR>          Unity
2015-03-01  20:03    <DIR>          uTorrent
2014-11-05  18:34    <DIR>          WinRAR
2014-12-23  19:09    <DIR>          XRay Engine
               0 plik(�w)                  0 bajt�w
              32 katalog(�w)  191�990�657�024 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Users\Adam\AppData\Local" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Users\Adam\AppData\Local

2015-03-01  22:29    <DIR>          .
2015-03-01  22:29    <DIR>          ..
2014-12-03  14:43    <DIR>          4A Games
2014-11-01  20:55    <DIR>          Adobe
2014-11-01  13:04    <DIR>          Apps
2014-11-15  15:28    <DIR>          ATI
2014-10-31  21:46    <JUNCTION>     Dane aplikacji [C:\Users\Adam\AppData\Local]
2014-12-14  12:54    <DIR>          DayZ
2014-11-01  13:04    <DIR>          Deployment
2015-02-12  21:13    <DIR>          Diagnostics
2014-11-01  13:03    <DIR>          EmieSiteList
2014-11-01  13:03    <DIR>          EmieUserList
2014-11-10  20:15    <DIR>          ESN
2014-11-05  06:19            68�328 GDIPFONTCACHEV1.DAT
2014-11-01  13:06    <DIR>          Google
2014-10-31  21:46    <JUNCTION>     Historia [C:\Users\Adam\AppData\Local\Microsoft\Windows\History]
2015-03-01  20:33         1�735�483 IconCache.db
2014-11-01  20:55    <DIR>          Macromedia
2015-01-16  13:09    <DIR>          Microsoft
2014-11-04  18:08    <DIR>          Microsoft Help
2014-11-01  13:05    <DIR>          Mozilla
2015-02-23  16:50    <DIR>          My Games
2015-01-10  19:12    <DIR>          Nero
2014-11-01  21:18    <DIR>          Opera Software
2014-11-10  20:25    <DIR>          Origin
2014-11-02  08:59    <DIR>          Programs
2015-02-05  17:53    <DIR>          PunkBuster
2015-01-20  20:30    <DIR>          Skyrim
2014-12-18  14:40    <DIR>          Sniper3
2015-02-19  15:31    <DIR>          Steam
2014-11-02  09:24    <DIR>          TeamSpeak 3 Client
2015-03-01  22:29    <DIR>          Temp
2014-10-31  21:46    <JUNCTION>     Temporary Internet Files [C:\Users\Adam\AppData\Local\Microsoft\Windows\Temporary Internet Files]
2014-11-21  19:14    <DIR>          Unity
2015-02-01  17:04    <DIR>          VirtualStore
               2 plik(�w)          1�803�811 bajt�w
              33 katalog(�w)  191�990�652�928 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Users\Adam\AppData" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Users\Adam\AppData

2014-10-31  21:46    <DIR>          .
2014-10-31  21:46    <DIR>          ..
2015-03-01  22:29    <DIR>          Local
2015-02-28  22:36    <DIR>          LocalLow
2015-03-01  22:29    <DIR>          Roaming
               0 plik(�w)                  0 bajt�w
               5 katalog(�w)  191�990�652�928 bajt�w wolnych

========= End of CMD: =========

EmptyTemp: => Removed 5.2 GB temporary data.


The system needed a reboot.

==== End of Fixlog 22:29:58 ====

 

 

 

Problem jest też taki że pojawiają się mi reklamy mimo adblocka, reklamy pojawiają się u góry i dole ekranu w przeglądarce

b6b78815.png

DostawcaPizzy Budowniczy

DostawcaPizzy

Opublikowano
Budowniczy

DostawcaPizzy

  • Autor
Opublikowano

W temacie pisze że powinny być 3 pliki u nie pojawia się tylko 2.

 

 

Problem pojawił się ponownie dodałem nowe logi.

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by Adam (administrator) on ADAM-KOMPUTER on 01-03-2015 19:40:42
Running from C:\Users\Adam\Downloads
Loaded Profiles: Adam (Available profiles: Adam)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
() C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}\fury-pol-5984277.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\SIV\thermald.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(BitTorrent Inc.) C:\Users\Adam\AppData\Roaming\uTorrent\uTorrent.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Sun Micro Systems Inc.) C:\Users\Adam\AppData\Local\Temp\SBCint2.exe
(Ja) C:\Windows\Temp\J\235559\pooface.exe
() C:\Windows\Temp\autchk.exe
(EFD Software) C:\Windows\Temp\spdc32.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
() C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe
(Goobzo) C:\Program Files (x86)\YTDownloader\BrowserHelper.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Windows\System32\cpuminer-gw64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe [1838376 2015-02-28] ()
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKLM-x32\...\Run: [NetworkSaver] => C:\Windows\TEMP\spdc32.exe [1490944 2015-02-28] (EFD Software) <===== ATTENTION
HKLM-x32\...\Run: [mbot_pl_181] => [X]
HKLM-x32\...\Run: [sPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.exe [3224576 2015-02-28] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-02-28] (YTDownloader)
HKLM-x32\...\RunOnce: [sIV] => C:\Program Files (x86)\Gigabyte\SIV\sivro.exe [12096 2014-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3631448 2015-02-24] (Electronic Arts)
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [Tiny download manager] => "C:\Users\Adam\AppData\Local\DM\TinyDM.exe" /M
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\MountPoints2: {0815e801-668e-11e4-b3aa-fcaa1420d205} - F:\autorun.exe
HKU\S-1-5-18\...\Run: [sPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.exe [3224576 2015-02-28] ()
HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-02-28] (YTDownloader)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fury-pol-5984277.lnk
ShortcutTarget: fury-pol-5984277.lnk -> C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}\fury-pol-5984277.exe ()
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
SearchScopes: HKU\.DEFAULT -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&ts=1425235053&type=default&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&ts=1425235053&type=default&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&ts=1425235053&type=default&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&ts=1425235053&type=default&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV&ts=1425235053&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: PriCeeLeSs -> {8f011aa0-a26a-4e3f-9dcd-672835673335} -> C:\Program Files (x86)\PriCeeLeSs\IUigAqVb3nidqW.x64.dll ()
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: PriCeeLeSs -> {8f011aa0-a26a-4e3f-9dcd-672835673335} -> C:\Program Files (x86)\PriCeeLeSs\IUigAqVb3nidqW.dll ()
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV

FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-650939117-3586436885-2187705258-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\user.js
FF Extension: iWebar - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected]<script cf-hash='f9e31' type="text/javascript"> /* */</script> [2015-03-01]
FF Extension: Object Browser - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected]36311db9.com [2015-03-01]
FF Extension: Battlefield Play4Free - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected][2014-12-31]
FF Extension: PriCeeLeSs - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected][2015-03-01]
FF Extension: Zoom It - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\{27d1dbcf-53a2-b589-3ea5-f41b1db41461} [2015-03-01]
FF Extension: MEGA - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected][2015-01-16]
FF Extension: Adblock Plus - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-17]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{0293E99F-EEC4-37CA-8FD2-1E89B11A26CF}] - C:\Program Files (x86)\ver5SpeeditUp\189.xpi
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/?type=sc&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1419231069&from=wpc&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1419231069&from=wpc&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV"
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-01]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-01]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-01]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-01]
CHR Extension: (Adblock Plus) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-01]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-01]
CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-01]
CHR Extension: (Google Wallet) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-01]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-01]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1425235036&from=amt&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 078b2995; c:\Program Files (x86)\StatMaker\StatMaker.dll [1947648 2015-02-26] () [File not signed]
R2 be0fb33b; c:\Program Files (x86)\Supporter\Supporter.dll [4214272 2015-03-01] () [File not signed]
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-02-28] ()
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16384 2014-04-16] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-01] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-01] (globalUpdate) [File not signed]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-09-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-01] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-05] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2015-02-28] (ShopperPro)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [487056 2015-03-01] (SysTool PasSame LIMITED)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-28] (Disc Soft Ltd)
S3 etocdrv; C:\Windows\etocdrv.sys [15584 2013-10-30] (Giga-Byte Technology CO., LTD.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58520 2015-02-28] (YTDownloader)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2015-02-28] ()
R2 SPDRIVER_1521.0.0.0; C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.sys [52584 2015-02-28] ()
R2 webTinstMK; C:\Windows\system32\Drivers\webTinstMK.sys [50800 2015-02-28] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 19:38 - 2015-03-01 19:38 - 00000994 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-01 19:38 - 2015-03-01 19:38 - 00000000 ____D () C:\Program Files (x86)\Supporter
2015-03-01 19:37 - 2015-03-01 19:40 - 00000000 ____D () C:\Users\Adam\AppData\Local\BrowserHelper
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\5058266746139987241
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\YTDownloader
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\PriCeeLeSs
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-03-01 19:35 - 2015-03-01 19:40 - 00000916 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-01 19:35 - 2015-03-01 19:40 - 00000912 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-01 19:35 - 2015-03-01 19:35 - 02020824 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\AXWMMZ.exe
2015-03-01 19:35 - 2015-03-01 19:35 - 01526232 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\LL.exe
2015-03-01 19:35 - 2015-03-01 19:35 - 00009206 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00008878 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00008864 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00008536 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00007512 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-4
2015-03-01 19:35 - 2015-03-01 19:35 - 00007496 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-4
2015-03-01 19:35 - 2015-03-01 19:35 - 00006820 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00006492 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00006474 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00006178 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00006154 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00005850 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005834 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005792 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5
2015-03-01 19:35 - 2015-03-01 19:35 - 00005506 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005464 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5
2015-03-01 19:35 - 2015-03-01 19:35 - 00004482 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-4.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00004466 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-4.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003914 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-03-01 19:35 - 2015-03-01 19:35 - 00003790 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003660 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-03-01 19:35 - 2015-03-01 19:35 - 00003462 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003446 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003126 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002762 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5_user.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002762 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002434 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5_user.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002434 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00001338 _____ () C:\Windows\Tasks\AXWMMZ.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00001330 _____ () C:\Windows\Tasks\LL.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\Object Browser
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\iWebar
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\a79b2544-c798-45d6-99c4-b210ff61a9f9
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\39ae7594-5166-4942-a5e5-35d101bbb8cd
2015-03-01 07:07 - 2015-03-01 07:10 - 00028147 _____ () C:\Users\Adam\Downloads\Addition.txt
2015-03-01 07:06 - 2015-03-01 19:40 - 00022199 _____ () C:\Users\Adam\Downloads\FRST.txt
2015-03-01 07:06 - 2015-03-01 07:06 - 02092544 _____ (Farbar) C:\Users\Adam\Downloads\FRST64.exe
2015-02-28 23:21 - 2015-03-01 19:27 - 00001326 _____ () C:\Windows\Tasks\XJ.job
2015-02-28 23:21 - 2015-03-01 14:55 - 00001334 _____ () C:\Windows\Tasks\RPMKXY.job
2015-02-28 23:21 - 2015-02-28 23:21 - 01977304 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\RPMKXY.exe
2015-02-28 23:21 - 2015-02-28 23:21 - 01490904 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\XJ.exe
2015-02-28 23:21 - 2015-02-28 23:21 - 00004368 _____ () C:\Windows\System32\Tasks\RPMKXY
2015-02-28 23:21 - 2015-02-28 23:21 - 00004360 _____ () C:\Windows\System32\Tasks\XJ
2015-02-28 23:16 - 2015-02-28 23:16 - 02126848 _____ () C:\Users\Adam\Downloads\adwcleaner_4.111.exe
2015-02-28 22:36 - 2015-02-28 22:36 - 00050800 _____ () C:\Windows\system32\Drivers\webTinstMK.sys
2015-02-28 22:36 - 2015-02-28 22:36 - 00000000 __SHD () C:\Users\Adam\AppData\Local\EmieBrowserModeList
2015-02-28 22:36 - 2015-02-28 22:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMK_01009.Wdf
2015-02-28 22:36 - 2015-02-28 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-28 22:36 - 2015-02-28 22:36 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-02-28 17:12 - 2015-02-28 17:12 - 01838376 _____ () C:\Windows\system32\cpuminer-gw64.exe
2015-02-28 17:11 - 2015-02-28 17:11 - 00000470 _____ () C:\Windows\system32\cpuminer-conf.json
2015-02-26 19:40 - 2015-02-26 19:40 - 00000000 ____D () C:\ProgramData\NoMore Ads
2015-02-26 19:20 - 2015-02-26 19:20 - 00000000 ____D () C:\Program Files (x86)\StatMaker
2015-02-23 20:31 - 2015-02-24 06:33 - 00000000 ____D () C:\Users\Adam\AppData\Local\DM
2015-02-23 16:50 - 2015-02-23 16:50 - 00000000 ____D () C:\Users\Adam\AppData\Local\My Games
2015-02-23 16:44 - 2015-02-23 16:44 - 00000949 _____ () C:\Users\Adam\Desktop\Sid Meier's Civilization 5.lnk
2015-02-23 16:44 - 2015-02-23 16:44 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Sid Meier's Civilization 5
2015-02-23 16:33 - 2015-02-23 16:33 - 00003372 _____ () C:\Windows\System32\Tasks\WINshell Event Notification
2015-02-23 16:33 - 2015-02-23 16:33 - 00003368 _____ () C:\Windows\System32\Tasks\WINshell Event Logging
2015-02-22 18:46 - 2015-02-22 18:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2015-02-19 20:22 - 2015-02-26 19:19 - 00000000 ____D () C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}
2015-02-19 15:31 - 2015-02-19 15:31 - 00000000 ____D () C:\Users\Adam\AppData\Local\Steam
2015-02-12 21:12 - 2015-02-12 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnH Solutions
2015-02-12 19:57 - 2015-02-12 19:57 - 00000000 ____D () C:\Users\Adam\Documents\FLiNGTrainer
2015-02-12 13:26 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 13:26 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 13:26 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 13:26 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 21:19 - 2015-02-14 17:11 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-11 19:11 - 2015-02-11 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2015-02-11 14:41 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:41 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:41 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:41 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:41 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:41 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:41 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:41 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:41 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:41 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:41 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:41 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:41 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:41 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:41 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:41 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:41 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:41 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:41 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:41 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:41 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:41 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:41 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:41 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:41 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:41 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:41 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:41 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:41 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:41 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:41 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:41 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:41 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:41 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:41 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:41 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:41 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:41 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:41 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:41 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:41 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:41 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:41 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:41 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:41 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:41 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:41 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:41 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:41 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:41 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:41 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:41 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:41 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:41 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:41 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:41 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:40 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:40 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:40 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:40 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:40 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:40 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:40 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:40 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:40 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:40 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:40 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:40 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:40 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:40 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:40 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:40 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:40 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:40 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:40 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:40 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:40 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:40 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-09 15:29 - 2015-02-09 15:29 - 03318644 _____ () C:\Users\Adam\Downloads\Piotr Obara.rar
2015-02-09 15:29 - 2014-08-30 16:37 - 00000000 ____D () C:\Users\Adam\Downloads\Piotr Obara
2015-02-05 17:52 - 2015-02-05 17:54 - 00000000 ____D () C:\Users\Adam\Documents\BFH Beta 2
2015-02-04 19:32 - 2015-02-04 19:32 - 00000000 ____D () C:\Users\Adam\Documents\DyingLight
2015-02-04 19:32 - 2015-02-04 19:32 - 00000000 ____D () C:\ProgramData\Steam
2015-02-04 19:29 - 2015-02-04 19:29 - 00001010 _____ () C:\Users\Adam\Desktop\Dying Light.lnk
2015-02-04 19:29 - 2015-02-04 19:29 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Dying Light
2015-02-01 16:42 - 2015-02-01 17:16 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\www.gtavicecity.ru
2015-02-01 16:17 - 2015-02-01 16:17 - 00000826 _____ () C:\Users\Adam\Desktop\GTA SA.lnk
2015-02-01 07:55 - 2015-02-01 07:55 - 00000812 _____ () C:\Users\Adam\Desktop\µTorrent.lnk
2015-02-01 07:55 - 2015-02-01 07:55 - 00000792 _____ () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-31 16:53 - 2015-02-15 10:55 - 00000000 ____D () C:\Users\Adam\Documents\GTA San Andreas User Files

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 19:40 - 2014-11-08 07:09 - 00000000 ____D () C:\FRST
2015-03-01 19:37 - 2014-11-07 19:26 - 00001275 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-01 19:37 - 2014-11-02 07:21 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\uTorrent
2015-03-01 19:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-01 19:21 - 2014-11-01 13:04 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-01 19:13 - 2014-11-01 20:54 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 14:21 - 2009-07-14 05:45 - 00026208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-01 14:21 - 2009-07-14 05:45 - 00026208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-01 14:17 - 2014-01-01 04:52 - 01732453 _____ () C:\Windows\WindowsUpdate.log
2015-03-01 14:16 - 2014-11-01 13:47 - 00006462 _____ () C:\Windows\SysWOW64\Gms.log
2015-03-01 14:15 - 2014-12-13 08:31 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Raptr
2015-03-01 14:15 - 2014-11-10 20:17 - 00000000 ____D () C:\ProgramData\Origin
2015-03-01 14:14 - 2014-11-01 13:04 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-01 14:14 - 2014-11-01 11:49 - 00022200 _____ () C:\Windows\setupact.log
2015-03-01 14:14 - 2014-10-31 22:21 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-03-01 14:14 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-28 23:31 - 2014-12-17 15:43 - 00000000 ____D () C:\AdwCleaner
2015-02-28 23:23 - 2014-11-10 20:22 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-28 23:23 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-28 23:18 - 2010-11-21 04:47 - 00022698 _____ () C:\Windows\PFRO.log
2015-02-28 23:17 - 2014-11-01 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-24 06:35 - 2014-11-10 20:17 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-23 18:11 - 2011-04-12 14:21 - 00739694 _____ () C:\Windows\system32\perfh015.dat
2015-02-23 18:11 - 2011-04-12 14:21 - 00155268 _____ () C:\Windows\system32\perfc015.dat
2015-02-23 18:11 - 2009-07-14 06:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-23 16:44 - 2015-01-16 13:22 - 00000000 ____D () C:\Users\Adam\Documents\My Games
2015-02-23 16:44 - 2015-01-16 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-02-21 16:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-15 18:08 - 2015-01-06 20:04 - 00000000 ____D () C:\Fraps
2015-02-14 22:29 - 2014-11-02 09:24 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\TS3Client
2015-02-12 13:19 - 2009-07-14 05:45 - 00308840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 13:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-11 21:59 - 2014-11-04 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 21:58 - 2014-11-01 12:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 21:56 - 2014-11-01 12:50 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 20:43 - 2014-11-01 21:54 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:43 - 2014-11-01 21:54 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-11 18:34 - 2014-11-07 22:16 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-02-05 17:53 - 2014-11-01 22:01 - 00000000 ____D () C:\Users\Adam\AppData\Local\PunkBuster
2015-02-05 16:18 - 2014-11-01 21:54 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-05 16:17 - 2014-11-11 04:42 - 00080595 _____ () C:\Windows\DirectX.log
2015-02-05 16:17 - 2014-11-01 13:25 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-04 21:13 - 2014-11-01 20:54 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 21:13 - 2014-11-01 20:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 21:13 - 2014-11-01 20:54 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 20:16 - 2014-11-01 13:04 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 20:16 - 2014-11-01 13:04 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 19:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-03 21:29 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-01 20:49 - 2014-11-19 19:10 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-02-01 17:04 - 2014-10-31 21:46 - 00000000 ____D () C:\Users\Adam\AppData\Local\VirtualStore
2015-02-01 15:34 - 2015-01-28 21:46 - 00000000 ____D () C:\Users\Adam\Downloads\Scarface+Spolszczenie_Kadele
2015-01-31 16:53 - 2015-01-28 22:18 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-31 08:18 - 2014-12-13 08:31 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-30 21:39 - 2014-11-01 22:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr

==================== Files in the root of some directories =======

2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Adam\AppData\Roaming\AXWMMZ
2015-03-01 19:35 - 2015-03-01 19:35 - 2020824 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\AXWMMZ.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Adam\AppData\Roaming\LL
2015-03-01 19:35 - 2015-03-01 19:35 - 1526232 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\LL.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Adam\AppData\Roaming\RPMKXY
2015-02-28 23:21 - 2015-02-28 23:21 - 1977304 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\RPMKXY.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Adam\AppData\Roaming\XJ
2015-02-28 23:21 - 2015-02-28 23:21 - 1490904 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\XJ.exe
2014-10-31 22:00 - 2014-10-31 22:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-30 12:23 - 2014-11-30 12:23 - 0000331 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Windows\TEMP\spdc32.exe


Some content of TEMP:
====================
C:\Users\Adam\AppData\Local\Temp\1530.exe
C:\Users\Adam\AppData\Local\Temp\5781041528403498357.exe
C:\Users\Adam\AppData\Local\Temp\759fC3ee.exe
C:\Users\Adam\AppData\Local\Temp\A0647b77f.exe
C:\Users\Adam\AppData\Local\Temp\bbgcabfbbfg.exe
C:\Users\Adam\AppData\Local\Temp\bitool.dll
C:\Users\Adam\AppData\Local\Temp\crack nfs mw tpb__10924_i1449017822_il1420405.exe
C:\Users\Adam\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Adam\AppData\Local\Temp\Dscp1.exe
C:\Users\Adam\AppData\Local\Temp\FastDownload.exe
C:\Users\Adam\AppData\Local\Temp\Quarantine.exe
C:\Users\Adam\AppData\Local\Temp\SBCint2.exe
C:\Users\Adam\AppData\Local\Temp\setup.exe
C:\Users\Adam\AppData\Local\Temp\sqlite3.dll
C:\Users\Adam\AppData\Local\Temp\uttF1F2.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-21 13:43

==================== End Of Log ============================

 

Additional

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
Ran by Adam at 2015-03-01 07:09:53
Running from C:\Users\Adam\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
3D Ripper DX v1.8.2 (HKLM-x32\...\3D Ripper DX_is1) (Version:  - Roman Lut)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.14.1205 - Gigabyte)
APP Center (x32 Version: 1.14.1205 - Gigabyte) Hidden
Assassins Creed IV Black Flag version 1.0.0.0 (HKLM-x32\...\Assassins Creed IV Black Flag_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dying Light (HKLM-x32\...\Dying Light_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Far Cry 4 (HKLM-x32\...\Far Cry 4_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Metro 2033 Redux (HKLM-x32\...\Metro 2033 Redux_is1) (Version:  - )
Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version:  - Deep Silver)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.3 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
Need for Speed Most Wanted Black Edition (HKLM-x32\...\Need for Speed Most Wanted Black Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Nero 2015 (HKLM-x32\...\{F9592BA0-AA0D-454C-95AA-9782DF00CB4B}) (Version: 16.0.04000 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. Call of Pripyat (HKLM-x32\...\GOGPACKSTALKERCOP_is1) (Version: 2.0.0.12 - GOG.com)
Scarface PL 1.0 (HKLM-x32\...\Scarface PL_is1) (Version:  - SPPS)
Scarface: The World is Yours (HKLM-x32\...\InstallShield_{28142407-ACAD-4ECD-A6B6-9FA8471F6062}) (Version: 1.00.0000 - Sierra Entertainment)
Scarface: The World is Yours (x32 Version: 1.00.0000 - Sierra Entertainment) Hidden
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Sniper Elite 3, âĺđńč˙ 1.04 (HKLM-x32\...\Sniper Elite 3_is1) (Version: 1.04 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
This War of Mine (HKLM-x32\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios)
Unity Web Player (HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-650939117-3586436885-2187705258-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D65E69F-D242-466A-A0CC-61942357B64C} - System32\Tasks\WINshell Event Notification => C:\Users\Adam\AppData\Local\Temp\SBCint2.exe [2014-10-03] (Sun Micro Systems Inc.) <==== ATTENTION
Task: {110E4A8F-01D0-439B-858A-458B44B1413A} - System32\Tasks\RPMKXY => C:\Users\Adam\AppData\Roaming\RPMKXY.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {5685EC2C-DA17-40F9-AB37-1F194D2D4C4C} - System32\Tasks\{08B6A94B-1504-4C43-A761-A309760F74F9} => pcalua.exe -a C:\Users\Adam\Downloads\jxpiinstall.exe -d C:\Users\Adam\Downloads
Task: {612CA3ED-6E6C-4F44-B98E-4F3B95274CC6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {69501B94-E6D1-4862-86EA-EF6955A6741A} - System32\Tasks\XJ => C:\Users\Adam\AppData\Roaming\XJ.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {7A6B7DE2-11A0-4ED3-9E44-C5AB7BE4467B} - System32\Tasks\WINshell Event Logging => C:\Users\Adam\AppData\Local\Temp\Dscp1.exe [2014-10-26] () <==== ATTENTION
Task: {80D1BD89-5C95-4A26-80E7-87AC4B5367EB} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {907B6E32-4867-481A-9768-DE32EC7BF0C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {ACEA75D8-4353-45C5-A103-6A7E45DE3BF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {D4017962-C536-4AF2-9905-E82A4CE50B39} - System32\Tasks\{D389374A-2DF3-4546-8746-05BD760C3878} => pcalua.exe -a E:\setup.exe -d E:\
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RPMKXY.job => C:\Users\Adam\AppData\Roaming\RPMKXY.exe <==== ATTENTION
Task: C:\Windows\Tasks\XJ.job => C:\Users\Adam\AppData\Roaming\XJ.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2014-04-16 16:09 - 2014-04-16 16:09 - 00016384 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2014-11-01 21:54 - 2015-02-05 16:18 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-19 20:22 - 2014-02-19 20:22 - 01057792 _____ () C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}\fury-pol-5984277.exe
2014-11-20 17:27 - 2014-11-20 17:27 - 01243968 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
2012-11-27 08:03 - 2012-11-27 08:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.DLL
2014-11-10 20:20 - 2015-02-24 06:35 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2012-11-27 08:03 - 2012-11-27 08:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2014-09-01 14:48 - 2014-09-01 14:48 - 00311296 _____ () C:\Program Files (x86)\Gigabyte\SIV\MFCCPU.dll
2012-11-28 22:03 - 2012-11-28 22:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\SIV\ycc.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2015-02-04 21:13 - 2015-02-04 21:13 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-01-27 11:05 - 2015-01-27 11:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-31 21:59 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-650939117-3586436885-2187705258-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Adam (S-1-5-21-650939117-3586436885-2187705258-1000 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-650939117-3586436885-2187705258-500 - Administrator - Disabled)
Gość (S-1-5-21-650939117-3586436885-2187705258-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2015 07:03:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 11:32:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 11:21:31 PM) (Source: MsiInstaller) (EventID: 11309) (User: Adam-Komputer)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (02/28/2015 11:19:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 04:17:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 00:54:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 07:20:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/27/2015 02:28:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/27/2015 06:23:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2015 03:36:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Nero Update niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Intel® Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Intel® Capability Licensing Service Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa GIGABYTE Adjust niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-01 21:25:14.396
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Adam\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-01 21:25:14.376
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Adam\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-01 21:25:14.166
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-01 21:25:14.136
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 59%
Total physical RAM: 3988.22 MB
Available physical RAM: 1608.58 MB
Total Pagefile: 7974.63 MB
Available Pagefile: 5413.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:299.9 GB) (Free:178.94 GB) NTFS
Drive d: () (Fixed) (Total:631.51 GB) (Free:313.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CC871AAD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=299.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=631.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Addition.txt

FRST.txt

FRST.txt

Addition.txt

b6b78815.png

Arkzyw Pomocnik

Arkzyw

Opublikowano
Pomocnik

Arkzyw

Opublikowano

W tym samym folderze co FRST utwórz fixlist.txt z zawartością:

 

 

CloseProcesses:
Task: {0D65E69F-D242-466A-A0CC-61942357B64C} - System32\Tasks\WINshell Event Notification => C:\Users\Adam\AppData\Local\Temp\SBCint2.exe [2014-10-03] (Sun Micro Systems Inc.) <==== ATTENTION
Task: {110E4A8F-01D0-439B-858A-458B44B1413A} - System32\Tasks\RPMKXY => C:\Users\Adam\AppData\Roaming\RPMKXY.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {5685EC2C-DA17-40F9-AB37-1F194D2D4C4C} - System32\Tasks\{08B6A94B-1504-4C43-A761-A309760F74F9} => pcalua.exe -a C:\Users\Adam\Downloads\jxpiinstall.exe -d C:\Users\Adam\Downloads
Task: {69501B94-E6D1-4862-86EA-EF6955A6741A} - System32\Tasks\XJ => C:\Users\Adam\AppData\Roaming\XJ.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {7A6B7DE2-11A0-4ED3-9E44-C5AB7BE4467B} - System32\Tasks\WINshell Event Logging => C:\Users\Adam\AppData\Local\Temp\Dscp1.exe [2014-10-26] () <==== ATTENTION
Task: {D4017962-C536-4AF2-9905-E82A4CE50B39} - System32\Tasks\{D389374A-2DF3-4546-8746-05BD760C3878} => pcalua.exe -a E:\setup.exe -d E:\
Task: C:\Windows\Tasks\RPMKXY.job => C:\Users\Adam\AppData\Roaming\RPMKXY.exe <==== ATTENTION
Task: C:\Windows\Tasks\XJ.job => C:\Users\Adam\AppData\Roaming\XJ.exe <==== ATTENTION
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe [1838376 2015-02-28] ()
HKLM-x32\...\Run: [NetworkSaver] => C:\Windows\TEMP\spdc32.exe [1490944 2015-02-28] (EFD Software) <===== ATTENTION
HKLM-x32\...\Run: [mbot_pl_181] => [X]
HKLM-x32\...\Run: [sPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.exe [3224576 2015-02-28] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-02-28] (YTDownloader)
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [Tiny download manager] => "C:\Users\Adam\AppData\Local\DM\TinyDM.exe" /M
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\MountPoints2: {0815e801-668e-11e4-b3aa-fcaa1420d205} - F:\autorun.exe
HKU\S-1-5-18\...\Run: [sPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.exe [3224576 2015-02-28] ()
HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988528 2015-02-28] (YTDownloader)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fury-pol-5984277.lnk
ShortcutTarget: fury-pol-5984277.lnk -> C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}\fury-pol-5984277.exe ()
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...C3FHR2H1LV2H1LV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...C3FHR2H1LV2H1LV
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartse...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...C3FHR2H1LV2H1LV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...C3FHR2H1LV2H1LV
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartse...q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...C3FHR2H1LV2H1LV
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...C3FHR2H1LV2H1LV
SearchScopes: HKU\.DEFAULT -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: PriCeeLeSs -> {8f011aa0-a26a-4e3f-9dcd-672835673335} -> C:\Program Files (x86)\PriCeeLeSs\IUigAqVb3nidqW.x64.dll ()
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: PriCeeLeSs -> {8f011aa0-a26a-4e3f-9dcd-672835673335} -> C:\Program Files (x86)\PriCeeLeSs\IUigAqVb3nidqW.dll ()
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartse...C3FHR2H1LV2H1LV
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF user.js: detected! => C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\user.js
FF Extension: iWebar - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\<script cf-hash='f9e31' type="text/javascript"> /* */</script> [2015-03-01]
FF Extension: Object Browser - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\36311db9.com [2015-03-01]
FF Extension: PriCeeLeSs - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[2015-03-01]
FF Extension: Zoom It - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\{27d1dbcf-53a2-b589-3ea5-f41b1db41461} [2015-03-01]
FF Extension: MEGA - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[2015-01-16]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{0293E99F-EEC4-37CA-8FD2-1E89B11A26CF}] - C:\Program Files (x86)\ver5SpeeditUp\189.xpi
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartse...C3FHR2H1LV2H1LV
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1419231069&from=wpc&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1419231069&from=wpc&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3FHR2H1LV2H1LV"
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR DefaultSuggestURL: Default ->
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartse...C3FHR2H1LV2H1LV
S2 078b2995; c:\Program Files (x86)\StatMaker\StatMaker.dll [1947648 2015-02-26] () [File not signed]
R2 be0fb33b; c:\Program Files (x86)\Supporter\Supporter.dll [4214272 2015-03-01] () [File not signed]
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-02-28] ()
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-01] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-01] (globalUpdate) [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2015-02-28] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [487056 2015-03-01] (SysTool PasSame LIMITED)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58520 2015-02-28] (YTDownloader)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2015-02-28] ()
R2 SPDRIVER_1521.0.0.0; C:\Program Files (x86)\ShopperPro\JSDriver\1521.0.0.0\jsdrv.sys [52584 2015-02-28] ()
R2 webTinstMK; C:\Windows\system32\Drivers\webTinstMK.sys [50800 2015-02-28] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
2015-03-01 19:38 - 2015-03-01 19:38 - 00000000 ____D () C:\Program Files (x86)\Supporter
2015-03-01 19:37 - 2015-03-01 19:40 - 00000000 ____D () C:\Users\Adam\AppData\Local\BrowserHelper
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\ProgramData\5058266746139987241
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\YTDownloader
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-01 19:37 - 2015-03-01 19:37 - 00000000 ____D () C:\Program Files (x86)\PriCeeLeSs
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-03-01 19:36 - 2015-03-01 19:36 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-03-01 19:35 - 2015-03-01 19:40 - 00000916 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-01 19:35 - 2015-03-01 19:40 - 00000912 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-01 19:35 - 2015-03-01 19:35 - 02020824 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\AXWMMZ.exe
2015-03-01 19:35 - 2015-03-01 19:35 - 01526232 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\LL.exe
2015-03-01 19:35 - 2015-03-01 19:35 - 00009206 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00008878 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00008864 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00008536 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00007512 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-4
2015-03-01 19:35 - 2015-03-01 19:35 - 00007496 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-4
2015-03-01 19:35 - 2015-03-01 19:35 - 00006820 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00006492 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-7
2015-03-01 19:35 - 2015-03-01 19:35 - 00006474 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00006178 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00006154 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-6
2015-03-01 19:35 - 2015-03-01 19:35 - 00005850 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005834 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005792 _____ () C:\Windows\System32\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5
2015-03-01 19:35 - 2015-03-01 19:35 - 00005506 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00005464 _____ () C:\Windows\System32\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5
2015-03-01 19:35 - 2015-03-01 19:35 - 00004482 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-4.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00004466 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-4.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003914 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-03-01 19:35 - 2015-03-01 19:35 - 00003790 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003660 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-03-01 19:35 - 2015-03-01 19:35 - 00003462 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-7.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003446 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-1-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00003126 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-1-6.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002762 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5_user.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002762 _____ () C:\Windows\Tasks\b87f849a-e651-42af-9489-c2a697c94b2b-5.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002434 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5_user.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00002434 _____ () C:\Windows\Tasks\910ff260-db96-4bac-b468-08ab6045af79-5.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00001338 _____ () C:\Windows\Tasks\AXWMMZ.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00001330 _____ () C:\Windows\Tasks\LL.job
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\Object Browser
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\iWebar
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\a79b2544-c798-45d6-99c4-b210ff61a9f9
2015-03-01 19:35 - 2015-03-01 19:35 - 00000000 ____D () C:\Program Files (x86)\39ae7594-5166-4942-a5e5-35d101bbb8cd
2015-02-28 23:21 - 2015-03-01 19:27 - 00001326 _____ () C:\Windows\Tasks\XJ.job
2015-02-28 23:21 - 2015-03-01 14:55 - 00001334 _____ () C:\Windows\Tasks\RPMKXY.job
2015-02-28 23:21 - 2015-02-28 23:21 - 01977304 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\RPMKXY.exe
2015-02-28 23:21 - 2015-02-28 23:21 - 01490904 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\XJ.exe
2015-02-28 23:21 - 2015-02-28 23:21 - 00004368 _____ () C:\Windows\System32\Tasks\RPMKXY
2015-02-28 23:21 - 2015-02-28 23:21 - 00004360 _____ () C:\Windows\System32\Tasks\XJ
2015-02-28 22:36 - 2015-02-28 22:36 - 00050800 _____ () C:\Windows\system32\Drivers\webTinstMK.sys
2015-02-28 22:36 - 2015-02-28 22:36 - 00000000 __SHD () C:\Users\Adam\AppData\Local\EmieBrowserModeList
2015-02-28 22:36 - 2015-02-28 22:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMK_01009.Wdf
2015-02-28 17:12 - 2015-02-28 17:12 - 01838376 _____ () C:\Windows\system32\cpuminer-gw64.exe
2015-02-28 17:11 - 2015-02-28 17:11 - 00000470 _____ () C:\Windows\system32\cpuminer-conf.json
2015-02-26 19:40 - 2015-02-26 19:40 - 00000000 ____D () C:\ProgramData\NoMore Ads
2015-02-26 19:20 - 2015-02-26 19:20 - 00000000 ____D () C:\Program Files (x86)\StatMaker
2015-02-23 20:31 - 2015-02-24 06:33 - 00000000 ____D () C:\Users\Adam\AppData\Local\DM
2015-02-23 16:33 - 2015-02-23 16:33 - 00003372 _____ () C:\Windows\System32\Tasks\WINshell Event Notification
2015-02-23 16:33 - 2015-02-23 16:33 - 00003368 _____ () C:\Windows\System32\Tasks\WINshell Event Logging
2015-02-22 18:46 - 2015-02-22 18:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2015-02-19 20:22 - 2015-02-26 19:19 - 00000000 ____D () C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}
2015-02-12 21:12 - 2015-02-12 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnH Solutions
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Adam\AppData\Roaming\AXWMMZ
2015-03-01 19:35 - 2015-03-01 19:35 - 2020824 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\AXWMMZ.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Adam\AppData\Roaming\LL
2015-03-01 19:35 - 2015-03-01 19:35 - 1526232 _____ (ObjectB) C:\Users\Adam\AppData\Roaming\LL.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Adam\AppData\Roaming\RPMKXY
2015-02-28 23:21 - 2015-02-28 23:21 - 1977304 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\RPMKXY.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Adam\AppData\Roaming\XJ
2015-02-28 23:21 - 2015-02-28 23:21 - 1490904 _____ (InstallMoonV28.02) C:\Users\Adam\AppData\Roaming\XJ.exe
2014-10-31 22:00 - 2014-10-31 22:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-30 12:23 - 2014-11-30 12:23 - 0000331 _____ () C:\ProgramData\hpzinstall.log

CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Users\Adam\AppData\Roaming"
CMD: dir /a "C:\Users\Adam\AppData\Local"
CMD: dir /a "C:\Users\Adam\AppData"
EmptyTemp:

 

Uruchom FRST i naciśnij "fix"

Po wykonaniu wrzuć fixlog.txt

Retro PC:

MB: BEK-TRONIC BEK-3708 | CPU: AMD Am386 DX-40 40MHz | GPU: Trident 8900CL 1MB | Sound: SoundBlaster Vibra 16 | RAM:16MB(4x4) FPM SIMM Hyundai | HDD: 1.08GB Quantum Fireball | OS: DOS 6.22/Win 3.1

Arkzyw Pomocnik

Arkzyw

Opublikowano
Pomocnik

Arkzyw

Opublikowano

Jeszcze addition.txt

Retro PC:

MB: BEK-TRONIC BEK-3708 | CPU: AMD Am386 DX-40 40MHz | GPU: Trident 8900CL 1MB | Sound: SoundBlaster Vibra 16 | RAM:16MB(4x4) FPM SIMM Hyundai | HDD: 1.08GB Quantum Fireball | OS: DOS 6.22/Win 3.1

DostawcaPizzy Budowniczy

DostawcaPizzy

Opublikowano
Budowniczy

DostawcaPizzy

  • Autor
Opublikowano

Zrobione

fixlog

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by Adam (administrator) on ADAM-KOMPUTER on 01-03-2015 22:31:06
Running from C:\Users\Adam\Downloads
Loaded Profiles: Adam (Available profiles: Adam)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\SIV\thermald.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKLM-x32\...\RunOnce: [sIV] => C:\Program Files (x86)\Gigabyte\SIV\sivro.exe [12096 2014-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3631448 2015-02-24] (Electronic Arts)
HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-650939117-3586436885-2187705258-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: iWebar - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected] [2015-03-01]
FF Extension: Battlefield Play4Free - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected] [2014-12-31]
FF Extension: MEGA - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected] [2015-01-16]
FF Extension: Adblock Plus - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-17]
FF Extension: No Name - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\extensions\{27d1dbcf-53a2-b589-3ea5-f41b1db41461} [Not Found]

Chrome:
=======

 

b6b78815.png

DostawcaPizzy Budowniczy

DostawcaPizzy

Opublikowano
Budowniczy

DostawcaPizzy

  • Autor
Opublikowano

fixlog

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-02-2015
Ran by Adam at 2015-03-03 21:38:49 Run:2
Running from C:\Users\Adam\Downloads
Loaded Profiles: Adam (Available profiles: Adam)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
Task: {0D65E69F-D242-466A-A0CC-61942357B64C} - System32\Tasks\WINshell Event Notification => C:\Users\Adam\AppData\Local\Temp\SBCint2.exe [2014-10-03] (Sun Micro Systems Inc.) <==== ATTENTION
Task: {110E4A8F-01D0-439B-858A-458B44B1413A} - System32\Tasks\RPMKXY => C:\Users\Adam\AppData\Roaming\RPMKXY.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {5685EC2C-DA17-40F9-AB37-1F194D2D4C4C} - System32\Tasks\{08B6A94B-1504-4C43-A761-A309760F74F9} => pcalua.exe -a C:\Users\Adam\Downloads\jxpiinstall.exe -d C:\Users\Adam\Downloads
Task: {69501B94-E6D1-4862-86EA-EF6955A6741A} - System32\Tasks\XJ => C:\Users\Adam\AppData\Roaming\XJ.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {7A6B7DE2-11A0-4ED3-9E44-C5AB7BE4467B} - System32\Tasks\WINshell Event Logging => C:\Users\Adam\AppData\Local\Temp\Dscp1.exe [2014-10-26] () <==== ATTENTION
Task: {907B6E32-4867-481A-9768-DE32EC7BF0C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {ACEA75D8-4353-45C5-A103-6A7E45DE3BF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {D4017962-C536-4AF2-9905-E82A4CE50B39} - System32\Tasks\{D389374A-2DF3-4546-8746-05BD760C3878} => pcalua.exe -a E:\setup.exe -d E:\
Task: C:\Windows\Tasks\RPMKXY.job => C:\Users\Adam\AppData\Roaming\RPMKXY.exe <==== ATTENTION
Task: C:\Windows\Tasks\XJ.job => C:\Users\Adam\AppData\Roaming\XJ.exe <==== ATTENTION
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
FF Extension: MEGA - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected] [2015-01-16]
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16384 2014-04-16] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R4 epp64; system32\DRIVERS\epp64.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2015-03-02 20:57 - 2015-03-02 20:57 - 00003270 _____ () C:\Windows\System32\Tasks\{DE617C85-4365-4CA8-82B9-4752535C375F}
2015-03-01 22:31 - 2015-03-01 22:31 - 00000000 __SHD () C:\Users\Adam\AppData\Local\EmieBrowserModeList
C:\Users\Adam\AppData\Local\Temp\

CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\ProgramData"
CMD: dir /a "C:\Users\Adam\AppData\Roaming"
CMD: dir /a "C:\Users\Adam\AppData\Local"
CMD: dir /a "C:\Users\Adam\AppData"
EmptyTemp:




*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D65E69F-D242-466A-A0CC-61942357B64C} => Key not found.
C:\Windows\System32\Tasks\WINshell Event Notification not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Notification => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{110E4A8F-01D0-439B-858A-458B44B1413A} => Key not found.
C:\Windows\System32\Tasks\RPMKXY not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RPMKXY => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5685EC2C-DA17-40F9-AB37-1F194D2D4C4C} => Key not found.
C:\Windows\System32\Tasks\{08B6A94B-1504-4C43-A761-A309760F74F9} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{08B6A94B-1504-4C43-A761-A309760F74F9} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69501B94-E6D1-4862-86EA-EF6955A6741A} => Key not found.
C:\Windows\System32\Tasks\XJ not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\XJ => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A6B7DE2-11A0-4ED3-9E44-C5AB7BE4467B} => Key not found.
C:\Windows\System32\Tasks\WINshell Event Logging not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Logging => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{907B6E32-4867-481A-9768-DE32EC7BF0C3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{907B6E32-4867-481A-9768-DE32EC7BF0C3}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACEA75D8-4353-45C5-A103-6A7E45DE3BF2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACEA75D8-4353-45C5-A103-6A7E45DE3BF2}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4017962-C536-4AF2-9905-E82A4CE50B39} => Key not found.
C:\Windows\System32\Tasks\{D389374A-2DF3-4546-8746-05BD760C3878} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D389374A-2DF3-4546-8746-05BD760C3878} => Key not found.
C:\Windows\Tasks\RPMKXY.job not found.
C:\Windows\Tasks\XJ.job not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\GrpConv => Value not found.
C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lwo2ik12.default-1418823525085\Extensions\[email protected] => Moved successfully.
gadjservice => Service deleted successfully.
IDriverT => Service deleted successfully.
epp64 => Service not found.
MBAMSwissArmy => Service deleted successfully.
C:\Windows\System32\Tasks\{DE617C85-4365-4CA8-82B9-4752535C375F} => Moved successfully.
C:\Users\Adam\AppData\Local\EmieBrowserModeList => Moved successfully.

"C:\Users\Adam\AppData\Local\Temp" directory move:

C:\Users\Adam\AppData\Local\Temp\au-descriptor-1.8.0_31-b13.xml => Moved successfully.
Could not move "C:\Users\Adam\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Adam\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\LastScan.txt => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\result.txt => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog02.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog03.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog04.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog05.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog06.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog07.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog08.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog09.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog10.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog11.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog12.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog13.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog14.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog15.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog16.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog17.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog18.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmplog19.sqm => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\is740357246\28A44CB6_stp\icacsp.dll => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\AppCenter\verInfo.ini => Moved successfully.
C:\Users\Adam\AppData\Local\Temp\a2temp\update.ini => Moved successfully.
Could not move "C:\Users\Adam\AppData\Local\Temp" directory. => Scheduled to move on reboot.


=========  dir /a "C:\Program Files (x86)" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Program Files (x86)

2015-03-02  22:02    <DIR>          .
2015-03-02  22:02    <DIR>          ..
2015-01-28  15:03    <DIR>          3DRipperDX
2014-12-07  12:55    <DIR>          AGEIA Technologies
2014-12-13  08:31    <DIR>          AMD
2014-12-13  08:31    <DIR>          AMD AVT
2014-11-15  15:27    <DIR>          ATI Technologies
2014-12-13  08:26    <DIR>          Battlelog Web Plugins
2015-01-06  18:22    <DIR>          Common Files
2015-01-28  22:01    <DIR>          DAEMON Tools Lite
2009-07-14  05:54               174 desktop.ini
2015-03-03  14:29    <DIR>          Emsisoft Anti-Malware
2014-11-01  13:52    <DIR>          Gigabyte
2014-11-01  13:06    <DIR>          Google
2014-11-22  10:19    <DIR>          GPU-Z
2015-03-02  17:12    <DIR>          Graph
2015-01-28  22:07    <DIR>          InstallShield Installation Information
2014-11-01  13:07    <DIR>          Intel
2015-02-12  13:19    <DIR>          Internet Explorer
2014-11-30  18:41    <DIR>          Java
2014-11-01  21:23    <DIR>          Lavalys
2014-11-05  14:43    <DIR>          Microsoft Office
2014-11-04  21:52    <DIR>          Microsoft Works
2014-11-04  18:10    <DIR>          Microsoft.NET
2015-01-27  11:05    <DIR>          Mozilla Firefox
2015-01-28  07:57    <DIR>          Mozilla Maintenance Service
2009-07-14  06:32    <DIR>          MSBuild
2014-11-22  11:09    <DIR>          MSI Afterburner
2015-01-06  18:24    <DIR>          Nero
2015-01-06  18:24    <DIR>          Nero2015
2014-12-07  12:55    <DIR>          NVIDIA Corporation
2014-11-01  21:18    <DIR>          Opera
2015-02-24  06:35    <DIR>          Origin
2015-02-28  23:23    <DIR>          Origin Games
2014-10-31  22:01    <DIR>          Realtek
2009-07-14  06:32    <DIR>          Reference Assemblies
2014-10-31  22:01    <DIR>          Temp
2009-07-14  05:57    <DIR>          Uninstall Information
2015-03-01  20:07    <DIR>          VideoLAN
2015-03-02  22:00    <DIR>          VS Revo Group
2014-11-01  12:37    <DIR>          Windows Defender
2011-04-12  14:21    <DIR>          Windows Mail
2014-11-01  13:01    <DIR>          Windows Media Player
2009-07-14  06:32    <DIR>          Windows NT
2011-04-12  14:21    <DIR>          Windows Photo Viewer
2010-11-21  04:31    <DIR>          Windows Portable Devices
2011-04-12  14:21    <DIR>          Windows Sidebar
2014-11-05  18:33    <DIR>          WinRAR
               1 plik(�w)                174 bajt�w
              47 katalog(�w)  197�040�607�232 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Program Files" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Program Files

2015-03-02  21:02    <DIR>          .
2015-03-02  21:02    <DIR>          ..
2014-12-13  08:28    <DIR>          AMD
2014-11-15  15:26    <DIR>          ATI
2014-11-15  15:25    <DIR>          ATI Technologies
2015-03-01  22:29    <DIR>          Common Files
2014-11-02  09:17    <DIR>          CPUID
2009-07-14  05:54               174 desktop.ini
2011-04-12  14:32    <DIR>          DVD Maker
2014-11-01  13:25    <DIR>          Intel
2015-02-12  13:19    <DIR>          Internet Explorer
2014-11-04  18:09    <DIR>          Microsoft Office
2015-01-08  17:03    <DIR>          MotioninJoy
2009-07-14  06:32    <DIR>          MSBuild
2014-10-31  22:00    <DIR>          Realtek
2009-07-14  06:32    <DIR>          Reference Assemblies
2009-07-14  06:09    <DIR>          Uninstall Information
2014-11-01  12:37    <DIR>          Windows Defender
2014-11-01  12:37    <DIR>          Windows Journal
2011-04-12  14:21    <DIR>          Windows Mail
2014-11-01  13:01    <DIR>          Windows Media Player
2014-10-31  21:46    <DIR>          Windows NT
2011-04-12  14:21    <DIR>          Windows Photo Viewer
2010-11-21  04:31    <DIR>          Windows Portable Devices
2011-04-12  14:21    <DIR>          Windows Sidebar
               1 plik(�w)                174 bajt�w
              24 katalog(�w)  197�040�599�040 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\ProgramData" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\ProgramData

2015-03-02  21:26    <DIR>          .
2015-03-02  21:26    <DIR>          ..
2014-12-13  08:31    <DIR>          AMD
2009-07-14  06:08    <JUNCTION>     Application Data [C:\ProgramData]
2014-12-13  08:32    <DIR>          ATI
2014-11-07  19:05    <DIR>          DAEMON Tools Lite
2014-10-31  21:46    <JUNCTION>     Dane aplikacji [C:\ProgramData]
2009-07-14  06:08    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
2009-07-14  06:08    <JUNCTION>     Documents [C:\Users\Public\Documents]
2014-10-31  21:46    <JUNCTION>     Dokumenty [C:\Users\Public\Documents]
2014-11-11  06:38    <DIR>          EA Core
2014-11-11  12:39    <DIR>          EA Logs
2014-11-11  06:38    <DIR>          Electronic Arts
2015-03-02  21:26    <DIR>          Emsisoft
2009-07-14  06:08    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
2014-11-04  18:09    <DIR>          Hewlett-Packard
2014-11-01  13:31    <DIR>          Intel
2015-03-02  21:03    <DIR>          Malwarebytes
2014-10-31  21:46    <JUNCTION>     Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
2015-02-03  21:29    <DIR>          Microsoft
2015-02-11  21:59    <DIR>          Microsoft Help
2014-11-01  13:05    <DIR>          Mozilla
2015-01-06  18:25    <DIR>          Nero
2014-11-30  18:42    <DIR>          Oracle
2015-03-03  14:30    <DIR>          Origin
2015-02-05  16:17    <DIR>          Package Cache
2014-10-31  21:46    <JUNCTION>     Pulpit [C:\Users\Public\Desktop]
2009-07-14  06:08    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
2015-02-04  19:32    <DIR>          Steam
2014-11-30  18:42    <DIR>          Sun
2014-10-31  21:46    <JUNCTION>     Szablony [C:\ProgramData\Microsoft\Windows\Templates]
2009-07-14  06:08    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
2014-10-31  21:46    <JUNCTION>     Ulubione [C:\Users\Public\Favorites]
               0 plik(�w)                  0 bajt�w
              33 katalog(�w)  197�040�599�040 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Users\Adam\AppData\Roaming" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Users\Adam\AppData\Roaming

2015-03-02  22:00    <DIR>          .
2015-03-02  22:00    <DIR>          ..
2014-11-30  18:51    <DIR>          .minecraft
2014-11-30  18:48    <DIR>          .minecraftzyczu
2014-12-01  20:55    <DIR>          11bitstudios
2014-11-01  12:12    <DIR>          Adobe
2014-11-30  18:51    <DIR>          AMD
2014-11-15  15:28    <DIR>          ATI
2014-11-07  19:04    <DIR>          DAEMON Tools Lite
2015-02-04  19:29    <DIR>          Dying Light
2015-01-23  22:17    <DIR>          Far Cry 4
2014-10-31  21:46    <DIR>          Identities
2014-10-31  21:59    <DIR>          InstallShield
2014-12-13  08:32    <DIR>          library_dir
2014-11-01  20:55    <DIR>          Macromedia
2011-04-12  14:32    <DIR>          Media Center Programs
2014-12-01  19:28    <DIR>          Microsoft
2014-12-03  15:00    <DIR>          MotioninJoy
2014-11-01  13:05    <DIR>          Mozilla
2015-01-16  07:50    <DIR>          Need for Speed Most Wanted Black Edition
2015-01-10  19:11    <DIR>          Nero
2014-11-01  21:18    <DIR>          Opera Software
2014-11-11  06:18    <DIR>          Origin
2014-11-07  17:49    <DIR>          PowerISO
2015-02-23  16:44    <DIR>          Sid Meier's Civilization 5
2014-12-03  14:42    <DIR>          Steam
2015-02-14  22:29    <DIR>          TS3Client
2014-11-21  19:18    <DIR>          Unity
2015-03-01  20:03    <DIR>          uTorrent
2014-11-05  18:34    <DIR>          WinRAR
2014-12-23  19:09    <DIR>          XRay Engine
               0 plik(�w)                  0 bajt�w
              31 katalog(�w)  197�040�594�944 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Users\Adam\AppData\Local" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Users\Adam\AppData\Local

2015-03-03  21:38    <DIR>          .
2015-03-03  21:38    <DIR>          ..
2014-12-03  14:43    <DIR>          4A Games
2014-11-01  20:55    <DIR>          Adobe
2014-11-01  13:04    <DIR>          Apps
2014-11-15  15:28    <DIR>          ATI
2014-10-31  21:46    <JUNCTION>     Dane aplikacji [C:\Users\Adam\AppData\Local]
2014-12-14  12:54    <DIR>          DayZ
2014-11-01  13:04    <DIR>          Deployment
2015-02-12  21:13    <DIR>          Diagnostics
2014-11-01  13:03    <DIR>          EmieSiteList
2014-11-01  13:03    <DIR>          EmieUserList
2014-11-10  20:15    <DIR>          ESN
2014-11-05  06:19            68�328 GDIPFONTCACHEV1.DAT
2014-11-01  13:06    <DIR>          Google
2014-10-31  21:46    <JUNCTION>     Historia [C:\Users\Adam\AppData\Local\Microsoft\Windows\History]
2015-03-02  22:19         2�167�570 IconCache.db
2014-11-01  20:55    <DIR>          Macromedia
2015-01-16  13:09    <DIR>          Microsoft
2014-11-04  18:08    <DIR>          Microsoft Help
2014-11-01  13:05    <DIR>          Mozilla
2015-02-23  16:50    <DIR>          My Games
2015-01-10  19:12    <DIR>          Nero
2014-11-01  21:18    <DIR>          Opera Software
2014-11-10  20:25    <DIR>          Origin
2014-11-02  08:59    <DIR>          Programs
2015-02-05  17:53    <DIR>          PunkBuster
2015-01-20  20:30    <DIR>          Skyrim
2014-12-18  14:40    <DIR>          Sniper3
2015-02-19  15:31    <DIR>          Steam
2014-11-02  09:24    <DIR>          TeamSpeak 3 Client
2015-03-03  21:38    <DIR>          Temp
2014-10-31  21:46    <JUNCTION>     Temporary Internet Files [C:\Users\Adam\AppData\Local\Microsoft\Windows\Temporary Internet Files]
2014-11-21  19:14    <DIR>          Unity
2015-02-01  17:04    <DIR>          VirtualStore
               2 plik(�w)          2�235�898 bajt�w
              33 katalog(�w)  197�040�529�408 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Users\Adam\AppData" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 4679-A786

 Katalog: C:\Users\Adam\AppData

2014-10-31  21:46    <DIR>          .
2014-10-31  21:46    <DIR>          ..
2015-03-03  21:38    <DIR>          Local
2015-02-28  22:36    <DIR>          LocalLow
2015-03-02  22:00    <DIR>          Roaming
               0 plik(�w)                  0 bajt�w
               5 katalog(�w)  197�040�529�408 bajt�w wolnych

========= End of CMD: =========

EmptyTemp: => Removed 367.3 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-03 21:40:03)<=

C:\Users\Adam\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Adam\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 21:40:03 ====

 

b6b78815.png

Arkzyw Pomocnik

Arkzyw

Opublikowano
Pomocnik

Arkzyw

Opublikowano

Zaktualizuj Java

 

Fixlist do FRST http://speedy.sh/avJDb/fixlist.txt

Wrzuć fixlog.txt

 

Retro PC:

MB: BEK-TRONIC BEK-3708 | CPU: AMD Am386 DX-40 40MHz | GPU: Trident 8900CL 1MB | Sound: SoundBlaster Vibra 16 | RAM:16MB(4x4) FPM SIMM Hyundai | HDD: 1.08GB Quantum Fireball | OS: DOS 6.22/Win 3.1

DostawcaPizzy Budowniczy

DostawcaPizzy

Opublikowano
Budowniczy

DostawcaPizzy

  • Autor
Opublikowano

additional

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
Ran by Adam at 2015-03-01 07:09:53
Running from C:\Users\Adam\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
3D Ripper DX v1.8.2 (HKLM-x32\...\3D Ripper DX_is1) (Version:  - Roman Lut)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.14.1205 - Gigabyte)
APP Center (x32 Version: 1.14.1205 - Gigabyte) Hidden
Assassins Creed IV Black Flag version 1.0.0.0 (HKLM-x32\...\Assassins Creed IV Black Flag_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dying Light (HKLM-x32\...\Dying Light_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Far Cry 4 (HKLM-x32\...\Far Cry 4_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Metro 2033 Redux (HKLM-x32\...\Metro 2033 Redux_is1) (Version:  - )
Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version:  - Deep Silver)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.3 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
Need for Speed Most Wanted Black Edition (HKLM-x32\...\Need for Speed Most Wanted Black Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Nero 2015 (HKLM-x32\...\{F9592BA0-AA0D-454C-95AA-9782DF00CB4B}) (Version: 16.0.04000 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. Call of Pripyat (HKLM-x32\...\GOGPACKSTALKERCOP_is1) (Version: 2.0.0.12 - GOG.com)
Scarface PL 1.0 (HKLM-x32\...\Scarface PL_is1) (Version:  - SPPS)
Scarface: The World is Yours (HKLM-x32\...\InstallShield_{28142407-ACAD-4ECD-A6B6-9FA8471F6062}) (Version: 1.00.0000 - Sierra Entertainment)
Scarface: The World is Yours (x32 Version: 1.00.0000 - Sierra Entertainment) Hidden
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Sniper Elite 3, âĺđńč˙ 1.04 (HKLM-x32\...\Sniper Elite 3_is1) (Version: 1.04 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
This War of Mine (HKLM-x32\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios)
Unity Web Player (HKU\S-1-5-21-650939117-3586436885-2187705258-1000\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-650939117-3586436885-2187705258-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D65E69F-D242-466A-A0CC-61942357B64C} - System32\Tasks\WINshell Event Notification => C:\Users\Adam\AppData\Local\Temp\SBCint2.exe [2014-10-03] (Sun Micro Systems Inc.) <==== ATTENTION
Task: {110E4A8F-01D0-439B-858A-458B44B1413A} - System32\Tasks\RPMKXY => C:\Users\Adam\AppData\Roaming\RPMKXY.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {5685EC2C-DA17-40F9-AB37-1F194D2D4C4C} - System32\Tasks\{08B6A94B-1504-4C43-A761-A309760F74F9} => pcalua.exe -a C:\Users\Adam\Downloads\jxpiinstall.exe -d C:\Users\Adam\Downloads
Task: {612CA3ED-6E6C-4F44-B98E-4F3B95274CC6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {69501B94-E6D1-4862-86EA-EF6955A6741A} - System32\Tasks\XJ => C:\Users\Adam\AppData\Roaming\XJ.exe [2015-02-28] (InstallMoonV28.02) <==== ATTENTION
Task: {7A6B7DE2-11A0-4ED3-9E44-C5AB7BE4467B} - System32\Tasks\WINshell Event Logging => C:\Users\Adam\AppData\Local\Temp\Dscp1.exe [2014-10-26] () <==== ATTENTION
Task: {80D1BD89-5C95-4A26-80E7-87AC4B5367EB} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {907B6E32-4867-481A-9768-DE32EC7BF0C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {ACEA75D8-4353-45C5-A103-6A7E45DE3BF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {D4017962-C536-4AF2-9905-E82A4CE50B39} - System32\Tasks\{D389374A-2DF3-4546-8746-05BD760C3878} => pcalua.exe -a E:\setup.exe -d E:\
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RPMKXY.job => C:\Users\Adam\AppData\Roaming\RPMKXY.exe <==== ATTENTION
Task: C:\Windows\Tasks\XJ.job => C:\Users\Adam\AppData\Roaming\XJ.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2014-04-16 16:09 - 2014-04-16 16:09 - 00016384 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2014-11-01 21:54 - 2015-02-05 16:18 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-19 20:22 - 2014-02-19 20:22 - 01057792 _____ () C:\ProgramData\{f4e615f5-4e14-b197-f4e6-615f54e157d5}\fury-pol-5984277.exe
2014-11-20 17:27 - 2014-11-20 17:27 - 01243968 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
2012-11-27 08:03 - 2012-11-27 08:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.DLL
2014-11-10 20:20 - 2015-02-24 06:35 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-11-10 20:20 - 2015-02-24 06:35 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2012-11-27 08:03 - 2012-11-27 08:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2014-09-01 14:48 - 2014-09-01 14:48 - 00311296 _____ () C:\Program Files (x86)\Gigabyte\SIV\MFCCPU.dll
2012-11-28 22:03 - 2012-11-28 22:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\SIV\ycc.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2015-02-04 21:13 - 2015-02-04 21:13 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-01-27 11:05 - 2015-01-27 11:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-31 21:59 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-650939117-3586436885-2187705258-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Adam (S-1-5-21-650939117-3586436885-2187705258-1000 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-650939117-3586436885-2187705258-500 - Administrator - Disabled)
Gość (S-1-5-21-650939117-3586436885-2187705258-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2015 07:03:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 11:32:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 11:21:31 PM) (Source: MsiInstaller) (EventID: 11309) (User: Adam-Komputer)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (02/28/2015 11:19:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 04:17:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 00:54:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2015 07:20:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/27/2015 02:28:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/27/2015 06:23:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2015 03:36:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Nero Update niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Intel® Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Intel® Capability Licensing Service Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (02/28/2015 11:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa GIGABYTE Adjust niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-01 21:25:14.396
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Adam\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-01 21:25:14.376
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Adam\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-01 21:25:14.166
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-01 21:25:14.136
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 59%
Total physical RAM: 3988.22 MB
Available physical RAM: 1608.58 MB
Total Pagefile: 7974.63 MB
Available Pagefile: 5413.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:299.9 GB) (Free:178.94 GB) NTFS
Drive d: () (Fixed) (Total:631.51 GB) (Free:313.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CC871AAD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=299.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=631.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

b6b78815.png

Arkzyw Pomocnik

Arkzyw

Opublikowano
Pomocnik

Arkzyw

Opublikowano

Przeskanuj FRST jeszcze raz i daj nowe logi.

Retro PC:

MB: BEK-TRONIC BEK-3708 | CPU: AMD Am386 DX-40 40MHz | GPU: Trident 8900CL 1MB | Sound: SoundBlaster Vibra 16 | RAM:16MB(4x4) FPM SIMM Hyundai | HDD: 1.08GB Quantum Fireball | OS: DOS 6.22/Win 3.1

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Pytania
×
×
  • Dodaj nową pozycję...