Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wyszukiwarka google, nie działa

paluszer 15 Lip 2015 09:22 1194 6
  • CControls
  • Pomocny post
    #2 15 Lip 2015 09:28
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj pdfforge Toolbar v1.1.2.

    Cytat:

    HKLM\...\Run: [] => [X]
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    U4 epfwtdir; system32\DRIVERS\epfwtdir.sys [X]
    S4 IntelIde; No ImagePath
    U1 WS2IFSL; No ImagePath
    Empty Temp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe, odpal go i kliknij Fix.

    Po tym przeskanuj komputer programem MBAM, usuń wszystko co znalazł.
    Gdyby problem nadal był możesz później jeszcze raz dać logi z FRST do sprawdzenia.

    1
  • CControls
  • #3 15 Lip 2015 12:04
    paluszer
    Poziom 4  

    Dzięki, niestety nadal nie działa.

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2015

    Spoiler:
    Ran by ppaluch (administrator) on PAWELP on 15-07-2015 12:00:18
    Running from C:\Documents and Settings\ppaluch\Moje dokumenty\Downloads
    Loaded Profiles: ppaluch (Available Profiles: ppaluch & Ginco & Gość)
    Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski
    Internet Explorer Version 8 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-f...utorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
    (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
    (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    (pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
    (pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
    () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
    (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    (Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
    (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    (ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
    (Nektra S.A.) C:\Program Files\NXPowerLite\loadnxploeaddin.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
    (Huawei Technologies Co., Ltd.) C:\Documents and Settings\ppaluch\Dane aplikacji\PLAY ONLINE\ouc.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe




    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18063872 2008-12-09] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [57344 2008-06-19] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [GEST] => =
    HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
    HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
    HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
    HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
    HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [570664 2009-03-10] (Nero AG)
    HKLM\...\Run: [LGODDFU] => C:\Program Files\lg_fwupdate\lgfw.exe [27760 2012-09-04] (Bitleader)
    HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-05-07] (CyberLink Corp.)
    HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
    HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [73728 2007-06-13] (Nuance Communications, Inc.)
    HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2219184 2011-01-12] (ESET)
    HKLM\...\Run: [MP10_EnsureFileVer] => C:\WINDOWS\inf\unregmp2.exe [208896 2008-04-15] (Microsoft Corporation)
    HKLM\...\Run: [ACPW07EN] => C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1470280 2014-03-05] (ACD Systems)
    HKLM\...\Run: [nxpOEAPI] => C:\Program Files\NXPowerLite\loadnxploeaddin.exe [91520 2014-01-28] (Nektra S.A.)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
    HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-12-17] (Samsung Electronics Co., Ltd.)
    HKU\S-1-5-21-73586283-1417001333-725345543-1005\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [5148672 2009-08-22] ()
    HKU\S-1-5-21-73586283-1417001333-725345543-1005\...\Run: [HW_OPENEYE_OUC_PLAY ONLINE] => C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [110592 2009-04-14] (Huawei Technologies Co., Ltd.)
    HKU\S-1-5-21-73586283-1417001333-725345543-1005\...\MountPoints2: {40622978-dcfe-11e0-af50-00241da5a6ba} - F:\AutoRun.exe
    HKU\S-1-5-21-73586283-1417001333-725345543-1005\...\MountPoints2: {48f1aa2a-d935-11e0-af4b-00241da5a6ba} - G:\AutoRun.exe
    HKU\S-1-5-21-73586283-1417001333-725345543-1005\...\MountPoints2: {48f1aa2d-d935-11e0-af4b-00241da5a6ba} - G:\AutoRun.exe
    HKU\S-1-5-21-73586283-1417001333-725345543-1005\...\MountPoints2: {48f1aa32-d935-11e0-af4b-00241da5a6ba} - F:\AutoRun.exe
    HKU\S-1-5-21-73586283-1417001333-725345543-1005\...\MountPoints2: {8aed1d2c-d52c-11e0-af49-00241da5a6ba} - F:\AutoRun.exe
    Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VPN Client.lnk [2012-04-13]
    ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-73586283-1417001333-725345543-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://wyborcza.biz/biznes/0,0.html?p=005
    HKU\S-1-5-21-73586283-1417001333-725345543-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
    Tcpip\..\Interfaces\{FE4FC2C2-98A8-4A52-86CC-F43C32130789}: [DhcpNameServer] 8.8.8.8 8.8.4.4

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\ppaluch\Dane aplikacji\Mozilla\Firefox\Profiles\miaf33tn.default
    FF SelectedSearchEngine: Allegro
    FF Homepage: https://www.google.pl/
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-01-26] ()
    FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2010-03-17] (Foxit Software Company)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
    FF Extension: Cooliris - C:\Documents and Settings\ppaluch\Dane aplikacji\Mozilla\Firefox\Profiles\miaf33tn.default\Extensions\piclens@cooliris.com [2011-12-19]
    FF Extension: Adblock Plus - C:\Documents and Settings\ppaluch\Dane aplikacji\Mozilla\Firefox\Profiles\miaf33tn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-17]
    FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
    FF Extension: No Name - C:\Program Files\PDF Architect\FFPDFArchitectExt [2015-07-15]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-18]
    FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
    FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-05-16]

    Chrome:
    =======
    CHR Profile: C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-29]
    CHR Extension: (Google Drive) - C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-29]
    CHR Extension: (YouTube) - C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-29]
    CHR Extension: (Google Search) - C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-29]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-11]
    CHR Extension: (Gmail) - C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-29]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
    S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2011-01-12] (ESET)
    R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144 2011-01-12] (ESET)
    S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-01-29] (Hewlett-Packard Co.) [File not signed]
    R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [264704 2010-11-16] () [File not signed]
    R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-26] (Oracle Corporation)
    S2 KMService; C:\WINDOWS\system32\srvany.exe [8192 2013-07-26] () [File not signed]
    R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-01-27] (Hewlett-Packard Company) [File not signed]
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2012-07-31] (Hewlett-Packard) [File not signed]
    R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
    R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
    R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2012-07-31] (Hewlett-Packard) [File not signed]
    R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
    R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
    S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
    R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [File not signed]
    R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
    R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [141264 2010-12-21] (ESET)
    R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [115008 2010-12-21] (ESET)
    R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [134000 2010-12-21] (ESET)
    R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [33120 2010-12-21] (ESET)
    R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [55256 2010-08-03] (ESET)
    S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [57800 2009-10-22] (FTDI Ltd.)
    S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2009-12-09] (Windows (R) 2000 DDK provider)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-07-15] (Malwarebytes Corporation)
    R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation)
    R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation)
    R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation)
    S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
    S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
    S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31872 2008-04-14] (Microsoft Corporation)
    U4 epfwtdir; system32\DRIVERS\epfwtdir.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-15 10:48 - 2015-07-15 11:57 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-07-15 10:48 - 2015-07-15 10:48 - 00000777 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
    2015-07-15 10:48 - 2015-07-15 10:48 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2015-07-15 10:48 - 2015-07-15 10:48 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware
    2015-07-15 10:48 - 2015-07-15 10:48 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
    2015-07-15 10:48 - 2015-04-14 10:39 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2015-07-15 10:48 - 2015-04-14 10:38 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2015-07-15 10:31 - 2015-07-15 10:32 - 00001148 _____ C:\fixlist.txt.txt
    2015-07-15 10:24 - 2015-07-15 11:51 - 00065536 ___HT C:\Documents and Settings\ppaluch\Moje dokumenty\~archive.pst.tmp
    2015-07-15 10:16 - 2015-07-15 10:16 - 00000000 ____D C:\Program Files\PDFCreator
    2015-07-15 10:16 - 2015-07-15 10:16 - 00000000 ____D C:\Program Files\PDF Architect
    2015-07-15 10:16 - 2015-07-15 10:16 - 00000000 ____D C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\PDFCreator
    2015-07-15 10:16 - 2015-07-15 10:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\PDFCreator
    2015-07-15 10:16 - 2015-07-15 10:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\PDF Architect
    2015-07-15 09:32 - 2015-07-15 10:16 - 00000000 ___SD C:\Documents and Settings\Administrator
    2015-07-15 09:32 - 2015-07-15 10:16 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia
    2015-07-15 09:32 - 2015-07-15 10:16 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
    2015-07-15 09:32 - 2015-07-15 10:16 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne
    2015-07-15 09:32 - 2015-07-15 10:16 - 00000000 ____D C:\Documents and Settings\Administrator\Szablony
    2015-07-15 09:32 - 2015-07-15 10:16 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji
    2015-07-15 09:32 - 2013-02-15 16:29 - 00000000 ____D C:\Documents and Settings\Administrator\IETldCache
    2015-07-15 09:19 - 2015-07-15 12:00 - 00000000 ____D C:\FRST
    2015-07-15 09:10 - 2015-07-15 11:55 - 00000000 ____D C:\AdwCleaner
    2015-07-15 08:59 - 2015-07-15 08:59 - 00000000 ____D C:\Documents and Settings\ppaluch\IECompatCache
    2015-07-01 08:52 - 2015-07-01 08:52 - 00008596 _____ C:\Documents and Settings\ppaluch\Pulpit\test.rfd
    2015-06-24 10:15 - 2015-06-24 10:15 - 00090112 _____ C:\WINDOWS\Minidump\Mini062415-01.dmp
    2015-06-24 01:29 - 2015-06-24 01:29 - 01217192 _____ (Microsoft Corporation) C:\WINDOWS\system32\FM20.DLL
    2015-06-22 10:56 - 2015-06-22 10:56 - 00000000 ___SD C:\Documents and Settings\ppaluch\Moje dokumenty\Moje kształty
    2015-06-22 09:00 - 2015-06-22 09:00 - 00000000 ____D C:\Program Files\MSECache
    2015-06-22 09:00 - 2015-06-22 09:00 - 00000000 ____D C:\Program Files\Microsoft Visual Studio .NET 2008
    2015-06-22 09:00 - 2015-06-22 09:00 - 00000000 ____D C:\Program Files\Microsoft Visual Studio .NET 2005
    2015-06-22 09:00 - 2015-06-22 09:00 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office 2010 Developer Resources

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-15 12:00 - 2009-12-11 15:52 - 00000000 ____D C:\Documents and Settings\ppaluch\Ustawienia lokalne\Temp
    2015-07-15 11:58 - 2010-01-05 11:19 - 00000000 ____D C:\Documents and Settings\ppaluch\.rainlendar2
    2015-07-15 11:57 - 2014-06-11 10:05 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-15 11:57 - 2014-03-25 09:19 - 00000226 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
    2015-07-15 11:57 - 2009-12-11 15:52 - 00000000 ____D C:\Documents and Settings\ppaluch\Menu Start\Programy\LG Power Tools
    2015-07-15 11:57 - 2009-12-09 13:41 - 01650459 _____ C:\WINDOWS\WindowsUpdate.log
    2015-07-15 11:57 - 2009-12-09 13:39 - 00055780 _____ C:\WINDOWS\wmsetup.log
    2015-07-15 11:56 - 2009-12-11 15:52 - 00000188 ___SH C:\Documents and Settings\ppaluch\ntuser.ini
    2015-07-15 11:56 - 2009-12-09 21:36 - 00000159 _____ C:\WINDOWS\wiadebug.log
    2015-07-15 11:56 - 2009-12-09 21:36 - 00000050 _____ C:\WINDOWS\wiaservc.log
    2015-07-15 11:56 - 2009-12-09 13:49 - 00032480 _____ C:\WINDOWS\SchedLgU.Txt
    2015-07-15 11:56 - 2009-12-09 13:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-07-15 11:55 - 2011-08-09 15:49 - 271746048 _____ C:\Documents and Settings\ppaluch\Moje dokumenty\archive.pst
    2015-07-15 11:55 - 2010-10-23 11:44 - 00000000 __RHD C:\Documents and Settings\Gość\Dane aplikacji
    2015-07-15 11:55 - 2009-12-11 15:52 - 00000000 __RHD C:\Documents and Settings\ppaluch\Dane aplikacji
    2015-07-15 11:50 - 2009-12-11 15:52 - 00000000 ___RD C:\Documents and Settings\ppaluch\Moje dokumenty
    2015-07-15 11:43 - 2014-06-11 10:05 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-15 11:18 - 2012-03-30 08:35 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-07-15 11:06 - 2009-12-11 15:52 - 00000000 ____D C:\Documents and Settings\ppaluch\Pulpit
    2015-07-15 10:58 - 2012-12-21 17:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2753842-v2$
    2015-07-15 10:48 - 2009-12-09 21:34 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy
    2015-07-15 10:48 - 2009-12-09 21:34 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
    2015-07-15 10:48 - 2009-12-09 21:32 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
    2015-07-15 10:43 - 2009-12-11 15:52 - 00000000 __SHD C:\Documents and Settings\ppaluch\Ustawienia lokalne\Historia
    2015-07-15 10:42 - 2009-12-09 13:49 - 00000000 __SHD C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia
    2015-07-15 10:36 - 2012-04-13 10:05 - 00000000 __SHD C:\Documents and Settings\Ginco\Ustawienia lokalne\Historia
    2015-07-15 10:36 - 2010-10-23 11:44 - 00000000 __SHD C:\Documents and Settings\Gość\Ustawienia lokalne\Historia
    2015-07-15 10:36 - 2010-10-23 11:44 - 00000000 ____D C:\Documents and Settings\Gość\Ustawienia lokalne\Temp
    2015-07-15 10:35 - 2012-04-13 10:05 - 00000000 ____D C:\Documents and Settings\Ginco\Ustawienia lokalne\Temp
    2015-07-15 10:33 - 2009-12-09 21:34 - 00000000 __SHD C:\Documents and Settings\Default User\Ustawienia lokalne\Historia
    2015-07-15 10:33 - 2009-12-09 13:49 - 00000000 ___SD C:\Documents and Settings\Właściciel\Ustawienia lokalne\Historia
    2015-07-15 10:33 - 2009-12-09 13:49 - 00000000 ____D C:\Documents and Settings\Właściciel\Ustawienia lokalne\Temp
    2015-07-15 10:33 - 2009-12-09 13:49 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp
    2015-07-15 10:33 - 2009-12-09 13:44 - 00000000 ___HD C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia
    2015-07-15 10:29 - 2013-07-29 14:35 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-07-15 10:29 - 2009-12-09 15:12 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
    2015-07-15 10:17 - 2012-04-13 10:05 - 00000000 ____D C:\Documents and Settings\Ginco
    2015-07-15 10:17 - 2010-10-23 11:44 - 00000000 ____D C:\Documents and Settings\Gość
    2015-07-15 10:17 - 2009-12-11 15:52 - 00000000 ____D C:\Documents and Settings\ppaluch
    2015-07-15 10:17 - 2009-12-09 13:49 - 00000000 __SHD C:\Documents and Settings\LocalService
    2015-07-15 10:17 - 2009-12-09 13:49 - 00000000 ____D C:\Documents and Settings\Właściciel
    2015-07-15 10:17 - 2009-12-09 13:44 - 00000000 __SHD C:\Documents and Settings\NetworkService
    2015-07-15 10:17 - 2009-12-09 13:39 - 00000000 ____D C:\WINDOWS\Registration
    2015-07-15 10:16 - 2009-12-11 15:52 - 00000000 ___HD C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji
    2015-07-15 10:11 - 2008-04-15 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
    2015-07-15 10:09 - 2014-12-08 16:58 - 01559394 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-73586283-1417001333-725345543-1005-0.dat
    2015-07-15 10:09 - 2014-12-08 16:58 - 00295194 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
    2015-07-15 10:08 - 2009-12-09 13:40 - 00000000 ____D C:\WINDOWS\system32\Restore
    2015-07-15 09:13 - 2013-07-26 11:10 - 00196608 _____ C:\WINDOWS\system32\config\OAlerts.evt
    2015-07-15 08:20 - 2012-12-05 16:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2015-07-14 15:28 - 2014-02-24 16:28 - 00000478 _____ C:\WINDOWS\Tasks\At3.job
    2015-07-14 14:00 - 2014-02-24 16:28 - 00000478 _____ C:\WINDOWS\Tasks\At4.job
    2015-07-14 10:10 - 2014-02-24 16:28 - 00000478 _____ C:\WINDOWS\Tasks\At1.job
    2015-07-13 20:40 - 2014-02-24 16:28 - 00000478 _____ C:\WINDOWS\Tasks\At2.job
    2015-07-13 17:02 - 2011-12-27 12:34 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
    2015-07-09 09:53 - 2009-12-09 21:34 - 01306826 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-07-09 09:53 - 2008-04-15 14:00 - 00584256 _____ C:\WINDOWS\system32\perfh015.dat
    2015-07-09 09:53 - 2008-04-15 14:00 - 00116636 _____ C:\WINDOWS\system32\perfc015.dat
    2015-07-08 15:00 - 2014-03-25 09:19 - 00000220 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
    2015-07-03 08:49 - 2009-12-11 13:17 - 127070192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-06-24 15:39 - 2009-12-09 13:39 - 00000063 _____ C:\WINDOWS\vbaddin.ini
    2015-06-24 10:15 - 2010-04-19 09:14 - 00000000 ____D C:\WINDOWS\Minidump
    2015-06-22 15:16 - 2015-05-14 15:26 - 00000000 ____D C:\Documents and Settings\ppaluch\Pulpit\dokumenty
    2015-06-22 10:55 - 2014-12-01 11:20 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
    2015-06-22 10:55 - 2009-12-09 21:34 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2015-06-15 15:38 - 2009-12-15 16:41 - 00025600 _____ C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ==================== Files in the root of some directories =======

    2012-04-11 06:56 - 2012-04-11 06:56 - 0009355 _____ () C:\Documents and Settings\ppaluch\Dane aplikacji\Microsoft Excel 97-2003.EML
    2014-04-10 11:28 - 2014-06-10 09:45 - 0000032 ___SH () C:\Documents and Settings\ppaluch\Dane aplikacji\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
    2009-12-15 16:41 - 2015-06-15 15:38 - 0025600 _____ () C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-04-08 14:08 - 2015-04-08 14:08 - 0002450 _____ () C:\Documents and Settings\ppaluch\Ustawienia lokalne\Dane aplikacji\recently-used.xbel

    Files to move or delete:
    ====================
    C:\Windows\Tasks\At1.job
    C:\Windows\Tasks\At2.job
    C:\Windows\Tasks\At3.job
    C:\Windows\Tasks\At4.job


    Some files in TEMP:
    ====================
    C:\Documents and Settings\ppaluch\Ustawienia lokalne\Temp\Quarantine.exe
    C:\Documents and Settings\ppaluch\Ustawienia lokalne\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    ==================== End of log ============================

    0
  • #5 15 Lip 2015 18:36
    Domino_2
    Pomocny dla użytkowników

    I dołącz Addition.txt

    0
  • #6 16 Lip 2015 08:29
    paluszer
    Poziom 4  

    Dzięki @domino_2 za pomoc. Wszystko działa.
    Temat do zamknięcia.

    1
  • #7 16 Lip 2015 09:33
    Domino_2
    Pomocny dla użytkowników

    Możesz skasować folder C:\FRST.
    Wyszukiwarka google, nie działa

    0