serwer proxy odrzuca połączenie

[lucyfer]

Bardzo proszę o pomoc.

Mam problem chce uruchomić przeglądarkę i wyskakuje mi serwer proxy odrzuca połączenie. Używam adwcleaner i piszę mi, że usunął 127.0.0.1:8118 i jest ok. Mija 2 godziny i znów to samo. Na komputerze mam avast i system windows 8

Używałem claner i adwclaner i nic. 2 godziny jest ok. tylko dzięki adwclaner ale po chwili znów i tak ciągle.

Bardzo proszę o pomoc

mój e-mail: xxxxxxx

-- 29 maja 2015, 08:04 --

Przepraszam nie wiem, jak tu wstawić załączniki. Wiec dodaje adres strony na której umieściłem.
Dostępne tylko dla zarejestrowanych użytkowników

[djarta]

1. Otwórz notatnik i wklej:

CloseProcesses:
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
HKU\S-1-5-21-789212557-3701613293-361691519-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Dostępne tylko dla zarejestrowanych użytkowników
HKU\S-1-5-21-789212557-3701613293-361691519-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-789212557-3701613293-361691519-1001\...\MountPoints2: {1b2e8d1b-e8cc-11e4-826a-7429af2a0c44} - "F:\autorun.exe"
HKU\S-1-5-21-789212557-3701613293-361691519-1001\...\MountPoints2: {b70d1176-7a52-11e4-8258-806e6f6e6963} - "E:\Setup.exe"
AppInit_DLLs: C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC64~1.DLL => C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC64~1.DLL File not found
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL File not found
AppInit_DLLs-x32: C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC32~1.DLL => "C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC32~1.DLL" File not found
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL" File not found
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
C:\WINDOWS\System32\Tasks\{B92AB8DB-5D17-4B3E-BC84-37E08AB49CE0}
C:\ProgramData\11751993342657737336
C:\Program Files (x86)\Semantic inspector
2015-05-01 16:44 - 2015-05-27 16:51 - 00003256 _____ () C:\WINDOWS\System32\Tasks\IT Viewer Viewer
2015-04-30 14:20 - 2015-04-30 14:20 - 00003636 _____ () C:\WINDOWS\System32\Tasks\Maintenance Defender Viewer
2015-04-27 18:35 - 2015-05-01 14:18 - 00070144 _____ () C:\WINDOWS\SysWOW64\tasks.dll
2015-04-28 21:44 - 2015-04-28 21:44 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-04-27 18:43 - 2015-04-27 18:43 - 00000000 __SHD () C:\Users\Łukasz\AppData\Local\EmieBrowserModeList
2015-05-27 18:39 - 2015-04-16 15:36 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-789212557-3701613293-361691519-1001
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-26 14:18 - 2015-04-26 14:18 - 0000000 _____ () C:\Users\Łukasz\AppData\Roaming\7F52.tmp
2015-04-27 18:37 - 2015-04-27 18:37 - 0009662 _____ () C:\Users\Łukasz\AppData\Roaming\em_64x64.ico
2015-04-16 15:30 - 2015-05-27 18:32 - 0183303 _____ () C:\Users\Łukasz\AppData\Local\BTServer.log
Task: {056EAC92-64C4-40A6-B3D1-3FB63F9CD170} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {0C3D5502-0E30-435E-8FF4-32D6485D32B4} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {1493AADB-E271-4C5C-B8B6-507A3921D0E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-18] (Microsoft Corporation)
Task: {26F49D67-6B66-4816-B460-29060C7EE2E9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-10] (Avast Software s.r.o.)
Task: {2C0F2D42-D044-4B17-A21A-4B4F4ABD15AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {4141C91E-8EBF-4403-B813-E71E9AAAB3AE} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {4B76263E-16EA-4E87-A69B-750AD607C7DF} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {4E861DB4-303C-4EA6-8C0C-A092322FB69C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {58C6CD2B-8EC5-4B39-9AC6-CD0154800417} - System32\Tasks\Maintenance Defender Viewer => C:\Program Files (x86)\Maintenance Defender\MaintenanceDefender.exe [2015-04-30] (Secure Updater)
Task: {7DBE9667-97F7-4BCB-B5A2-37B9F14911E2} - System32\Tasks\{CBA0A944-93D4-43FD-9151-75E8186A87F9} => pcalua.exe -a C:\Users\Łukasz\AppData\Roaming\luckysearches\UninstallManager.exe -c -ptid=cmi
Task: {80AAC52D-7A31-429A-B2D0-A809B611C394} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-18] (Lenovo)
Task: {8181DA34-5E18-4639-894E-CD2A7A73B46E} - System32\Tasks\{B92AB8DB-5D17-4B3E-BC84-37E08AB49CE0} => pcalua.exe -a "C:\Users\Łukasz\Downloads\CS 1.6.exe" -d C:\Users\Łukasz\Downloads
Task: {8772193C-E627-46C9-B6D1-FBA67EA36903} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {888C301A-CEE9-468A-9FBE-737711AB0356} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {96E4E164-A55F-4371-8C27-E4CD5EC428AB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {9EFE749D-2ECE-466A-88CB-492FEAC43BFF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {ACBA3C10-2068-4E5D-9DF4-529DBFB8D018} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
TAsk: {B"43B9F5-B67,4D2E-9369-500331E85FDA} - Systel32\Pasks\IT Viewer Viewdr => C:\Program Filds (x86)\IT Viewer\astask.exe [2015-05-01] (SecqreSoft)
Task: {CBE9E3CC-0176-4B39-A245-3D00A1980969} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (
dobe Systems Incorporated)
Task: {CE6ED15E-660C-4324-867D-E0991944F358} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lengvn\ExperienceImprovement\Lenov/Ex`erienceImprovement.exe [2015-04-16] (Lenovo)
Task: {D7EA1C8A-3F1A-457B-AF78-72C7C8D2E920} - System32\Tasks\Lenovo\Lenovo Customer eedb`#k Program 64 35 5> C:\Program Files (x86)\Lenovo\Customer Faedback Pr/gram 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {E47990C4-AD00-475D-85D0-B7E8F3DD538B} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {ED0495CB-@6B2-44A8-BEAF-842183135E5} - Sy3tem3"\Darka\Lenovo\LRC\LSCHardwareScan =. C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: C:LWINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\M`cromed\Flash\Flas(PlayerUpdateService.exe
AlterlateDataSdreams: C:\Users\Łukasz\OneDrive:ms-properties
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\S@feBootXLdtwork\icpltcvc =6 ""=""
Reg: reg delete HKCU\Software\Mozilla /f
Reg: reg delete HKCU\Software\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f
RemoveProxy:
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix.

2. Użyj >Dostępne tylko dla zarejestrowanych użytkowników
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner[S].txt

3. Uruchom Dostępne tylko dla zarejestrowanych użytkowników. Wciśnij dowolny klawisz i czekaj, aż skończy się operacja. (UWAGA: podczas pobierania, programy mogą wskazywać, że to jest zagrożenie, proszę to zignorować). Pokaż raport.

4. Wykonaj i wklej nowe logi z z FRST. Dostarcz mi fixlog.txt który pojawił się po fixie FRST.

[lucyfer]

Nie wiem co napisać. Dziękuje bardzo za pomoc.
Przesyłam logi
1. logi z Adw-cleaner
# AdwCleaner v4.205 - Utworzono raport 29/05/2015 o 11:51:46
# Ostatnia aktualizacja 21/05/2015 przez Xplode
# Baza danych : 2015-05-25.3 [Serwer]
# System operacyjny : Windows 8.1 Connected (x64)
# Nazwa użytkownika : Łukasz - MADZIA
# Uruchomiony z : F:\AdwCleaner.exe
# Działanie : Usuń

***** [ Usługi ] *****


***** [ Pliki / Foldery ] *****


***** [ Zaplanowane zadania ] *****


***** [ Skróty ] *****


***** [ Rejestr ] *****


***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


*************************

AdwCleaner[R0].txt - [1225 bajty] - [28/05/2015 17:39:07]
AdwCleaner[R1].txt - [863 bajty] - [29/05/2015 11:49:59]
AdwCleaner[S0].txt - [1053 bajty] - [28/05/2015 17:40:14]
AdwCleaner[S1].txt - [783 bajty] - [29/05/2015 11:51:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [841 bajty] ##########

2. Raport JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.3 (05.28.2015:2)
OS: Windows 8.1 Connected x64
Ran by ťukasz on 2015-05-29 at 11:54:59,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-05-29 at 11:59:05,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3. Fixlog który pojawił się po fixie FRST
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by Łukasz at 2015-05-29 11:43:49 Run:2
Running from F:\FRST
Loaded Profiles: Łukasz (Available Profiles: Łukasz)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
HKU\S-1-5-21-789212557-3701613293-361691519-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Dostępne tylko dla zarejestrowanych użytkowników
HKU\S-1-5-21-789212557-3701613293-361691519-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-789212557-3701613293-361691519-1001\...\MountPoints2: {1b2e8d1b-e8cc-11e4-826a-7429af2a0c44} - "F:\autorun.exe"
HKU\S-1-5-21-789212557-3701613293-361691519-1001\...\MountPoints2: {b70d1176-7a52-11e4-8258-806e6f6e6963} - "E:\Setup.exe"
AppInit_DLLs: C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC64~1.DLL => C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC64~1.DLL File not found
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL File not found
AppInit_DLLs-x32: C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC32~1.DLL => "C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC32~1.DLL" File not found
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL" File not found
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
C:\WINDOWS\System32\Tasks\{B92AB8DB-5D17-4B3E-BC84-37E08AB49CE0}
C:\ProgramData\11751993342657737336
C:\Program Files (x86)\Semantic inspector
2015-05-01 16:44 - 2015-05-27 16:51 - 00003256 _____ () C:\WINDOWS\System32\Tasks\IT Viewer Viewer
2015-04-30 14:20 - 2015-04-30 14:20 - 00003636 _____ () C:\WINDOWS\System32\Tasks\Maintenance Defender Viewer
2015-04-27 18:35 - 2015-05-01 14:18 - 00070144 _____ () C:\WINDOWS\SysWOW64\tasks.dll
2015-04-28 21:44 - 2015-04-28 21:44 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-04-27 18:43 - 2015-04-27 18:43 - 00000000 __SHD () C:\Users\Łukasz\AppData\Local\EmieBrowserModeList
2015-05-27 18:39 - 2015-04-16 15:36 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-789212557-3701613293-361691519-1001
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-26 14:18 - 2015-04-26 14:18 - 0000000 _____ () C:\Users\Łukasz\AppData\Roaming\7F52.tmp
2015-04-27 18:37 - 2015-04-27 18:37 - 0009662 _____ () C:\Users\Łukasz\AppData\Roaming\em_64x64.ico
2015-04-16 15:30 - 2015-05-27 18:32 - 0183303 _____ () C:\Users\Łukasz\AppData\Local\BTServer.log
Task: {056EAC92-64C4-40A6-B3D1-3FB63F9CD170} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {0C3D5502-0E30-435E-8FF4-32D6485D32B4} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {1493AADB-E271-4C5C-B8B6-507A3921D0E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-18] (Microsoft Corporation)
Task: {26F49D67-6B66-4816-B460-29060C7EE2E9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-10] (Avast Software s.r.o.)
Task: {2C0F2D42-D044-4B17-A21A-4B4F4ABD15AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {4141C91E-8EBF-4403-B813-E71E9AAAB3AE} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {4B76263E-16EA-4E87-A69B-750AD607C7DF} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {4E861DB4-303C-4EA6-8C0C-A092322FB69C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {58C6CD2B-8EC5-4B39-9AC6-CD0154800417} - System32\Tasks\Maintenance Defender Viewer => C:\Program Files (x86)\Maintenance Defender\MaintenanceDefender.exe [2015-04-30] (Secure Updater)
Task: {7DBE9667-97F7-4BCB-B5A2-37B9F14911E2} - System32\Tasks\{CBA0A944-93D4-43FD-9151-75E8186A87F9} => pcalua.exe -a C:\Users\Łukasz\AppData\Roaming\luckysearches\UninstallManager.exe -c -ptid=cmi
Task: {80AAC52D-7A31-429A-B2D0-A809B611C394} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-18] (Lenovo)
Task: {8181DA34-5E18-4639-894E-CD2A7A73B46E} - System32\Tasks\{B92AB8DB-5D17-4B3E-BC84-37E08AB49CE0} => pcalua.exe -a "C:\Users\Łukasz\Downloads\CS 1.6.exe" -d C:\Users\Łukasz\Downloads
Task: {8772193C-E627-46C9-B6D1-FBA67EA36903} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {888C301A-CEE9-468A-9FBE-737711AB0356} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {96E4E164-A55F-4371-8C27-E4CD5EC428AB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {9EFE749D-2ECE-466A-88CB-492FEAC43BFF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {ACBA3C10-2068-4E5D-9DF4-529DBFB8D018} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
TAsk: {B"43B9F5-B67,4D2E-9369-500331E85FDA} - Systel32\Pasks\IT Viewer Viewdr => C:\Program Filds (x86)\IT Viewer\astask.exe [2015-05-01] (SecqreSoft)
Task: {CBE9E3CC-0176-4B39-A245-3D00A1980969} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (
dobe Systems Incorporated)
Task: {CE6ED15E-660C-4324-867D-E0991944F358} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lengvn\ExperienceImprovement\Lenov/Ex`erienceImprovement.exe [2015-04-16] (Lenovo)
Task: {D7EA1C8A-3F1A-457B-AF78-72C7C8D2E920} - System32\Tasks\Lenovo\Lenovo Customer eedb`#k Program 64 35 5> C:\Program Files (x86)\Lenovo\Customer Faedback Pr/gram 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {E47990C4-AD00-475D-85D0-B7E8F3DD538B} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {ED0495CB-@6B2-44A8-BEAF-842183135E5} - Sy3tem3"\Darka\Lenovo\LRC\LSCHardwareScan =. C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: C:LWINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\M`cromed\Flash\Flas(PlayerUpdateService.exe
AlterlateDataSdreams: C:\Users\Łukasz\OneDrive:ms-properties
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\S@feBootXLdtwork\icpltcvc =6 ""=""
Reg: reg delete HKCU\Software\Mozilla /f
Reg: reg delete HKCU\Software\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f
RemoveProxy:
EmptyTemp:
*****************

Processes closed successfully.
EagleX64 => Service Removed successfully
MBAMSwissArmy => Service Removed successfully
HKU\S-1-5-21-789212557-3701613293-361691519-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value Removed successfully
HKU\S-1-5-21-789212557-3701613293-361691519-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value Removed successfully
"HKLM\SOFTWARE\Policies\Google" => key Removed successfully
"HKU\S-1-5-21-789212557-3701613293-361691519-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b2e8d1b-e8cc-11e4-826a-7429af2a0c44}" => key Removed successfully
HKCR\CLSID\{1b2e8d1b-e8cc-11e4-826a-7429af2a0c44} => key not found.
"HKU\S-1-5-21-789212557-3701613293-361691519-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b70d1176-7a52-11e4-8258-806e6f6e6963}" => key Removed successfully
HKCR\CLSID\{b70d1176-7a52-11e4-8258-806e6f6e6963} => key not found.
"C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC64~1.DLL" => value data Removed successfully.
"C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL" => value data Removed successfully.
"C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC32~1.DLL" => value data Removed successfully.
"C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL" => value data Removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value Removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value Removed successfully
C:\WINDOWS\System32\Tasks\{B92AB8DB-5D17-4B3E-BC84-37E08AB49CE0} => Moved successfully.
C:\ProgramData\11751993342657737336 => Moved successfully.
C:\Program Files (x86)\Semantic inspector => Moved successfully.
C:\WINDOWS\System32\Tasks\IT Viewer Viewer => Moved successfully.
C:\WINDOWS\System32\Tasks\Maintenance Defender Viewer => Moved successfully.
C:\WINDOWS\SysWOW64\tasks.dll => Moved successfully.
C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf => Moved successfully.
C:\Users\Łukasz\AppData\Local\EmieBrowserModeList => Moved successfully.
C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-789212557-3701613293-361691519-1001 => Moved successfully.
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => Moved successfully.
C:\Users\Łukasz\AppData\Roaming\7F52.tmp => Moved successfully.
C:\Users\Łukasz\AppData\Roaming\em_64x64.ico => Moved successfully.
C:\Users\Łukasz\AppData\Local\BTServer.log => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{056EAC92-64C4-40A6-B3D1-3FB63F9CD170}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{056EAC92-64C4-40A6-B3D1-3FB63F9CD170}" => key Removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C3D5502-0E30-435E-8FF4-32D6485D32B4}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3D5502-0E30-435E-8FF4-32D6485D32B4}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\Dependency Package Auto Update => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Dependency Package Auto Update" => key Removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1493AADB-E271-4C5C-B8B6-507A3921D0E0} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemovalTools\MRT_HB" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26F49D67-6B66-4816-B460-29060C7EE2E9}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26F49D67-6B66-4816-B460-29060C7EE2E9}" => key Removed successfully
C:\Windows\System32\Tasks\avast! Emergency Update => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C0F2D42-D044-4B17-A21A-4B4F4ABD15AF}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C0F2D42-D044-4B17-A21A-4B4F4ABD15AF}" => key Removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4141C91E-8EBF-4403-B813-E71E9AAAB3AE}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4141C91E-8EBF-4403-B813-E71E9AAAB3AE}" => key Removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\runappraiser" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4B76263E-16EA-4E87-A69B-750AD607C7DF}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B76263E-16EA-4E87-A69B-750AD607C7DF}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\Lenovo Solution Center Launcher => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Solution Center Launcher" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E861DB4-303C-4EA6-8C0C-A092322FB69C}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E861DB4-303C-4EA6-8C0C-A092322FB69C}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\LSC\Lenovo Solution Center Notifications" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58C6CD2B-8EC5-4B39-9AC6-CD0154800417}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58C6CD2B-8EC5-4B39-9AC6-CD0154800417}" => key Removed successfully
C:\Windows\System32\Tasks\Maintenance Defender Viewer not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Maintenance Defender Viewer" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DBE9667-97F7-4BCB-B5A2-37B9F14911E2}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DBE9667-97F7-4BCB-B5A2-37B9F14911E2}" => key Removed successfully
C:\Windows\System32\Tasks\{CBA0A944-93D4-43FD-9151-75E8186A87F9} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CBA0A944-93D4-43FD-9151-75E8186A87F9}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80AAC52D-7A31-429A-B2D0-A809B611C394}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80AAC52D-7A31-429A-B2D0-A809B611C394}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8181DA34-5E18-4639-894E-CD2A7A73B46E}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8181DA34-5E18-4639-894E-CD2A7A73B46E}" => key Removed successfully
C:\Windows\System32\Tasks\{B92AB8DB-5D17-4B3E-BC84-37E08AB49CE0} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B92AB8DB-5D17-4B3E-BC84-37E08AB49CE0}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8772193C-E627-46C9-B6D1-FBA67EA36903}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8772193C-E627-46C9-B6D1-FBA67EA36903}" => key Removed successfully
C:\Windows\System32\Tasks\OFFICE2013ACT => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OFFICE2013ACT" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{888C301A-CEE9-468A-9FBE-737711AB0356}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888C301A-CEE9-468A-9FBE-737711AB0356}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\LSC\LSCHardwareScanPostpone" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96E4E164-A55F-4371-8C27-E4CD5EC428AB}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96E4E164-A55F-4371-8C27-E4CD5EC428AB}" => key Removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9EFE749D-2ECE-466A-88CB-492FEAC43BFF}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EFE749D-2ECE-466A-88CB-492FEAC43BFF}" => key Removed successfully
C:\Windows\System32\Tasks\CCleanerSkipUAC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACBA3C10-2068-4E5D-9DF4-529DBFB8D018}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACBA3C10-2068-4E5D-9DF4-529DBFB8D018}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program" => key Removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B"43B9F5-B67,4D2E-9369-500331E85FDA} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBE9E3CC-0176-4B39-A245-3D00A1980969} => key not found.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE6ED15E-660C-4324-867D-E0991944F358}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE6ED15E-660C-4324-867D-E0991944F358}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\Experience Improvement => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Experience Improvement" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7EA1C8A-3F1A-457B-AF78-72C7C8D2E920}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7EA1C8A-3F1A-457B-AF78-72C7C8D2E920}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\Lenovo Customer eedb`#k Program 64 35 5> C:\Program Files (x86)\Lenovo\Customer Faedback Pr/gram 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo) not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer eedb`#k Program 64 35 5> C:\Program Files (x86)\Lenovo\Customer Faedback Pr/gram 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo) => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E47990C4-AD00-475D-85D0-B7E8F3DD538B}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E47990C4-AD00-475D-85D0-B7E8F3DD538B}" => key Removed successfully
C:\Windows\System32\Tasks\PDVDServ Task => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ Task" => key Removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED0495CB-@6B2-44A8-BEAF-842183135E5} => key not found.
Task: C:LWINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\M`cromed\Flash\Flas(PlayerUpdateService.exe => Error: No automatic fix found for this entry.
AlterlateDataSdreams: C:\Users\Łukasz\OneDrive:ms-properties => Error: No automatic fix found for this entry.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => key Removed successfully
HKLM\SYSTEM\CurrentControlSet\Control\S@feBootXLdtwork\icpltcvc =6 ""="" => Error: No automatic fix found for this entry.

========= reg delete HKCU\Software\Mozilla /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete HKCU\Software\MozillaPlugins /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Mozilla /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\MozillaPlugins /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value Removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value Removed successfully
HKU\S-1-5-21-789212557-3701613293-361691519-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value Removed successfully
HKU\S-1-5-21-789212557-3701613293-361691519-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value Removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => Removed 399.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 11:44:53 ====

4. Nowe logi z frst
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015 01
Ran by Łukasz (administrator) on MADZIA on 29-05-2015 12:01:08
Running from F:\FRST
Loaded Profiles: Łukasz (Available Profiles: Łukasz)
Platform: Windows 8.1 Connected (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: Dostępne tylko dla zarejestrowanych użytkowników

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216576 2014-03-10] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-02-27] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-12-02] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-12-02] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [DT_Poland Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_DT_Poland\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKU\S-1-5-21-789212557-3701613293-361691519-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników
HKU\S-1-5-21-789212557-3701613293-361691519-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-789212557-3701613293-361691519-1001 -> {446A3A62-4446-4A79-AE4D-6E17E8D25BD0} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\6qixksby.default

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [95232 2014-03-27] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
S2 DT_Poland Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_DT_Poland\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-22] (Lenovo)
S2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
S2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-02] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-12-02] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [559832 2014-02-26] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9109720 2014-02-27] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3558104 2014-08-15] (Realtek Semiconductor Corporation )
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 11:58 - 2015-05-29 11:58 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-789212557-3701613293-361691519-1001
2015-05-29 11:55 - 2015-05-29 11:55 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-MADZIA-Windows-8.1-Connected-(64-bit).dat
2015-05-29 11:55 - 2015-05-29 11:55 - 00000000 ____D () C:\RegBackup
2015-05-29 11:46 - 2015-05-29 11:53 - 00003436 _____ () C:\Users\Łukasz\AppData\Local\BTServer.log
2015-05-29 11:46 - 2015-05-29 11:46 - 00000000 __SHD () C:\Users\Łukasz\AppData\Local\EmieBrowserModeList
2015-05-28 17:39 - 2015-05-29 11:51 - 00000000 ____D () C:\AdwCleaner
2015-05-28 16:42 - 2015-05-28 16:42 - 00002172 _____ () C:\Users\Public\Desktop\Internet Manager.lnk
2015-05-28 16:42 - 2015-05-28 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2015-05-28 16:42 - 2013-06-18 11:33 - 00123776 _____ (TCT International Mobile Ltd.) C:\WINDOWS\system32\Drivers\jrdusbser.sys
2015-05-27 18:58 - 2015-05-29 12:01 - 00000000 ____D () C:\FRST
2015-05-26 18:00 - 2015-05-26 18:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-26 17:40 - 2015-05-26 17:57 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-26 17:40 - 2015-05-26 17:40 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-05-26 17:34 - 2015-05-26 17:34 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-26 17:34 - 2015-05-26 17:34 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-26 17:34 - 2015-05-26 17:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-26 17:34 - 2015-05-26 17:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-26 17:27 - 2015-05-29 11:52 - 00340770 _____ () C:\WINDOWS\PFRO.log
2015-05-26 16:47 - 2015-05-29 11:52 - 00002501 _____ () C:\WINDOWS\setupact.log
2015-05-26 16:47 - 2015-05-26 16:47 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-24 13:56 - 2015-05-24 13:56 - 00000000 ____D () C:\Users\Łukasz\Documents\GTA Vice City User Files
2015-05-24 13:53 - 2015-05-24 13:53 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\InstallShield Installation Information
2015-05-24 13:53 - 2015-05-24 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-05-20 20:42 - 2015-05-20 20:42 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\WebApp
2015-05-20 20:40 - 2015-05-20 20:41 - 00000000 ____D () C:\Users\Łukasz\Documents\CyberLink
2015-05-20 20:40 - 2015-05-20 20:40 - 00000000 ____D () C:\Users\Łukasz\Documents\Lenovo
2015-05-20 20:40 - 2015-05-20 20:40 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\Lenovo
2015-05-20 20:40 - 2015-05-20 20:40 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\CyberLink
2015-05-16 19:48 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-16 19:48 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-16 19:48 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-16 19:48 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-16 19:45 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-16 19:45 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-16 19:45 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-16 19:45 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-16 19:45 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-16 19:45 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-16 19:45 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-16 19:45 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-16 19:45 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-16 19:45 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-16 19:44 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-16 19:44 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-16 19:43 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-16 19:43 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-16 19:43 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-16 19:43 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-16 19:43 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-16 19:43 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-16 19:43 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-16 19:43 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-16 19:42 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-16 19:42 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-16 19:42 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-16 19:42 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-16 19:42 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-16 19:42 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-16 19:40 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-16 19:40 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-16 19:40 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-16 19:40 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-16 19:40 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-16 19:40 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-16 19:40 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-16 19:40 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-16 19:40 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-16 19:39 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-16 19:39 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-16 19:39 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-16 19:39 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-16 19:39 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-16 19:39 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-16 19:39 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-16 19:39 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-16 19:39 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-16 19:39 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-16 19:39 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-16 19:39 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-16 19:39 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-16 19:39 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-16 19:39 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-16 19:39 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-16 19:39 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-16 19:39 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-16 19:39 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-16 19:39 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-16 19:39 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-16 19:39 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-16 19:39 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-16 19:39 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-16 19:39 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-16 19:39 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-16 19:39 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-16 19:39 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-16 19:39 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-16 19:39 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-16 19:39 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-16 19:39 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-16 19:39 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-16 19:39 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-16 19:39 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-16 19:39 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-16 19:39 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-16 19:39 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-16 19:39 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-16 11:36 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 11:36 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 18:11 - 2015-05-14 18:11 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-10 10:56 - 2015-05-10 10:56 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-10 10:43 - 2015-05-10 10:43 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-05-01 22:39 - 2015-05-01 23:11 - 3753705472 ____R () C:\Users\Łukasz\Downloads\CSGO v1.34.7.5.iso
2015-05-01 22:17 - 2015-05-01 22:17 - 00000000 ____D () C:\Program Files (x86)\Counter Strike 1.6
2015-05-01 22:14 - 2015-05-01 22:14 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6 - No Steam
2015-05-01 22:02 - 2015-05-01 22:33 - 3753672704 _____ () C:\Users\Łukasz\Downloads\CSGO v1.34.7.6.iso
2015-05-01 22:00 - 2015-05-01 22:00 - 00000871 _____ () C:\Users\Łukasz\Desktop\µTorrent.lnk
2015-05-01 22:00 - 2015-05-01 22:00 - 00000851 _____ () C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-05-01 21:59 - 2015-05-05 06:07 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\uTorrent
2015-05-01 21:57 - 2015-05-01 21:57 - 01996112 _____ (BitTorrent Inc.) C:\Users\Łukasz\Downloads\uTorrent.exe
2015-05-01 21:56 - 2015-05-01 21:57 - 00741672 _____ (Web software ) C:\Users\Łukasz\Downloads\uTorrent(13270)-dp.exe
2015-04-30 14:20 - 2015-04-30 14:20 - 00000000 ____D () C:\Program Files (x86)\Maintenance Defender
2015-04-29 13:32 - 2015-05-28 16:42 - 00000000 ____D () C:\Program Files (x86)\Internet Manager

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-29 11:59 - 2015-04-16 15:38 - 00000000 ___RD () C:\Users\Łukasz\OneDrive
2015-05-29 11:59 - 2014-12-03 05:36 - 00808198 _____ () C:\WINDOWS\system32\perfh015.dat
2015-05-29 11:59 - 2014-12-03 05:36 - 00164014 _____ () C:\WINDOWS\system32\perfc015.dat
2015-05-29 11:59 - 2014-03-18 11:53 - 01828496 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-29 11:57 - 2014-12-02 20:46 - 01113510 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-29 11:55 - 2014-12-02 21:53 - 00004608 _____ () C:\WINDOWS\system32\VfService.trf
2015-05-29 11:55 - 2014-12-02 21:08 - 01764890 _____ () C:\Users\Public\CAFADEBUG.log
2015-05-29 11:52 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-29 11:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-29 11:45 - 2014-12-02 21:43 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-05-29 11:40 - 2015-04-16 16:24 - 00003980 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3B6650AB-9C57-4677-868F-B8BA5BAE776C}
2015-05-28 22:30 - 2015-04-19 16:02 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-27 19:16 - 2015-04-17 21:05 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\Skype
2015-05-27 15:33 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-26 19:04 - 2013-08-22 16:44 - 00348080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-26 18:23 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-26 18:23 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-24 13:51 - 2014-12-02 21:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-24 13:12 - 2015-04-17 21:04 - 00000000 ____D () C:\ProgramData\Skype
2015-05-20 20:41 - 2014-12-02 21:53 - 00000000 ____D () C:\ProgramData\CyberLink
2015-05-20 20:40 - 2014-12-02 21:44 - 00000000 ____D () C:\ProgramData\Lenovo
2015-05-18 20:38 - 2015-04-16 18:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-18 20:38 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-18 20:34 - 2015-04-16 18:06 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-16 19:18 - 2015-04-16 15:27 - 00000000 ____D () C:\Users\Łukasz
2015-05-16 14:36 - 2015-04-26 14:18 - 00000000 ____D () C:\Program Files (x86)\IT Viewer
2015-05-16 11:34 - 2014-03-18 11:38 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-16 11:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-10 10:54 - 2014-12-02 21:45 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-10 10:54 - 2014-12-02 21:45 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-05-10 10:52 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-05-10 10:49 - 2015-04-16 15:39 - 00000000 ____D () C:\Users\Łukasz\AppData\Roaming\LSC
2015-05-10 10:43 - 2014-12-02 21:44 - 00000000 ____D () C:\Program Files\lenovo
2015-05-10 10:39 - 2014-12-02 21:43 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2015-05-07 15:23 - 2014-12-02 21:58 - 00000000 ____D () C:\ProgramData\Energy Manager
2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 20:10 - 2015-04-16 15:30 - 00001199 _____ () C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-03 10:38 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-01 22:20 - 2015-04-19 19:12 - 00002051 _____ () C:\Users\Łukasz\Desktop\Counter Strike 1.6.lnk
2015-05-01 22:05 - 2015-04-16 15:30 - 00000000 ____D () C:\Users\Łukasz\AppData\Local\VirtualStore
2015-05-01 17:47 - 2014-12-02 21:43 - 00000000 ____D () C:\Program Files (x86)\Lenovo

==================== Files in the root of some directories =======

2015-05-29 11:46 - 2015-05-29 11:53 - 0003436 _____ () C:\Users\Łukasz\AppData\Local\BTServer.log
2014-12-02 21:07 - 2014-12-02 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Łukasz\AppData\Local\Temp\Quarantine.exe
C:\Users\Łukasz\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-26 18:19

==================== End of log ============================

5. logi z Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by Łukasz at 2015-05-29 12:03:23
Running from F:\FRST
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-789212557-3701613293-361691519-500 - Administrator - Disabled)
Gość (S-1-5-21-789212557-3701613293-361691519-501 - Limited - Disabled)
Łukasz (S-1-5-21-789212557-3701613293-361691519-1001 - Administrator - Enabled) => C:\Users\Łukasz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-789212557-3701613293-361691519-1001\...\uTorrent) (Version: 3.4.3.40208 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - Nazwa firmy) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
Instrukcje użytkownika (x32 Version: 3.0.0.3 - Lenovo) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Internet Manager (HKLM-x32\...\DT_Poland Estoril Internet Manager_is1) (Version: - DT_Poland)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10264 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 pl)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.810.810.032714 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 5.1.8 - Shark007)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-789212557-3701613293-361691519-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

14-05-2015 18:58:59 Zainstalowany program DirectX
15-05-2015 22:57:53 Zainstalowany program DirectX
24-05-2015 13:44:32 Installed Grand Theft Auto Vice City
26-05-2015 17:22:44 Removed Windows Media Player Firefox Plugin
29-05-2015 11:48:59 avast! antivirus system restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070BE972-9C6D-4D5D-95BB-3ACDE790939D} - \Microsoft\Windows\RemovalTools\MRT_HB No Task File <==== ATTENTION
Task: {AEFEEC2A-8DD8-4282-8600-9FC549F40669} - \IT Viewer Viewer No Task File <==== ATTENTION
Task: {CBE9E3CC-0176-4B39-A245-3D02A1980969} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {ED0495CB-A6B2-44A8-BEAF-8421831935E5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-02 21:06 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Łukasz\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-789212557-3701613293-361691519-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DD914085-DB77-4612-B7C7-4B961828DD76}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{ACE3FE46-7A8B-46C4-BBE0-FF41BB289ED7}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{B244D3B9-45FB-46FB-B1C0-B42D8C903526}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{26B56C29-ACA4-402D-918B-33A92B17357C}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{3E79B936-1587-4248-B92A-CDD938D8C448}] => (Allow) LPort=55100
FirewallRules: [{C0829BCC-3DA4-4A8B-A13E-9B2E54EE5D68}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [TCP Query User{BC26387F-BB0D-4863-AC97-530F06227CC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2941033F-0991-40ED-BC32-555456BF5E1F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{EE3F965F-6CB0-425D-8A09-D0C6A59752D9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{337DAA7C-6513-4418-A6FD-61C8FCDCB39B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6AE77C72-C6A2-4AE8-99D3-EFB21A1C0322}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6E40FD49-72BF-4419-A866-C1E32A6D3656}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2015 01:43:36 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: System Windows nie może uzyskać dostępu do pliku z jednej z następujących przyczyn:
problem z połączeniem sieciowym; problem z dyskiem, na którym jest przechowywany plik; problem ze sterownikami magazynu zainstalowanymi na tym komputerze; brak dysku.
System Windows zamknął program cda_menu.exe z powodu tego błędu.

Program: cda_menu.exe
Plik:

Wartość błędu jest wyświetlona w sekcji Dodatkowe dane.
Akcja użytkownika
1. Otwórz plik ponownie.
Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu.
2.
Jeśli nadal nie można uzyskać dostępu do pliku i
- jest w sieci,
administrator sieci powinien sprawdzić, czy nie ma problemu z siecią i czy można skontaktować się z serwerem.
- jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera.
3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz polecenie CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz polecenie CHKDSK /F, a następnie naciśnij klawisz ENTER.
4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej.
5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem komputera lub dostawcą sprzętu
komputerowego, aby uzyskać dalszą pomoc.

Dodatkowe dane
Wartość błędu: C0000102
Typ dysku: 0

Error: (05/24/2015 01:43:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: cda_menu.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Nazwa modułu powodującego błąd: cda_menu.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000006
Przesunięcie błędu: 0x002a0a5c
Identyfikator procesu powodującego błąd: 0xfc8
Godzina uruchomienia aplikacji powodującej błąd: 0xcda_menu.exe0
Ścieżka aplikacji powodującej błąd: cda_menu.exe1
Ścieżka modułu powodującego błąd: cda_menu.exe2
Identyfikator raportu: cda_menu.exe3
Pełna nazwa pakietu powodującego błąd: cda_menu.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: cda_menu.exe5

Error: (05/16/2015 06:33:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe w wersji 17.5.9600.20856 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 10bc

Godzina rozpoczęcia: 01d08ff55c43a9f7

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Identyfikator raportu: 50c440d5-fbe9-11e4-8278-7429af2a0c44

Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/16/2015 06:03:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe w wersji 17.5.9600.20856 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 179c

Godzina rozpoczęcia: 01d08ff12b289b40

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Identyfikator raportu: 20cc0287-fbe5-11e4-8278-7429af2a0c44

Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/11/2015 06:57:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Menedżer okien pulpitu napotkał błąd krytyczny (0x8898008d).

Error: (05/10/2015 10:23:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/05/2015 03:12:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ef76c
Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ee9ae
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x00001aa1
Identyfikator procesu powodującego błąd: 0xa78
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3
Pełna nazwa pakietu powodującego błąd: plugin-container.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: plugin-container.exe5

Error: (05/05/2015 06:23:38 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Nie można zainicjować indeksu.

Szczegóły:
Nie można odnaleźć określonego obiektu. Określ nazwę istniejącego obiektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (05/05/2015 06:23:38 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Nie można zainicjować aplikacji.

Kontekst: aplikacja Windows

Szczegóły:
Nie można odnaleźć określonego obiektu. Określ nazwę istniejącego obiektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (05/05/2015 06:23:38 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Nie można zainicjować obiektu programu zbierającego.

Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:
Nie można odnaleźć określonego obiektu. Określ nazwę istniejącego obiektu. (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (05/29/2015 11:57:53 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/29/2015 11:55:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (05/29/2015 11:55:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Intel(R) Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (05/29/2015 11:55:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Lenovo WiFiHotspot Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (05/29/2015 11:55:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (05/29/2015 11:55:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (05/29/2015 11:55:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa VeriFaceSrv niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (05/29/2015 11:55:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Conexant SmartAudio service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (05/29/2015 11:55:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Cyberlink RichVideo64 Service(CRVS) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (05/29/2015 11:55:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Lenovo System Agent Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.


Microsoft Office:
=========================
Error: (05/24/2015 01:43:36 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: cda_menu.exeC00001020

Error: (05/24/2015 01:43:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: cda_menu.exe0.0.0.000000000cda_menu.exe0.0.0.000000000c0000006002a0a5cfc801d096149c482503E:\cda_menu.exeE:\cda_menu.exe1c234940-020a-11e5-8279-7429af2a0c44

Error: (05/16/2015 06:33:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2085610bc01d08ff55c43a9f74294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe50c440d5-fbe9-11e4-8278-7429af2a0c44microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/16/2015 06:03:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20856179c01d08ff12b289b404294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe20cc0287-fbe5-11e4-8278-7429af2a0c44microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/11/2015 06:57:17 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (05/10/2015 10:23:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/05/2015 03:12:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1a7801d0872d545ef2c7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll5d828e43-f328-11e4-826b-7429af2a0c44

Error: (05/05/2015 06:23:38 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Szczegóły:
Nie można odnaleźć określonego obiektu. Określ nazwę istniejącego obiektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (05/05/2015 06:23:38 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontekst: aplikacja Windows

Szczegóły:
Nie można odnaleźć określonego obiektu. Określ nazwę istniejącego obiektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (05/05/2015 06:23:38 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontekst: aplikacja Windows, wykaz SystemIndex

Szczegóły:
Nie można odnaleźć określonego obiektu. Określ nazwę istniejącego obiektu. (HRESULT : 0x80040d06) (0x80040d06)


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 3988.27 MB
Available physical RAM: 2744.76 MB
Total Pagefile: 4692.27 MB
Available Pagefile: 3459.33 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.49 GB) (Free:377.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.09 GB) NTFS
Drive f: () (Removable) (Total:3.76 GB) (Free:3.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3717B3EC)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: C4C52134)
Partition 1: (Not Active) - (Size=3.8 GB) - (Type=07 NTFS)

==================== End of log ============================

[djarta]

1. Otwórz notatnik i wklej:

CloseProcesses:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR dev: Chrome dev build detected! <======= ATTENTION
Task: {070BE972-9C6D-4D5D-95BB-3ACDE790939D} - \Microsoft\Windows\RemovalTools\MRT_HB No Task File <==== ATTENTION
Task: {AEFEEC2A-8DD8-4282-8600-9FC549F40669} - \IT Viewer Viewer No Task File <==== ATTENTION
Task: {CBE9E3CC-0176-4B39-A245-3D02A1980969} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {ED0495CB-A6B2-44A8-BEAF-8421831935E5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
CMD: sfc /scanfile=C:\Windows\SysWOW64\svchost.exe
Reboot:

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix.

Pokaż raport.

[lucyfer]

Raport
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by Łukasz at 2015-05-29 13:03:52 Run:3
Running from F:\FRST
Loaded Profiles: Łukasz (Available Profiles: Łukasz)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR dev: Chrome dev build detected! <======= ATTENTION
Task: {070BE972-9C6D-4D5D-95BB-3ACDE790939D} - \Microsoft\Windows\RemovalTools\MRT_HB No Task File <==== ATTENTION
Task: {AEFEEC2A-8DD8-4282-8600-9FC549F40669} - \IT Viewer Viewer No Task File <==== ATTENTION
Task: {CBE9E3CC-0176-4B39-A245-3D02A1980969} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {ED0495CB-A6B2-44A8-BEAF-8421831935E5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
CMD: sfc /scanfile=C:\Windows\SysWOW64\svchost.exe
Reboot:
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key Removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{070BE972-9C6D-4D5D-95BB-3ACDE790939D}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{070BE972-9C6D-4D5D-95BB-3ACDE790939D}" => key Removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemovalTools\MRT_HB => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEFEEC2A-8DD8-4282-8600-9FC549F40669}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEFEEC2A-8DD8-4282-8600-9FC549F40669}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IT Viewer Viewer" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBE9E3CC-0176-4B39-A245-3D02A1980969}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBE9E3CC-0176-4B39-A245-3D02A1980969}" => key Removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED0495CB-A6B2-44A8-BEAF-8421831935E5}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED0495CB-A6B2-44A8-BEAF-8421831935E5}" => key Removed successfully
C:\Windows\System32\Tasks\Lenovo\LSC\LSCHardwareScan => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\LSC\LSCHardwareScan" => key Removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.

========= sfc /scanfile=C:\Windows\SysWOW64\svchost.exe =========






W i n d o w s R e s o u r c e P r o t e c t i o n f o u n d c o r r u p t f i l e s a n d s u c c e s s f u l l y r e p a i r e d


t h e m . D e t a i l s a r e i n c l u d e d i n t h e C B S . L o g w i n d i r \ L o g s \ C B S \ C B S . l o g . F o r


e x a m p l e C : \ W i n d o w s \ L o g s \ C B S \ C B S . l o g . N o t e t h a t l o g g i n g i s c u r r e n t l y n o t


s u p p o r t e d i n o f f l i n e s e r v i c i n g s c e n a r i o s .



========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 13:04:09 ====

[djarta]

Wyczyszczone i naprawione.


Wykonaj wszystko z tego tematu: Kroki kończące temat.
Końcowo pokazujesz: raport z DelFix oraz raport z pełnego skanowania Malwarebytes

[lucyfer]

Bardzo dziękuje. Wszystko super działa. Jest jesteś lub będziesz w okolicach Kielc, to daj znać, bo wiszę ci duże piwo. Jeszcze raz bardzo dziękuje za pomoc.

Tutaj uzupełniam ostatnie logi

1. Delfix

# DelFix v1.010 - Logfile created 29/05/2015 at 15:39:55
# Updated 26/04/2015 by Xplode
# Username : Łukasz - MADZIA
# Operating System : Windows 8.1 Connected (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\Łukasz\Desktop\TFC.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

########## - EOF - ##########

2. Malwarebytes

Malwarebytes Anti-Malware
Dostępne tylko dla zarejestrowanych użytkowników

Data skanu: 2015-05-29
Czas skanu: 15:50:04
Raport: anti.txt
Administrator: Tak

Wersja: 2.01.6.1022
Baza danych malware: v2015.05.29.03
Baza danych rootkitów: v2015.05.24.01
Licencja: Trial
Ochrona przeciw malware: Włączony
Ochrona przeciw szkodliwymi stronami: Włączony
Samoobrona: Wyłączony

System operacyjny: Windows 8.1
Procesor: x64
System plików: NTFS
Użytkownik: Aukasz

Typ skanu: Pełne skanowanie
Wynik: Zakończono
obiekty zeskanowane: 338636
Minęło: 23 min, 44 s

Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Wyłączony
Heurystyka: Włączony
PUP: Włączony
PUM: Włączony

Procesy: 0
(Nie wykryto zagrożeń)

Moduły: 0
(Nie wykryto zagrożeń)

Klucze rejestru: 0
(Nie wykryto zagrożeń)

Wartości rejestru: 0
(Nie wykryto zagrożeń)

Dane rejestru: 0
(Nie wykryto zagrożeń)

Foldery: 0
(Nie wykryto zagrożeń)

Pliki: 0
(Nie wykryto zagrożeń)

Sektory fizyczne: 0
(Nie wykryto zagrożeń)


(end)