Nt kernel & system obciaza procesor

[barto0o]

od jakiegoś czasu mam problem z płynnym działaniem systemu, proces nt kernel & system obciąża mi procesor tak jak wcześniej zabierał proces bezczynności czyi jak jak jest wolna moc procesora to jest od razu zabierana przez w/w prosces. Jest problem z wyłączeniem komputera, trzeba go wyłączać przytrzymując przycisk zasilania bo inaczej nie chce sie zamknąć, zamula do tego stopnia że kursor przycina a jak pisze tego posta to musze mocno uważać bo działa tak wolno że nie nadąża wklepywać tego co pisze.
logi z combofix:

Kod: Zaznacz wszystko

ComboFix 15-04-09.01 - Milka 2015-04-08  20:24:18.2.1 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.2038.1292 [GMT 2:00]
Uruchomiony z: c:\users\Milka\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2015-03-08 do 2015-04-08  )))))))))))))))))))))))))))))))
.
.
2015-04-08 18:33 . 2015-04-08 18:33   --------   d-----w-   c:\users\Default\AppData\Local\temp
2015-04-08 18:08 . 2015-04-08 18:08   62576   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{A29F4E79-2050-47F6-AD70-5ECC61E2E219}\offreg.dll
2015-04-08 18:03 . 2015-04-08 18:03   --------   d-----w-   c:\users\Milka\AppData\Local\ESET
2015-04-07 17:09 . 2015-03-14 10:06   9119072   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{A29F4E79-2050-47F6-AD70-5ECC61E2E219}\mpengine.dll
2015-04-05 04:08 . 2015-04-05 04:08   --------   d-s---w-   c:\windows\system32\GWX
2015-03-24 18:17 . 2015-03-11 03:30   534528   ----a-w-   c:\windows\system32\generaltel.dll
2015-03-24 18:17 . 2015-03-11 03:30   623616   ----a-w-   c:\windows\system32\invagent.dll
2015-03-24 18:17 . 2015-03-11 03:29   818176   ----a-w-   c:\windows\system32\appraiser.dll
2015-03-24 18:17 . 2015-03-11 03:29   26112   ----a-w-   c:\windows\system32\acmigration.dll
2015-03-24 18:17 . 2015-03-11 03:26   892928   ----a-w-   c:\windows\system32\aeinv.dll
2015-03-24 18:17 . 2015-03-11 03:29   327168   ----a-w-   c:\windows\system32\devinv.dll
2015-03-24 18:17 . 2015-03-11 03:29   202752   ----a-w-   c:\windows\system32\aepdu.dll
2015-03-24 18:17 . 2015-03-11 03:29   159744   ----a-w-   c:\windows\system32\aepic.dll
2015-03-11 17:58 . 2015-03-06 05:15   137656   ----a-w-   c:\windows\system32\drivers\ksecpkg.sys
2015-03-11 17:56 . 2015-01-17 02:30   828928   ----a-w-   c:\windows\system32\msctf.dll
2015-03-11 17:56 . 2015-01-31 03:32   919552   ----a-w-   c:\windows\system32\rdpcorets.dll
2015-03-11 17:56 . 2015-01-31 02:52   134656   ----a-w-   c:\windows\system32\rdpudd.dll
2015-03-11 17:56 . 2015-01-31 02:51   15872   ----a-w-   c:\windows\system32\drivers\rdpvideominiport.sys
2015-03-11 17:56 . 2015-02-26 03:11   2381312   ----a-w-   c:\windows\system32\win32k.sys
2015-03-11 17:55 . 2015-02-03 03:12   171520   ----a-w-   c:\windows\system32\ubpm.dll
2015-03-11 17:54 . 2015-02-20 04:13   26624   ----a-w-   c:\windows\system32\lpk.dll
2015-03-11 17:54 . 2015-02-20 04:13   70656   ----a-w-   c:\windows\system32\fontsub.dll
2015-03-11 17:54 . 2015-02-20 04:13   10240   ----a-w-   c:\windows\system32\dciman32.dll
2015-03-11 17:54 . 2015-02-20 04:13   34304   ----a-w-   c:\windows\system32\atmlib.dll
2015-03-11 17:54 . 2015-02-20 03:09   299008   ----a-w-   c:\windows\system32\atmfd.dll
2015-03-11 17:53 . 2015-02-04 02:54   417792   ----a-w-   c:\windows\system32\WMPhoto.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-24 03:23 . 2014-10-05 13:44   246920   ------w-   c:\windows\system32\MpSigStub.exe
2015-02-17 14:26 . 2015-02-17 14:26   1217184   ----a-w-   c:\windows\system32\FM20.DLL
2015-02-05 13:16 . 2014-10-05 14:26   71344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 13:16 . 2014-10-05 14:26   701616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2015-01-31 15:20 . 2015-01-31 15:21   8192   ----a-w-   c:\windows\system32\srvany.exe
2015-01-31 15:20 . 2015-01-31 15:21   151552   ----a-w-   c:\windows\KMService.exe
2015-01-27 23:36 . 2015-02-11 15:06   1167520   ----a-w-   c:\windows\system32\aitstatic.exe
2015-01-09 02:48 . 2015-02-17 18:14   76800   ----a-w-   c:\windows\system32\wdi.dll
2015-01-09 02:48 . 2015-02-17 18:14   635904   ----a-w-   c:\windows\system32\perftrack.dll
2015-01-09 02:48 . 2015-02-17 18:14   27136   ----a-w-   c:\windows\system32\powertracker.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-11-20 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-11-20 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-11-20 135168]
"CheckNDISPortF0acD2"="c:\program files\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe" [2013-07-26 459008]
"CancelAutoPlay_df"="c:\program files\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe" [2013-07-26 446208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-10-09 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-01-31 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe [2014-10-31 714208]
R4 MaintainerSvc6.37.565328;MaintainerSvc6.37.565328;c:\programdata\7bb6df21-8ca8-4eec-965d-8cd2261544c7\maintainer.exe [x]
R4 Update EnterDigital;Update EnterDigital;c:\program files\EnterDigital\updateEnterDigital.exe [2014-11-02 523504]
R4 Util EnterDigital;Util EnterDigital;c:\program files\EnterDigital\bin\utilEnterDigital.exe [2014-10-31 523504]
S1 {f1d7e225-e39d-4bcb-8a90-eaa4181b222b}Gw;{f1d7e225-e39d-4bcb-8a90-eaa4181b222b}Gw;c:\windows\system32\drivers\{f1d7e225-e39d-4bcb-8a90-eaa4181b222b}Gw.sys [2014-10-31 43152]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-12-25 243128]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [2015-01-31 8192]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile   REG_MULTI_SZ      wcescomm rapimgr
LocalServiceRestricted   REG_MULTI_SZ      WcesComm RapiMgr
.
Zawartość folderu 'Zaplanowane zadania'
.
2015-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05 13:16]
.
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Wyślij &do programu OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000415
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{B3B5F219-79E6-4307-8AC1-9B32BE37CD48}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.2.71.2"
"UniqueId"="0041876854CD00B1"
"ScannerBuild"=dword:0000215d
"ScannerVersionId"=dword:00001695
"ScannerVersion"="Open window for status."
"ei2"=hex(b):b2,ab,86,26,d9,e0,82,c3
"ei1"=hex(b):00,c0,9f,fe,49,0c,00,00
"ei3"=hex(b):4b,01,cd,54,00,00,00,00
"ei4"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2015-04-08  20:36:05
ComboFix-quarantined-files.txt  2015-04-08 18:36
ComboFix2.txt  2015-04-08 18:19
.
Przed: 14 500 352 000 bajtów wolnych
Po: 16 499 859 456 bajtów wolnych
.
- - End Of File - - FB558BD531BF42ACA1DF18C3C73C0771
A36C5E4F47E84449FF07ED3517B43A31


oraz antimalwere

Kod: Zaznacz wszystko

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/04/10 15:36:48 +0200</date>
<logfile>mbam-log-2015-04-10 (15-36-44).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.01.4.1018</version>
<malware-database>v2015.04.10.04</malware-database>
<rootkit-database>v2015.03.31.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x86</arch>
<username>Milka</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>312699</objects>
<time>1302</time>
<processes>1</processes>
<modules>0</modules>
<keys>20</keys>
<values>2</values>
<datas>0</datas>
<folders>11</folders>
<files>37</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<process><path>C:\Windows\KMService.exe</path><vendor>RiskWare.Tool.CK</vendor><action>delete-on-reboot</action><pid>1700</pid><hash>519b5e0c6a20cd697f792c6d60a20df3</hash></process>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices</path><vendor>PUP.Optional.IePluginService.A</vendor><action>success</action><hash>fdef0268711972c455ea3d4959a846ba</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}</path><vendor>PUP.Optional.BrowseFox.A</vendor><action>success</action><hash>77755f0b236769cd029ddf938b78bb45</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{f1d7e225-e39d-4bcb-8a90-eaa4181b222b}Gw</path><vendor>PUP.Optional.Sanbreel.A</vendor><action>success</action><hash>2dbf4f1b23670432ca3e5f88679c748c</hash></key>
<key><path>HKLM\SOFTWARE\supWindowsMangerProtect</path><vendor>PUP.Optional.WPM.A</vendor><action>success</action><hash>38b4c0aab6d40d29f0d5a39f8184619f</hash></key>
<key><path>HKLM\SOFTWARE\supWPM</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>eefe7af0b5d5e55156271ec3b54e827e</hash></key>
<key><path>HKLM\SOFTWARE\sweet-pageSoftware</path><vendor>PUP.Optional.SweetPage.A</vendor><action>success</action><hash>c527402aa0ea4cea08adac8be52006fa</hash></key>
<key><path>HKLM\SOFTWARE\SUPTAB</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>d6162149acde3bfbf28ab32e21e258a8</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaintainerSvc6.37.565328</path><vendor>PUP.Optional.MaintainerSvc.A</vendor><action>success</action><hash>bc3073f7e7a36ec8da6a79d19372b749</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update EnterDigital</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>edff3733d1b98caa6420f05be223fe02</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util EnterDigital</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>48a4b6b452383cfa5d26aaa1b15454ac</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices</path><vendor>PUP.Optional.IEPluginServices.A</vendor><action>success</action><hash>7c703b2ffc8e51e515fc51866e95b848</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect</path><vendor>PUP.Optional.WindowsMangerProtect.A</vendor><action>success</action><hash>7f6d34368604c76f809275626b98fd03</hash></key>
<key><path>HKU\S-1-5-21-724300184-3600769634-1668645338-1000\SOFTWARE\SupHpUISoft</path><vendor>PUP.Optional.WebSearches.A</vendor><action>success</action><hash>2dbf6406fd8dd85e71a02ab9b2516e92</hash></key>
<key><path>HKU\S-1-5-21-724300184-3600769634-1668645338-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S</path><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><hash>2ac25a10f7932115e7a78c817c88619f</hash></key>
<key><path>HKU\S-1-5-21-724300184-3600769634-1668645338-1000\SOFTWARE\INSTALLCORE</path><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><hash>01ebe387d6b4e4526ef3ef34ee1702fe</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\EnterDigital</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></key>
<value><path>HKLM\SOFTWARE\SUPTAB</path><valuename>ptid</valuename><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><valuedata>cor</valuedata><hash>d6162149acde3bfbf28ab32e21e258a8</hash></value>
<value><path>HKU\S-1-5-21-724300184-3600769634-1668645338-1000\SOFTWARE\INSTALLCORE</path><valuename>tb</valuename><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><valuedata>0V1D1S1R1D0V1O</valuedata><hash>01ebe387d6b4e4526ef3ef34ee1702fe</hash></value>
<folder><path>C:\ProgramData\IePluginServices</path><vendor>PUP.Optional.IePluginServices.A</vendor><action>success</action><hash>d616a2c81c6e0333215fdebbaf54df21</hash></folder>
<folder><path>C:\ProgramData\IePluginServices\update</path><vendor>PUP.Optional.IePluginServices.A</vendor><action>success</action><hash>d616a2c81c6e0333215fdebbaf54df21</hash></folder>
<folder><path>C:\ProgramData\WindowsMangerProtect</path><vendor>PUP.Optional.WPM.A</vendor><action>success</action><hash>75772a405238f93dd87d207bdc276898</hash></folder>
<folder><path>C:\ProgramData\WindowsMangerProtect\log</path><vendor>PUP.Optional.WPM.A</vendor><action>success</action><hash>75772a405238f93dd87d207bdc276898</hash></folder>
<folder><path>C:\ProgramData\WindowsMangerProtect\update</path><vendor>PUP.Optional.WPM.A</vendor><action>success</action><hash>75772a405238f93dd87d207bdc276898</hash></folder>
<folder><path>C:\Users\Milka\AppData\Roaming\sweet-page</path><vendor>PUP.Optional.SweetPage.A</vendor><action>success</action><hash>a349a2c8d3b748ee4e28465e748f3ac6</hash></folder>
<folder><path>C:\Users\Milka\AppData\Roaming\sweet-page\log</path><vendor>PUP.Optional.SweetPage.A</vendor><action>success</action><hash>a349a2c8d3b748ee4e28465e748f3ac6</hash></folder>
<folder><path>C:\Program Files\EnterDigital</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></folder>
<folder><path>C:\Program Files\EnterDigital\bin</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></folder>
<folder><path>C:\Program Files\EnterDigital\bin\plugins</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></folder>
<folder><path>C:\Program Files\EnterDigital\bin\TEMP</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></folder>
<file><path>C:\Windows\KMService.exe</path><vendor>RiskWare.Tool.CK</vendor><action>delete-on-reboot</action><hash>519b5e0c6a20cd697f792c6d60a20df3</hash></file>
<file><path>C:\ProgramData\IePluginServices\PluginService.exe</path><vendor>PUP.Optional.IePluginService.A</vendor><action>success</action><hash>fdef0268711972c455ea3d4959a846ba</hash></file>
<file><path>C:\ProgramData\7bb6df21-8ca8-4eec-965d-8cd2261544c7\maintainer.bak</path><vendor>PUP.Optional.SwiftBrowse</vendor><action>success</action><hash>1fcdc6a42f5bf046c45a838334ce1ae6</hash></file>
<file><path>C:\Windows\System32\drivers\{f1d7e225-e39d-4bcb-8a90-eaa4181b222b}Gw.sys</path><vendor>PUP.Optional.Sanbreel.A</vendor><action>success</action><hash>2dbf4f1b23670432ca3e5f88679c748c</hash></file>
<file><path>C:\Program Files\EnterDigital\updateEnterDigital.exe</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>edff3733d1b98caa6420f05be223fe02</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\utilEnterDigital.exe</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>48a4b6b452383cfa5d26aaa1b15454ac</hash></file>
<file><path>C:\ProgramData\IePluginServices\update\conf</path><vendor>PUP.Optional.IePluginServices.A</vendor><action>success</action><hash>d616a2c81c6e0333215fdebbaf54df21</hash></file>
<file><path>C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-10-31[17-48-01-257].log</path><vendor>PUP.Optional.WPM.A</vendor><action>success</action><hash>75772a405238f93dd87d207bdc276898</hash></file>
<file><path>C:\ProgramData\WindowsMangerProtect\update\conf</path><vendor>PUP.Optional.WPM.A</vendor><action>success</action><hash>75772a405238f93dd87d207bdc276898</hash></file>
<file><path>C:\Users\Milka\AppData\Roaming\sweet-page\UninstallManager.exe</path><vendor>PUP.Optional.SweetPage.A</vendor><action>success</action><hash>a349a2c8d3b748ee4e28465e748f3ac6</hash></file>
<file><path>C:\Users\Milka\AppData\Roaming\sweet-page\log\UninstallManager_2014-10-31[18-35-04-776].log</path><vendor>PUP.Optional.SweetPage.A</vendor><action>success</action><hash>a349a2c8d3b748ee4e28465e748f3ac6</hash></file>
<file><path>C:\Program Files\EnterDigital\0</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\7za.exe</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\EnterDigital.ico</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\EnterDigitalUninstall.exe</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\gbicpopjaaipnhconhlfmbkjbcfdhkkl.crx</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\updateEnterDigital.InstallState</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\7za.exe</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\BrowserAdapter.7z</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\EnterDigital.BrowserAdapter.exe</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\EnterDigital.BrowserAdapter64.exe</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\EnterDigital.PurBrowse.exe</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\EnterDigital.PurBrowseG.zip</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\f1d7e225e39d4bcb8a90.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\f1d7e225e39d4bcb8a9064.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\sqlite3.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\utilEnterDigital.InstallState</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\{f1d7e225-e39d-4bcb-8a90-eaa4181b222b}.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.Bromon.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.BroStats.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.BrowserAdapter.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.CompatibilityChecker.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.FFUpdate.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.GCUpdate.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.IEUpdate.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.Msvcmon.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
<file><path>C:\Program Files\EnterDigital\bin\plugins\EnterDigital.PurBrowseG.dll</path><vendor>PUP.Optional.EnterDigital.A</vendor><action>success</action><hash>de0e04665c2ebe78e656fbbfae557888</hash></file>
</items>
</mbam-log>


i adw cleaner

Kod: Zaznacz wszystko

# AdwCleaner v4.201 - Logfile created 10/04/2015 at 16:43:48
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Milka - LAPTOP_MILKA
# Running from : C:\Users\Milka\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\user.js
Folder Found : C:\Users\Milka\AppData\Roaming\pdfforge

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\EnterDigital
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\EnterDigital

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 pl)


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [949 bytes] - [10/04/2015 16:43:48]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1007 bytes] ##########


[ordynat]

Po pierwsze: skoro masz problem z Systemem, to po co zakładasz temat w tym dziale Forum?
Po drugie:

Czas ukończenia: 2015-04-08 20:36:05
ComboFix-quarantined-files.txt 2015-04-08 18:36
ComboFix2.txt 2015-04-08 18:19

v

mbam-log>
<date>2015/04/10 15:36:48

Wyraźnie widać, że log z ComboFixa jest nieaktualny.

Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner[S].txt

Zrób logi z FRST > http://forum.programosy.pl/frst-otl-zoek-vt139692.html
Przed skanem zaznacz "Additional"
.

[barto0o]

frst

Kod: Zaznacz wszystko

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Milka (administrator) on LAPTOP_MILKA on 10-04-2015 17:03:46
Running from C:\Users\Milka\Desktop
Loaded Profiles: Milka (Available profiles: Milka)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe
() C:\Program Files\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Users\Milka\Desktop\AdwCleaner.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [CheckNDISPortF0acD2] => C:\Program Files\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe [459008 2013-07-26] ()
HKLM\...\Run: [CancelAutoPlay_df] => C:\Program Files\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe [446208 2013-07-26] ()
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2219184 2011-01-12] (ESET)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKU\S-1-5-21-724300184-3600769634-1668645338-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-09] (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-724300184-3600769634-1668645338-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-724300184-3600769634-1668645338-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-724300184-3600769634-1668645338-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-10-31] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2014-10-31] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\user.js [2015-04-08]
FF SearchPlugin: C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\searchplugins\ceneo.xml [2014-12-23]
FF SearchPlugin: C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\searchplugins\youtube.xml [2014-10-28]
FF Extension: MEGA - C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\Extensions\firefox@mega.co.nz.xpi [2015-01-25]
FF Extension: Adblock Plus - C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-01]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-01-31]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144 2011-01-12] (ESET)
S2 KMService; C:\Windows\system32\srvany.exe [8192 2015-01-31] () [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-25] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137144 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [115008 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [95384 2010-12-21] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R1 PQNTDrv; C:\Windows\system32\Drivers\PQNTDrv.sys [4228 2002-09-16] (PowerQuest Corporation) [File not signed]
S3 catchme; \??\C:\Users\Milka\AppData\Local\Temp\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 17:03 - 2015-04-10 17:04 - 00009356 _____ () C:\Users\Milka\Desktop\FRST.txt
2015-04-10 17:03 - 2015-04-10 17:03 - 00000000 ____D () C:\FRST
2015-04-10 17:02 - 2015-04-10 17:02 - 01135104 _____ (Farbar) C:\Users\Milka\Desktop\FRST.exe
2015-04-10 16:43 - 2015-04-10 16:46 - 00000000 ____D () C:\AdwCleaner
2015-04-10 16:41 - 2015-04-10 16:42 - 02217984 _____ () C:\Users\Milka\Desktop\AdwCleaner.exe
2015-04-10 15:36 - 2015-04-10 16:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-10 15:35 - 2015-04-10 15:35 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-10 15:35 - 2015-04-10 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-10 15:35 - 2015-04-10 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-10 15:35 - 2015-04-10 15:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-10 15:35 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-10 15:35 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-10 15:35 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-10 15:34 - 2015-04-10 15:34 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Milka\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-10 11:43 - 2015-04-10 12:04 - 00000102 _____ () C:\Users\Milka\Desktop\Nowy dokument tekstowy.txt
2015-04-10 09:25 - 2015-04-10 09:27 - 00002562 _____ () C:\Windows\diagwrn.xml
2015-04-10 09:25 - 2015-04-10 09:27 - 00001908 _____ () C:\Windows\diagerr.xml
2015-04-08 21:23 - 2015-04-08 21:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-08 20:36 - 2015-04-08 20:36 - 00009975 _____ () C:\ComboFix.txt
2015-04-08 20:32 - 2015-04-08 20:51 - 00000000 ____D () C:\Users\Milka\Desktop\pulpit
2015-04-08 20:03 - 2015-04-08 20:03 - 00000000 ____D () C:\Users\Milka\AppData\Local\ESET
2015-04-08 19:59 - 2015-04-08 20:36 - 00000000 ____D () C:\Qoobox
2015-04-08 19:59 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-08 19:59 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-08 19:59 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-08 19:59 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-08 19:59 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-08 19:59 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-08 19:59 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-08 19:59 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-08 19:58 - 2015-04-08 20:16 - 00000000 ____D () C:\Windows\erdnt
2015-04-08 19:55 - 2015-04-08 19:55 - 05617275 ____R (Swearware) C:\Users\Milka\Desktop\ComboFix.exe
2015-04-05 06:08 - 2015-04-05 06:08 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-24 20:17 - 2015-03-11 05:30 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-24 20:17 - 2015-03-11 05:30 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-24 20:17 - 2015-03-11 05:29 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-24 20:17 - 2015-03-11 05:29 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-24 20:17 - 2015-03-11 05:29 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-24 20:17 - 2015-03-11 05:29 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-24 20:17 - 2015-03-11 05:29 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-24 20:17 - 2015-03-11 05:26 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-16 08:58 - 2015-03-16 09:15 - 514345828 _____ () C:\Users\Milka\Downloads\Washington Wizards - Sacramento Kings 14.03.2015 (2.połowa)...avi
2015-03-16 08:42 - 2015-03-16 08:58 - 471058600 _____ () C:\Users\Milka\Downloads\Washington Wizards - Sacramento Kings 14.03.2015 (1.połowa)...avi
2015-03-11 19:59 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 19:59 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 19:59 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 19:59 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 19:59 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 19:59 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 19:59 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 19:59 - 2015-02-20 04:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 19:59 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 19:59 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 19:59 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 19:59 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 19:59 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 19:59 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 19:59 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 19:59 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 19:59 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 19:59 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 19:59 - 2015-02-20 03:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 19:59 - 2015-02-20 03:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 19:59 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 19:59 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 19:59 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 19:59 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 19:59 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 19:59 - 2015-02-20 03:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 19:59 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 19:59 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 19:59 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 19:59 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 19:58 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 19:58 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 19:58 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 19:58 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 19:58 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 19:58 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 19:58 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 19:58 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 19:58 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 19:58 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 19:58 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 19:58 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 19:58 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 19:58 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 19:58 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 19:58 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 19:58 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 19:58 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 19:58 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 19:58 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 19:58 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 19:58 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 19:58 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 19:58 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 19:58 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 19:58 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 19:58 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 19:58 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 19:58 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 19:58 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 19:58 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 19:58 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 19:58 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 19:58 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 19:56 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 19:56 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 19:56 - 2015-01-31 05:32 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 19:56 - 2015-01-31 04:52 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 19:56 - 2015-01-31 04:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 19:56 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 19:55 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 19:54 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 19:54 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 19:54 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 19:54 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 19:54 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 19:53 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 16:16 - 2014-10-05 16:26 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-10 16:16 - 2014-10-05 15:21 - 01669178 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-10 16:16 - 2009-07-14 10:07 - 00740346 _____ () C:\Windows\system32\perfh015.dat
2015-04-10 16:16 - 2009-07-14 10:07 - 00155888 _____ () C:\Windows\system32\perfc015.dat
2015-04-10 16:16 - 2009-07-14 06:34 - 00017072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-10 16:16 - 2009-07-14 06:34 - 00017072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-10 16:12 - 2014-10-05 15:08 - 01463523 _____ () C:\Windows\WindowsUpdate.log
2015-04-10 16:06 - 2014-10-10 17:27 - 00052062 _____ () C:\Windows\PFRO.log
2015-04-10 16:06 - 2009-07-14 10:28 - 00000000 ____D () C:\Windows\CSC
2015-04-10 16:06 - 2009-07-14 06:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-10 16:06 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-10 16:06 - 2009-07-14 06:39 - 00001365 _____ () C:\Windows\setupact.log
2015-04-10 15:39 - 2014-10-31 20:19 - 00000000 ____D () C:\ProgramData\7bb6df21-8ca8-4eec-965d-8cd2261544c7
2015-04-10 09:25 - 2009-07-14 06:39 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-09 08:27 - 2014-10-05 15:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-08 20:33 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2015-04-08 20:19 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2015-04-08 20:19 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-03-28 07:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-25 11:10 - 2014-12-12 04:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 11:10 - 2014-10-06 17:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-16 11:59 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-16 11:58 - 2014-10-31 18:46 - 00000000 ____D () C:\Users\Milka\AppData\Local\JDownloader v2.0
2015-03-13 11:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-03-12 10:05 - 2009-07-14 06:33 - 00408320 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 10:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2015-03-11 20:24 - 2015-01-31 16:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 20:23 - 2009-07-14 04:04 - 00000580 _____ () C:\Windows\win.ini
2015-03-11 20:22 - 2014-10-24 07:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 20:17 - 2014-10-24 07:18 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-10-06 17:39 - 2014-10-06 17:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Milka\AppData\Local\Temp\Quarantine.exe
C:\Users\Milka\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-29 11:46

==================== End Of Log ============================

adw

Kod: Zaznacz wszystko

# AdwCleaner v4.201 - Logfile created 10/04/2015 at 17:29:47
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Milka - LAPTOP_MILKA
# Running from : C:\Users\Milka\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Milka\AppData\Roaming\pdfforge
File Deleted : C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\EnterDigital
Key Deleted : HKLM\SOFTWARE\EnterDigital

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 pl)


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [1086 bytes] - [10/04/2015 16:43:48]
AdwCleaner[R1].txt - [1146 bytes] - [10/04/2015 17:26:28]
AdwCleaner[S0].txt - [1081 bytes] - [10/04/2015 17:29:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1140  bytes] ##########


[ordynat]

Brak logu Additional.txt.

Otwórz Notatnik i wklej w nim:

C:\ProgramData\7bb6df21-8ca8-4eec-965d-8cd2261544c7
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-724300184-3600769634-1668645338-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Milka\AppData\Roaming\pdfforge
C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\user.js
Reg: reg delete "HKCU\Software\EnterDigital" /f
Reg: reg delete "HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}" /f
Reg: reg delete "HKLM\SOFTWARE\EnterDigital" /f

EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.
Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.
.

[barto0o]

fixlog:

Kod: Zaznacz wszystko

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Milka at 2015-04-10 18:00:44 Run:1
Running from C:\Users\Milka\Desktop
Loaded Profiles: Milka (Available profiles: Milka)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\ProgramData\7bb6df21-8ca8-4eec-965d-8cd2261544c7
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-724300184-3600769634-1668645338-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Milka\AppData\Roaming\pdfforge
C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\user.js
Reg: reg delete "HKCU\Software\EnterDigital" /f
Reg: reg delete "HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}" /f
Reg: reg delete "HKLM\SOFTWARE\EnterDigital" /f

EmptyTemp:
*****************

C:\ProgramData\7bb6df21-8ca8-4eec-965d-8cd2261544c7 => Moved successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.
"HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-724300184-3600769634-1668645338-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"C:\Users\Milka\AppData\Roaming\pdfforge" => File/Directory not found.
"C:\Users\Milka\AppData\Roaming\Mozilla\Firefox\Profiles\5xmzf7tr.default\user.js" => File/Directory not found.

========= reg delete "HKCU\Software\EnterDigital" /f =========

Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}" /f =========

Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\EnterDigital" /f =========

Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci.


========= End of Reg: =========

EmptyTemp: => Removed 592.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 18:01:08 ====

brakujacy aditional:

Kod: Zaznacz wszystko

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Milka at 2015-04-10 18:13:16
Running from C:\Users\Milka\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 4.2 (Disabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Disabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM\...\dreamboxEDIT) (Version:  - )
DRUKI Gofin 2.2.19.0 (HKLM\...\{852B928B-042E-4555-B59B-3473734906FF}) (Version: 2.2.19.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.)
ESET NOD32 Antivirus (HKLM\...\{B3B5F219-79E6-4307-8AC1-9B32BE37CD48}) (Version: 4.2.71.2 - ESET, spol. s r.o.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Malware wersja 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 37.0.1 (x86 pl)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
PartitionMagic (Version: 8.00.000 - PowerQuest) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PLAY ONLINE (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
PowerQuest PartitionMagic 8.0 (HKLM\...\InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}) (Version: 8.00.000 - PowerQuest)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

10-04-2015 09:28:39 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {119735B1-540D-4B99-93A1-5F849E1D8252} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {224BA33D-778E-491F-ABBC-7644B729E364} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {39405D7F-F8F1-4B69-A336-43392F1B1B6A} - System32\Tasks\{77710477-1B8D-4090-B979-FF98EA86F2ED} => pcalua.exe -a "C:\Intel 915 GM WDDM Driver\win7_915GMA Final.exe" -d "C:\Intel 915 GM WDDM Driver"
Task: {3988DD60-7DB3-4F8C-BFED-76A706723E5F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {41B52975-0B69-4525-B84B-A6F6EB1AAB76} - System32\Tasks\{99660650-785E-410E-A22B-F58C4A6EE593} => C:\Users\Milka\Desktop\Nowy folder\Setup.exe
Task: {55ACC7A3-E89B-4289-906A-DCD5CAB72BAF} - System32\Tasks\{48C01692-545C-43B5-876D-589E1A1A318F} => C:\Intel 915 GM WDDM Driver\win7_915GMA Final.exe [2012-08-01] (Intel Corporation)
Task: {7020F6D5-3F19-4557-97E1-A37F540BFD18} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {803ABDEE-5CC5-494E-AED5-25A9B299C4CC} - System32\Tasks\{69DAD9B6-F678-45B2-857B-CA1756593A4F} => C:\Intel 915 GM WDDM Driver\win7_915GMA Final.exe [2012-08-01] (Intel Corporation)
Task: {869661CF-DCAE-4E4A-8F3D-D1C09FAE8CE1} - System32\Tasks\{41CFBD7E-C7B2-42D3-84A0-2A7AF7B5BAF6} => pcalua.exe -a "D:\Nowy folder\sp39912.exe" -d "D:\Nowy folder"
Task: {A5BE3B56-429C-4538-B775-8DDA269415CF} - System32\Tasks\{03948F4C-D654-45C1-93EE-4041EF6EB944} => C:\Intel 915 GM WDDM Driver\win7_915GMA Final.exe [2012-08-01] (Intel Corporation)
Task: {BDB54D39-F0F4-47B9-8D2A-174458CE23BC} - System32\Tasks\{A8498A3A-006A-4A54-BE69-12A2EF34D050} => pcalua.exe -a C:\Users\Milka\Downloads\mp3DC220_www.INSTALKI.pl.exe -d C:\Users\Milka\Downloads
Task: {CB0F19FA-3B07-4819-B750-A32869280073} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {CF27EA23-84E1-429A-821D-B3F03E571B36} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-26 19:05 - 2013-07-26 20:21 - 00459008 _____ () C:\Program Files\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe
2014-12-26 19:05 - 2013-07-26 20:21 - 00446208 _____ () C:\Program Files\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-724300184-3600769634-1668645338-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Milka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: MaintainerSvc6.37.565328 => 2
MSCONFIG\Services: Update EnterDigital => 2
MSCONFIG\Services: Util EnterDigital => 2
MSCONFIG\Services: WindowsMangerProtect => 2

==================== Accounts: =============================

Administrator (S-1-5-21-724300184-3600769634-1668645338-500 - Administrator - Disabled)
Gość (S-1-5-21-724300184-3600769634-1668645338-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-724300184-3600769634-1668645338-1003 - Limited - Enabled)
Milka (S-1-5-21-724300184-3600769634-1668645338-1000 - Administrator - Enabled) => C:\Users\Milka

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/08/2015 08:51:14 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nie można utworzyć punktu przywracania (Proces = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Opis = Configured Microsoft Office Professional Plus 2010; Błąd = 0x8007043c).

Error: (04/08/2015 08:50:38 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nie można utworzyć punktu przywracania (Proces = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Opis = Configured Microsoft Office Professional Plus 2010; Błąd = 0x8007043c).

Error: (04/08/2015 08:50:33 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Nie można utworzyć punktu przywracania (Proces = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Opis = Configured Microsoft Office Professional Plus 2010; Błąd = 0x8007043c).

Error: (01/23/2015 03:48:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 35.0.0.5486, sygnatura czasowa: 0x54af7153
Nazwa modułu powodującego błąd: NPSWF32_16_0_0_257.dll, wersja: 16.0.0.257, sygnatura czasowa: 0x54925ce1
Kod wyjątku: 0x40000015
Przesunięcie błędu: 0x00364deb
Identyfikator procesu powodującego błąd: 0x1e8
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3

Error: (01/04/2015 00:00:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
.
To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.


Operacja:
   Zbieranie danych modułu zapisującego

Kontekst:
   Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
   Nazwa modułu zapisującego: System Writer
   Identyfikator wystąpienia modułu zapisującego: {a92946ac-689a-49ea-a13b-d623d5e118f1}

Error: (10/31/2014 07:35:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 33.0.2.5413, sygnatura czasowa: 0x544ef530
Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 33.0.2.5413, sygnatura czasowa: 0x544ed089
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x00001425
Identyfikator procesu powodującego błąd: 0xe14
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3

Error: (10/31/2014 06:46:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 33.0.2.5413, sygnatura czasowa: 0x544ef530
Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 33.0.2.5413, sygnatura czasowa: 0x544ed089
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x00001425
Identyfikator procesu powodującego błąd: 0xfac
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3

Error: (10/27/2014 05:24:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 32.0.3.5379, sygnatura czasowa: 0x54224e6b
Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 32.0.3.5379, sygnatura czasowa: 0x54221b67
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000141b
Identyfikator procesu powodującego błąd: 0xc64
Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0
Ścieżka aplikacji powodującej błąd: plugin-container.exe1
Ścieżka modułu powodującego błąd: plugin-container.exe2
Identyfikator raportu: plugin-container.exe3

Error: (10/24/2014 07:23:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: mrtstub.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x542ed262
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.18247, sygnatura czasowa: 0x521ea91c
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0001f8bc
Identyfikator procesu powodującego błąd: 0xf74
Godzina uruchomienia aplikacji powodującej błąd: 0xmrtstub.exe0
Ścieżka aplikacji powodującej błąd: mrtstub.exe1
Ścieżka modułu powodującego błąd: mrtstub.exe2
Identyfikator raportu: mrtstub.exe3

Error: (10/09/2014 03:12:25 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2496) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane, ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem.


System errors:
=============
Error: (04/10/2015 06:09:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Centrum zabezpieczeń zakończyła działanie; wystąpił następujący błąd:
%%16389

Error: (04/10/2015 06:09:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi BFE.

Error: (04/10/2015 06:08:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi BFE.

Error: (04/10/2015 06:07:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd:
%%-2140993535

Error: (04/10/2015 06:07:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%-2140993535

Error: (04/10/2015 06:07:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%-2140993535

Error: (04/10/2015 06:07:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd:
%%-2140993535

Error: (04/10/2015 06:07:59 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (04/10/2015 06:07:59 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (04/10/2015 06:07:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (04/08/2015 08:51:14 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20100x8007043c

Error: (04/08/2015 08:50:38 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20100x8007043c

Error: (04/08/2015 08:50:33 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20100x8007043c

Error: (01/23/2015 03:48:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.0.548654af7153NPSWF32_16_0_0_257.dll16.0.0.25754925ce14000001500364deb1e801d0371251816febC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll728133f1-a306-11e4-b535-00c09ffe490c

Error: (01/04/2015 00:00:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Odmowa dostępu.


Operacja:
   Zbieranie danych modułu zapisującego

Kontekst:
   Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
   Nazwa modułu zapisującego: System Writer
   Identyfikator wystąpienia modułu zapisującego: {a92946ac-689a-49ea-a13b-d623d5e118f1}

Error: (10/31/2014 07:35:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.2.5413544ef530mozalloc.dll33.0.2.5413544ed0898000000300001425e1401cff530f578e4c1C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll4e54fa6c-6124-11e4-9a19-00c09ffe490c

Error: (10/31/2014 06:46:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.2.5413544ef530mozalloc.dll33.0.2.5413544ed0898000000300001425fac01cff527e9c37d98C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll8711c86e-611d-11e4-9a19-00c09ffe490c

Error: (10/27/2014 05:24:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141bc6401cff1f9c97a9c71C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll4d0718fd-5ded-11e4-a60c-00c09ffe490c

Error: (10/24/2014 07:23:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mrtstub.exe0.0.0.0542ed262ntdll.dll6.1.7601.18247521ea91cc00000050001f8bcf7401cfef49f3040557f:\b4247336bb9303f27c638f3547\mrtstub.exeC:\Windows\SYSTEM32\ntdll.dlleaa23bcf-5b3d-11e4-a8cb-00c09ffe490c

Error: (10/09/2014 03:12:25 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2496WindowsMail0:


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) M processor 1.73GHz
Percentage of memory in use: 38%
Total physical RAM: 2038.12 MB
Available physical RAM: 1263.13 MB
Total Pagefile: 4076.23 MB
Available Pagefile: 3001.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:46.45 GB) (Free:15.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:46.7 GB) (Free:1.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 93.2 GB) (Disk ID: E911E911)
Partition 1: (Active) - (Size=46.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=46.7 GB) - (Type=OF Extended)

==================== End Of Log ============================

zauwazylem ze zaraz po zalogowaniu wszystko działa płynnie ale po ok 10sec już znowu muli

[ordynat]

Otwórz Notatnik i wklej w nim:

Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WindowsMangerProtect" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Util EnterDigital" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Update EnterDigital" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IePluginServices" /f
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.
Uruchom FRST i kliknij przycisk Fix.

Możemy kończyć:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).
.

zaraz po zalogowaniu wszystko działa płynnie ale po ok 10sec już znowu muli

Załóż temat w dziale system-windows-vf10.html
.