Wirus kolegi (?) -.-

[KaRRamb4]

I tak nie pokazuje mi ścieżki tego pliku ;x To jeszcze, raz bo kazdy pisze co innego. Co mam z tym zrobic? Bo ja już nie wiem kazdy z was co innego pisze

[SayIt]

Fajnego masz kolege, na twoim miejscu chcialbym sie z nim jak najsztybciej spotakc Nie pokazuje ci sciezki do tego pliku?

[KaRRamb4]

Nie nie pokazuje. Mam coś takiego : process:pid:4748

[TrueFaith]

Dlaczego nie zrobisz tego czego Ci radzimy. Pełny skan Malwarebytes Antimalware + Dr.Web Cure It, ewentualnie logi OTL do osoby która się na tym zna. Następny post o ścieżce do pliku będzie karany i to ostro.

[KoORNEL]

Haha uśmiałem sie. Pewnie pobrał z Neta nędzny program a nawet nie wiadomosc czy to umie.

 

Jednak priorytet wysoki oznacza to ze już z setki kopi ma i może podkradać ci dane

 

Bardzo nam pomoże CAŁY log z OTL wtedy poradzimy ci cóż robić.

Jeśli jednak nic nie wykryje zostaw to i odłącz komputer od Neta aż do czasu kiedy przyjdzie do ciebie informatyk razem z nim to usuniesz i moźe "oddasz" koledze jego "dzieło".

 

Polecam antyvirusy(ten co masz jest jednym z najgorszych on 3/4 virusow przepuszcza)

-Avast free (jeden z najlepszych z kategori darmowe

-Avast pro płatny i super

-Norton - co to są virusy?

[KaRRamb4]

Dzisiaj dodam logi z OTL a jutro skany.

 

@TrueFaith

 

Ja robie to co mi radzicie, ale każdy z was pisze co innego i już na prawdę się pogubiłem.

 

 

Proszę logi z OTL'a po szkole dodam skany:

 

 

OTL logfile created on: 2013-09-26 22:33:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Paweł\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,47% Memory free
4,00 Gb Paging File | 2,42 Gb Available in Paging File | 60,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 376,62 Gb Free Space | 80,86% Space Free | Partition Type: NTFS
Drive I: | 44,58 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JESTEMKOMPUTER | User Name: Paweł | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-09-26 22:32:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe
PRC - [2013-09-17 05:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013-08-02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013-07-23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
PRC - [2013-07-18 16:49:42 | 000,312,512 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013-07-18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013-07-18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013-07-18 16:49:24 | 000,995,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013-07-15 11:47:11 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013-06-21 11:52:52 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-06-21 11:52:51 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-06-21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-06-20 16:00:08 | 002,095,752 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe
PRC - [2013-02-26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-05-22 08:29:47 | 000,074,096 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe
PRC - [2012-05-22 08:29:45 | 000,032,112 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\zLoggingDaemon.exe
PRC - [2012-05-22 08:29:42 | 000,030,576 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\Cyfrowy Polsat MF821.exe
PRC - [2011-12-16 13:36:56 | 004,740,472 | ---- | M] (Redefine Sp. z .) -- C:\Program Files\RedApp\redApp.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2007-05-31 16:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe


========== Modules (No Company Name) ==========

MOD - [2013-09-17 05:21:27 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll
MOD - [2013-09-17 05:21:26 | 013,611,984 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
MOD - [2013-09-17 05:21:25 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
MOD - [2013-09-17 05:20:34 | 000,709,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
MOD - [2013-09-17 05:20:33 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\libegl.dll
MOD - [2013-09-17 05:20:31 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
MOD - [2012-05-22 08:29:47 | 000,074,096 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe
MOD - [2012-05-22 08:29:45 | 000,032,112 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\zLoggingDaemon.exe
MOD - [2012-05-22 08:29:42 | 000,030,576 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\Cyfrowy Polsat MF821.exe
MOD - [2011-04-12 12:54:16 | 000,010,240 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\select.pyd
MOD - [2011-04-12 12:54:13 | 000,126,976 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\pyexpat.pyd
MOD - [2011-04-12 12:54:09 | 000,087,040 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\_ctypes.pyd
MOD - [2011-04-12 12:53:44 | 000,043,520 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\_socket.pyd
MOD - [2011-02-27 18:13:34 | 000,110,080 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\pywintypes27.dll
MOD - [2011-02-26 20:02:26 | 000,354,304 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\pythoncom27.dll
MOD - [2011-02-26 20:00:00 | 000,167,424 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\win32gui.pyd
MOD - [2011-02-26 20:00:00 | 000,096,768 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\win32api.pyd
MOD - [2011-02-26 20:00:00 | 000,023,552 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\win32pipe.pyd
MOD - [2011-02-26 19:59:00 | 000,112,128 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\win32file.pyd
MOD - [2011-02-26 19:59:00 | 000,017,408 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\win32event.pyd
MOD - [2010-11-27 12:31:16 | 000,721,920 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\_ssl.pyd
MOD - [2010-11-27 12:31:14 | 000,057,344 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\_sqlite3.pyd
MOD - [2010-11-27 12:31:02 | 000,635,392 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\sqlite3.dll
MOD - [2010-05-14 12:22:00 | 000,467,456 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._aui.pyd
MOD - [2010-05-14 12:22:00 | 000,346,112 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._html.pyd
MOD - [2010-05-14 12:22:00 | 000,073,216 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._animate.pyd
MOD - [2010-05-14 12:22:00 | 000,065,024 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._media.pyd
MOD - [2010-05-14 12:21:00 | 000,674,816 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._misc_.pyd
MOD - [2010-05-14 12:21:00 | 000,395,776 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._grid.pyd
MOD - [2010-05-14 12:20:00 | 000,966,144 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._controls_.pyd
MOD - [2010-05-14 12:20:00 | 000,670,720 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._windows_.pyd
MOD - [2010-05-14 12:19:00 | 000,981,504 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._core_.pyd
MOD - [2010-05-14 12:19:00 | 000,746,496 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wx._gdi_.pyd
MOD - [2010-05-14 12:07:00 | 000,325,120 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wxmsw28uh_aui_vc.dll
MOD - [2010-05-14 12:06:00 | 003,164,672 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wxmsw28uh_core_vc.dll
MOD - [2010-05-14 12:06:00 | 000,727,552 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wxmsw28uh_adv_vc.dll
MOD - [2010-05-14 12:06:00 | 000,479,744 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wxmsw28uh_html_vc.dll
MOD - [2010-05-14 12:06:00 | 000,102,912 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wxmsw28uh_media_vc.dll
MOD - [2010-05-14 12:04:00 | 001,300,480 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wxbase28uh_vc.dll
MOD - [2010-05-14 12:04:00 | 000,122,368 | ---- | M] () -- C:\Cyfrowy Polsat\MF821\Bin\wxbase28uh_net_vc.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe -- (BrowserDefendert)
SRV - [2013-08-28 23:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-07-25 09:10:04 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-07-23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013-07-23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
SRV - [2013-07-18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013-07-18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013-07-09 23:21:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013-06-21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-06-20 16:00:08 | 002,095,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013-05-27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-02-26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007-05-31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013-09-26 08:29:15 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B33B7CA4-34D5-4832-A81F-935450ABF02D}\MpKsl0131ee63.sys -- (MpKsl0131ee63)
DRV - [2013-06-21 14:02:43 | 009,069,344 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-06-18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011-12-14 08:49:24 | 000,144,408 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\zgdcnet.sys -- (zgdcnet)
DRV - [2011-12-14 08:49:24 | 000,114,456 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\zgdcnmea.sys -- (zgdcnmea)
DRV - [2011-12-14 08:49:24 | 000,114,456 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\zgdcmdm.sys -- (zgdcmdm)
DRV - [2011-12-14 08:49:24 | 000,114,456 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\zgdcdiag.sys -- (zgdcdiag)
DRV - [2011-12-14 08:49:24 | 000,114,456 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\zgdcat.sys -- (zgdcat)
DRV - [2011-12-14 08:49:24 | 000,015,896 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter_LTE.sys -- (massfilter_lte)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-02-24 12:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=FEE300A0C6000000&affID=119357&tsp=4955
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=FEE300A0C6000000&affID=119357&tsp=4955
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=FEE300A0C6000000&affID=119357&tsp=4955
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Paweł\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)


[2013-08-14 19:06:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paweł\AppData\Roaming\mozilla\Extensions
[2013-07-26 18:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: AdBlock = C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (WebCake) - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files\Web Cake\WebCakeIEClient.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CancelAutoPlay.exe] C:\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe ()
O4 - HKLM..\Run: [CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}] "C:\Users\PAWE~1\AppData\Local\Temp\cisB91A.exe" --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82} File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [tuto4pc_pl_11] File not found
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [zLoader.exe] C:\Cyfrowy Polsat\MF821\Bin\zLoader.exe ()
O4 - HKCU..\Run: [WindowsUpdate] C:\Users\Paweł\PMUFN\KXNROHLEFU-MSPLN-ODPLWDEVBL.vbe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.2.96.53 212.2.96.54
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9397F9FB-F4AB-4E58-9563-D2CB3A250664}: DhcpNameServer = 212.2.96.53 212.2.96.54
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261519~1.190\{c16c1~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-11-19 03:33:04 | 000,179,736 | R--- | M] (ZTE Corporation) - I:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011-11-19 10:00:41 | 000,000,056 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2012-05-29 15:31:10 | 000,001,100 | R--- | M] () - I:\Autorun.xml -- [ CDFS ]
O33 - MountPoints2\{5fc73a6c-e883-11e2-9d3f-001a4d537cec}\Shell - "" = AutoRun
O33 - MountPoints2\{5fc73a6c-e883-11e2-9d3f-001a4d537cec}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2011-11-19 03:33:04 | 000,179,736 | R--- | M] (ZTE Corporation)
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2011-11-19 03:33:04 | 000,179,736 | R--- | M] (ZTE Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-09-26 22:32:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe
[2013-09-19 20:52:16 | 000,913,832 | ---- | C] (Oracle Corporation) -- C:\Users\Paweł\Desktop\chromeinstall-7u40.exe
[2013-09-19 20:50:37 | 000,000,000 | -H-D | C] -- C:\Users\Paweł\PMUFN
[2013-09-19 15:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu
[2013-09-19 15:09:45 | 000,000,000 | ---D | C] -- C:\Ravia.eu
[2013-09-14 20:12:50 | 000,000,000 | R--D | C] -- C:\Users\Paweł\Desktop\Malowidła
[2013-09-12 22:38:12 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013-09-12 22:38:10 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013-09-12 22:38:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013-09-12 22:38:09 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-09-12 22:38:08 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-09-12 22:38:07 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013-09-12 22:38:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013-09-12 22:38:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013-09-12 22:38:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013-09-12 22:38:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013-09-12 20:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013-09-12 20:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013-09-12 20:00:44 | 006,953,096 | ---- | C] (Microsoft Corporation) -- C:\Users\Paweł\Desktop\Silverlight.exe
[2013-09-12 18:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013-09-12 18:55:02 | 011,263,312 | ---- | C] (Microsoft Corporation) -- C:\Users\Paweł\Desktop\mseinstall.exe
[2013-09-12 18:54:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-09-12 14:15:00 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013-09-12 14:14:59 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013-09-12 14:14:58 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013-09-12 14:14:58 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013-09-12 14:14:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013-09-12 14:14:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013-09-12 14:14:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013-09-12 14:14:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-09-12 14:14:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013-09-12 14:14:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013-09-12 14:14:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013-09-12 14:14:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013-09-12 14:14:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013-09-12 14:14:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013-09-12 14:14:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013-09-12 14:14:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013-09-08 15:25:35 | 000,000,000 | -HSD | C] -- C:\Users\Paweł\Documents\MSDCSC
[2013-09-08 15:25:29 | 000,819,200 | ---- | C] (Microsoft Corporation ) -- C:\Users\Paweł\AppData\Roaming\qtzbksbxs.exe
[2013-09-06 23:07:10 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\dclogs
[2013-09-06 23:07:00 | 000,000,000 | -H-D | C] -- C:\Users\Paweł\PJSBQ
[2013-09-04 19:42:06 | 000,000,000 | ---D | C] -- C:\Users\Paweł\MacmillanHotSpot1
[2013-09-03 19:16:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2013-09-03 18:55:54 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2013-09-03 18:55:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2013-09-03 18:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013-09-03 18:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013-09-03 18:51:04 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Local\Comodo
[2013-09-03 18:51:00 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\Windows\System32\certsentry.dll
[2013-09-03 18:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2013-09-03 18:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013-09-03 15:29:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2013-09-03 15:27:13 | 034,249,488 | ---- | C] (Riot Games) -- C:\Users\Paweł\Desktop\LeagueofLegends_EUNE_Installer_06_17_13.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-09-26 22:32:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe
[2013-09-26 21:52:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-09-26 10:52:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-09-26 08:36:15 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-09-26 08:36:15 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-09-26 08:28:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-09-26 08:28:51 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2013-09-21 12:59:06 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-09-19 20:52:30 | 000,913,832 | ---- | M] (Oracle Corporation) -- C:\Users\Paweł\Desktop\chromeinstall-7u40.exe
[2013-09-19 20:50:36 | 001,587,876 | ---- | M] () -- C:\Users\Paweł\AppData\Roaming\pzxxissb.exe
[2013-09-19 15:12:23 | 000,000,599 | ---- | M] () -- C:\Users\Public\Desktop\Metin2 Ravia.eu.lnk
[2013-09-19 15:08:54 | 476,293,000 | ---- | M] () -- C:\Users\Paweł\Desktop\Ravia_GameClient_2013-08-17.exe
[2013-09-18 20:23:11 | 000,228,366 | ---- | M] () -- C:\Users\Paweł\Desktop\dscf2462.jpg
[2013-09-18 20:06:18 | 000,739,694 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-09-18 20:06:18 | 000,653,526 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-09-18 20:06:18 | 000,155,268 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-09-18 20:06:18 | 000,121,398 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-09-13 13:25:03 | 000,269,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-09-12 22:39:42 | 001,000,592 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2013-09-12 20:00:56 | 006,953,096 | ---- | M] (Microsoft Corporation) -- C:\Users\Paweł\Desktop\Silverlight.exe
[2013-09-12 18:58:19 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013-09-12 18:55:09 | 011,263,312 | ---- | M] (Microsoft Corporation) -- C:\Users\Paweł\Desktop\mseinstall.exe
[2013-09-12 18:52:22 | 000,181,411 | ---- | M] () -- C:\Users\Paweł\Desktop\dowod.jpg
[2013-09-10 20:39:20 | 001,677,636 | ---- | M] () -- C:\Users\Paweł\Desktop\B.R.O - Wspólne Niebo (prod. Tyssiak).mp3
[2013-09-08 15:25:30 | 000,819,200 | ---- | M] (Microsoft Corporation ) -- C:\Users\Paweł\AppData\Roaming\qtzbksbxs.exe
[2013-09-06 23:06:56 | 001,631,192 | ---- | M] () -- C:\Users\Paweł\AppData\Roaming\bttrllhio.exe
[2013-09-03 18:55:54 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2013-09-03 18:55:54 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2013-09-03 18:51:00 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\System32\certsentry.dll
[2013-09-03 15:29:12 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013-09-03 15:27:28 | 034,249,488 | ---- | M] (Riot Games) -- C:\Users\Paweł\Desktop\LeagueofLegends_EUNE_Installer_06_17_13.exe
[2013-09-02 17:09:38 | 000,000,212 | ---- | M] () -- C:\Users\Paweł\Desktop\Counter-Strike.url
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-09-19 20:50:14 | 001,587,876 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\pzxxissb.exe
[2013-09-19 15:12:23 | 000,000,599 | ---- | C] () -- C:\Users\Public\Desktop\Metin2 Ravia.eu.lnk
[2013-09-19 15:04:54 | 476,293,000 | ---- | C] () -- C:\Users\Paweł\Desktop\Ravia_GameClient_2013-08-17.exe
[2013-09-18 20:23:08 | 000,228,366 | ---- | C] () -- C:\Users\Paweł\Desktop\dscf2462.jpg
[2013-09-12 18:58:19 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013-09-12 18:57:35 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013-09-12 18:52:21 | 000,181,411 | ---- | C] () -- C:\Users\Paweł\Desktop\dowod.jpg
[2013-09-10 20:39:13 | 001,677,636 | ---- | C] () -- C:\Users\Paweł\Desktop\B.R.O - Wspólne Niebo (prod. Tyssiak).mp3
[2013-09-06 23:06:54 | 001,631,192 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\bttrllhio.exe
[2013-09-03 18:52:18 | 001,000,592 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2013-09-03 15:29:12 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013-09-02 17:09:37 | 000,000,212 | ---- | C] () -- C:\Users\Paweł\Desktop\Counter-Strike.url
[2013-07-26 12:47:41 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013-07-14 08:42:06 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013-07-14 08:39:35 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013-07-11 02:37:12 | 000,139,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013-07-11 02:37:03 | 000,138,904 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\PnkBstrK.sys
[2013-07-11 02:36:41 | 000,298,584 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2013-07-11 02:36:35 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013-07-09 20:35:14 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013-07-09 20:35:14 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2013-07-09 13:07:45 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013-07-09 13:07:45 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013-07-09 13:07:45 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum

========== ZeroAccess Check ==========

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

 

 

 

Jeszcze jakieś Extras logi ;d

 

OTL Extras logfile created on: 2013-09-26 22:33:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Paweł\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,47% Memory free
4,00 Gb Paging File | 2,42 Gb Available in Paging File | 60,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 376,62 Gb Free Space | 80,86% Space Free | Partition Type: NTFS
Drive I: | 44,58 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JESTEMKOMPUTER | User Name: Paweł | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12561830-565C-4E3C-8540-02F5DD272A1F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{233A0CCD-FB08-41D5-8148-1985CDF24078}" = lport=139 | protocol=6 | dir=in | app=system |
"{2521545B-7BD3-4B34-85D5-F816E0471999}" = rport=10243 | protocol=6 | dir=out | app=system |
"{256D9A73-792C-4C09-8E54-FABB31870855}" = rport=139 | protocol=6 | dir=out | app=system |
"{2CD4C5BD-3E17-40C2-A0BF-F76B827A6A6B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2E694EE5-AF5E-40DE-9FD8-F04C6D94507F}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{2F9B68C7-7D08-46F9-80C6-8A8AACCB7CE5}" = rport=445 | protocol=6 | dir=out | app=system |
"{3B7F1469-DD6F-482C-AACE-3D8D2E27CFAD}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{3E3861F6-2F3D-4949-BABB-2F779C706515}" = lport=56743 | protocol=6 | dir=in | name=pando media booster |
"{44A4AFD6-E56D-4104-99A9-A9878112AE7F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4BC8F119-ABAF-4D02-87EC-C7FF0A5ABBCE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5965CBCB-D09D-4EB9-80F3-F8D35AEE1AC3}" = rport=137 | protocol=17 | dir=out | app=system |
"{65C98B93-F7C8-43BC-AA48-D7E474A627C9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67F8D676-F485-44BE-AA8E-C8DB629DF0AD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6CC49297-E9DB-4169-89D8-683DBA23CDA8}" = lport=56743 | protocol=17 | dir=in | name=pando media booster |
"{6E28E3BC-8F9E-4599-BB1D-5AAA92D169C1}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{7357DE2C-49E1-44D6-BA91-F8111D9DCA1C}" = lport=138 | protocol=17 | dir=in | app=system |
"{7AAA28B9-BC6F-411F-B219-E99F4D9ED46D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{89FDFD49-BC8E-4D03-9878-C768B5AA8972}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B685154-9F8F-42CA-8EE7-D39BB4B33030}" = lport=56743 | protocol=17 | dir=in | name=pando media booster |
"{8C3BB677-B321-45BA-AE5A-8FE215934A29}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{983D39F3-6434-485D-AE3E-DBB6A8DD1590}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{98C929F2-D14D-4F53-997B-8DAB82B2DB4C}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{9A9C7202-F634-43FE-A648-6F16C0833A7A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{A876A869-C798-4151-BD76-BE39DE6DBB16}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{AB393C12-E5D5-4AC3-8AE8-926234091249}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFE4D818-5877-415B-A58E-DDA47CCBC4D3}" = lport=137 | protocol=17 | dir=in | app=system |
"{B44E63AA-02D2-4680-9E98-FA47C9329CB0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B52103F9-EFB1-4F84-8714-269CC3ED3518}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B64E8A51-A14E-40AC-861A-B6CA89EF5CCB}" = lport=445 | protocol=6 | dir=in | app=system |
"{BD89DC20-2BF7-4C37-AA74-76F1EFFC240C}" = rport=138 | protocol=17 | dir=out | app=system |
"{BF8F4B33-6041-43A2-B79E-04EAE6361E3E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C4A9CBE3-56A1-4DD1-BE57-AFAE313E0AC1}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{E5F06FAF-4DAF-4C43-B0C6-EA168D831F34}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{EFC9C5B4-5F01-4AFC-B569-B63C0109006F}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{F0CF6316-B5E7-4D6E-B2B7-C9CDE13E4F31}" = lport=56743 | protocol=6 | dir=in | name=pando media booster |
"{FA45FD99-849C-4271-827C-85AA666C1B8C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0011E336-7439-4A53-933F-83E444D5603C}" = dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{02C6A014-8048-457D-8C02-32833E014B02}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"{128A41D2-D455-4D6E-8285-D96F0FFEE198}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe |
"{1846C9AB-5FB4-475D-B7D6-D967CCA13BA7}" = protocol=6 | dir=in | app=c:\far cry 2\bin\fc2launcher.exe |
"{1B995C78-AAD0-4BBE-8259-8AFCD90C529B}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1DCF9960-638B-4EC7-99EF-DB37F0AE1353}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{1E82563F-9890-4231-8E26-FD7EDA38075B}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{26F244D2-D2C4-4E26-9CB4-C881EF59EAC8}" = protocol=6 | dir=in | app=c:\far cry 2\bin\farcry2.exe |
"{27AA8CC1-15E7-42AC-96F6-4C499A08F142}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{28719339-28DF-4D12-924C-A68D37620195}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{2A45A37A-A4DB-4CED-BB76-B5BFFC5F3CC4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E6EDB6D-C03B-419D-AAFE-8D6B0B320D6C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{328CC441-6720-4058-BBB3-A13104E69666}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{34DFEE9E-C2BD-4EDD-8150-EDF426145222}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37FB20AD-91D5-4588-954E-EEBF7DA66791}" = protocol=6 | dir=in | app=c:\users\paweł\appdata\roaming\utorrent\utorrent.exe |
"{3A6504BA-C4C3-4E69-B0BC-DFC156D87CCD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A7FCF0C-D8AF-4ADF-AB55-FD2E2DD6FE70}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3D66BE37-A091-4EB8-BF01-FC10629D5823}" = protocol=6 | dir=in | app=c:\flat out\fouc.exe |
"{3EF9C489-9645-4758-8B6F-A9D199D1CA1E}" = protocol=58 | dir=in | [email protected],-28545 |
"{41811A2F-EAE2-4072-8DED-8650CD6A84B8}" = protocol=6 | dir=out | app=system |
"{41F6FC4F-F7DA-43D8-990D-414FD2ED325D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{46F23A1B-4800-4281-BD91-792363E22D74}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4BE94219-5A36-46F6-9542-A1590A328F22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4BF6B470-AEEF-48E6-A4B0-C9F2F98DF2D8}" = protocol=17 | dir=in | app=c:\flat out\fouc.exe |
"{51D2246C-771E-4BB6-A142-CDD8E5F8C61E}" = protocol=6 | dir=in | app=c:\far cry 2\bin\fc2editor.exe |
"{5AB9EFFD-DA01-4455-B053-DED1549700CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{628CCC37-E60B-4AE6-B5C7-0D168E2F6AA7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6A0DCBC5-2E79-44CC-BBC5-04821AC71C88}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{747BA168-A037-41D0-BA2F-CA06E30551F3}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe |
"{78A3F693-D085-405B-91B7-C192A54C9D6F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79C998B2-D321-4ED3-8E6C-863E4C21A2B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D033970-A45B-49B9-BB20-943AB1F335F0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe |
"{7F59FB3C-3A05-4748-A4C3-72EE925A1A7B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{88851322-631D-4E57-89D4-F2F73347C87A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{921FF611-155E-4A4C-AFBB-B5CAEDA594F4}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{96F0EFC6-9829-4AEF-BA5E-580458063283}" = protocol=17 | dir=in | app=c:\far cry 2\bin\fc2launcher.exe |
"{9F54109A-1A53-4724-8FB8-94B3EF73CDC9}" = protocol=17 | dir=in | app=c:\far cry 2\bin\fc2editor.exe |
"{9FAB28BF-D584-4CB0-9213-0C7627C6F88B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\half-life\hl.exe |
"{A0F38937-2FFE-4732-8CAE-2B726F350CD9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A48DF63F-9494-42D0-AC01-19232557C851}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe |
"{A7A111C3-6DE3-4BF5-AD93-5CEF334BBE1A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{AE09016E-8F4E-463D-996F-617CF69D7955}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{AF9D611D-982E-4FF5-A6FA-9660C53B8AA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2E41C9F-09E3-4ABE-A45C-A87989339267}" = protocol=17 | dir=in | app=c:\far cry 2\bin\farcry2.exe |
"{BB3D4703-320C-4E16-8C3C-EFE6837B877D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BCA3A222-379A-4638-9F17-91D96D7F5255}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{BD7B1A7F-8906-4D8E-AC81-C839AD6099B4}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"{CE0409CF-D3FE-4643-A121-7EF112034161}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{D1857186-CB6F-4B99-BFD5-0E23CD173D8D}" = protocol=1 | dir=in | [email protected],-28543 |
"{D5317755-66C6-463E-A8D2-2CF769024672}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\half-life\hl.exe |
"{D6FAD3BC-E34C-479B-BD17-F71A816658B8}" = protocol=58 | dir=out | [email protected],-503 |
"{E969100F-03D3-4B54-81D5-77C32C6B3720}" = protocol=1 | dir=out | [email protected],-28544 |
"{EEF573E0-7DBA-461C-802B-8409BA20D6DA}" = protocol=17 | dir=in | app=c:\users\paweł\appdata\roaming\utorrent\utorrent.exe |
"{FC331899-73CF-42D5-B332-8B4707661C3E}" = protocol=58 | dir=out | [email protected],-28546 |
"{FD98DF9D-4F12-4D98-B03E-937E660EF22C}" = protocol=58 | dir=in | app=system |
"{FE638960-C35C-4D45-9B1B-BBB768CC9DBE}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{0398157D-D749-4793-8246-2EF3E9041A89}C:\ravia.eu\game" = protocol=6 | dir=in | app=c:\ravia.eu\game |
"TCP Query User{0A989937-0ADF-463B-9319-C90B90762748}C:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe" = protocol=6 | dir=in | app=c:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe |
"TCP Query User{270834A6-C111-4B70-AE76-08BB2E398B32}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{68724C59-7875-4C90-80C0-356F567B40F3}C:\neverwinter\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=c:\neverwinter\neverwinter\live\gameclient.exe |
"TCP Query User{785CBB7D-051C-41AF-9D39-9F5D40B84D23}C:\dirt\dirt.exe" = protocol=6 | dir=in | app=c:\dirt\dirt.exe |
"TCP Query User{9CB93F6B-2D6B-4A56-9A5F-84163C4C3F6E}C:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0021_dcaf1d5f83ef35d0\launcher.exe" = protocol=6 | dir=in | app=c:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0021_dcaf1d5f83ef35d0\launcher.exe |
"TCP Query User{BDC681DE-2999-4A48-9093-FD8F4A8D8C33}C:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe" = protocol=6 | dir=in | app=c:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe |
"TCP Query User{C17814CD-5ADD-4BD1-AF2D-781C44FB2899}C:\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\world_of_tanks\worldoftanks.exe |
"TCP Query User{DE7BFF1A-753E-4262-8893-8CFF104AB7C4}C:\Program Files\allmediaserver\mediaserver.exe" = protocol=6 | dir=in | app=c:\program files\allmediaserver\mediaserver.exe |
"TCP Query User{ED51ED08-213C-4317-BE19-4809B5D6BE70}C:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0021_75874090487f0510\launcher.exe" = protocol=6 | dir=in | app=c:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0021_75874090487f0510\launcher.exe |
"TCP Query User{F1532E88-A608-49D8-B7E5-A07C5203DD37}C:\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\world_of_tanks\wotlauncher.exe |
"TCP Query User{FEF548D8-24B6-48F5-B3D0-8F635E1D226D}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"UDP Query User{0D03918F-9A82-4BE5-8361-170206299F03}C:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0021_75874090487f0510\launcher.exe" = protocol=17 | dir=in | app=c:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0021_75874090487f0510\launcher.exe |
"UDP Query User{280375C0-5EE0-4CB0-9FDC-C47DCD4BA9BF}C:\Program Files\allmediaserver\mediaserver.exe" = protocol=17 | dir=in | app=c:\program files\allmediaserver\mediaserver.exe |
"UDP Query User{3AE762B1-BCDB-4C1A-A510-A36A329DC545}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{3E22A607-BE5F-46C6-8482-7395A050DFAF}C:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe" = protocol=17 | dir=in | app=c:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe |
"UDP Query User{46C538DF-707E-4AF7-9C78-BDF48BCCAD5D}C:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0021_dcaf1d5f83ef35d0\launcher.exe" = protocol=17 | dir=in | app=c:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0021_dcaf1d5f83ef35d0\launcher.exe |
"UDP Query User{496A6CA5-2A5F-440B-ACF2-2BB2BF43DB4F}C:\ravia.eu\game" = protocol=17 | dir=in | app=c:\ravia.eu\game |
"UDP Query User{6A848E40-5F5B-4ED0-B455-5CDCF90FBD0F}C:\dirt\dirt.exe" = protocol=17 | dir=in | app=c:\dirt\dirt.exe |
"UDP Query User{7A0E0D93-29AE-4050-BD34-956AF6F4B26E}C:\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\world_of_tanks\worldoftanks.exe |
"UDP Query User{82BFD7C7-F4A1-4327-9279-2D2F1664FBC7}C:\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\world_of_tanks\wotlauncher.exe |
"UDP Query User{86953449-740A-44B8-8E55-8E69A2A8C2A4}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"UDP Query User{AF23D9B5-1AD7-41F4-B040-9F48444EF663}C:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe" = protocol=17 | dir=in | app=c:\users\paweł\appdata\local\apps\2.0\d4ytlkx2.caq\zd3zjgoa.8p0\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe |
"UDP Query User{BCB229BC-878C-4F1C-8346-D434C31B298A}C:\neverwinter\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=c:\neverwinter\neverwinter\live\gameclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}" = ZTE LTE Device USB Driver
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0DB8297A-4903-4D60-B8A8-BF9B59DA2DFB}" = HP Deskjet 1050 J410 series — podstawowe oprogramowanie urządzenia
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserDefender
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{27D28586-BEF1-4E06-8787-3B1FC3A41489}" = Cyfrowy Polsat MF821
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{41A1E44F-EE3C-4964-A9A3-3079FFFC9A16}" = HP Deskjet 1050 J410 series — badanie mające na celu poprawę produktów
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{59D268DF-CCA9-44C5-8F96-2E51BB34C829}" = Microsoft Security Client
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Pomoc
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{912A2205-1E54-3CE5-A1EB-997B64A0B539}" = Microsoft .NET Framework 4.5 PLK Language Pack
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI - Polish
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = Web Cake 3.00
"{D322A9E3-758B-4D60-A7C4-65C88FD378D0}" = Bing Bar
"{E77DA909-3532-4C95-AFEB-06310E88462A}" = System Requirements Lab CYRI
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ALLPlayer_is1" = ALLPlayer V5.X
"Comodo Dragon" = Comodo Dragon
"Drakensang Online" = Drakensang Online
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"League of Legends 3.0.1" = League of Legends
"Microsoft Security Client" = Microsoft Security Essentials
"Neverwinter" = Neverwinter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"Ravia.eu" = Ravia.eu
"RedApp" = RedApp 1.0
"Speccy" = Speccy
"Steam App 10" = Counter-Strike
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tux Paint_is1" = Tux Paint 0.9.21c
"UltraISO_is1" = UltraISO Premium V9.53
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"Wildlife Park 3_is1" = Wildlife Park 3 v1.07
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"d8be6c3f847d7d92" = Ghost Recon Online (EU)
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2013-09-23 12:55:32 | Computer Name = JestemKomputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 29.0.1547.76,
sygnatura czasowa: 0x4fd0cff9 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja:
6.1.7601.18229, sygnatura czasowa: 0x51fb10c6 Kod wyjątku: 0x0eedfade Przesunięcie
błędu: 0x0000812f Identyfikator procesu powodującego błąd: 0x1088 Godzina uruchomienia
aplikacji powodującej błąd: 0x01ceb87db65ee7cd Ścieżka aplikacji powodującej błąd:
C:\Program Files\Google\Chrome\Application\chrome.exe Ścieżka modułu powodującego
błąd: C:\Windows\system32\KERNELBASE.dll Identyfikator raportu: f4d31b03-2470-11e3-9b75-00a0c6000000

Error - 2013-09-24 08:29:14 | Computer Name = JestemKomputer | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 2013-09-24 09:20:34 | Computer Name = JestemKomputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\HP\HP
Deskjet 1050 J410 series\DriverStore\Pipeline\amd64\hpinkins8911.exe". Nie można
odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2013-09-24 13:46:08 | Computer Name = JestemKomputer | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 2013-09-24 14:16:36 | Computer Name = JestemKomputer | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 2013-09-25 09:21:57 | Computer Name = JestemKomputer | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 2013-09-25 14:24:19 | Computer Name = JestemKomputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\HP\HP
Deskjet 1050 J410 series\DriverStore\Pipeline\amd64\hpinkins8911.exe". Nie można
odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2013-09-26 03:48:23 | Computer Name = JestemKomputer | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 2013-09-26 04:12:16 | Computer Name = JestemKomputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\HP\HP
Deskjet 1050 J410 series\DriverStore\Pipeline\amd64\hpinkins8911.exe". Nie można
odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2013-09-26 04:36:46 | Computer Name = JestemKomputer | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ System Events ]
Error - 2013-09-25 15:21:03 | Computer Name = JestemKomputer | Source = DCOM | ID = 10005
Description =

Error - 2013-09-25 15:21:03 | Computer Name = JestemKomputer | Source = DCOM | ID = 10005
Description =

Error - 2013-09-25 15:21:03 | Computer Name = JestemKomputer | Source = Service Control Manager | ID = 7001
Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
w sieci, której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2013-09-25 15:21:04 | Computer Name = JestemKomputer | Source = Service Control Manager | ID = 7001
Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
w sieci, której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2013-09-25 15:21:04 | Computer Name = JestemKomputer | Source = Service Control Manager | ID = 7001
Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
w sieci, której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2013-09-25 15:21:04 | Computer Name = JestemKomputer | Source = Service Control Manager | ID = 7001
Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
w sieci, której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2013-09-25 15:21:04 | Computer Name = JestemKomputer | Source = Service Control Manager | ID = 7001
Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
w sieci, której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2013-09-25 15:21:04 | Computer Name = JestemKomputer | Source = Service Control Manager | ID = 7001
Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
w sieci, której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2013-09-25 15:45:56 | Computer Name = JestemKomputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi BrowserDefendert z powodu następującego
błędu: %%2

Error - 2013-09-26 02:29:03 | Computer Name = JestemKomputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi BrowserDefendert z powodu następującego
błędu: %%2


< End of report >

 

 

Na razie hasła wpisuje z ekranowej, bo siusiak wie co to za gówno, ale format to ostateczność ostateczności jeśli już naprawde nie będzie dało się nic zrobić... (Ten ,,kumpel" mówi ze jak zrobie formata to i tak mi się to wgra, da się tak wogóle ?)

[natan1234]

ściągasz dr web cure it i zainstalujesz i dostaniesz keya potem wyłączasz komputer włączasz i klikasz f8 i powinno być tryb awaryjny wybierasz tryb awaryjny ładuje ładuje sie itd wchodzisz i skanujesz dr web cure it i na 99% znajdzie i usunie

[KaRRamb4]

Więc tak, dr web cure it zeskanowałem tym na awaryjnym, wykryło jakieś gówna usunołem. Wchodze na normalny tryb dla pewnosci zeskanowałem raz jeszcze, nic nie wykryło. Zeskanowalem moim antywirusem i dalej mam tego Fynloski. Dalej mi go wykrywa

[Janusz.]

znasz nazwę zarażonego pliku? jeśli tak to podaj, będzie mi go łatwiej usunąć.

[TrueFaith]

Dr.webem w opcjach zaznaczone wszystko co się dało czy jak było tak skanował ? Powinien wykryć takie coś skoro jakiś pospolity antywir to wykrywa. W razie niepowodzenia zawsze zostaje format, tylko dokładnie go zrób. Zawsze możesz zacząć od np. pogadania z nim lub z rodzicami, w razie by nie poskutkowało to zostaje policja.

 

https://www.google.pl/search?q=Fynloski&rlz=1C1CHXU_plPL551PL551&oq=Fynloski&aqs=chrome..69i57j0l5.3085j0&sourceid=chrome&espvd=210&es_sm=122&ie=UTF-8

 

tu poszukaj coś na ten temat, ludzie zalecają combofixa, w ostateczności możesz spróbować

[Janusz.]

z tego co w necie wyczytałem Fynlowskiego usuwa ComboFix. także użyjesz go (nie musisz się bać że ci zepsuje system, wystarczy że zrobisz to co Ci napiszę.)

 

Pobierasz ComboFixa ze strony

http://www.bleepingcomputer.com/download/combofix/

następnie gdy już go pobrałeś wyłączasz wszystkie programy, antywirusy etc etc.. nic nie może być włączone! ComboFix musi mieć spokój ;-) jeśli wyłączyłeś wszystko co się dało włącz ComboFix.exe po włączeniu Combo powinien utworzyć konsole przywracania systemu. po tym pokaże ci się niewielkich rozmiarów niebieskie okienko a w nim nic ciekawego nie znajdziesz oprócz "Ukończono Etap 1. "Ukończono Etap 2. itd itd. po skanowaniu Combofix automatycznie zrestartuje komputer. po włączeniu powinno być to same okienko i napis informujący Cię o tym że comofix robi logi i że masz go nie wyłączać. jeśli zrobi logi wszystko powinno Ci się uruchomić. log standardowo wrzucasz na wklej.to.

miłej zabawy ^.^

[KaRRamb4]

Uwaga, jest dziwny problem ;D skaowałem tym malwarabetys anti-malware i wyszukało mi jakoś 30 rzeczy. Usunołem je ale moj antywirus dalej widzi fynloskiego... Czy to nie przypadkiem błąd mojego antywirusa? ;x

 

Troche sie boje tego combofixa, kto mi potem te logi sprawdzi i usunie tego wirusa? ;x

[Janusz.]

Nie. skoro go wykrywa to znaczy że tam jest. zrób to combofixem i wtedy będę pewny.

@up ComboFix nie jest groźny jeśli używa się go z głową. on sam usunie ci tego wirusa.

będziesz robił to skanowanie czy nie? bo nie chce mi się na darmo czekać.

[KaRRamb4]

Ymm... Zrobiłem dla pewnośći jeszcze raz skan tymi antywirusami co mi TrueFaith podał i przed tym combo fixem sobie zeskanowałem moim antywirusem i... jest czysto Więc chyba wyjebałem te ścierwo z mojego komputera... Jeszcze dla 100% pewnosci dam pełne skanowanie

[natan1234]

a teraz nazłość żeby debil sie wziął na nauke a nie ściągnie haxow idź na policje pokaż ss z gg czy tam gdzie z nim gadałeś

[KaRRamb4]

On mówi ze używa jakiegoś VPN i mu nikt nie podskoczy, nikt go nie znajdzie... nawet policja nie da rady

[orkin]

Znajdą

Jego VPN napewno gromadzi logi.

Skoro pisałeś z nim na Fejsie to znasz jego nazwisko i adres więc po co VPN?

[Janusz.]

gówno prawda. widać że to jakiś dzieciak i pseudo hacker. zanieś zdjęcia z rozmów na policje i niech się obsra pacan.

[natan1234]

Prze to gówniarz jest człowieku wystarczy ze mu policja weźmie dysk i już ma pozamiatane on nawet nie będzie wiedział co to nakaz jak mu policja zapuka do drzwi to sie zesra sie w gacie

[CharliezY]

Usuń Jave Znajdz scieżke z virusem zainstaluj pande (antywirus) i pozniej rejestr ccleaner i po klopocie macie problemy.

[KaRRamb4]

A jest możliwe żeby on mi wjebał wirusa bez niczego? Po prostu od tak? Bo on mówi że on może każdemu wsadzić kiedy tylko chce i nic nie musi otwierac. I mówi też, że zrobł wirusa (sam go zaprogramował) ze widzi moj ekran, kamerke moze mi sterować wszystkim pisać itp. hahah to możliwe wogole?

[Janusz.]

ile ten typ ma lat? 10? błagam.. zobaczył na yt jak się hakuje komputery przez cmd i się dzieciak cieszy. nie jest to możliwe. chyba że wejdziesz na jakąś zarażoną stronę, z tej strony samo pobierze ci jakiegoś wirusa (jakiegoś downloadera czy coś) i dopiero wtedy może coś ci tam wrzucić.

[KaRRamb4]

No ostatnio dawał mi jakąś strone (która sam stworzyl, prosil o ocene) i tam była prośba o odpalenie javy... Jak dałem uruchom to mi się ściągnął jakiś plik, może wtedy mi to gówno wjebał...

[Janusz.]

no to widzisz. pseudo hacker i tyle. jeśli ta strona nadal istnieje możesz zgłosić to na policję (poprzyj to dowodami np. ss'y z rozmów na fb czy na czym wy tam gadaliście)

[KaRRamb4]

Ok można zamknąć Problem rozwiązany, komputer czysty. Dziękuje wszystkim za pomoc, bardzo mi pomogliście... Jeszcze raz dzięki i pozdrawiam ;D