Skocz do zawartości
Amad100

Złośiwy komunikat JAVA

dodany przez Amad100, w Oprogramowanie Sieciowe

Rekomendowane odpowiedzi

Amad100 Newbie

Amad100

Napisano
Napisano

UWAGA!!! Wersja Twojego oprogramowania Java jest przestarzała i stanowi zagrożenie dla bezpieczeństwa, Zaktualizuj teraz!"

 

Taki komunikat mi wyskakuje po kilkunastu sekundach gdy wejdę na jakąś stronę.. jest to strasznie wkurzające, ponieważ automatycznie przenosi mnie na jakąś stronę.

Skanowałem komputer: Malware i avanstem i ccleanerem i nic to nie dało.

O to logi z FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014
Ran by Artur (administrator) on ARTUR-PC on 09-11-2014 16:01:08
Running from C:\Users\Artur\Downloads
Loaded Profiles: Artur &  (Available profiles: Artur & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) F:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(GG Network S.A.) C:\Users\Artur\AppData\Local\GG\Application\gghub.exe
(Akamai Technologies, Inc.) C:\Users\Artur\AppData\Local\Akamai\netsession_win.exe
(GG Network S.A.) C:\Users\Artur\AppData\Local\GG\Application\ggapp.exe
(Akamai Technologies, Inc.) C:\Users\Artur\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) F:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() F:\Program Files (x86)\OrangeBusinessServices\Manager polaczen\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\BusinessEverywhere.exe
() F:\Program Files (x86)\OrangeBusinessServices\Manager polaczen\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\SMSNotifier.exe
(Creative Technology Ltd.) C:\Windows\V0400Mon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
() F:\Program Files (x86)\OrangeBusinessServices\Manager polaczen\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\BEWConfigSrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(GG Network S.A.) C:\Users\Artur\AppData\Local\GG\Application\ggdrive\ggdrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\EnterDigital\updateEnterDigital.exe
() C:\Program Files (x86)\EnterDigital\EnterDigital.FirstRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.                                       ) C:\Users\Artur\Downloads\spybot-2.4.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => F:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => F:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-06-08] (Nero AG)
HKLM-x32\...\Run: [Start_BusinessEverywhere_{ad30a369-08e3-414c-9d2c-7f47dbe748da}] => F:\Program Files (x86)\OrangeBusinessServices\Manager polaczen\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\BusinessEverywhere.exe [3443168 2012-12-13] ()
HKLM-x32\...\Run: [Start_Update_{ad30a369-08e3-414c-9d2c-7f47dbe748da}] => F:\Program Files (x86)\OrangeBusinessServices\Manager polaczen\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\UpdteApp.exe [981960 2012-12-13] ()
HKLM-x32\...\Run: [Start_SMSNotifier_{ad30a369-08e3-414c-9d2c-7f47dbe748da}] => F:\Program Files (x86)\OrangeBusinessServices\Manager polaczen\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\SMSNotifier.exe [1375696 2012-12-13] ()
HKLM-x32\...\Run: [V0400Mon.exe] => C:\Windows\V0400Mon.exe [28672 2007-08-23] (Creative Technology Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-21] (Microsoft Corporation)
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-06-24] (Nero AG)
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000\...\Run: [GG] => C:\Users\Artur\AppData\Local\GG\Application\gghub.exe [4023360 2014-09-01] (GG Network S.A.)
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Artur\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000\...\MountPoints2: L - L:\autorun.exe
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000\...\MountPoints2: {a4f688d8-5376-11e4-bb2d-14dae9524ff6} - N:\Setup.exe
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000\...\MountPoints2: {b9ddb9ec-9bd2-11e3-936d-14dae9524ff6} - M:\autorun.exe
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-06-24] (Nero AG)
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GG] => C:\Users\Artur\AppData\Local\GG\Application\gghub.exe [4023360 2014-09-01] (GG Network S.A.)
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\Artur\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: L - L:\autorun.exe
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a4f688d8-5376-11e4-bb2d-14dae9524ff6} - N:\Setup.exe
HKU\S-1-5-21-4283888158-3628410687-3140951361-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b9ddb9ec-9bd2-11e3-936d-14dae9524ff6} - M:\autorun.exe
HKU\S-1-5-21-4283888158-3628410687-3140951361-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-06-24] (Nero AG)
HKU\S-1-5-21-4283888158-3628410687-3140951361-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b9ddb9ec-9bd2-11e3-936d-14dae9524ff6} - M:\AutoRunMorrowind.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => F:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
BootExecute: autocheck autochk * ROBoot64 \??\C:\Windows\system32\ASOROSet.bin
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -  No File
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX
SearchScopes: HKCU - DefaultScope {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
SearchScopes: HKCU - {0A335FF7-2DB6-4450-BBBD-EAAF5EE63402} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKCU - {E69098E3-FDC0-4f69-A992-BA86A141C10A} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms}
SearchScopes: HKCU - {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: deal4me -> {9d26d611-9416-4a0f-a30f-97d059de0d3b} -> C:\ProgramData\deal4me\52SuJ8PqemrInm.x64.dll ()
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: EnterDigital -> {91b8f7a9-1558-40b3-b1e9-824ae5a2089f} -> C:\Program Files (x86)\EnterDigital\EnterDigitalbho.dll (EnterDigital)
BHO-x32: deal4me -> {9d26d611-9416-4a0f-a30f-97d059de0d3b} -> C:\ProgramData\deal4me\52SuJ8PqemrInm.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Ask Toolbar BHO -> {FE063DB1-4EC0-403e-8DD8-394C54984B2C} -> C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
Toolbar: HKLM-x32 - Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> F:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\user.js
FF SearchPlugin: C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF Extension: savinshop - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\3Ro@GM9.edu [2014-11-08]
FF Extension: Flashlight - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\flashlight@stephennolan.com.au [2014-04-24]
FF Extension: Site Matcher Pro - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\sitematcherpro@sitematcherpro.com [2014-05-31]
FF Extension: YouTube Video Downloader (Lite) - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\cccc5f0d-b9d0-4314-88b5-7e27551f9e84@jetpack.xpi [2014-09-07]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-09-07]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-02-28]
FF Extension: Best Video Downloader 2 - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2014-03-17]
FF Extension: Adblock Plus - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-29]
FF Extension: EnterDigital - C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\6a90j6ih.default\Extensions\{dbe9acb7-ca74-4c18-ad13-f0270d74c42d}.xpi [2014-11-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - F:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - F:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-21]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\PepperFlash\12.0.0.70\pepflashplayer.dll No File
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll No File
CHR Profile: C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Sidewise Tree Style Tabs) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\biiammgklaefagjclmnlialkmaemifgo [2014-11-08]
CHR Extension: (YouTube) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-07]
CHR Extension: (Adblock Plus) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-28]
CHR Extension: (CoupScanner) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmahpfnaeeppcfeicgnnhfdbiiconeaa [2014-11-08]
CHR Extension: (BlockAndSurf) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbnefilgbgmllammpnbnndofdphjecej [2014-11-08]
CHR Extension: (Google Wallet) - C:\Users\Artur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - F:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1415478300&from=ild&uid=ST1000DL002-9TT153_W1V0K4YXXXXXW1V0K4YX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-07] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; F:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-21] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-16] () [File not signed]
R2 BEWConfigSrv; F:\Program Files (x86)\OrangeBusinessServices\Manager polaczen\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\BEWConfigSrv.exe [195536 2012-12-13] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-04] ()
R2 RichVideo64; C:\Program Files\Cyberlink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update EnterDigital; C:\Program Files (x86)\EnterDigital\updateEnterDigital.exe [526064 2014-11-09] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-21] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-26] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-22] (Disc Soft Ltd)
R1 ISODrive; F:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-08-26] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-11-09] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
S3 orange_zte_cdc_acm; C:\Windows\System32\DRIVERS\orange_zte_cdc_acm.sys [77824 2012-12-13] (ZTE)
S3 orange_zte_cdc_ecm; C:\Windows\System32\DRIVERS\orange_zte_cdc_ecm.sys [36352 2012-12-13] (ZTE)
S3 orange_zte_ecm_enum; C:\Windows\System32\DRIVERS\orange_zte_ecm_enum.sys [52224 2012-12-13] (ZTE)
S3 orange_zte_ecm_enum_filter; C:\Windows\System32\DRIVERS\orange_zte_ecm_enum_filter.sys [52224 2012-12-13] (ZTE)
S3 orange_zte_wcpo; C:\Windows\System32\DRIVERS\orange_zte_wcpo.sys [10752 2012-12-13] (ZTE)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-27] ()
S3 VF0400Afx; C:\Windows\System32\Drivers\V0400Afx.sys [214240 2007-06-11] (Creative Technology Ltd.)
S3 VF0400Vfx; C:\Windows\System32\DRIVERS\V0400VFx.sys [12288 2007-03-06] (EyePower Games Pte. Ltd.)
S3 VF0400Vid; C:\Windows\System32\DRIVERS\V0400Vid.sys [204736 2007-06-07] (Creative Technology Ltd.)
R2 webinstrNew; C:\Windows\system32\Drivers\webinstrNew.sys [58040 2014-11-08] (Corsica)
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 WinRing0_1_2_0; \??\F:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 XFDriver64; \??\F:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 16:01 - 2014-11-09 16:02 - 00027419 _____ () C:\Users\Artur\Downloads\FRST.txt
2014-11-09 16:01 - 2014-11-09 16:01 - 00000000 ____D () C:\FRST
2014-11-09 16:00 - 2014-11-09 16:00 - 02115584 _____ (Farbar) C:\Users\Artur\Downloads\FRST64.exe
2014-11-09 15:57 - 2014-11-09 15:57 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Artur\Downloads\spybot-2.4.exe
2014-11-09 15:55 - 2014-11-09 15:55 - 00000000 ____D () C:\Program Files (x86)\EnterDigital
2014-11-09 15:54 - 2014-11-09 15:54 - 00777088 _____ ( ) C:\Users\Artur\Downloads\Spybot-Search-Destroy(12546)-dp.exe
2014-11-09 15:47 - 2014-11-09 15:47 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-11-09 15:43 - 2014-11-09 15:43 - 00000000 ____D () C:\ProgramData\374311380
2014-11-08 22:18 - 2014-11-08 22:18 - 00638888 _____ (Oracle Corporation) C:\Users\Artur\Downloads\chromeinstall-8u25.exe
2014-11-08 22:08 - 2014-11-08 22:08 - 00000000 ____D () C:\ProgramData\WorldWideWebCoupon
2014-11-08 22:07 - 2014-11-08 22:08 - 00000000 ____D () C:\ProgramData\4db32c7263d0cd96
2014-11-08 22:07 - 2014-11-08 22:07 - 00000000 ____D () C:\ProgramData\deal4me
2014-11-08 21:57 - 2014-11-08 21:57 - 00001091 _____ () C:\Users\Artur\Desktop\Continue Live Installation.lnk
2014-11-08 21:37 - 2014-11-08 21:37 - 00613012 _____ (CMI Limited) C:\Users\Artur\AppData\Local\nscDAA8.tmp
2014-11-08 21:37 - 2014-11-08 21:37 - 00058040 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNew.sys
2014-11-08 21:37 - 2014-11-08 21:37 - 00002088 _____ () C:\Windows\patsearch.bin
2014-11-08 21:37 - 2014-11-08 21:37 - 00001862 _____ () C:\Users\Artur\Desktop\Setup.lnk
2014-11-08 21:37 - 2014-11-08 21:37 - 00000000 __SHD () C:\Users\Artur\AppData\Roaming\AnyProtectEx
2014-11-08 21:37 - 2014-11-08 21:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNew_01009.Wdf
2014-11-08 21:26 - 2014-11-08 22:13 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\VOPackage
2014-11-08 21:26 - 2014-11-08 21:26 - 00000000 ____D () C:\Users\Artur\Documents\Optimizer Pro
2014-11-08 21:24 - 2014-11-09 15:38 - 00001336 _____ () C:\Windows\Tasks\OPKUK.job
2014-11-08 21:24 - 2014-11-08 21:24 - 00004362 _____ () C:\Windows\System32\Tasks\OPKUK
2014-11-08 21:23 - 2014-11-09 15:38 - 00001686 _____ () C:\Windows\Tasks\LSGKZOLJ.job
2014-11-08 21:23 - 2014-11-08 22:05 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-11-08 21:23 - 2014-11-08 21:23 - 00004712 _____ () C:\Windows\System32\Tasks\LSGKZOLJ
2014-11-08 21:23 - 2014-11-08 21:23 - 00000000 ____D () C:\Users\Artur\AppData\Local\globalUpdate
2014-11-08 21:23 - 2014-11-08 21:23 - 00000000 ____D () C:\Program Files (x86)\8c35103c-93d5-449c-b4f8-0d6ed58912b2
2014-11-08 21:22 - 2014-11-08 21:22 - 00458240 _____ () C:\Users\Artur\Downloads\StreamhuntApps_setup_ch.exe
2014-11-08 21:22 - 2014-11-08 21:22 - 00458240 _____ () C:\Users\Artur\Downloads\StreamhuntApps_setup_ch (1).exe
2014-11-06 07:02 - 2014-11-06 07:02 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\Apple Computer
2014-11-05 19:33 - 2014-11-05 19:33 - 00000000 ____D () C:\Users\Public\CyberLink
2014-11-05 19:33 - 2014-11-05 19:33 - 00000000 ____D () C:\Users\Artur\Documents\CyberLink
2014-11-05 19:33 - 2014-11-05 19:33 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\CyberLink
2014-11-05 19:31 - 2014-11-05 19:31 - 00000000 ____D () C:\Users\Artur\AppData\Local\Apple
2014-11-05 19:30 - 2014-11-05 19:30 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-11-05 19:30 - 2014-11-05 19:30 - 00001286 _____ () C:\Users\Public\Desktop\CyberLink PowerDirector 12 (64-bit).lnk
2014-11-05 19:30 - 2014-11-05 19:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2014-11-05 19:30 - 2014-11-05 19:30 - 00000000 ____D () C:\ProgramData\Apple
2014-11-05 19:30 - 2014-11-05 19:30 - 00000000 ____D () C:\Program Files\Cyberlink
2014-11-05 19:30 - 2014-11-05 19:30 - 00000000 ____D () C:\Program Files (x86)\Cyberlink
2014-11-05 19:30 - 2014-11-05 19:30 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-11-05 19:24 - 2014-11-05 22:38 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-05 19:24 - 2014-11-05 19:32 - 00000000 ____D () C:\ProgramData\install_clap
2014-11-05 10:09 - 2014-11-05 10:09 - 00623784 _____ () C:\Users\Artur\Desktop\amnesia.prproj
2014-11-05 08:32 - 2014-11-05 08:32 - 00000000 ____D () C:\Users\Artur\AppData\Local\{0AD77DE0-E82C-4396-A2FC-5A4824F8DBFF}
2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Artur\AppData\Local\{5FF4BF98-566A-4A47-AA4F-B057074DD569}
2014-11-03 13:51 - 2014-11-03 14:09 - 365444891 _____ () C:\Users\Artur\Desktop\wiesiek.wmv
2014-11-03 13:28 - 2014-11-03 13:29 - 00000000 ____D () C:\Users\Artur\AppData\Local\{382E52AB-1E7B-4878-BDFD-D15330B9212C}
2014-11-02 22:11 - 2014-11-02 22:11 - 00000000 ____D () C:\Users\Artur\AppData\Local\{27386BFF-A2E8-4666-9995-106C1F16F912}
2014-11-02 09:57 - 2014-11-02 09:57 - 00000000 ____D () C:\Users\Artur\AppData\Local\{F6C263FA-A144-4EFF-9641-AB4A1B62BB77}
2014-11-01 12:15 - 2014-11-01 12:15 - 00001087 _____ () C:\Users\Public\Desktop\Amnesia - Mroczny Obłęd.lnk
2014-11-01 12:15 - 2014-11-01 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frictional Games
2014-11-01 10:08 - 2014-11-01 10:08 - 00000000 ____D () C:\Users\Artur\AppData\Local\{244007C8-E075-4DA3-90CB-F6F6680C650C}
2014-10-31 12:41 - 2014-10-31 12:41 - 00000000 ____D () C:\Users\Artur\Documents\Amnesia
2014-10-31 12:05 - 2014-10-31 12:05 - 00000000 ____D () C:\Users\Artur\AppData\Local\{99C317FD-B664-48BD-8737-29382C032A48}
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\Users\Artur\AppData\Local\{D08BC34A-B77A-4FDC-86BF-8B62C5C13156}
2014-10-27 10:20 - 2014-10-27 10:20 - 00000000 ____D () C:\Users\Artur\AppData\Local\{0C9DDC27-9AEB-42E4-B4A5-08BA5EBEB661}
2014-10-26 16:33 - 2014-11-09 15:44 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-10-26 16:33 - 2014-10-26 16:37 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-10-26 16:33 - 2014-10-26 16:33 - 00000000 ____D () C:\ProgramData\NCH Software
2014-10-26 13:54 - 2014-10-26 13:54 - 00001118 _____ () C:\Users\Artur\Desktop\Gothic 3 - Zmierzch Bogów.lnk
2014-10-26 13:52 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-10-26 13:52 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-10-26 13:52 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-10-26 13:50 - 2014-10-26 13:50 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD Productions Software AG
2014-10-26 13:47 - 2014-10-26 13:47 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\InstallShield
2014-10-26 11:23 - 2014-10-26 11:23 - 00000000 ____D () C:\Users\Artur\AppData\Local\{7D8BF13F-7FBA-4478-B5CF-37B21241A625}
2014-10-25 16:29 - 2014-11-05 22:30 - 00000000 ____D () C:\Users\Artur\Documents\Gothic3ForsakenGods
2014-10-25 10:58 - 2003-03-19 12:19 - 01060864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.DLL
2014-10-25 10:58 - 2003-03-18 19:14 - 00499712 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-10-25 10:58 - 2003-02-21 03:42 - 00348160 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-10-25 10:57 - 2014-10-25 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2014-10-25 09:21 - 2014-10-25 09:21 - 00000000 ____D () C:\Users\Artur\AppData\Local\{BC1BE8D4-EC06-48F9-963C-25381E73C2F7}
2014-10-24 13:01 - 2014-10-24 13:01 - 00000000 ____D () C:\Users\Artur\AppData\Local\{354BB0F3-119E-41B9-A1D8-17908C001580}
2014-10-21 21:04 - 2014-10-26 21:20 - 00000913 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-10-21 21:04 - 2014-10-21 21:04 - 00000000 ____D () C:\Program Files\CPUID
2014-10-19 20:41 - 2014-10-19 20:41 - 00000222 _____ () C:\Users\Artur\Desktop\DayZ.url
2014-10-19 13:39 - 2014-10-19 13:40 - 00000940 _____ () C:\Users\Public\Desktop\Action!.lnk
2014-10-19 13:05 - 2014-10-19 13:05 - 00000962 _____ () C:\Users\Public\Desktop\Infestation Survivor Stories.lnk
2014-10-19 13:05 - 2014-10-19 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infestation Survivor Stories
2014-10-19 11:27 - 2014-10-19 11:28 - 00000000 ____D () C:\Users\Artur\AppData\Local\{E424282E-2A5F-4C2E-820F-7878E71CE4EC}
2014-10-18 14:01 - 2014-10-18 14:01 - 00000000 ____D () C:\Users\Artur\AppData\Local\{C091CE0C-B0AA-4F65-8059-1C4914229075}
2014-10-17 11:48 - 2014-10-17 11:48 - 00000000 ____D () C:\Users\Artur\AppData\Local\{34C66761-4C4A-4590-B5A9-83EC75E0019C}
2014-10-16 06:17 - 2014-11-08 21:37 - 00000266 __RSH () C:\ProgramData\ntuser.pol
2014-10-15 16:46 - 2014-10-15 16:46 - 00000000 ____D () C:\Users\Artur\AppData\Local\{62E3D37E-7DE1-4255-B169-BC16B5CA31D0}
2014-10-14 16:30 - 2014-10-14 16:30 - 00000000 ____D () C:\ProgramData\SoftPerfect
2014-10-14 16:30 - 2014-10-14 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
2014-10-14 16:30 - 2014-10-14 16:30 - 00000000 ____D () C:\Program Files\NetWorx
2014-10-14 16:30 - 2014-08-01 13:12 - 00060408 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\networx.sys
2014-10-14 16:10 - 2014-10-14 16:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_orange_zte_cdc_ecm_01009.Wdf
2014-10-14 16:09 - 2014-10-14 16:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_orange_zte_wcpo_01009.Wdf
2014-10-14 16:09 - 2014-10-14 16:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_orange_zte_ecm_enum_01009.Wdf
2014-10-14 16:09 - 2014-10-14 16:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_orange_zte_cdc_acm_01009.Wdf
2014-10-14 16:09 - 2014-10-14 16:09 - 00000000 ____D () C:\Users\Artur\AppData\Local\Orange
2014-10-14 16:07 - 2014-10-14 16:07 - 00001230 _____ () C:\Users\Public\Desktop\Manager połączeń.lnk
2014-10-14 16:07 - 2014-10-14 16:07 - 00000000 ____D () C:\ProgramData\Orange
2014-10-14 16:07 - 2014-10-14 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manager połączeń
2014-10-14 14:41 - 2014-10-14 14:41 - 00000000 ____D () C:\Users\Artur\AppData\Local\{20F11290-8860-4F1D-B8DA-180F9791545B}
2014-10-12 21:47 - 2014-10-12 21:47 - 00069354 _____ () C:\Users\Artur\Documents\ts3_clientui-win64-1405341092-2014-10-12 22_47_04.121871.dmp
2014-10-12 20:18 - 2014-10-12 20:18 - 00000618 _____ () C:\Users\Public\Desktop\Guild Wars 2.lnk
2014-10-12 20:17 - 2014-10-12 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2014-10-12 20:16 - 2014-10-12 20:17 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\Guild Wars 2
2014-10-12 08:32 - 2014-10-12 08:32 - 00000000 ____D () C:\Users\Artur\AppData\Local\{3779362E-68CE-447E-81D3-B89532E026A3}
2014-10-10 13:48 - 2014-10-10 13:48 - 00056766 _____ () C:\Users\Artur\Documents\ts3_clientui-win64-1405341092-2014-10-10 14_48_31.678302.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 16:00 - 2014-08-29 22:14 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 15:49 - 2014-07-08 13:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-09 15:47 - 2014-07-08 13:15 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\Systweak
2014-11-09 15:46 - 2014-02-22 22:01 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\DAEMON Tools Lite
2014-11-09 15:46 - 2014-02-19 04:08 - 00000000 ____D () C:\Users\Artur\AppData\Local\CrashDumps
2014-11-09 15:46 - 2014-02-17 16:51 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\uTorrent
2014-11-09 15:46 - 2009-07-14 05:45 - 00022784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 15:46 - 2009-07-14 05:45 - 00022784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 15:42 - 2014-02-17 16:08 - 01740804 ____N () C:\Windows\WindowsUpdate.log
2014-11-09 15:37 - 2014-09-08 16:10 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\GG
2014-11-09 15:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 15:06 - 2014-09-23 22:06 - 00000292 _____ () C:\Windows\Tasks\PennyBee.job
2014-11-09 12:35 - 2014-08-29 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 12:03 - 2014-08-07 10:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-08 22:20 - 2014-09-26 12:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-08 22:20 - 2014-02-19 06:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-08 22:20 - 2014-02-19 06:06 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-08 22:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2014-11-08 21:37 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-08 21:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-08 21:25 - 2014-09-23 22:05 - 00002159 _____ () C:\Users\Artur\Desktop\WorldofTanks.lnk
2014-11-08 21:25 - 2014-08-29 22:17 - 00001373 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-08 21:25 - 2014-08-29 22:17 - 00001361 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-08 21:25 - 2014-02-18 01:12 - 00001647 _____ () C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-08 21:25 - 2014-02-17 16:38 - 00002475 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-08 21:24 - 2014-08-29 22:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-08 21:24 - 2014-08-29 22:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-08 21:24 - 2014-08-29 22:14 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-08 21:23 - 2014-02-21 05:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-11-08 20:38 - 2014-04-21 19:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-07 23:09 - 2014-02-27 03:18 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\TS3Client
2014-11-07 21:51 - 2014-08-13 13:38 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\Xfire
2014-11-07 13:11 - 2014-08-13 13:37 - 00000000 ____D () C:\ProgramData\Xfire
2014-11-06 18:30 - 2014-02-17 19:48 - 00740098 _____ () C:\Windows\system32\perfh015.dat
2014-11-06 18:30 - 2014-02-17 19:48 - 00155672 _____ () C:\Windows\system32\perfc015.dat
2014-11-06 18:30 - 2009-07-14 06:13 - 01669190 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-06 17:42 - 2014-02-17 19:59 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\Audacity
2014-11-06 17:39 - 2014-08-26 16:56 - 00000000 ____D () C:\Users\Artur\AppData\Local\The Witcher
2014-11-06 07:01 - 2009-07-14 05:45 - 04908376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-05 20:59 - 2014-06-15 19:29 - 00000000 ____D () C:\Users\Artur\Desktop\Adobe Premiere Pro Auto-Save
2014-11-05 19:52 - 2014-06-04 11:57 - 00000000 ____D () C:\Users\Artur\Desktop\Adobe Premiere Pro Preview Files
2014-11-05 19:33 - 2014-02-17 16:45 - 00066568 _____ () C:\Users\Artur\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-05 19:24 - 2014-02-21 04:47 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-05 19:24 - 2014-02-18 01:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-05 18:47 - 2014-07-14 22:53 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-11-01 13:06 - 2014-03-01 23:17 - 00000132 _____ () C:\Users\Artur\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
2014-10-27 19:53 - 2014-03-13 18:52 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-21 21:04 - 2014-02-17 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-10-19 16:55 - 2014-02-17 17:35 - 00000000 ____D () C:\Users\Artur\AppData\Roaming\MPC-HC
2014-10-19 13:39 - 2014-06-05 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-10-19 13:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-19 13:08 - 2014-09-24 12:39 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\MPC-HC
2014-10-19 12:58 - 2014-09-24 12:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Systweak
2014-10-19 12:34 - 2014-09-08 16:09 - 00000000 ____D () C:\Users\Artur\AppData\Local\OpenFM
2014-10-19 10:11 - 2009-07-14 03:34 - 00000603 _____ () C:\Windows\win.ini
2014-10-18 18:09 - 2014-07-15 14:30 - 00000172 _____ () C:\Users\Artur\AppData\Roaming\default.pls

Some content of TEMP:
====================
C:\Users\Artur\AppData\Local\Temp\8D81CD1A-6757-DFEC-EC64-82A4FEAE2EB9.dll
C:\Users\Artur\AppData\Local\Temp\8D81CD1A-6757-DFEC-EC64-82A4FEAE2EB9.exe
C:\Users\Artur\AppData\Local\Temp\APNSetup.exe
C:\Users\Artur\AppData\Local\Temp\bbicabejce.exe
C:\Users\Artur\AppData\Local\Temp\optprosetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 14:49

==================== End Of Log =====================

=======

 
 
 
 

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

Dołącz do dyskusji

Możesz dodać zawartość już teraz a zarejestrować się później. Jeśli posiadasz już konto, zaloguj się aby dodać zawartość za jego pomocą.

Gość
Dodaj odpowiedź do tematu...

×   Wklejono zawartość z formatowaniem.   Przywróć formatowanie

  Dozwolonych jest tylko 75 emoji.

×   Odnośnik został automatycznie osadzony.   Przywróć wyświetlanie jako odnośnik

×   Przywrócono poprzednią zawartość.   Wyczyść edytor

×   Nie możesz bezpośrednio wkleić grafiki. Dodaj lub załącz grafiki z adresu URL.

Ładowanie
×
Przejdź do listy tematów
×
×
  • Dodaj nową pozycję...