Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

COmbofix LOG PLS Help


  • This topic is locked This topic is locked
10 replies to this topic

#1 Polo6600

Polo6600

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 10 May 2016 - 06:32 PM

ComboFix 16-04-29.01 - Piotr 2016-05-11   0:57:18.4.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.4095.2397 [GMT 2:00]
Uruchomiony z: C:\Users\Piotr\Downloads\ComboFix.exe
AV: 360 Total Security *Disabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
SP: 360 Total Security *Disabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


(((((((((((((((((((((((((   Pliki utworzone od 2016-04-10 do 2016-05-10  )))))))))))))))))))))))))))))))


2016-05-10 22:53:39 . 2016-05-10 22:53:39    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5194CCA2-63A9-4369-8EE5-C4572ED5B156}\offreg.2712.dll
2016-05-10 22:24:53 . 2016-05-10 22:24:53    --------    d-----w-    C:\Users\Piotr\AppData\Local\OverspendingExposures
2016-05-10 17:46:29 . 2016-05-10 17:46:30    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5194CCA2-63A9-4369-8EE5-C4572ED5B156}\offreg.2160.dll
2016-05-10 16:25:03 . 2016-05-10 16:33:04    --------    d-----w-    C:\AdwCleaner
2016-05-09 22:20:41 . 2016-05-09 22:20:41    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5194CCA2-63A9-4369-8EE5-C4572ED5B156}\offreg.2172.dll
2016-05-08 11:06:47 . 2016-05-08 11:06:47    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5194CCA2-63A9-4369-8EE5-C4572ED5B156}\offreg.2256.dll
2016-05-08 11:00:40 . 2016-04-20 01:13:27    11695896    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5194CCA2-63A9-4369-8EE5-C4572ED5B156}\mpengine.dll
2016-04-29 12:34:38 . 2016-04-29 12:59:01    --------    d-----w-    C:\PIT Format 2015
2016-04-16 15:23:37 . 2016-04-16 15:23:37    --------    d-----w-    C:\Program Files (x86)\MSXML 4.0
2016-04-14 17:27:28 . 2016-04-14 17:29:52    --------    d-----w-    C:\Users\Piotr\AppData\Roaming\Nero
2016-04-14 17:22:57 . 2016-04-14 17:24:08    --------    d-----w-    C:\Program Files (x86)\Nero
2016-04-14 17:22:16 . 2016-04-14 17:25:04    --------    d-----w-    C:\Program Files (x86)\Common Files\Nero
2016-04-14 17:22:16 . 2016-04-14 17:23:36    --------    d-----w-    C:\ProgramData\Nero
2016-04-14 17:07:52 . 2016-05-10 14:02:12    --------    d-----w-    C:\Users\Piotr\AppData\Local\PrepaymentSandboxes
2016-04-14 17:03:18 . 2016-04-14 17:06:39    --------    d-----w-    C:\ProgramData\SlySoft
2016-04-14 17:03:10 . 2016-04-14 17:06:43    --------    d-----w-    C:\Program Files (x86)\RedFox
.


((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2016-04-27 12:25:53 . 2009-12-19 22:41:43    45056    ----a-w-    C:\Windows\system32\acovcnt.exe
2016-04-21 13:05:02 . 2010-01-28 14:08:19    453288    ------w-    C:\Windows\system32\MpSigStub.exe
2016-03-26 10:52:54 . 2009-12-09 21:27:04    143659408    ----a-w-    C:\Windows\system32\MRT.exe
2016-02-11 18:56:28 . 2016-03-26 11:26:46    5572032    ----a-w-    C:\Windows\system32\ntoskrnl.exe
2016-02-11 18:56:26 . 2016-03-26 11:26:53    95680    ----a-w-    C:\Windows\system32\drivers\ksecdd.sys
2016-02-11 18:56:26 . 2016-03-26 11:26:51    154560    ----a-w-    C:\Windows\system32\drivers\ksecpkg.sys
2016-02-11 18:52:52 . 2016-03-26 11:26:47    1733592    ----a-w-    C:\Windows\system32\ntdll.dll
2016-02-11 18:49:42 . 2016-03-26 11:26:48    13312    ----a-w-    C:\Windows\system32\wow64cpu.dll
2016-02-11 18:49:42 . 2016-03-26 11:26:47    362496    ----a-w-    C:\Windows\system32\wow64win.dll
2016-02-11 18:49:42 . 2016-03-26 11:26:47    243712    ----a-w-    C:\Windows\system32\wow64.dll
2016-02-11 18:49:24 . 2016-03-26 11:26:51    215040    ----a-w-    C:\Windows\system32\winsrv.dll
2016-02-11 18:49:19 . 2016-03-26 11:26:56    210432    ----a-w-    C:\Windows\system32\wdigest.dll
2016-02-11 18:49:08 . 2016-03-26 11:27:13    86528    ----a-w-    C:\Windows\system32\TSpkg.dll
2016-02-11 18:49:00 . 2016-03-26 11:27:13    28672    ----a-w-    C:\Windows\system32\sspisrv.dll
2016-02-11 18:49:00 . 2016-03-26 11:26:48    135680    ----a-w-    C:\Windows\system32\sspicli.dll
2016-02-11 18:48:58 . 2016-03-26 11:26:49    503808    ----a-w-    C:\Windows\system32\srcore.dll
2016-02-11 18:48:58 . 2016-03-26 11:26:49    50176    ----a-w-    C:\Windows\system32\srclient.dll
2016-02-11 18:48:16 . 2016-03-26 11:26:48    28160    ----a-w-    C:\Windows\system32\secur32.dll
2016-02-11 18:48:14 . 2016-03-26 11:26:55    344064    ----a-w-    C:\Windows\system32\schannel.dll
2016-02-11 18:48:12 . 2016-03-26 11:26:49    1214464    ----a-w-    C:\Windows\system32\rpcrt4.dll
2016-02-11 18:47:33 . 2016-03-26 11:26:51    16384    ----a-w-    C:\Windows\system32\ntvdm64.dll
2016-02-11 18:45:59 . 2016-03-26 11:26:50    312320    ----a-w-    C:\Windows\system32\ncrypt.dll
2016-02-11 18:45:56 . 2016-03-26 11:26:55    315392    ----a-w-    C:\Windows\system32\msv1_0.dll
2016-02-11 18:45:51 . 2016-03-26 11:27:07    60416    ----a-w-    C:\Windows\system32\msobjs.dll
2016-02-11 18:45:35 . 2016-03-26 11:27:11    146432    ----a-w-    C:\Windows\system32\msaudite.dll
2016-02-11 18:44:45 . 2016-03-26 11:26:44    3994560    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44:45 . 2016-03-26 11:26:44    3938240    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44:42 . 2016-03-26 11:26:48    1461248    ----a-w-    C:\Windows\system32\lsasrv.dll
2016-02-11 18:44:34 . 2016-03-26 11:26:50    422400    ----a-w-    C:\Windows\system32\KernelBase.dll
2016-02-11 18:44:34 . 2016-03-26 11:26:48    730112    ----a-w-    C:\Windows\system32\kerberos.dll
2016-02-11 18:44:34 . 2016-03-26 11:26:47    1163264    ----a-w-    C:\Windows\system32\kernel32.dll
2016-02-11 18:42:25 . 2016-03-26 11:26:55    43520    ----a-w-    C:\Windows\system32\csrsrv.dll
2016-02-11 18:42:24 . 2016-03-26 11:27:01    43520    ----a-w-    C:\Windows\system32\cryptbase.dll
2016-02-11 18:42:24 . 2016-03-26 11:26:50    22016    ----a-w-    C:\Windows\system32\credssp.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:11    5120    ---ha-w-    C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:11    3584    ---ha-w-    C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:11    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:11    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:11    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:11    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:08    4608    ---ha-w-    C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:08    4096    ---ha-w-    C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:08    3584    ---ha-w-    C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:08    3584    ---ha-w-    C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:03    4608    ---ha-w-    C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:03    4096    ---ha-w-    C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:03    4096    ---ha-w-    C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:03    3584    ---ha-w-    C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:03    3584    ---ha-w-    C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:03    3584    ---ha-w-    C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:03    3072    ---ha-w-    C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:02    4096    ---ha-w-    C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:02    3584    ---ha-w-    C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:27:01    6144    ---ha-w-    C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 18:41:37 . 2016-03-26 11:26:55    6656    ----a-w-    C:\Windows\system32\apisetschema.dll
2016-02-11 18:41:36 . 2016-03-26 11:26:48    880128    ----a-w-    C:\Windows\system32\advapi32.dll
2016-02-11 18:41:36 . 2016-03-26 11:26:48    686080    ----a-w-    C:\Windows\system32\adtschema.dll
2016-02-11 18:41:11 . 2016-03-26 11:26:47    1314328    ----a-w-    C:\Windows\SysWow64\ntdll.dll
2016-02-11 18:38:24 . 2016-03-26 11:26:49    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2016-02-11 18:38:24 . 2016-03-26 11:26:49    665088    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2016-02-11 18:38:24 . 2016-03-26 11:26:48    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2016-02-11 18:38:23 . 2016-03-26 11:26:49    275456    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2016-02-11 18:38:07 . 2016-03-26 11:26:52    171520    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2016-02-11 18:38:00 . 2016-03-26 11:27:13    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2016-02-11 18:37:53 . 2016-03-26 11:26:49    43008    ----a-w-    C:\Windows\SysWow64\srclient.dll
2016-02-11 18:37:11 . 2016-03-26 11:26:48    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2016-02-11 18:37:09 . 2016-03-26 11:26:52    251392    ----a-w-    C:\Windows\SysWow64\schannel.dll
2016-02-11 18:35:14 . 2016-03-26 11:26:50    223232    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2016-02-11 18:35:09 . 2016-03-26 11:26:52    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2016-02-11 18:35:06 . 2016-03-26 11:27:07    60416    ----a-w-    C:\Windows\SysWow64\msobjs.dll
2016-02-11 18:34:26 . 2016-03-26 11:27:11    146432    ----a-w-    C:\Windows\SysWow64\msaudite.dll
2016-02-11 18:33:30 . 2016-03-26 11:26:48    553472    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2016-02-11 18:31:25 . 2016-03-26 11:26:49    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2016-02-11 18:30:36 . 2016-03-26 11:26:55    6656    ----a-w-    C:\Windows\SysWow64\apisetschema.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:11    5120    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:11    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:11    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:11    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:09    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:08    4096    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:08    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:08    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:03    4608    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:03    4096    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 18:30:35 . 2016-03-26 11:27:03    4096    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll


(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))


*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08:18    143360    ----a-w-    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GlassWire"="C:\Program Files (x86)\GlassWire\GlassWire.exe" [2016-02-05 07:32:52 10572288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 18:17:54 106496]
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 17:29:42 105016]
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 18:20:56 8493624]
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 18:09:30 159744]
"QHSafeTray"="C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe" [2016-02-01 06:20:33 3106936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2013-05-08 21:20:00    41056    ----a-w-    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2009-06-24 19:30:18    272952    ----a-w-    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-10-07 11:26:22    72248    ----a-w-    C:\Windows\AsScrProlog.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-10-07 11:26:15    3054136    ----a-w-    C:\Windows\AsScrPro.exe

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe

R2 .1260103948;1260103948;C:\Program Files (x86)\1260103948\Piotr1260103948L.exe;C:\Program Files (x86)\1260103948\Piotr1260103948L.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 FastBootAgent;FastBootAgent;C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe;C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [x]
R3 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
R3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS;C:\Windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 BTCOM;Bluetooth Serial port driver;C:\Windows\system32\DRIVERS\btcomport.sys;C:\Windows\SYSNATIVE\DRIVERS\btcomport.sys [x]
R3 dc3d;MS Hardware Device Detection Driver;C:\Windows\system32\DRIVERS\dc3d.sys;C:\Windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys;C:\Windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R3 Prot6Flt;Prot6Flt;C:\Windows\system32\DRIVERS\Prot6Flt.sys;C:\Windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys;C:\Windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\system32\DRIVERS\VBoxNetAdp.sys;C:\Windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;C:\Windows\system32\DRIVERS\VBoxNetFlt.sys;C:\Windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va001;X6va001;C:\Users\Piotr\AppData\Local\Temp\001F494.tmp;C:\Users\Piotr\AppData\Local\Temp\001F494.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 360Box64;360Box mini-filter driver;C:\Windows\system32\DRIVERS\360Box64.sys;C:\Windows\SYSNATIVE\DRIVERS\360Box64.sys [x]
S1 360Camera;360Safe Camera Filter Service;C:\Windows\system32\Drivers\360Camera64.sys;C:\Windows\SYSNATIVE\Drivers\360Camera64.sys [x]
S1 360FsFlt;360FsFlt mini-filter driver;C:\Windows\system32\DRIVERS\360FsFlt.sys;C:\Windows\SYSNATIVE\DRIVERS\360FsFlt.sys [x]
S1 avgtp;avgtp;C:\Windows\system32\drivers\avgtpx64.sys;C:\Windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 BAPIDRV;BAPIDRV;C:\Windows\system32\DRIVERS\BAPIDRV64.sys;C:\Windows\SYSNATIVE\DRIVERS\BAPIDRV64.sys [x]
S1 gwdrv;GlassWire Driver;C:\Windows\system32\DRIVERS\gwdrv.sys;C:\Windows\SYSNATIVE\DRIVERS\gwdrv.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;Usługa licencjonowania programu ABBYY FineReader 9.0;C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe;C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [x]
S2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys;C:\Program Files\ATKGFNEX\ASMMAP64.sys [x]
S2 BsMobileCS;BsMobileCS;C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe;C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [x]
S2 cPhoneSDKCS;cPhoneSDKCS;C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe;C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe [x]
S2 GlassWire;GlassWire Control Service;C:\Program Files (x86)\GlassWire\GWCtlSrv.exe;C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [x]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 QHActiveDefense;360 Total Security;C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe;C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [x]
S3 360AntiHacker;360Safe Anti Hacker Service;C:\Windows\system32\Drivers\360AntiHacker64.sys;C:\Windows\SYSNATIVE\Drivers\360AntiHacker64.sys [x]
S3 360AvFlt;360AvFlt mini-filter driver;C:\Windows\system32\DRIVERS\360AvFlt.sys;C:\Windows\SYSNATIVE\DRIVERS\360AvFlt.sys [x]
S3 BtHidBus;BtHidBus;C:\Windows\system32\Drivers\BtHidBus.sys;C:\Windows\SYSNATIVE\Drivers\BtHidBus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IvtAudioBusSrv;IvtAudioBusSrv;C:\Windows\system32\Drivers\IvtBtBus.sys;C:\Windows\SYSNATIVE\Drivers\IvtBtBus.sys [x]
S3 IvtComBusSrv;IvtComBusSrv;C:\Windows\system32\Drivers\btcombus.sys;C:\Windows\SYSNATIVE\Drivers\btcombus.sys [x]
S3 IvtPanBusSrv;IvtPanBusSrv;C:\Windows\system32\Drivers\btnetBus.sys;C:\Windows\SYSNATIVE\Drivers\btnetBus.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\system32\drivers\nvvad64v.sys;C:\Windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]


--- Inne Usługi/Sterowniki w Pamięci ---

*Deregistered* - BstHdDrv
*Deregistered* - rzpmgrk

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-23 22:12:56    1086280    ----a-w-    C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52:58    159744    ----a-w-    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" [2009-06-12 03:36:19 619392]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 13:17:03 320000]

------- Skan uzupełniający -------

uStart Page = hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Wyslij przez wiadomosc(&M)... - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
IE: Wyślij przez Bluetooth - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\k46d1v7h.default\
FF - prefs.js: browser.search.selectedEngine - Sweetpacks Search
FF - prefs.js: browser.startup.homepage - hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki
FF - prefs.js: keyword.URL - hxxp://mysearch.sweetpacks.com?src=6&barid=&did=10963&&st=23&UPN2=92263621590287270&q=

- - - - USUNIĘTO PUSTE WPISY - - - -

Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110511731104} - C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-bho64.dll
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-Adobe Shockwave Player - C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe
AddRemove-Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\Installer\setup.exe
AddRemove-{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1 - C:\Users\Piotr\AppData\Local\unins000.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2894854v2 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2898869 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2901126 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2931368 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972107 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2972216 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2978128 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2979578v2 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074230 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074550 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3097996 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3098781 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:57 AM

Posted 11 May 2016 - 07:59 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please let me know what problems you are still having after these tools have been executed.
---

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===


Please post the logs.

#3 Polo6600

Polo6600
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 11 May 2016 - 10:23 AM

Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 2016-05-11 15:45, SYSTEM, PIOTR-KOMPUTER, Protection, Malware Protection, Starting,
Protection, 2016-05-11 15:45, SYSTEM, PIOTR-KOMPUTER, Protection, Malware Protection, Started,
Protection, 2016-05-11 15:45, SYSTEM, PIOTR-KOMPUTER, Protection, Malicious Website Protection, Starting,
Protection, 2016-05-11 15:45, SYSTEM, PIOTR-KOMPUTER, Protection, Malicious Website Protection, Started,
Update, 2016-05-11 15:47, SYSTEM, PIOTR-KOMPUTER, Manual, Remediation Database, 2016.2.12.1, 2016.5.6.1,
Update, 2016-05-11 15:47, SYSTEM, PIOTR-KOMPUTER, Manual, Rootkit Database, 2016.2.8.1, 2016.5.6.1,
Update, 2016-05-11 15:47, SYSTEM, PIOTR-KOMPUTER, Manual, Domain Database, 2016.2.16.8, 2016.5.11.3,
Update, 2016-05-11 15:48, SYSTEM, PIOTR-KOMPUTER, Manual, Malware Database, 2016.2.16.6, 2016.5.11.3,
Update, 2016-05-11 15:48, SYSTEM, PIOTR-KOMPUTER, Manual, IP Database, 2016.2.8.1, 2016.5.11.1,
Protection, 2016-05-11 15:48, SYSTEM, PIOTR-KOMPUTER, Protection, Refresh, Starting,
Protection, 2016-05-11 15:48, SYSTEM, PIOTR-KOMPUTER, Protection, Malicious Website Protection, Stopping,
Protection, 2016-05-11 15:48, SYSTEM, PIOTR-KOMPUTER, Protection, Malicious Website Protection, Stopped,
Protection, 2016-05-11 15:48, SYSTEM, PIOTR-KOMPUTER, Protection, Refresh, Success,
Protection, 2016-05-11 15:48, SYSTEM, PIOTR-KOMPUTER, Protection, Malicious Website Protection, Starting,
Protection, 2016-05-11 15:48, SYSTEM, PIOTR-KOMPUTER, Protection, Malicious Website Protection, Started,

(end)


# AdwCleaner v5.116 - raport utworzono 11/05/2016 o 17:03:58
# Ostatnia aktualizacja 09/05/2016 przez Xplode
# Baza danych : 2016-05-09.1 [lokalna]
# System operacyjny : Windows 7 Home Premium Service Pack 1 (X64)
# Nazwa użytkownika : Piotr - PIOTR-KOMPUTER
# Lokalizacja programu : C:\Users\Piotr\Downloads\adwcleaner_5.116.exe
# Działanie : Usuń
# Pomoc techniczna : http://toolslib.net/forum

***** [ Usługi ] *****


***** [ Foldery ] *****


***** [ Pliki ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Skróty ] *****


***** [ Zaplanowane zadania ] *****


***** [ Rejestr ] *****

[-] Wartość usunięto : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
[-] Klucz usunięto : HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I

***** [ Przeglądarki internetowe ] *****


*************************

:: Usunięto klucz "Tracing"
:: Zresetowano ustawienia Winsock

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [42873 bajty] - [10/05/2016 18:33:04]
C:\AdwCleaner\AdwCleaner[C2].txt - [1058 bajty] - [11/05/2016 17:03:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [47197 bajty] - [10/05/2016 18:25:27]
C:\AdwCleaner\AdwCleaner[S2].txt - [1294 bajty] - [11/05/2016 16:57:18]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1278 bajty] ##########
 


Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:09-05-2016
Uruchomiony przez Piotr (2016-05-11 17:16:41)
Uruchomiony z C:\Users\Piotr\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2009-12-06 12:52:28)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-918866591-1109592357-3514061678-500 - Administrator - Disabled)
Gość (S-1-5-21-918866591-1109592357-3514061678-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-918866591-1109592357-3514061678-1002 - Limited - Enabled)
Piotr (S-1-5-21-918866591-1109592357-3514061678-1000 - Administrator - Enabled) => C:\Users\Piotr

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

ABBYY FineReader 8.0 Professional Edition (HKLM-x32\...\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 8.00.731.4606 - ABBYY Software House)
ABBYY FineReader 9.0 Home Edition (HKLM-x32\...\ABBYY FineReader 9.0 Home Edition) (Version: 9.00.145.5832 - ABBYY)
ABBYY FineReader 9.0 Home Edition (x32 Version: 9.00.145.5832 - ABBYY) Hidden
ABBYY FineReader 9.0 Professional Edition (HKLM-x32\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.662.5581 - ABBYY)
Ace Utilities (HKLM\...\Ace Utilities_is1) (Version: 5.7.0 - Acelogix Software)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version:  - Microsoft)
Aktualizacje NVIDIA 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
ALTools Update (HKLM-x32\...\ALUpdate_is1) (Version:  - ESTsoft Corp.)
Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0013 - ASUS)
ASUS FancyStart (HKLM-x32\...\{60D6618B-153F-4353-8185-908E676E5888}) (Version: 1.0.5 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus)
Asus_Camera_ScreenSaver (HKLM-x32\...\Asus_Camera_ScreenSaver) (Version: 2.0.0009 - ASUS)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.2.0.18 - AVG Technologies)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueSoleil 10.0.485.2 (HKLM\...\{DE75AF0C-1639-4656-87FB-F7A66C8ED64F}) (Version: 10.0.485.2 - Nazwa firmy)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Combined Community Codec Pack 2010-10-10 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Counter-Strike™ (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delcam Dental 2010 SP2 (HKLM-x32\...\{2238BA56-8A51-4BA7-8CC5-699C56ED1508}) (Version: 10.2.03 - Delcam)
e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 6.0.1 - Ministerstwo Finansow)
e-Deklaracje Desktop (x32 Version: 6.0.1 - Ministerstwo Finansow) Hidden
ETDWare PS/2-x64 7.0.5.5_WHQL (HKLM\...\Elantech) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.3 - ASUS)
Feed Viewer for Windows SideShow (HKLM-x32\...\{E4DA04B6-3EC4-4DFD-A14E-44959EF36D5B}) (Version: 1.0.7252.0 - Microsoft Corporation)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GlassWire 1.0 (remove only) (HKLM-x32\...\GlassWire 1.0) (Version: 1.0.69 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Deskjet 2050 J510 series Badanie ulepszeń produktu (HKLM\...\{878D7EAE-7B73-484B-AC39-FFCF5760D672}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Podstawowe oprogramowanie urządzenia (HKLM\...\{1497F824-EBC0-4277-B40D-1A0D6892C0D5}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Pomoc (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.2.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.2.0 - )
Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}) (Version: 2.0.317 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Remote (HKLM-x32\...\{21550042-EA9F-4419-A8D7-DF732DCEB76E}) (Version: 1.0.7252.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (HKLM-x32\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.760 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 43.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 pl)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.49 (HKLM-x32\...\Mp3tag) (Version: v2.49 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Nero 9 Essentials (HKLM-x32\...\{30d6d1b7-fa41-4db5-a700-2ef9451cd178}) (Version:  - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 260.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 260.99 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
Odkurzacz (HKLM-x32\...\Odkurzacz 14.0_is1) (Version: 14.0.0.4000 - FranmoSoftware - Maciej Opaliński)
Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
PIT Format 2015 (HKLM-x32\...\PIT Format 2015_is1) (Version:  - Biuro Informatyki Stosowanej FORMAT)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocnik Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Ricochet (HKLM-x32\...\Steam App 60) (Version:  - Valve)
RMVB Player 1.0 (HKLM-x32\...\RMVB Player_is1) (Version:  - vsevensoft.com)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Software Informer 1.0 BETA (HKLM-x32\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
SRS Premium Sound Control Panel (HKLM\...\{D42F84B6-3709-4A50-8502-6719D16AE6C8}) (Version: 1.07.0000 - SRS Labs, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam™ (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TweakRAM (HKLM-x32\...\TweakRAM) (Version: 7.1.5.31 - Elcor Software)
TweakRAM Compatibility Patch (HKLM\...\{0d7ccbd7-0253-47a8-84f3-30d030038f37}.sdb) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VSO Downloader 4.2.6.2 (HKLM-x32\...\{A0D0BA9E-F1A6-44FF-AA14-03ED96B3D56D}_is1) (Version: 4.2.6.2 - VSO Software)
VSO EVE Network Driver version 1.0.0.27 (HKLM-x32\...\{AC0AFDC9-4FB1-44FE-B3E1-82300BF3D756}_is1) (Version: 1.0.0.27 - VSO Software)
Windows 7 Manager (HKLM\...\{25549E63-A66C-45A1-8CFF-6E9B14A69BC0}) (Version: 4.2.7 - Yamicsoft)
Windows Live Sync (HKLM-x32\...\{C3335EFB-008F-44DB-A87A-9EC8EE53D045}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)
Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.0.0 - Ministerstwo Finansów)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-918866591-1109592357-3514061678-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Piotr\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0D632AE7-4AC0-449F-80D5-F07696FD57E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {244FB336-AACA-4949-8BAB-281CD864533F} - System32\Tasks\AdobeAAMUpdater-1.0-Piotr-Komputer-Piotr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {2744EA9D-B674-4B96-8E14-5EC61D063569} - System32\Tasks\6bfe4980 => C:\Users\Piotr\AppData\Local\Temp\\setup158514368.exe <==== UWAGA
Task: {2BBACDFB-7712-4D25-A241-B809E44DF9CA} - System32\Tasks\Games\UpdateCheck_S-1-5-21-918866591-1109592357-3514061678-1000
Task: {2D1F1F51-0D38-4F84-B71B-DA5CCABE1CFB} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-07-23] ()
Task: {2F2DCEDF-5F8F-4CCD-9A7D-8AA1BE5EDBFF} - System32\Tasks\{7C45699E-79CC-4BE1-922E-2EEB16ACDA0E} => pcalua.exe -a F:\setup.exe -d F:\
Task: {4338A197-6657-4CCF-BE4A-2984F1CFC85F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-918866591-1109592357-3514061678-1000UA => C:\Users\Piotr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {4CBCB48C-B8AE-46CC-BE5E-9C45FFFF948A} - System32\Tasks\{64F98B8B-614E-4431-B1F1-398EFA69D41F} => pcalua.exe -a "C:\Users\Piotr\Desktop\Counter Strike 1.6\Counter Strike 1.6 Maps.exe" -d "C:\Users\Piotr\Desktop\Counter Strike 1.6"
Task: {538E72E2-CEA5-479E-B013-206FA986FE21} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {7003669B-62E1-49D5-8B6F-D9130526263E} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] ()
Task: {723F8939-84DB-499C-8ED5-2C31DA30B59A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {835EC4DD-D780-4683-995E-C0CFAB95FF6E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {A3FAB3C2-31DA-4E46-BDD9-7FEDE869EC9F} - System32\Tasks\{CE084A90-45DC-4823-B3E2-1FDB573212D8} => pcalua.exe -a "C:\Program Files (x86)\Valve\Steam\steam.exe" -c steam://uninstall/202990
Task: {A6164F02-5444-4F9C-97C7-9A911A6E7C34} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {AFDC5FC2-E513-4F94-8E70-C97F7D01455B} - System32\Tasks\{54A58209-AC1D-4F22-ACDC-F85BDA07490B} => pcalua.exe -a "C:\Users\Piotr\Downloads\Illustrator 11 CS\setup.exe" -d "C:\Users\Piotr\Downloads\Illustrator 11 CS"
Task: {B6F29942-D45A-46B8-A638-5BC786A49A92} - System32\Tasks\{2736AD86-781B-47B8-A937-7172FF8CAE0E} => pcalua.exe -a K:\unInstaller.exe -d K:\
Task: {BEAD4C37-AD13-4D89-A485-8624C4AEB628} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {C2120E1F-6103-4D08-BECC-4B2C11DF62AF} - System32\Tasks\{D4A183EF-EAAD-4C1E-AAFB-B0E2896CC9C8} => pcalua.exe -a F:\setup.exe -d F:\
Task: {D090935F-409D-4992-861A-96045EB91579} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {D6E1931B-9D54-4F44-B218-45361A07AFA4} - System32\Tasks\{66A1666F-1D24-4EBB-ACC7-86E0920D623B} => pcalua.exe -a C:\Users\Piotr\Downloads\dziennik.exe -d C:\Users\Piotr\Downloads
Task: {D6F7096B-834D-431A-A13F-37F49899AD6D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-918866591-1109592357-3514061678-1000Core => C:\Users\Piotr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {D8ED83AD-F13A-4907-883E-8968DCF54153} - System32\Tasks\{4DCD4889-84AA-4D64-8602-B61E7410D58C} => pcalua.exe -a E:\NeostradaTP\Neostrada.exe -d E:\NeostradaTP
Task: {EBB8A9CE-7337-4096-A9DF-5B05D2E63B37} - System32\Tasks\{340061A4-D42D-472D-B3E6-EF25B8559423} => pcalua.exe -a F:\setup.exe -d F:\
Task: {EBC36C4A-D603-40DA-86CF-DAC713EA8959} - System32\Tasks\{C48D00B6-0798-40C1-A76B-94703D591D74} => pcalua.exe -a E:\setup.exe -d E:\
Task: {F1D92E2B-5089-4997-9FBA-C1B87904DA18} - System32\Tasks\AceUtilsSkipUAC => C:\Program Files\Ace Utilities\au.exe [2014-10-26] (Acelogix Software)
Task: {F4B1353C-E34A-457C-AF80-ED5D314DE018} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {F7AB05EA-A4E1-44DC-934E-FAD08F55C113} - System32\Tasks\{9B25DD99-A67F-4E94-B056-99F238A56742} => pcalua.exe -a C:\Users\Piotr\Downloads\583_2_FR9HE_TryAndBuy.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F89744D7-0DFE-4C19-A6EB-898B9BC92B8C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-07-29] (ATK)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

ShortcutWithArgument: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\GoodPlayer\GoodPlayer.lnk -> C:\Program Files\GoodPlayer\GoodPlayer.exe () -> C:\AUTOEXEC.BAT

==================== Załadowane moduły (filtrowane) ==============

2009-10-07 13:18 - 2007-08-08 09:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2015-01-27 15:53 - 2015-01-27 15:53 - 00027432 _____ () C:\Windows\System32\BsTrace.dll
2013-08-05 08:15 - 2013-08-05 08:15 - 00070712 _____ () C:\Windows\system32\bdmpega64.acm
2008-08-14 05:59 - 2008-08-14 05:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2009-07-23 02:58 - 2009-07-23 02:58 - 00017976 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2009-05-05 19:00 - 2009-05-05 19:00 - 00041472 _____ () C:\Program Files\P4G\DevMng.dll
2009-07-27 19:12 - 2009-07-27 19:12 - 00026624 _____ () C:\Program Files\P4G\OvrClk.dll
2009-10-07 13:18 - 2007-03-10 03:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-07-24 19:32 - 2009-07-24 19:32 - 01593344 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2007-06-15 19:28 - 2007-06-15 19:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-02 01:52 - 2007-06-02 01:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2015-01-27 15:53 - 2015-01-27 15:53 - 00027432 _____ () C:\Windows\system32\BsTrace.dll
2015-01-27 15:53 - 2015-01-27 15:53 - 00015656 _____ () C:\Windows\system32\BsHelpCSps.dll
2015-01-27 15:52 - 2015-01-27 15:52 - 00029992 _____ () C:\Windows\SysWow64\BsHelpCSps.dll
2014-11-03 16:54 - 2014-11-03 16:54 - 00234792 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\BaseLib.dll
2014-11-03 16:54 - 2014-11-03 16:54 - 00054568 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\ExtraLib.dll
2014-11-03 16:54 - 2014-11-03 16:54 - 00046888 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\cscvt.dll
2014-11-03 16:54 - 2014-11-03 16:54 - 00038184 _____ () C:\Windows\SysWOW64\cPhoneSDKCSps.dll
2016-02-05 09:32 - 2016-02-05 09:32 - 00246272 _____ () C:\Program Files (x86)\GlassWire\GeoIP.dll
2007-06-15 19:28 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 02:08 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 04:34 - 2016-05-10 19:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-918866591-1109592357-3514061678-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Obecnie brak automatycznej naprawy dla tej sekcji.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{D02DEEB6-D160-4FB9-8FE2-1513ECB6AE11}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{D463E578-40B6-4F37-A0EC-F4F56BE5BCB5}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [UDP Query User{A2AA1595-92CE-4DE9-8167-33DCDB31A0DE}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [{B2C6B0BF-CEF1-49FB-B10C-7795643B2AEA}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{4E95F88B-AD12-431C-8EC9-1124F0F48306}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{475C4AAD-CF45-44D4-A675-6AB28C563C09}C:\program files (x86)\gadu-gadu 10\gg.exe] => (Allow) C:\program files (x86)\gadu-gadu 10\gg.exe
FirewallRules: [UDP Query User{88E4FF44-87E1-4C89-8EFE-03198B870A1C}C:\program files (x86)\gadu-gadu 10\gg.exe] => (Allow) C:\program files (x86)\gadu-gadu 10\gg.exe
FirewallRules: [TCP Query User{A16F05EA-122B-4F13-B9B4-F361E01B654F}C:\program files (x86)\gadu-gadu 10\gg.exe] => (Block) C:\program files (x86)\gadu-gadu 10\gg.exe
FirewallRules: [UDP Query User{536DAB6F-1C2F-4D82-9322-E0CB50C5ADCD}C:\program files (x86)\gadu-gadu 10\gg.exe] => (Block) C:\program files (x86)\gadu-gadu 10\gg.exe
FirewallRules: [{EFADB097-3AA4-453B-B720-7BB64CB05650}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A929B556-BB25-4964-ACFF-EAEF3AB423CA}] => (Allow) LPort=2869
FirewallRules: [{837838BE-660E-4997-9F4C-14495D57F19A}] => (Allow) LPort=1900
FirewallRules: [{98CF2259-7BAD-4B40-9F00-0A809F71295F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3AEB961F-9EAA-4D41-A589-7C966BEF6153}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{BEE0878E-D943-48A3-9609-F6E8EA505359}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{303248E0-7E96-4215-B8AA-45486A03B244}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D1713A15-A099-4F52-A8C5-6736A8BC0C31}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{8912E076-901E-4816-B603-95AC4B972052}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{163DFBF5-6287-4429-80DD-0237B291DE3F}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{D1E698FD-F2F9-46FB-B845-B4A045C8F85D}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{B89D8EFF-4A69-4E0B-B546-3E0A42FC5A93}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{0D6B9149-0F64-4A74-9E24-FD59DAC1B10C}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{2E70985E-7482-48E5-AA07-46B9F24443B5}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{D367A61A-FA1D-46A2-8A06-20947E816E43}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [TCP Query User{D684C4BD-EC28-4E6A-8EE3-A6ACF3AFDD36}C:\program files (x86)\starcraft ii\starcraft ii.exe] => (Allow) C:\program files (x86)\starcraft ii\starcraft ii.exe
FirewallRules: [UDP Query User{63AE4573-204B-48C3-99E4-EAAFC18A5056}C:\program files (x86)\starcraft ii\starcraft ii.exe] => (Allow) C:\program files (x86)\starcraft ii\starcraft ii.exe
FirewallRules: [TCP Query User{617BD02E-1EF0-43C2-AFFF-D7C28714D174}C:\program files (x86)\starcraft ii\versions\base22612\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base22612\sc2.exe
FirewallRules: [UDP Query User{876962D8-BBDA-4C22-86FA-B10E4F5E1A9F}C:\program files (x86)\starcraft ii\versions\base22612\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base22612\sc2.exe
FirewallRules: [TCP Query User{47385FD4-E328-4A23-BE9A-0D1D10BF27AA}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{1516C583-6C05-4F72-9A79-FC1D88ED6C84}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [TCP Query User{2C046FF3-04F5-489C-BB3F-669928EE8676}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [UDP Query User{6F96A9D6-110A-4CE9-9611-ABA9EBC754F5}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [{AFF5F23F-57CE-4B41-A8AC-14DE1EB54F75}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{725CDA63-E80B-44F5-B9BB-88FF57D308A5}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{CF9DCFF7-6023-4435-A573-BE1A54C6DB39}] => (Allow) C:\Program Files (x86)\StarCraft II 2012 Beta\StarCraft II Beta.exe
FirewallRules: [{BF73A267-0462-4C26-B677-A58FD16BFA5A}] => (Allow) C:\Program Files (x86)\StarCraft II 2012 Beta\StarCraft II Beta.exe
FirewallRules: [TCP Query User{C1FC5066-CFA9-4AE2-A0A6-5C8AC58867C7}C:\program files (x86)\starcraft ii 2012 beta\versions\base23925\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii 2012 beta\versions\base23925\sc2.exe
FirewallRules: [UDP Query User{1B867331-AE9A-4C28-A846-923E42E4F723}C:\program files (x86)\starcraft ii 2012 beta\versions\base23925\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii 2012 beta\versions\base23925\sc2.exe
FirewallRules: [{CA871201-14CF-49AE-975A-5F12BDEB355B}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{97C73EC1-3926-4190-BC1D-2AF7CD24755C}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{19F86B54-799F-4276-914F-4DDC8DAC8188}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{3F5F4030-BFDA-44B1-975A-45488BFC1295}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{30B2A976-4668-4261-8AC7-A96AA583A6B6}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{2443F506-4A56-4927-8F09-DE285780906A}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{67BE8404-1A16-46E8-B77E-7F76BC63ACC8}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base26490\SC2.exe
FirewallRules: [{69E43ADF-4054-4BAB-8B46-45855AD01DEB}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base26490\SC2.exe
FirewallRules: [{31C6136E-5C6F-495C-B2B6-DADF61E1E5F2}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base26490\SC2.exe
FirewallRules: [{A517206B-5F68-419C-A1E1-4AC5F8FA02C7}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base26490\SC2.exe
FirewallRules: [{02406256-C06E-4731-B3A8-1B0DB98B03EC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{BD2D9CBE-6DD6-4022-8EEB-C2A5F04F1E08}C:\program files (x86)\valve\steam\steam.exe] => (Allow) C:\program files (x86)\valve\steam\steam.exe
FirewallRules: [UDP Query User{BF1C9A42-2E31-48CC-A3EA-46F855476071}C:\program files (x86)\valve\steam\steam.exe] => (Allow) C:\program files (x86)\valve\steam\steam.exe
FirewallRules: [{1C10E3C6-81FA-4DD6-BCAB-F97ACAE3643C}] => (Allow) C:\Program Files (x86)\Valve\Steam\Steam.exe
FirewallRules: [{715CA8C1-3991-41E6-8530-11E202EB9BAC}] => (Allow) C:\Program Files (x86)\Valve\Steam\Steam.exe
FirewallRules: [{CD40AC7C-1AC0-421C-ACAA-DB3FE80CED5B}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{02A2FDAA-D43D-4688-8050-A8D76898F2DD}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [TCP Query User{3BF6D2CE-EB65-44FE-95DB-CBBEAF8DCEE9}D:\gry\command conquerb zero hour\game.dat] => (Allow) D:\gry\command conquerb zero hour\game.dat
FirewallRules: [UDP Query User{876D7B99-0A4A-4063-B2C1-F949CEDE83DB}D:\gry\command conquerb zero hour\game.dat] => (Allow) D:\gry\command conquerb zero hour\game.dat
FirewallRules: [TCP Query User{37E8F0AB-CF48-4845-945A-22B6B980EA0E}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{313AF071-8170-470C-88BB-7A011405A580}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [{D2EE0229-D9FB-44E5-AD68-616966E41F9C}] => (Allow) C:\Program Files (x86)\Valve\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{6F6C00BD-AF54-482D-AB53-A06EC87F0E37}] => (Allow) C:\Program Files (x86)\Valve\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{03379A80-A513-41CB-80AE-87D9AF46EA85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{391459A6-2C71-43F2-B7D0-5879EE817C69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{23D58443-9DD2-462D-AD9D-B6D57F5496AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2BA0A4F9-7DF8-49AD-80DE-A11B1BE4522A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FB886C48-8E9A-47A2-8C98-4E6DDF7E98D1}] => (Allow) C:\Users\Piotr\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{3DCF9EEA-4494-4267-95EA-5E4BB869811F}] => (Allow) C:\Program Files (x86)\Valve\Steam\bin\steamwebhelper.exe
FirewallRules: [{3A3C1466-CEF8-464A-A373-678B5B9E48AB}] => (Allow) C:\Program Files (x86)\Valve\Steam\bin\steamwebhelper.exe
FirewallRules: [{D36980BF-16CC-4A1F-A01D-A09305119072}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{156BD66C-0130-4DFD-A88C-694F2BE922F6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5144989A-5B06-42DC-BFD1-30A71155F2E4}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base32283\SC2.exe
FirewallRules: [{00F2CEA5-E4F6-4329-8BDB-62DB04B5F98B}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base32283\SC2.exe
FirewallRules: [{E6D61CF9-E00E-4742-91B8-0BFA8741AA8E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{57524863-3C59-4C7E-B58F-A26A41B01A80}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D01F4353-1B18-4590-94FA-09BED568B988}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF84EF7C-5446-445D-A573-26BA73F5B99A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51C77C7C-F756-497B-B725-B5572E4C313C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ABF56D12-CD71-493A-A124-FA36F277A349}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{49C2B302-8F03-473F-963D-14CB0CD4A1BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{4BF5666E-0642-4C76-BAD1-48EA3CC7E2DD}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{D2434980-09F2-4179-8D99-B235112DC10B}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{292EA8DD-E35B-425E-AC92-0E90978C5055}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{666A743F-49AE-4072-A38F-729EF1626229}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [{13A2BB5A-0CEF-4F71-91D6-6C18D99F2FF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{E663D8F2-B24E-46CF-8366-16A2F50CF9C0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{465E0245-7E64-4253-BE1A-C761DFB54448}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{019C849F-9EB5-4E57-AF37-1894A3355C85}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{7B91B907-C67B-4BBE-9B95-FA13ADDB0B11}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe
FirewallRules: [{08E5F260-3FBC-42CF-B3AB-AE925D55FC20}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe
FirewallRules: [{0B8E1F48-58F6-471B-B494-AA0FEF466ADC}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{1D0CC54C-E54E-4276-9E69-B05A33884A75}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{94C99A47-A9D2-44CD-9FB2-09A189348C7A}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe
FirewallRules: [{BE3B8098-C6DD-46C1-AF08-6CA2CEC0FCD7}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe
FirewallRules: [TCP Query User{D680F404-9F32-43A3-B0AB-D39104A3A0E5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2C1248E6-552E-49A8-A1E5-E82828B90A32}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2013F5BA-8716-4080-8C31-CB6635FB4B61}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D18B7E12-889B-46DB-AFF6-1568FD8429B9}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{1606D487-3CFD-4A4E-B18D-1F86A3279A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C24FBF1A-FBA6-4EEE-ADA2-45B21B359EAD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2FD5ACF0-3EB2-4C8A-A75B-3F5CB71EC03E}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{3E5C0A4C-E9E0-4A63-80AB-9ADAE05D59C4}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{A8727C8D-8BFC-4FB1-BB50-E062B4FF3995}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{C3E90B0A-BCBA-46F0-BF39-3C68A62BBF0E}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [TCP Query User{88B03348-8753-4F4A-AB38-860BCDECD652}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{F03D954A-0461-4318-9E26-23813078ED95}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{170C82F3-8073-49D0-ADAA-3152E643A9A5}C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe
FirewallRules: [UDP Query User{498C82A5-9339-4FC0-87C7-0D5E3659E043}C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe
FirewallRules: [TCP Query User{0B0E3FC4-496C-422A-A462-3AEB65BEA053}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [UDP Query User{58B622F3-8D08-4C51-A782-403BFBF7A2F2}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe

==================== Punkty Przywracania systemu =========================

01-05-2016 02:52:45 Windows Update
08-05-2016 12:59:51 Windows Update
10-05-2016 19:41:09 ComboFix created restore point
11-05-2016 00:14:56 Removed Apple Software Update
11-05-2016 00:32:23 Removed BlueStacks Notification Center
11-05-2016 15:24:04 Instalacja pakietu sterownika urządzenia: VSO-SOFTWARE Protokół sieciowy

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (05/11/2016 05:06:10 PM) (Source: MSSQLServer) (EventID: 19011) (User: )
Description: SuperSocket info: FillAddress(MSAFD TCP/IP [TCP/IPv6]) : Error 0.

Error: (05/11/2016 05:05:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: FastBootAgent.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4a68233e
Nazwa modułu powodującego błąd: FastBootAgent.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4a68233e
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000f2b1
Identyfikator procesu powodującego błąd: 0x694
Godzina uruchomienia aplikacji powodującej błąd: 0xFastBootAgent.exe0
Ścieżka aplikacji powodującej błąd: FastBootAgent.exe1
Ścieżka modułu powodującego błąd: FastBootAgent.exe2
Identyfikator raportu: FastBootAgent.exe3

Error: (05/11/2016 04:55:20 PM) (Source: MSSQLServer) (EventID: 19011) (User: )
Description: SuperSocket info: FillAddress(MSAFD TCP/IP [TCP/IPv6]) : Error 0.

Error: (05/11/2016 04:55:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: FastBootAgent.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4a68233e
Nazwa modułu powodującego błąd: FastBootAgent.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x4a68233e
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000f2b1
Identyfikator procesu powodującego błąd: 0x6c4
Godzina uruchomienia aplikacji powodującej błąd: 0xFastBootAgent.exe0
Ścieżka aplikacji powodującej błąd: FastBootAgent.exe1
Ścieżka modułu powodującego błąd: FastBootAgent.exe2
Identyfikator raportu: FastBootAgent.exe3

Error: (05/11/2016 03:40:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/11/2016 03:40:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/11/2016 10:52:28 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Nie można zainicjować indeksu.

Szczegóły:
    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/11/2016 10:52:28 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Nie można zainicjować aplikacji.

Kontekst: aplikacja Windows

Szczegóły:
    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/11/2016 10:52:28 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Nie można zainicjować obiektu programu zbierającego.

Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:
    Wykaz indeksów zawartości jest uszkodzony.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/11/2016 10:52:28 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Nie można zainicjować dodatku typu plug-in w <Search.TripoliIndexer>.

Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:
    Nie można odnaleźć elementu.  (HRESULT : 0x80070490) (0x80070490)


Dziennik System:
=============
Error: (05/11/2016 05:09:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Host urządzenia UPnP zależy od usługi Odnajdywanie SSDP, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (05/11/2016 05:09:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Host urządzenia UPnP zależy od usługi Odnajdywanie SSDP, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (05/11/2016 05:09:22 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (05/11/2016 05:09:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Host urządzenia UPnP zależy od usługi Odnajdywanie SSDP, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (05/11/2016 05:09:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Host urządzenia UPnP zależy od usługi Odnajdywanie SSDP, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (05/11/2016 05:09:16 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (05/11/2016 05:08:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Host urządzenia UPnP zależy od usługi Odnajdywanie SSDP, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (05/11/2016 05:08:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Host urządzenia UPnP zależy od usługi Odnajdywanie SSDP, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (05/11/2016 05:08:18 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (05/11/2016 05:08:18 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422


CodeIntegrity:
===================================
  Date: 2016-05-10 19:57:11.018
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-05-10 19:57:10.690
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-05-10 19:57:10.394
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-05-10 19:57:10.082
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-15 22:44:27.890
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-28 23:48:06.236
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-28 22:48:47.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-28 22:45:46.663
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-28 22:32:15.669
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-25 23:20:53.805
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.


==================== Statystyki pamięci ===========================

Procesor: Pentium® Dual-Core CPU T4300 @ 2.10GHz
Procent pamięci w użyciu: 45%
Całkowita pamięć fizyczna: 4095.27 MB
Dostępna pamięć fizyczna: 2232.59 MB
Całkowita pamięć wirtualna: 10235.48 MB
Dostępna pamięć wirtualna: 7964.77 MB

==================== Dyski ================================

Drive c: (OS) (Fixed) (Total:232.88 GB) (Free:44.52 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)]
Drive d: (DATA) (Fixed) (Total:218.23 GB) (Free:177.67 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.2 GB) - (Type=OF Extended)

==================== Koniec  Addition.txt ============================



#4 Polo6600

Polo6600
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 11 May 2016 - 10:26 AM

LOG

Attached Files



#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:57 AM

Posted 11 May 2016 - 01:28 PM

Please post or attach the FRST.txt file that was created by the Farbar tool.

I need it for a complete examination.

What problems are you having with this computer?

#6 Polo6600

Polo6600
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 11 May 2016 - 05:30 PM

My internet is very slow on this computer and many times have brake time connections.

Attached Files



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:57 AM

Posted 12 May 2016 - 08:47 AM

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Brak pliku
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
URLSearchHook: HKLM-x32 -> Domyslne = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKU\S-1-5-21-918866591-1109592357-3514061678-1000 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKU\S-1-5-21-918866591-1109592357-3514061678-1000 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
BHO: Plus-HD-9.6 -> {11111111-1111-1111-1111-110511731104} -> C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-bho64.dll => Brak pliku
FF NewTab: hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92263621590287270
FF DefaultSearchEngine: Sweetpacks Search
FF SelectedSearchEngine: Sweetpacks Search
FF Keyword.URL: hxxp://mysearch.sweetpacks.com?src=6&barid=&did=10963&&st=23&UPN2=92263621590287270&q=
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-09] <==== UWAGA
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92263621590287270
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll => Brak pliku
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Brak pliku
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => Brak pliku
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => Brak pliku
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll => Brak pliku
CHR Plugin: (SOE Web Installer) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\abnq4vrt.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll => Brak pliku
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => Brak pliku
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll => Brak pliku
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Brak pliku
CHR Extension: (Platnosci w sklepie Chrome Web Store) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
S2 .1260103948; C:\Program Files (x86)\1260103948\Piotr1260103948L.exe [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
U3 tmlwf; Brak ImagePath
U3 tmwfp; Brak ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\Piotr\AppData\Local\Temp\001F494.tmp [X]
CustomCLSID: HKU\S-1-5-21-918866591-1109592357-3514061678-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Piotr\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [2]

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old version(s) of Java via the Control Panel > Programs and Features applet.
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)

---

Reset Internet Explorer:
Menu > Tools > Internet Options > Advanced Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.


Clean the Internet Explorer Cache.
https://kb.wisc.edu/page.php?id=15141

===

How is the computer running now?

#8 Polo6600

Polo6600
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 12 May 2016 - 11:40 AM

its a lot better but hmm internet its not that fast sometimes i have very low connections and sometimes is very fast ?



#9 Polo6600

Polo6600
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 12 May 2016 - 11:41 AM

its a lot better but hmm internet its not that fast sometimes i have very low connections and sometimes is very fast ?


Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:09-05-2016
Uruchomiony przez Piotr (2016-05-12 16:09:16) Run:1
Uruchomiony z C:\Users\Piotr\Downloads
Załadowane profile: Piotr &  (Dostępne profile: Piotr)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Brak pliku
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
URLSearchHook: HKLM-x32 -> Domyslne = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKU\S-1-5-21-918866591-1109592357-3514061678-1000 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKU\S-1-5-21-918866591-1109592357-3514061678-1000 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
BHO: Plus-HD-9.6 -> {11111111-1111-1111-1111-110511731104} -> C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-bho64.dll => Brak pliku
FF NewTab: hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92263621590287270
FF DefaultSearchEngine: Sweetpacks Search
FF SelectedSearchEngine: Sweetpacks Search
FF Keyword.URL: hxxp://mysearch.sweetpacks.com?src=6&barid=&did=10963&&st=23&UPN2=92263621590287270&q=
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-09] <==== UWAGA
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92263621590287270
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll => Brak pliku
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Brak pliku
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => Brak pliku
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => Brak pliku
CHR Plugin: (PlayStation®Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll => Brak pliku
CHR Plugin: (SOE Web Installer) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\abnq4vrt.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll => Brak pliku
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => Brak pliku
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll => Brak pliku
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Brak pliku
CHR Extension: (Platnosci w sklepie Chrome Web Store) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
S2 .1260103948; C:\Program Files (x86)\1260103948\Piotr1260103948L.exe [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
U3 tmlwf; Brak ImagePath
U3 tmwfp; Brak ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\Piotr\AppData\Local\Temp\001F494.tmp [X]
CustomCLSID: HKU\S-1-5-21-918866591-1109592357-3514061678-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Piotr\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [2]

End
*****************

Punkt przywracania został pomyślnie utworzony.
Procesy zostały pomyślnie zamknięte.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => klucz pomyślnie usunięto
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => klucz nie znaleziono.
"HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => klucz pomyślnie usunięto
"HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => klucz pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Wartość pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Wartość pomyślnie usunięto
HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto
HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Wartość pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511731104}" => klucz pomyślnie usunięto
HKCR\CLSID\{11111111-1111-1111-1111-110511731104} => klucz nie znaleziono.
Firefox "newtab" pomyślnie usunięto
Firefox DefaultSearchEngine pomyślnie usunięto
Firefox SelectedSearchEngine pomyślnie usunięto
Firefox "Keyword.URL" pomyślnie usunięto
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => klucz pomyślnie usunięto
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => klucz pomyślnie usunięto
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => klucz pomyślnie usunięto
C:\Program Files (x86)\mozilla firefox\firefox.cfg => pomyślnie przeniesiono
Chrome DefaultSearchURL => pomyślnie usunięto
Chrome DefaultSearchKeyword => pomyślnie usunięto
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll => nie znaleziono.
C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => nie znaleziono.
C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => nie znaleziono.
C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => nie znaleziono.
C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll => nie znaleziono.
C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\abnq4vrt.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll => nie znaleziono.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => nie znaleziono.
C:\Windows\SysWOW64\npDeployJava1.dll => nie znaleziono.
C:\Windows\system32\Adobe\Director\np32dsw.dll => nie znaleziono.
C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => pomyślnie przeniesiono
.1260103948 => serwis pomyślnie usunięto
BTHidEnum => serwis pomyślnie usunięto
BTHidMgr => serwis pomyślnie usunięto
hwdatacard => serwis pomyślnie usunięto
Prot6Flt => serwis pomyślnie usunięto
tmlwf => serwis pomyślnie usunięto
tmwfp => serwis pomyślnie usunięto
VBoxNetFlt => serwis pomyślnie usunięto
VComm => serwis pomyślnie usunięto
VcommMgr => serwis pomyślnie usunięto
WinRing0_1_2_0 => serwis pomyślnie usunięto
X6va001 => serwis pomyślnie usunięto
HKU\S-1-5-21-918866591-1109592357-3514061678-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534} => klucz nie znaleziono.
C:\ProgramData\Temp => ":D1B5B4F1" ADS pomyślnie usunięto.
EmptyTemp: => 704.3 MB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 16:17:25 ====



#10 Polo6600

Polo6600
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 12 May 2016 - 12:01 PM

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:09-05-2016
Uruchomiony przez Piotr (2016-05-12 16:09:16) Run:1
Uruchomiony z C:\Users\Piotr\Downloads
Załadowane profile: Piotr &  (Dostępne profile: Piotr)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Brak pliku
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
URLSearchHook: HKLM-x32 -> Domyslne = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKU\S-1-5-21-918866591-1109592357-3514061678-1000 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKU\S-1-5-21-918866591-1109592357-3514061678-1000 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
BHO: Plus-HD-9.6 -> {11111111-1111-1111-1111-110511731104} -> C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-bho64.dll => Brak pliku
FF NewTab: hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92263621590287270
FF DefaultSearchEngine: Sweetpacks Search
FF SelectedSearchEngine: Sweetpacks Search
FF Keyword.URL: hxxp://mysearch.sweetpacks.com?src=6&barid=&did=10963&&st=23&UPN2=92263621590287270&q=
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-09] <==== UWAGA
CHR DefaultSearchURL: Default -> hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92263621590287270
CHR DefaultSearchKeyword: Default -> sweetpacks-search.com
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll => Brak pliku
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Brak pliku
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => Brak pliku
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => Brak pliku
CHR Plugin: (PlayStation®Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll => Brak pliku
CHR Plugin: (SOE Web Installer) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\abnq4vrt.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll => Brak pliku
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => Brak pliku
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll => Brak pliku
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Brak pliku
CHR Extension: (Platnosci w sklepie Chrome Web Store) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
S2 .1260103948; C:\Program Files (x86)\1260103948\Piotr1260103948L.exe [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
U3 tmlwf; Brak ImagePath
U3 tmwfp; Brak ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\Piotr\AppData\Local\Temp\001F494.tmp [X]
CustomCLSID: HKU\S-1-5-21-918866591-1109592357-3514061678-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Piotr\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [2]

End
*****************

Punkt przywracania został pomyślnie utworzony.
Procesy zostały pomyślnie zamknięte.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => klucz pomyślnie usunięto
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => klucz nie znaleziono.
"HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => klucz pomyślnie usunięto
"HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => klucz pomyślnie usunięto
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Wartość pomyślnie usunięto
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Wartość pomyślnie usunięto
HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto
HKU\S-1-5-21-918866591-1109592357-3514061678-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Wartość pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511731104}" => klucz pomyślnie usunięto
HKCR\CLSID\{11111111-1111-1111-1111-110511731104} => klucz nie znaleziono.
Firefox "newtab" pomyślnie usunięto
Firefox DefaultSearchEngine pomyślnie usunięto
Firefox SelectedSearchEngine pomyślnie usunięto
Firefox "Keyword.URL" pomyślnie usunięto
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => klucz pomyślnie usunięto
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => klucz pomyślnie usunięto
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => klucz pomyślnie usunięto
C:\Program Files (x86)\mozilla firefox\firefox.cfg => pomyślnie przeniesiono
Chrome DefaultSearchURL => pomyślnie usunięto
Chrome DefaultSearchKeyword => pomyślnie usunięto
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll => nie znaleziono.
C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => nie znaleziono.
C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => nie znaleziono.
C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => nie znaleziono.
C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll => nie znaleziono.
C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\abnq4vrt.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll => nie znaleziono.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => nie znaleziono.
C:\Windows\SysWOW64\npDeployJava1.dll => nie znaleziono.
C:\Windows\system32\Adobe\Director\np32dsw.dll => nie znaleziono.
C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => pomyślnie przeniesiono
.1260103948 => serwis pomyślnie usunięto
BTHidEnum => serwis pomyślnie usunięto
BTHidMgr => serwis pomyślnie usunięto
hwdatacard => serwis pomyślnie usunięto
Prot6Flt => serwis pomyślnie usunięto
tmlwf => serwis pomyślnie usunięto
tmwfp => serwis pomyślnie usunięto
VBoxNetFlt => serwis pomyślnie usunięto
VComm => serwis pomyślnie usunięto
VcommMgr => serwis pomyślnie usunięto
WinRing0_1_2_0 => serwis pomyślnie usunięto
X6va001 => serwis pomyślnie usunięto
HKU\S-1-5-21-918866591-1109592357-3514061678-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534} => klucz nie znaleziono.
C:\ProgramData\Temp => ":D1B5B4F1" ADS pomyślnie usunięto.
EmptyTemp: => 704.3 MB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 16:17:25 ====



#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:57 AM

Posted 12 May 2016 - 12:59 PM

Do you still have a problem?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users