Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

asus m51vr - żaden antywirus nie chce się zainstalować

3m3 11 Wrz 2014 17:42 2001 5
  • #1 11 Wrz 2014 17:42
    3m3
    Poziom 11  

    dzień dobry
    miałam avg po czym odinstalowałam i od tej pory nie chce mi się zainstalować żaden antywirus ,co może być przyczyną.dziękuje

    0 5
  • #3 11 Wrz 2014 18:06
    3m3
    Poziom 11  

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-09-2014
    Ran by Ewa at 2014-09-11 18:03:57
    Running from C:\Users\Ewa\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
    Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
    Ashampoo Burning Studio 2014 v.12.0.5 (HKLM\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
    ASUS Data Security Manager (HKLM\...\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}) (Version: 1.00.0006 - ASUS)
    ASUS InstantFun (HKLM\...\{57B15AD4-8C9D-4164-82BB-E33D8644E757}) (Version: 1.0.0015 - ASUS)
    ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.9 - ASUS)
    ASUS Power4Gear eXtreme (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.0.18 - ASUS)
    ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0005 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0021 - ASUS)
    ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.09 - asus)
    Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0007 - ASUS)
    ATI Catalyst Install Manager (HKLM\...\{2A1ED448-F4DC-9F1B-71FD-44F1C3991995}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
    ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
    ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0034 - ATK)
    ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.8 - ATK)
    Catalyst Control Center Core Implementation (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Graphics Full Existing (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Graphics Full New (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Graphics Light (Version: 2008.0328.2322.39969 - ATI) Hidden




    Catalyst Control Center Graphics Previews Common (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Graphics Previews Vista (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Chinese Standard (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Chinese Traditional (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Czech (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Danish (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Dutch (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Finnish (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization French (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization German (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Greek (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Hungarian (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Italian (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Japanese (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Korean (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Norwegian (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Polish (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Portuguese (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Russian (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Spanish (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Swedish (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Thai (Version: 2008.0328.2322.39969 - ATI) Hidden
    Catalyst Control Center Localization Turkish (Version: 2008.0328.2322.39969 - ATI) Hidden
    CCC Help Chinese Standard (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Chinese Traditional (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Czech (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Danish (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Dutch (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help English (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Finnish (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help French (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help German (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Greek (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Hungarian (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Italian (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Japanese (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Korean (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Norwegian (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Polish (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Portuguese (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Russian (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Spanish (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Swedish (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Thai (Version: 2008.0328.2321.39969 - ATI) Hidden
    CCC Help Turkish (Version: 2008.0328.2321.39969 - ATI) Hidden
    ccc-core-static (Version: 2008.0328.2322.39969 - ATI) Hidden
    ccc-utility (Version: 2008.0328.2322.39969 - ATI) Hidden
    CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.1924 - CyberLink Corp.)
    CyberLink Power2Go (Version: 6.0.1924 - CyberLink Corp.) Hidden
    Dziobas Rar Player 0.009.52 (HKLM\...\Dziobas Rar Player_is1) (Version: - Kamil Dzióbek)
    IePluginService12.27.0.3326 (HKLM\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
    Microsoft .NET Framework 3.5 Language Pack SP1 - plk (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation) Hidden
    Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: - )
    Mozilla Firefox 31.0 (x86 pl) (HKLM\...\Mozilla Firefox 31.0 (x86 pl)) (Version: 31.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    Mozilla Thunderbird 24.6.0 (x86 pl) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 pl)) (Version: 24.6.0 - Mozilla)
    P4P (HKLM\...\{FC3D290D-79BE-44B7-ABF9-FDD110925930}) (Version: 1.0.0.16 - P4P)
    Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation)
    PokerStars.eu (HKLM\...\PokerStars.eu) (Version: - PokerStars.eu)
    Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5667 - Realtek Semiconductor Corp.)
    Skins (Version: 2008.0328.2322.39969 - ATI) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3043269556-1321023651-3697139067-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File

    ==================== Restore Points =========================


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ::1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {2A1313C3-6CB9-44CC-BED9-E81E5BF0C528} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
    Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
    Task: {7515D8B8-A43B-4C58-A962-8A34EB9349CB} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js"
    Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
    Task: {AB8190A8-E92B-4947-908A-825E60E5E526} - \Program aktualizacji online firmy Adobe. No Task File <==== ATTENTION
    Task: {ADC60668-1E70-479F-B56B-BE48F878355C} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-06-18] (ASUS)
    Task: {C02D7050-5605-406A-AC44-013B8AD4931A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
    Task: {C3A1564F-E89B-4AAF-825C-24BAAB86C0C2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Loaded Modules (whitelisted) =============

    2008-10-11 08:55 - 2007-05-18 11:31 - 00073728 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    2008-10-11 08:16 - 2007-10-03 06:53 - 00094208 _____ () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    2008-10-11 08:55 - 2007-08-08 09:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    2008-10-11 08:55 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
    2008-10-11 08:55 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
    2008-07-19 04:52 - 2008-07-19 04:52 - 00649704 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
    2008-06-09 18:55 - 2008-06-09 18:55 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
    2008-10-11 08:16 - 2008-01-12 07:40 - 00098304 _____ () C:\Program Files\ATK Hotkey\HControlUser.exe
    2008-10-11 08:16 - 2007-11-13 00:41 - 00106496 _____ () C:\Program Files\ATK Hotkey\MsgTran.dll
    2008-10-11 08:16 - 2008-01-24 00:34 - 07766016 _____ () C:\Program Files\ATKOSD2\ATKOSD2.exe
    2008-10-11 08:55 - 2008-02-01 23:29 - 00061440 _____ () C:\Program Files\ASUS\ATK Media\DMedia.exe
    2008-10-11 08:55 - 2008-02-01 23:29 - 00049152 _____ () C:\Program Files\ASUS\ATK Media\ATKMETHOD.dll
    2008-10-11 09:02 - 2007-08-03 05:52 - 00778240 _____ () C:\Program Files\P4P\P4P.exe
    2008-10-11 08:58 - 2007-08-03 21:24 - 00125496 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    2008-10-11 08:58 - 2007-09-14 19:00 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll
    2008-10-11 08:58 - 2003-11-28 11:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll
    2008-10-11 08:58 - 2005-08-30 00:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
    2008-10-11 08:58 - 2003-09-10 01:08 - 00049152 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll
    2008-10-11 08:58 - 2006-04-04 19:24 - 00036864 _____ () C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll
    2008-10-11 08:58 - 2005-04-08 04:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
    2008-10-11 08:16 - 2004-05-28 03:13 - 00057344 _____ () C:\Program Files\ATK Hotkey\CMSSC.dll
    2008-10-11 08:16 - 2007-11-05 04:48 - 00106496 _____ () C:\Program Files\ATK Hotkey\MsgTranAgt.exe
    2008-10-11 08:39 - 2007-07-06 01:53 - 01040384 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
    2007-07-10 07:48 - 2007-07-10 07:48 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
    2008-03-28 18:19 - 2008-03-28 18:19 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
    2008-10-11 08:53 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    2008-10-11 08:16 - 2007-12-04 19:57 - 02486272 _____ () C:\Program Files\ATK Hotkey\ATKOSD.exe
    2008-10-11 08:16 - 2007-08-15 20:20 - 00106496 _____ () C:\Program Files\ATK Hotkey\KBFiltr.exe
    2008-10-11 08:16 - 2008-01-23 19:51 - 00151552 _____ () C:\Program Files\ATK Hotkey\WDC.exe
    2014-07-31 06:58 - 2014-07-31 06:59 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ==================== Faulty Device Manager Devices =============

    Name: Bluetooth AV Source
    Description: Bluetooth AV Source
    Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
    Manufacturer: Broadcom Corp.
    Service: btwavdt
    Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
    Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
    Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

    Name: Bluetooth Headset AG
    Description: Bluetooth Headset AG
    Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
    Manufacturer: Broadcom Corp.
    Service: btwavdt
    Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
    Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
    Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

    Name: Bluetooth Peripheral Device
    Description: Bluetooth Peripheral Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/11/2014 05:59:25 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Hr = 0x80070422).

    Error: (09/11/2014 05:57:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (09/11/2014 05:38:46 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Usunięto AVG 2015; Hr = 0x80070422).

    Error: (09/11/2014 05:38:46 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Removed AVG 2015; Hr = 0x80070422).

    Error: (09/11/2014 05:38:46 PM) (Source: MsiInstaller) (EventID: 10997) (User: GALUBKI-PC)
    Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2015 — Błąd 997. Pokrywająca się operacja We/Wy jest w toku.
    (NULL)(NULL)(NULL)(NULL)

    Error: (09/11/2014 05:38:45 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Zainstalowano AVG 2015; Hr = 0x80070422).

    Error: (09/11/2014 05:38:42 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Installed AVG 2015; Hr = 0x80070422).

    Error: (09/11/2014 05:38:38 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Zainstalowano AVG 2015; Hr = 0x80070422).

    Error: (09/11/2014 05:38:37 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Nie można utworzyć punktu przywracania na woluminie (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Installed AVG 2015; Hr = 0x80070422).

    Error: (09/11/2014 04:53:50 PM) (Source: MsiInstaller) (EventID: 10011) (User: GALUBKI-PC)
    Description: Product: Microsoft .NET Framework 1.1 -- Nieprawidłowy klucz do użycia w podanym stanie.
    (NULL)(NULL)(NULL)(NULL)


    System errors:
    =============
    Error: (09/11/2014 05:57:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Bhbase
    Bnbase
    Bndef
    Bprotect

    Error: (09/11/2014 05:56:08 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT)
    Description: 0x80070032

    Error: (09/11/2014 04:35:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Bhbase
    Bnbase
    Bndef
    Bprotect

    Error: (09/11/2014 04:35:18 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT)
    Description: 0x80070032

    Error: (09/11/2014 04:27:55 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT)
    Description: 0x80070032

    Error: (09/11/2014 04:27:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Bhbase
    Bnbase
    Bndef
    Bprotect

    Error: (09/11/2014 02:16:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Bhbase
    Bnbase
    Bndef
    Bprotect

    Error: (09/11/2014 02:16:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT)
    Description: 0x80070032

    Error: (09/10/2014 09:59:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT)
    Description: 0x80070032

    Error: (09/10/2014 09:58:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Bhbase
    Bnbase
    Bndef
    Bprotect


    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2014-09-10 21:28:35.908
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2014\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-10 21:28:35.773
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2014\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-10 21:28:35.635
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2014\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-10 21:28:35.496
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2014\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-10 21:28:33.921
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2014\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-10 21:28:33.787
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2014\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-10 21:28:33.648
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2014\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-10 21:28:33.489
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2014\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-03 10:02:48.035
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SET4C00.tmp because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-03 10:02:47.640
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SET4C00.tmp because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
    Percentage of memory in use: 46%
    Total physical RAM: 3070.36 MB
    Available physical RAM: 1633.48 MB
    Total Pagefile: 6343.71 MB
    Available Pagefile: 4905.47 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1901.15 MB

    ==================== Drives ================================

    Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:116.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (DATA) (Fixed) (Total:139.28 GB) (Free:139 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 298.1 GB) (Disk ID: 97646C29)
    Partition 1: (Not Active) - (Size=9.8 GB) - (Type=1C)
    Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=139.3 GB) - (Type=OF Extended)

    ==================== End Of Log ============================

    Dodano po 53 [sekundy]:

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-09-2014
    Ran by Ewa (administrator) on GALUBKI-PC on 11-09-2014 18:03:26
    Running from C:\Users\Ewa\Downloads
    Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Polski (Polska)
    Internet Explorer Version 9
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-f...utorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
    (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
    (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
    () C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    () C:\Program Files\ATK Hotkey\AsLdrSrv.exe
    () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
    (CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
    () C:\Program Files\ATK Hotkey\HControlUser.exe
    () C:\Program Files\ATKOSD2\ATKOSD2.exe
    (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
    (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    () C:\Program Files\ASUS\ATK Media\DMedia.exe
    () C:\Program Files\P4P\P4P.exe
    (ASUS) C:\Windows\AsScrPro.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Microsoft Corporation) C:\Windows\ehome\ehtray.exe
    (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
    (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    (ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
    () C:\Program Files\ATK Hotkey\MsgTranAgt.exe
    () C:\Program Files\Wireless Console 2\wcourier.exe
    (ATK) C:\Program Files\P4G\BatteryLife.exe
    (ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
    () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    (ASUSTeK) C:\Windows\System32\ACEngSvr.exe
    (ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
    () C:\Program Files\ATK Hotkey\ATKOSD.exe
    () C:\Program Files\ATK Hotkey\KBFiltr.exe
    () C:\Program Files\ATK Hotkey\WDC.exe
    (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-V5.16-delta.exe
    (Microsoft Corporation) D:\72b0f9ec7603289481a577\mrtstub.exe
    (Microsoft Corporation) C:\Windows\System32\mrt.exe
    (Microsoft Corporation) C:\Windows\System32\conime.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
    HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
    HKLM\...\Run: [HControlUser] => C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-01-12] ()
    HKLM\...\Run: [ATKOSD2] => C:\Program Files\ATKOSD2\ATKOSD2.exe [7766016 2008-01-24] ()
    HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6253088 2008-07-16] (Realtek Semiconductor)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-07] (Synaptics, Inc.)
    HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2008-02-01] ()
    HKLM\...\Run: [PowerForPhone] => C:\Program Files\P4P\P4P.exe [778240 2007-08-03] ()
    HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2008-10-11] (ASUS)
    HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2008-10-11] ()
    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\MountPoints2: {6b530725-1330-11e3-8efb-00235442cf20} - F:\AutoRun.exe
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\MountPoints2: {72ab28c4-22f8-11e3-81de-00235442cf20} - F:\AutoRun.exe
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\MountPoints2: {7af435be-0265-11e3-b954-00235442cf20} - F:\Setup.exe
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\MountPoints2: {81f11d87-11fc-11e3-9a13-00235442cf20} - F:\AutoRun.exe
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\MountPoints2: {b2f9012e-3c0c-11e0-83cf-00235442cf20} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\MountPoints2: {b2f90139-3c0c-11e0-83cf-00235442cf20} - F:\AutoRun.exe
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\MountPoints2: {b2f9013e-3c0c-11e0-83cf-00235442cf20} - F:\AutoRun.exe
    ShellIconOverlayIdentifiers: ADSMOverlayIcon -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
    ShellIconOverlayIdentifiers: ADSMOverlayIcon1 -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source...HNH&ts=1393423563&type=default&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source...HNH&ts=1393423563&type=default&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
    URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    URLSearchHook: HKLM - SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - No File
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?utm_source=b&...0320AS_5SX1NHNHXXXX5SX1NHNH&ts=1393423563
    SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source...HNH&ts=1393423563&type=default&q={searchTerms}
    SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source...HNH&ts=1393423563&type=default&q={searchTerms}
    SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source...HNH&ts=1393423563&type=default&q={searchTerms}
    SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source...HNH&ts=1393423563&type=default&q={searchTerms}
    Toolbar: HKLM - SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - No File
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    FireFox:
    ========
    FF ProfilePath: C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\xksmeglo.default-1409954675375
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF user.js: detected! => C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\xksmeglo.default-1409954675375\user.js
    FF SearchPlugin: C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\xksmeglo.default-1409954675375\searchplugins\avg-secure-search.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
    FF Extension: Adblock Plus - C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\xksmeglo.default-1409954675375\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-10]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-01-06]
    FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\ckuep925.default\extensions\quick_start@gmail.com

    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx []
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [73728 2007-05-18] () [File not signed]
    R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] () [File not signed]
    R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
    R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
    R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
    R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [29752 2007-08-11] (Windows (R) Codename Longhorn DDK provider)
    R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
    S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [102784 2012-06-06] (Huawei Technologies Co., Ltd.) [File not signed]
    S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [11136 2012-06-06] (Huawei Technologies Co., Ltd.) [File not signed]
    R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
    S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2012-06-06] (Huawei Technologies Co., Ltd.)
    S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [66688 2012-06-06] (Huawei Technologies Co., Ltd.)
    S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-06-06] (Huawei Technologies Co., Ltd.)
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-25] ( )
    R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-15] (ATK0100)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
    R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt; C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt.sys [55056 2014-09-09] (StdLib)
    S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
    S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
    S0 Bhbase; System32\drivers\Bhbase.sys [X]
    S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]
    S1 Bnbase; System32\drivers\bnbasex.sys [X]
    S1 Bndef; \??\C:\Windows\System32\drivers\bndef.sys [X]
    S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
    S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
    S3 btwaudio; system32\drivers\btwaudio.sys [X]
    S3 btwavdt; system32\drivers\btwavdt.sys [X]
    S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
    S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\5.0.0.0\PCFApiUtil.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-23 21:30 - 2014-09-23 21:31 - 00000000 ____D () C:\Users\Ewa\AppData\Local\Akamai
    2014-09-23 21:29 - 2014-09-23 21:29 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Ewa\Downloads\AsusInstaller.exe
    2014-09-11 18:03 - 2014-09-11 18:03 - 00014529 _____ () C:\Users\Ewa\Downloads\FRST.txt
    2014-09-11 18:03 - 2014-09-11 18:03 - 00000000 ____D () C:\FRST
    2014-09-11 18:02 - 2014-09-11 18:02 - 02105856 _____ (Farbar) C:\Users\Ewa\Downloads\FRST64.exe
    2014-09-11 18:01 - 2014-09-11 18:02 - 01097728 _____ (Farbar) C:\Users\Ewa\Downloads\FRST.exe
    2014-09-11 17:36 - 2014-09-11 17:37 - 153796568 _____ (AVG Technologies) C:\Users\Ewa\Downloads\avg_free_x86_all_2015_5315a8160.exe
    2014-09-11 17:22 - 2014-09-11 17:22 - 00000000 ____D () C:\ProgramData\Isolated Storage
    2014-09-11 17:21 - 2014-09-11 17:22 - 05217632 _____ (North American Solutions ) C:\Users\Ewa\Downloads\SmartyUninstaller4.exe
    2014-09-11 17:21 - 2014-09-11 17:21 - 02209792 _____ () C:\Users\Ewa\Downloads\Smarty_Uninstaller_Sciagnij.pl.exe
    2014-09-11 17:19 - 2014-09-11 17:19 - 11826440 _____ (OPSWAT, Inc.) C:\Users\Ewa\Downloads\AppRemover.exe
    2014-09-11 17:18 - 2014-09-11 17:18 - 02209792 _____ () C:\Users\Ewa\Downloads\AppRemover_Sciagnij.pl.exe
    2014-09-11 16:44 - 2014-09-11 17:07 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Systweak
    2014-09-11 16:44 - 2014-08-05 19:14 - 00018280 _____ () C:\Windows\system32\roboot.exe
    2014-09-11 16:31 - 2014-09-11 16:31 - 00519488 _____ (AVAST Software) C:\Users\Ewa\Downloads\avastclear.exe
    2014-09-11 16:28 - 2014-09-11 16:29 - 70938624 _____ () C:\Users\Ewa\Downloads\ess_nt32_plk(2).msi
    2014-09-11 16:05 - 2014-09-11 16:08 - 00002524 _____ () C:\Users\Ewa\Desktop\Rkill.txt
    2014-09-11 16:01 - 2014-09-11 16:01 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Ewa\Downloads\rkill.exe
    2014-09-11 15:48 - 2014-09-11 15:49 - 70938624 _____ () C:\Users\Ewa\Downloads\ess_nt32_plk.msi
    2014-09-11 14:51 - 2014-09-11 14:51 - 00000000 ____D () C:\Users\Ewa\AppData\Local\Avg2015
    2014-09-10 21:56 - 2014-09-11 17:55 - 00022748 _____ () C:\Windows\PFRO.log
    2014-09-10 21:54 - 2014-09-10 21:33 - 01424232 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    2014-09-10 21:39 - 2014-09-10 21:39 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Baidu
    2014-09-10 21:39 - 2014-09-10 21:39 - 00000000 ____D () C:\Program Files\Baidu-Security-2014-4.4.4.73687
    2014-09-10 21:37 - 2014-09-10 21:39 - 00000000 ____D () C:\ProgramData\Baidu
    2014-09-10 21:35 - 2014-09-09 17:17 - 00055056 _____ (StdLib) C:\Windows\system32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt.sys
    2014-09-10 21:32 - 2014-09-10 21:55 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
    2014-09-10 21:32 - 2014-09-10 21:55 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Baidu Security
    2014-09-10 21:32 - 2014-09-10 21:55 - 00000000 ____D () C:\ProgramData\Baidu Security
    2014-09-10 21:32 - 2014-09-10 21:55 - 00000000 ____D () C:\Program Files\Baidu Security
    2014-09-10 21:32 - 2014-09-10 21:32 - 00014304 _____ () C:\ProgramData\Duplicaterecord.js
    2014-09-10 21:32 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Public\Documents\Baidu
    2014-09-10 21:31 - 2014-09-10 22:00 - 00000000 ____D () C:\Program Files\Opera
    2014-09-10 21:31 - 2014-09-10 21:31 - 23586936 _____ (Baidu, Inc.) C:\Users\Ewa\Downloads\PC_Faster_Setup_GL.exe
    2014-09-10 21:31 - 2014-09-10 21:31 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Opera Software
    2014-09-10 21:31 - 2014-09-10 21:31 - 00000000 ____D () C:\Users\Ewa\AppData\Local\Opera Software
    2014-09-10 21:29 - 2014-09-10 21:29 - 00803112 _____ ( ) C:\Users\Ewa\Downloads\Baidu-PC-Faster(39879)-dp.exe
    2014-09-06 00:04 - 2014-09-06 00:04 - 00000000 ____D () C:\Users\Ewa\Desktop\Stare dane programu Firefox
    2014-09-05 12:18 - 2014-09-05 12:19 - 00865688 _____ (Elex do Brasil Participações Ltda) C:\Users\Ewa\Downloads\yet_another_cleaner_mmacn.exe
    2014-08-28 20:23 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-28 20:23 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-13 12:57 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2014-08-13 12:57 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2014-08-13 12:57 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2014-08-13 12:57 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-08-13 12:10 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-08-13 12:10 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-08-13 12:10 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-08-13 12:10 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-08-13 12:10 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-08-13 12:09 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-08-13 12:09 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-08-13 12:09 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-08-13 12:09 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-08-13 12:09 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-08-13 12:09 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-08-13 12:09 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-08-13 12:09 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-08-13 12:09 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-08-13 12:09 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-08-13 12:09 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-08-13 12:09 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-08-13 12:09 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-08-13 12:09 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-08-13 12:09 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-08-13 12:09 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-08-13 12:09 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-08-13 12:09 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-08-13 12:09 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-08-13 12:09 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-08-13 12:09 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-08-13 12:09 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-08-13 12:09 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-08-13 12:09 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2014-08-13 12:04 - 2014-08-14 11:04 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Dropbox
    2014-08-13 12:04 - 2014-08-13 12:04 - 00323576 _____ (Dropbox, Inc.) C:\Users\Ewa\Downloads\DropboxInstaller.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-23 21:31 - 2014-09-23 21:30 - 00000000 ____D () C:\Users\Ewa\AppData\Local\Akamai
    2014-09-23 21:29 - 2014-09-23 21:29 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\Ewa\Downloads\AsusInstaller.exe
    2014-09-11 18:03 - 2014-09-11 18:03 - 00014529 _____ () C:\Users\Ewa\Downloads\FRST.txt
    2014-09-11 18:03 - 2014-09-11 18:03 - 00000000 ____D () C:\FRST
    2014-09-11 18:03 - 2008-10-11 07:13 - 01396494 _____ () C:\Windows\WindowsUpdate.log
    2014-09-11 18:02 - 2014-09-11 18:02 - 02105856 _____ (Farbar) C:\Users\Ewa\Downloads\FRST64.exe
    2014-09-11 18:02 - 2014-09-11 18:01 - 01097728 _____ (Farbar) C:\Users\Ewa\Downloads\FRST.exe
    2014-09-11 18:02 - 2013-09-01 10:26 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-11 18:02 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-09-11 18:02 - 2006-11-02 12:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-09-11 17:59 - 2008-04-18 02:01 - 00714394 _____ () C:\Windows\system32\perfh015.dat
    2014-09-11 17:59 - 2008-04-18 02:01 - 00151234 _____ () C:\Windows\system32\perfc015.dat
    2014-09-11 17:59 - 2006-11-02 12:33 - 01588638 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-11 17:55 - 2014-09-10 21:56 - 00022748 _____ () C:\Windows\PFRO.log
    2014-09-11 17:55 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-11 17:55 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-11 17:55 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-11 17:48 - 2008-10-11 07:13 - 00000012 _____ () C:\Windows\bthservsdp.dat
    2014-09-11 17:48 - 2006-11-02 15:01 - 00032562 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-09-11 17:38 - 2014-04-04 22:45 - 00000000 ____D () C:\ProgramData\MFAData
    2014-09-11 17:37 - 2014-09-11 17:36 - 153796568 _____ (AVG Technologies) C:\Users\Ewa\Downloads\avg_free_x86_all_2015_5315a8160.exe
    2014-09-11 17:35 - 2014-02-04 18:32 - 00000000 ____D () C:\Users\Ewa\Desktop\zdjecia
    2014-09-11 17:22 - 2014-09-11 17:22 - 00000000 ____D () C:\ProgramData\Isolated Storage
    2014-09-11 17:22 - 2014-09-11 17:21 - 05217632 _____ (North American Solutions ) C:\Users\Ewa\Downloads\SmartyUninstaller4.exe
    2014-09-11 17:21 - 2014-09-11 17:21 - 02209792 _____ () C:\Users\Ewa\Downloads\Smarty_Uninstaller_Sciagnij.pl.exe
    2014-09-11 17:19 - 2014-09-11 17:19 - 11826440 _____ (OPSWAT, Inc.) C:\Users\Ewa\Downloads\AppRemover.exe
    2014-09-11 17:18 - 2014-09-11 17:18 - 02209792 _____ () C:\Users\Ewa\Downloads\AppRemover_Sciagnij.pl.exe
    2014-09-11 17:07 - 2014-09-11 16:44 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Systweak
    2014-09-11 16:48 - 2014-01-23 21:24 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-11 16:43 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
    2014-09-11 16:34 - 2011-01-08 12:39 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
    2014-09-11 16:33 - 2006-11-02 12:23 - 00002577 _____ () C:\Windows\system32\config.nt
    2014-09-11 16:31 - 2014-09-11 16:31 - 00519488 _____ (AVAST Software) C:\Users\Ewa\Downloads\avastclear.exe
    2014-09-11 16:29 - 2014-09-11 16:28 - 70938624 _____ () C:\Users\Ewa\Downloads\ess_nt32_plk(2).msi
    2014-09-11 16:26 - 2011-01-08 12:39 - 00100832 _____ () C:\Users\Ewa\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-09-11 16:26 - 2006-11-02 14:47 - 00382032 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-09-11 16:08 - 2014-09-11 16:05 - 00002524 _____ () C:\Users\Ewa\Desktop\Rkill.txt
    2014-09-11 16:01 - 2014-09-11 16:01 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Ewa\Downloads\rkill.exe
    2014-09-11 15:49 - 2014-09-11 15:48 - 70938624 _____ () C:\Users\Ewa\Downloads\ess_nt32_plk.msi
    2014-09-11 14:51 - 2014-09-11 14:51 - 00000000 ____D () C:\Users\Ewa\AppData\Local\Avg2015
    2014-09-10 22:00 - 2014-09-10 21:31 - 00000000 ____D () C:\Program Files\Opera
    2014-09-10 21:55 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
    2014-09-10 21:55 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Baidu Security
    2014-09-10 21:55 - 2014-09-10 21:32 - 00000000 ____D () C:\ProgramData\Baidu Security
    2014-09-10 21:55 - 2014-09-10 21:32 - 00000000 ____D () C:\Program Files\Baidu Security
    2014-09-10 21:39 - 2014-09-10 21:39 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Baidu
    2014-09-10 21:39 - 2014-09-10 21:39 - 00000000 ____D () C:\Program Files\Baidu-Security-2014-4.4.4.73687
    2014-09-10 21:39 - 2014-09-10 21:37 - 00000000 ____D () C:\ProgramData\Baidu
    2014-09-10 21:36 - 2008-04-18 02:02 - 00000000 ____D () C:\Windows\Panther
    2014-09-10 21:35 - 2006-11-02 12:23 - 00000321 _____ () C:\Windows\win.ini
    2014-09-10 21:33 - 2014-09-10 21:54 - 01424232 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    2014-09-10 21:32 - 2014-09-10 21:32 - 00014304 _____ () C:\ProgramData\Duplicaterecord.js
    2014-09-10 21:32 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Public\Documents\Baidu
    2014-09-10 21:31 - 2014-09-10 21:31 - 23586936 _____ (Baidu, Inc.) C:\Users\Ewa\Downloads\PC_Faster_Setup_GL.exe
    2014-09-10 21:31 - 2014-09-10 21:31 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Opera Software
    2014-09-10 21:31 - 2014-09-10 21:31 - 00000000 ____D () C:\Users\Ewa\AppData\Local\Opera Software
    2014-09-10 21:29 - 2014-09-10 21:29 - 00803112 _____ ( ) C:\Users\Ewa\Downloads\Baidu-PC-Faster(39879)-dp.exe
    2014-09-09 20:56 - 2014-06-12 15:01 - 00000000 ____D () C:\Users\Ewa\AppData\Local\PokerStars.EU
    2014-09-09 20:56 - 2014-06-12 15:00 - 00000000 ____D () C:\Program Files\PokerStars.EU
    2014-09-09 20:49 - 2014-01-23 21:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-09-09 20:49 - 2011-09-23 19:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-09-09 19:01 - 2014-05-29 15:23 - 00000000 ____D () C:\Program Files\NapiProjekt
    2014-09-09 17:17 - 2014-09-10 21:35 - 00055056 _____ (StdLib) C:\Windows\system32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt.sys
    2014-09-06 00:04 - 2014-09-06 00:04 - 00000000 ____D () C:\Users\Ewa\Desktop\Stare dane programu Firefox
    2014-09-05 12:19 - 2014-09-05 12:18 - 00865688 _____ (Elex do Brasil Participações Ltda) C:\Users\Ewa\Downloads\yet_another_cleaner_mmacn.exe
    2014-09-03 20:28 - 2014-07-31 06:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-09-01 20:49 - 2011-01-08 12:43 - 00000000 ____D () C:\Users\Ewa\AppData\Local\Adobe
    2014-08-30 15:52 - 2014-01-24 14:16 - 00000000 ____D () C:\Users\Ewa\AppData\Local\GG
    2014-08-30 15:50 - 2014-01-24 14:16 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\GG
    2014-08-28 14:11 - 2014-08-11 15:16 - 00000000 _____ () C:\Program Files\Mozilla Firefoxwtu-secure-search.xml
    2014-08-25 13:31 - 2014-01-23 21:21 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    2014-08-23 03:03 - 2014-08-28 20:23 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-23 01:26 - 2014-08-28 20:23 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-14 22:10 - 2011-05-05 16:32 - 00017920 _____ () C:\Users\Ewa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-08-14 11:04 - 2014-08-13 12:04 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Dropbox
    2014-08-14 11:04 - 2011-01-08 12:39 - 00000000 ____D () C:\Users\Ewa
    2014-08-13 13:47 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
    2014-08-13 13:25 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\pl-PL
    2014-08-13 12:04 - 2014-08-13 12:04 - 00323576 _____ (Dropbox, Inc.) C:\Users\Ewa\Downloads\DropboxInstaller.exe

    Files to move or delete:
    ====================
    C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    C:\ProgramData\Duplicaterecord.js


    Some content of TEMP:
    ====================
    C:\Users\Ewa\AppData\Local\Temp\InstHelper.exe
    C:\Users\Ewa\AppData\Local\Temp\silent-1-.exe
    C:\Users\Ewa\AppData\Local\Temp\UNINSTALL.EXE


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-09-11 18:01

    ==================== End Of Log =====================

    0
  • #4 11 Wrz 2014 18:07
    Acorus 20
    Spec od komputerów

    Logi pokaż jako załączniki.

    0
  • #5 11 Wrz 2014 18:10
    3m3
    Poziom 11  

    Acorus 20 napisał:
    Logi pokaż jako załączniki.
    jak to się robi

    0
  • #6 11 Wrz 2014 19:26
    Kolobos
    Spec od komputerów

    Klikasz na Odpowiedz (pod postem, nie pod watkiem) i tam na dole masz opcje dodawania zalacznikow.


    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
    HKU\S-1-5-21-3043269556-1321023651-3697139067-1000\...\MountPoints2: {b2f9012e-3c0c-11e0-83cf-00235442cf20} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b
    HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
    URLSearchHook: HKLM - SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - No File
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226
    SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source...HNH&ts=1393423563&type=default&q={searchTerms}
    SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226
    SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226
    SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226
    Toolbar: HKLM - SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - No File
    FF SearchPlugin: C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\xksmeglo.default-1409954675375\searchplugins\avg-secure-search.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
    FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\ckuep925.default\extensions\quick_start@gmail.com
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
    R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt; C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt.sys [55056 2014-09-09] (StdLib)
    S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\5.0.0.0\PCFApiUtil.sys [X]
    2014-09-11 17:21 - 2014-09-11 17:21 - 02209792 _____ () C:\Users\Ewa\Downloads\Smarty_Uninstaller_Sciagnij.pl.exe
    2014-09-11 17:18 - 2014-09-11 17:18 - 02209792 _____ () C:\Users\Ewa\Downloads\AppRemover_Sciagnij.pl.exe
    2014-09-11 16:44 - 2014-09-11 17:07 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Systweak
    2014-09-11 16:44 - 2014-08-05 19:14 - 00018280 _____ () C:\Windows\system32\roboot.exe
    2014-09-11 16:31 - 2014-09-11 16:31 - 00519488 _____ (AVAST Software) C:\Users\Ewa\Downloads\avastclear.exe
    2014-09-10 21:39 - 2014-09-10 21:39 - 00000000 ____D () C:\Program Files\Baidu-Security-2014-4.4.4.73687
    2014-09-10 21:37 - 2014-09-10 21:39 - 00000000 ____D () C:\ProgramData\Baidu
    2014-09-10 21:35 - 2014-09-09 17:17 - 00055056 _____ (StdLib) C:\Windows\system32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt.sys
    2014-09-10 21:32 - 2014-09-10 21:55 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
    2014-09-10 21:32 - 2014-09-10 21:55 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Baidu Security
    2014-09-10 21:32 - 2014-09-10 21:55 - 00000000 ____D () C:\ProgramData\Baidu Security
    2014-09-10 21:32 - 2014-09-10 21:55 - 00000000 ____D () C:\Program Files\Baidu Security
    2014-09-10 21:32 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Public\Documents\Baidu
    2014-09-11 17:22 - 2014-09-11 17:21 - 05217632 _____ (North American Solutions ) C:\Users\Ewa\Downloads\SmartyUninstaller4.exe
    2014-09-11 17:21 - 2014-09-11 17:21 - 02209792 _____ () C:\Users\Ewa\Downloads\Smarty_Uninstaller_Sciagnij.pl.exe
    2014-09-11 17:19 - 2014-09-11 17:19 - 11826440 _____ (OPSWAT, Inc.) C:\Users\Ewa\Downloads\AppRemover.exe
    2014-09-11 17:18 - 2014-09-11 17:18 - 02209792 _____ () C:\Users\Ewa\Downloads\AppRemover_Sciagnij.pl.exe
    2014-09-11 17:07 - 2014-09-11 16:44 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Systweak
    2014-09-10 21:55 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
    2014-09-10 21:55 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Baidu Security
    2014-09-10 21:55 - 2014-09-10 21:32 - 00000000 ____D () C:\ProgramData\Baidu Security
    2014-09-10 21:55 - 2014-09-10 21:32 - 00000000 ____D () C:\Program Files\Baidu Security
    2014-09-10 21:39 - 2014-09-10 21:39 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\Baidu
    2014-09-10 21:39 - 2014-09-10 21:39 - 00000000 ____D () C:\Program Files\Baidu-Security-2014-4.4.4.73687
    2014-09-10 21:39 - 2014-09-10 21:37 - 00000000 ____D () C:\ProgramData\Baidu
    2014-09-10 21:33 - 2014-09-10 21:54 - 01424232 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    2014-09-10 21:32 - 2014-09-10 21:32 - 00014304 _____ () C:\ProgramData\Duplicaterecord.js
    2014-09-10 21:32 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Public\Documents\Baidu
    2014-09-10 21:31 - 2014-09-10 21:31 - 23586936 _____ (Baidu, Inc.) C:\Users\Ewa\Downloads\PC_Faster_Setup_GL.exe
    2014-09-10 21:29 - 2014-09-10 21:29 - 00803112 _____ ( ) C:\Users\Ewa\Downloads\Baidu-PC-Faster(39879)-dp.exe
    2014-09-09 17:17 - 2014-09-10 21:35 - 00055056 _____ (StdLib) C:\Windows\system32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt.sys
    2014-09-05 12:19 - 2014-09-05 12:18 - 00865688 _____ (Elex do Brasil Participações Ltda) C:\Users\Ewa\Downloads\yet_another_cleaner_mmacn.exe
    2014-08-28 14:11 - 2014-08-11 15:16 - 00000000 _____ () C:\Program Files\Mozilla Firefoxwtu-secure-search.xml
    C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    C:\ProgramData\Duplicaterecord.js
    EmptyTemp:

    W FRST wybierz Fix.

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun:
    http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

    Zrob pelny skan przy pomocy Mbam:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
    oraz http://ftp.drweb.com/pub/drweb/cureit/launch.exe

    Po wykonaniu daj nowe logi z FRST, ze skanowania w ZALACZNIKU.

    0