Skocz do zawartości

  • 👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz
  • 0

Problem virus

Liszowski321

Pytanie zadane przez Liszowski321 ,

Pytanie

Liszowski321 Pasjonat

Liszowski321

Opublikowano
Pasjonat

Liszowski321

Opublikowano

Your computer has been locked by Poland Anti-Cybercrime on 2014-07-17. It has been locked because you viewed or downloaded something illegal for Poland laws. Illegal content has been viewed with Chrome. For unlocking your PC you must complete an easy survey. If you don't complete it you will get fined for x10 Microsoft Windows 7 Home Premium copy. 

 

Wie ktoś o co chodzi? żadne combo fixy, w procesach piszę opis "BOL CC" Nie wiem jak się tego pozbyć.. antyvirus nie wykrywa programu żadnego..Wygooglowałem a tu jak pozbyć się zablokowań na stronach. Dodaje że takie gówno wyskoczyło mi po pobraniu jakiejś dlki z BOLA Po restarcie albo się nie włącza albo wyskakują mi 2 okienka z cmd.. za dobrą pomoc oczywiście plus :)

22 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Liszowski321 Pasjonat

Liszowski321

Opublikowano
Pasjonat

Liszowski321

  • Autor
Opublikowano

Skoro podejrzewasz wirusa to te logi Ci pomogą.

No ok.. mam tego wirusa przeskanowałem tym pierwszym programikiem 3 notatniki mi się włączyły teraz robię skan tym drugim programikiem zabardzo nie rozumiem co jest w tych notatnikach, tzn wiem że tam jest to co robiłem,właczałem itd ale nie wiem co to ma doczynienia z virusem nie chce mi sie tego szukaćxD

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

Te notatniki, a głównie zawartość pokazuje mi co masz w tej chwili uruchomione, co instalowałeś w ostatnich XX dniach, co pobrałeś w ostatnich XX dniach itd itd.

Liszowski321 Pasjonat

Liszowski321

Opublikowano
Pasjonat

Liszowski321

  • Autor
Opublikowano

zrób przywrócenie systemu mi pomogło :),miałem to samo

Nie mam zamiaru robić przywracania żadnego systemu nie chce mi się z tym patroszyć

 

Te notatniki, a głównie zawartość pokazuje mi co masz w tej chwili uruchomione, co instalowałeś w ostatnich XX dniach, co pobrałeś w ostatnich XX dniach itd itd.

Wiem tylko nie chce mi się w nich szukać bo ja jestem w nich totalnie zielony, jbc, to teraz tego virusa nie mam bo go wyłączyłem z procesów, Opis jego procesu miał "BOL CC"

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

No tak, ale te logi są dla mnie. To że Ty nie rozumiesz co jest w nich napisane to nic dziwnego :D Podeślij mi te logi (daj je do spoilera, albo wklej każdy osobno na jakąś stronę np. wklej.to)

Liszowski321 Pasjonat

Liszowski321

Opublikowano
Pasjonat

Liszowski321

  • Autor
Opublikowano

okok daj mi chwilę bo zresetowałem komputer i to gówno już ma tak PROSESY: Po zresetowaniu komputera Cały czas to gówno chcę żebym nacisnął TAK Przy włączaniu cmd.spam

 

NAZWA : 7z72uuox

Opis BOL CC

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by Adus at 2014-07-18 12:11:14
Running from C:\Users\Adus\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Counter-Strike 1.6 v48 (HKLM-x32\...\Counter-Strike 1.6) (Version: v48 - CSSetti.pl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Deal Keeper (HKLM\...\Deal Keeper) (Version: 2014.07.17.190627 - Deal Keeper)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Sterownik graficzny 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OpenFM (HKCU\...\OpenFM) (Version: 2 - GG Network S.A.)
Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Oxy updater (HKCU\...\{790875CA-153F-49F0-AAC8-C403494239A1}) (Version:  - AGILITY)
Panel sterowania NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
Razer Comms (HKLM-x32\...\Razer Comms) (Version: 2.0 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.08 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
16-07-2014 10:07:04 Installed League of Legends
16-07-2014 18:49:26 Usunięte Atheros Communications Inc.® AR81Family Gigabit/Fast Ô
17-07-2014 16:18:12 Windows Update
17-07-2014 18:51:00 Installed SpyHunter
17-07-2014 18:54:33 Removed SpyHunter
 
==================== Hosts content: ==========================
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {00CAAA14-4241-4748-9C4F-D930B5395B22} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-4 No Task File <==== ATTENTION
Task: {013A38DC-5304-40E1-8EE7-BB049BF10F75} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-11 No Task File <==== ATTENTION
Task: {07790E51-4793-4F1B-A416-CA922A07A1B5} - System32\Tasks\uv4wt2o => C:\Windows\system32\bhib19yc\7z72uuox.exe
Task: {07FD24E7-848C-47D7-A087-82C177C015B9} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {0970B9D9-998D-4AD6-8546-A2525FA35BFC} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {1EA6847A-8F51-4419-B14C-5B965A6D524A} - \Oxy No Task File <==== ATTENTION
Task: {37D04B84-D5FB-49AD-A5CF-DF7C41B8FDAD} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {38F52383-9358-4714-8690-52AAB7122753} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-6 No Task File <==== ATTENTION
Task: {3B50D089-023F-44EE-8047-B097400BCD82} - \WinThruster_UPDATES No Task File <==== ATTENTION
Task: {3D50105E-79F7-443E-BDE0-A70C8564D191} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-5 No Task File <==== ATTENTION
Task: {3E0AE516-4A25-45C7-B526-F2846373269D} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {3F9DE0FF-D556-4BD0-B5D5-B3E063C4341C} - System32\Tasks\{DF5053D0-0774-454E-B507-D5925191FB1B} => C:\Program Files\CS 1.6\Counter-Strike 1.6\hl.exe
Task: {4D974C49-D0E8-4843-976D-7F87CB88ABD1} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {5315C3CC-A899-4A8A-ACC9-E335F59936D8} - \RegClean Pro No Task File <==== ATTENTION
Task: {5B819CA1-087C-4010-9D51-6E58C8C643F4} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-1 No Task File <==== ATTENTION
Task: {5D2F1F77-843A-4827-810C-451385327F5F} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-3 No Task File <==== ATTENTION
Task: {6194E960-F951-4B25-9621-2FDCFB6389F2} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-7 No Task File <==== ATTENTION
Task: {78D2A941-AAE1-413C-BF4A-D0D9AD2FFA74} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {80173D59-1056-4811-858F-DAA62E88C90D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {80ADEBC3-445A-485F-9AAA-3AC64549C2B7} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {9B3A9C9C-B043-4D13-A898-B69B60B017A2} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-2 No Task File <==== ATTENTION
Task: {9B95E109-2115-4787-B5EC-151865D2451A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-11] (Google Inc.)
Task: {A3F7A545-B589-48E8-BE62-7805784D7F73} - \BlockAndSurf_wd No Task File <==== ATTENTION
Task: {B53EAB2A-900F-47DE-B5B2-AC5526EB415D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-11] (Google Inc.)
Task: {CFA3544F-EF06-46F1-A530-ECD13EB6FC4B} - System32\Tasks\{055D65F3-55AE-4120-9F7C-D2614CD10D5C} => C:\Riot Games\League of Legends\lol.launcher.exe
Task: {D2DD50C5-08FE-4026-B0F6-C8473D6BA6BF} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {EED87991-4C53-4516-A25E-82419522ACB0} - \WinThruster_DEFAULT No Task File <==== ATTENTION
Task: {F48B23A0-E4A6-424A-BDD7-13E702C79918} - \WinThruster No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-06-11 15:01 - 2013-10-29 01:38 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-29 02:04 - 2014-05-29 02:05 - 00175296 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-07-18 11:42 - 2014-07-18 11:42 - 00321824 _____ () C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe
2014-07-17 21:06 - 2014-07-18 11:43 - 00321824 _____ () C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe
2014-07-18 11:43 - 2014-07-09 16:34 - 00287008 _____ () C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.PurBrowse64.exe
2014-06-11 14:11 - 2011-12-16 06:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-03 11:53 - 2014-06-03 11:53 - 00028496 _____ () C:\Program Files (x86)\Razer\Comms\RzCommsInGameApplet\RzCommsInGameApplet.exe
2014-07-18 11:43 - 2014-07-18 03:14 - 00096544 _____ () C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.BrowserAdapter.exe
2012-03-23 12:15 - 2012-03-23 12:15 - 00988160 _____ () C:\Program Files (x86)\Razer\Comms\libssh2.dll
2012-03-02 10:23 - 2012-03-02 10:23 - 00577621 _____ () C:\Program Files (x86)\Razer\Comms\sqlite3.dll
2014-01-07 00:19 - 2014-01-07 00:19 - 34755072 _____ () C:\Program Files (x86)\Razer\InGameEngine\32bit\libcef.dll
2014-06-03 11:40 - 2014-06-03 11:40 - 00359936 _____ () C:\Program Files (x86)\Razer\Comms\RzCommsInGameApplet\RzCommsInGameApplet.dll
2014-01-07 00:19 - 2014-01-07 00:19 - 00970240 _____ () C:\Program Files (x86)\Razer\InGameEngine\32bit\ffmpegsumo.dll
2014-07-18 11:43 - 2014-07-18 03:14 - 00183584 _____ () C:\Program Files (x86)\Deal Keeper\bin\DealKeeperBAApp.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-12 12:15 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Adus\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
Name: Podstawowe urządzenie systemowe
Description: Podstawowe urządzenie systemowe
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Podstawowe urządzenie systemowe
Description: Podstawowe urządzenie systemowe
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Podstawowe urządzenie systemowe
Description: Podstawowe urządzenie systemowe
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
Description: {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: BCM20702A0
Description: BCM20702A0
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Kontroler Ethernet
Description: Kontroler Ethernet
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/18/2014 11:53:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program 7z72uuox.exe w wersji 52.808.569.873 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.
 
Identyfikator procesu: 16cc
 
Godzina rozpoczęcia: 01cfa26dee3a2bc9
 
Godzina zakończenia: 2
 
Ścieżka aplikacji: C:\ProgramData\bhib19yc\7z72uuox.exe
 
Identyfikator raportu:
 
Error: (07/18/2014 11:37:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0
 
Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0
 
Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0
 
Error: (07/17/2014 09:00:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0
 
Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0
 
Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0
 
Error: (07/17/2014 08:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (07/18/2014 11:37:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
 
Error: (07/17/2014 09:00:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
 
Error: (07/17/2014 08:34:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Update Deal Keeper niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (07/17/2014 08:34:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Util Deal Keeper niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (07/17/2014 08:33:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Util Deal Keeper niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (07/17/2014 08:16:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
 
Error: (07/17/2014 08:16:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 20:14:47 na ‎2014-‎07-‎17 było nieoczekiwane.
 
Error: (07/17/2014 06:06:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C332C124-340D-4430-AA0D-C75602876FCC}
 
Error: (07/17/2014 09:51:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
 
Error: (07/16/2014 04:49:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Wlansvc.
 
 
Microsoft Office Sessions:
=========================
Error: (07/18/2014 11:53:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: 7z72uuox.exe52.808.569.87316cc01cfa26dee3a2bc92C:\ProgramData\bhib19yc\7z72uuox.exe
 
Error: (07/18/2014 11:37:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name43900
 
Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name25900
 
Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name17900
 
Error: (07/17/2014 09:00:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name43900
 
Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name25900
 
Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name17900
 
Error: (07/17/2014 08:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 66%
Total physical RAM: 3998.36 MB
Available physical RAM: 1339.15 MB
Total Pagefile: 7994.89 MB
Available Pagefile: 4974.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:82.39 GB) (Free:23.25 GB) NTFS
Drive e: (Nowy) (Fixed) (Total:29.3 GB) (Free:0 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: F54C4A0E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=82 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================ 

Neymar da Silva Nowicjusz

Neymar da Silva

Opublikowano
Nowicjusz

Neymar da Silva

Opublikowano
Na początek wykonaj: 

 

1. Wykonaj skanowanie MBAM'em po aktualizacji bazy danych i usuń wykryte zagrożenia 


 

2. Wykonaj skanowanie AdwCleaner - opcja "szukaj" następnie "usuń" 


 

3. Załącz oba logi z FRST (jako załącznik) 


13519196749581382095.jpg

Liszowski321 Pasjonat

Liszowski321

Opublikowano
Pasjonat

Liszowski321

  • Autor
Opublikowano 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by Adus at 2014-07-18 12:11:14
Running from C:\Users\Adus\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Counter-Strike 1.6 v48 (HKLM-x32\...\Counter-Strike 1.6) (Version: v48 - CSSetti.pl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Deal Keeper (HKLM\...\Deal Keeper) (Version: 2014.07.17.190627 - Deal Keeper)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Sterownik graficzny 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OpenFM (HKCU\...\OpenFM) (Version: 2 - GG Network S.A.)
Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Oxy updater (HKCU\...\{790875CA-153F-49F0-AAC8-C403494239A1}) (Version:  - AGILITY)
Panel sterowania NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
Razer Comms (HKLM-x32\...\Razer Comms) (Version: 2.0 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.08 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points  =========================

16-07-2014 10:07:04 Installed League of Legends
16-07-2014 18:49:26 Usunięte Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ô
17-07-2014 16:18:12 Windows Update
17-07-2014 18:51:00 Installed SpyHunter
17-07-2014 18:54:33 Removed SpyHunter

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00CAAA14-4241-4748-9C4F-D930B5395B22} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-4 No Task File <==== ATTENTION
Task: {013A38DC-5304-40E1-8EE7-BB049BF10F75} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-11 No Task File <==== ATTENTION
Task: {07790E51-4793-4F1B-A416-CA922A07A1B5} - System32\Tasks\uv4wt2o => C:\Windows\system32\bhib19yc\7z72uuox.exe
Task: {07FD24E7-848C-47D7-A087-82C177C015B9} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {0970B9D9-998D-4AD6-8546-A2525FA35BFC} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {1EA6847A-8F51-4419-B14C-5B965A6D524A} - \Oxy No Task File <==== ATTENTION
Task: {37D04B84-D5FB-49AD-A5CF-DF7C41B8FDAD} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {38F52383-9358-4714-8690-52AAB7122753} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-6 No Task File <==== ATTENTION
Task: {3B50D089-023F-44EE-8047-B097400BCD82} - \WinThruster_UPDATES No Task File <==== ATTENTION
Task: {3D50105E-79F7-443E-BDE0-A70C8564D191} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-5 No Task File <==== ATTENTION
Task: {3E0AE516-4A25-45C7-B526-F2846373269D} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {3F9DE0FF-D556-4BD0-B5D5-B3E063C4341C} - System32\Tasks\{DF5053D0-0774-454E-B507-D5925191FB1B} => C:\Program Files\CS 1.6\Counter-Strike 1.6\hl.exe
Task: {4D974C49-D0E8-4843-976D-7F87CB88ABD1} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {5315C3CC-A899-4A8A-ACC9-E335F59936D8} - \RegClean Pro No Task File <==== ATTENTION
Task: {5B819CA1-087C-4010-9D51-6E58C8C643F4} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-1 No Task File <==== ATTENTION
Task: {5D2F1F77-843A-4827-810C-451385327F5F} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-3 No Task File <==== ATTENTION
Task: {6194E960-F951-4B25-9621-2FDCFB6389F2} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-7 No Task File <==== ATTENTION
Task: {78D2A941-AAE1-413C-BF4A-D0D9AD2FFA74} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {80173D59-1056-4811-858F-DAA62E88C90D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {80ADEBC3-445A-485F-9AAA-3AC64549C2B7} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {9B3A9C9C-B043-4D13-A898-B69B60B017A2} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-2 No Task File <==== ATTENTION
Task: {9B95E109-2115-4787-B5EC-151865D2451A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-11] (Google Inc.)
Task: {A3F7A545-B589-48E8-BE62-7805784D7F73} - \BlockAndSurf_wd No Task File <==== ATTENTION
Task: {B53EAB2A-900F-47DE-B5B2-AC5526EB415D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-11] (Google Inc.)
Task: {CFA3544F-EF06-46F1-A530-ECD13EB6FC4B} - System32\Tasks\{055D65F3-55AE-4120-9F7C-D2614CD10D5C} => C:\Riot Games\League of Legends\lol.launcher.exe
Task: {D2DD50C5-08FE-4026-B0F6-C8473D6BA6BF} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {EED87991-4C53-4516-A25E-82419522ACB0} - \WinThruster_DEFAULT No Task File <==== ATTENTION
Task: {F48B23A0-E4A6-424A-BDD7-13E702C79918} - \WinThruster No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-11 15:01 - 2013-10-29 01:38 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-29 02:04 - 2014-05-29 02:05 - 00175296 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-07-18 11:42 - 2014-07-18 11:42 - 00321824 _____ () C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe
2014-07-17 21:06 - 2014-07-18 11:43 - 00321824 _____ () C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe
2014-07-18 11:43 - 2014-07-09 16:34 - 00287008 _____ () C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.PurBrowse64.exe
2014-06-11 14:11 - 2011-12-16 06:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-03 11:53 - 2014-06-03 11:53 - 00028496 _____ () C:\Program Files (x86)\Razer\Comms\RzCommsInGameApplet\RzCommsInGameApplet.exe
2014-07-18 11:43 - 2014-07-18 03:14 - 00096544 _____ () C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.BrowserAdapter.exe
2012-03-23 12:15 - 2012-03-23 12:15 - 00988160 _____ () C:\Program Files (x86)\Razer\Comms\libssh2.dll
2012-03-02 10:23 - 2012-03-02 10:23 - 00577621 _____ () C:\Program Files (x86)\Razer\Comms\sqlite3.dll
2014-01-07 00:19 - 2014-01-07 00:19 - 34755072 _____ () C:\Program Files (x86)\Razer\InGameEngine\32bit\libcef.dll
2014-06-03 11:40 - 2014-06-03 11:40 - 00359936 _____ () C:\Program Files (x86)\Razer\Comms\RzCommsInGameApplet\RzCommsInGameApplet.dll
2014-01-07 00:19 - 2014-01-07 00:19 - 00970240 _____ () C:\Program Files (x86)\Razer\InGameEngine\32bit\ffmpegsumo.dll
2014-07-18 11:43 - 2014-07-18 03:14 - 00183584 _____ () C:\Program Files (x86)\Deal Keeper\bin\DealKeeperBAApp.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-11 17:36 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-12 12:15 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Adus\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Podstawowe urządzenie systemowe
Description: Podstawowe urządzenie systemowe
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Podstawowe urządzenie systemowe
Description: Podstawowe urządzenie systemowe
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Podstawowe urządzenie systemowe
Description: Podstawowe urządzenie systemowe
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
Description: {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: BCM20702A0
Description: BCM20702A0
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Kontroler Ethernet
Description: Kontroler Ethernet
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2014 11:53:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program 7z72uuox.exe w wersji 52.808.569.873 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.

Identyfikator procesu: 16cc

Godzina rozpoczęcia: 01cfa26dee3a2bc9

Godzina zakończenia: 2

Ścieżka aplikacji: C:\ProgramData\bhib19yc\7z72uuox.exe

Identyfikator raportu:

Error: (07/18/2014 11:37:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0

Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0

Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0

Error: (07/17/2014 09:00:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0

Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0

Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0

Error: (07/17/2014 08:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/18/2014 11:37:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64

Error: (07/17/2014 09:00:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64

Error: (07/17/2014 08:34:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Update Deal Keeper niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/17/2014 08:34:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Util Deal Keeper niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/17/2014 08:33:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Util Deal Keeper niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/17/2014 08:16:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64

Error: (07/17/2014 08:16:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 20:14:47 na ‎2014-‎07-‎17 było nieoczekiwane.

Error: (07/17/2014 06:06:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C332C124-340D-4430-AA0D-C75602876FCC}

Error: (07/17/2014 09:51:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64

Error: (07/16/2014 04:49:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Wlansvc.


Microsoft Office Sessions:
=========================
Error: (07/18/2014 11:53:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: 7z72uuox.exe52.808.569.87316cc01cfa26dee3a2bc92C:\ProgramData\bhib19yc\7z72uuox.exe

Error: (07/18/2014 11:37:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name43900

Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name25900

Error: (07/18/2014 11:37:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name17900

Error: (07/17/2014 09:00:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name43900

Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name25900

Error: (07/17/2014 09:00:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT)
Description: Eap method DLL path name17900

Error: (07/17/2014 08:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 66%
Total physical RAM: 3998.36 MB
Available physical RAM: 1339.15 MB
Total Pagefile: 7994.89 MB
Available Pagefile: 4974.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:82.39 GB) (Free:23.25 GB) NTFS
Drive e: (Nowy) (Fixed) (Total:29.3 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: F54C4A0E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=82 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Users shortcut scan result (x64) Version: 15-07-2014 01
Ran by Adus at 2014-07-18 12:11:35
Running from C:\Users\Adus\Downloads
Boot Mode: Normal
==================== Shortcuts =============================

Shortcut: C:\Users\Adus\Links\Creative Cloud Files.lnk -> C:\Users\Adus\Creative Cloud Files ()
Shortcut: C:\Users\Adus\Links\Desktop.lnk -> C:\Users\Adus\Desktop ()
Shortcut: C:\Users\Adus\Links\Downloads.lnk -> C:\Users\Adus\Downloads ()
Shortcut: C:\Users\Adus\Desktop\inne\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Adus\Desktop\inne\Razer Comms.lnk -> C:\Program Files (x86)\Razer\Comms\ChatApplet.exe (Razer Inc.)
Shortcut: C:\Users\Adus\Desktop\inne\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()
Shortcut: C:\Users\Adus\Desktop\inne\TeamSpeak 3 Client.lnk -> C:\Users\Adus\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Adus\Desktop\inne\NO GAME NO LIFE\Counter Strike 1.6.lnk -> C:\Gry\Counter Strike 1.6\Counter-Strike 1.6.exe ()
Shortcut: C:\Users\Adus\Desktop\inne\NO GAME NO LIFE\OpenFM.lnk -> C:\Users\Adus\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Adus\Desktop\inne\NO GAME NO LIFE\µTorrent.lnk -> C:\Users\Adus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Adus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Adus\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Users\Adus\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Users\Adus\AppData\Local\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Adus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\lol.launcher.lnk -> C:\Users\Adus\Desktop\lol.launcher.admin.exe ()
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\openfm.lnk -> C:\Users\Adus\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Adus\AppData\Local\OpenFM\Application\openfm.lnk -> C:\Users\Adus\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Adus\AppData\Local\Microsoft\Windows\GameExplorer\{E2B9A3E4-08F1-4507-A9F4-281F5AD73245}\PlayTasks\0\Zagraj.lnk -> C:\Users\Adus\AppData\Local\Temp\Rar$EXa0.534\Sim City 4 Deluxe Edition PL\Instrukcja (info) i crack\Crack\simcity 4.exe (No File)
Shortcut: C:\Users\Adus\AppData\Local\Microsoft\Windows\GameExplorer\{CA030FE5-27EB-4EE5-BBC8-0A4632B10865}\PlayTasks\0\Zagraj.lnk -> C:\Program Files (x86)\Maxis\SimCity 4 Deluxe\simcity 4.exe (No File)
Shortcut: C:\Users\Adus\AppData\Local\Microsoft\Windows\GameExplorer\{B3EFD5AB-2257-4BCB-A652-41B6E046D5E0}\PlayTasks\0\Zagraj.lnk -> C:\Users\Adus\Desktop\simcity 4.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Comms\Razer Comms.lnk -> C:\Program Files (x86)\Razer\Comms\ChatApplet.exe (Razer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)


ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1403301663&from=smt&uid=SamsungXSSDX840XEVOX120GB_S1D5NSDF444149H
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1403301663&from=smt&uid=SamsungXSSDX840XEVOX120GB_S1D5NSDF444149H
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1403301663&from=smt&uid=SamsungXSSDX840XEVOX120GB_S1D5NSDF444149H
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1403301663&from=smt&uid=SamsungXSSDX840XEVOX120GB_S1D5NSDF444149H


ShortcutWithArgument: C:\Users\Adus\Links\GG dysk.lnk -> C:\Users\Adus\GG dysk () -> --ggiconindex=-201 --ggiconpath=C:\Users\Adus\AppData\Local\GG\Application\ggdrive\ggdrive-resources.dll
ShortcutWithArgument: C:\Users\Adus\Favorites\GG dysk.lnk -> C:\Users\Adus\GG dysk () -> --ggiconindex=-201 --ggiconpath=C:\Users\Adus\AppData\Local\GG\Application\ggdrive\ggdrive-resources.dll
ShortcutWithArgument: C:\Users\Adus\Desktop\Continue GTK+ installation.lnk -> C:\Users\Adus\AppData\Local\Temp\ICReinstall_GTK(13129).exe (                                                            ) -> /RR
ShortcutWithArgument: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse 2.0\Razer Synapse 2.0.lnk -> C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.) -> -launch
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\Diagnostyka ręczna WiFi.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Diagnostics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\Przeglądarka zdarzeń WiFi.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Event Viewer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\Statystyka zaawansowana WiFi.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Advanced Statistics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo


InternetURL: C:\Users\Adus\Favorites\Windows Live\Galeria gadżetów Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkID=70742
InternetURL: C:\Users\Adus\Favorites\Windows Live\Poczta usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Adus\Favorites\Windows Live\Programy usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Adus\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Adus\Favorites\MSN — witryny sieci Web\MSN Gospodarka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Adus\Favorites\MSN — witryny sieci Web\MSN Rozrywka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Adus\Favorites\MSN — witryny sieci Web\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Adus\Favorites\MSN — witryny sieci Web\MSN Technologie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Adus\Favorites\MSN — witryny sieci Web\MSN Wideo.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Adus\Favorites\MSN — witryny sieci Web\Portal MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Centrum bezpieczeństwa Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkID=72887
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Dodatki programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Microsoft Office Online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72885
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Microsoft Technet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72886
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Microsoft w Polsce.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Oryginalne oprogramowanie firmy Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72900
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Strona główna programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Strona główna systemu Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\Technologia RSS.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72889
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\W domu.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Adus\Favorites\Microsoft — witryny sieci Web\W pracy.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407
InternetURL: C:\Users\Adus\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211
InternetURL: C:\Users\Adus\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626
InternetURL: C:\Users\Adus\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625
InternetURL: C:\Users\Adus\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624
InternetURL: C:\Users\Adus\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622
InternetURL: C:\Users\Adus\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Adus\Desktop\Counter-Strike Source.url -> steam://rungameid/240
InternetURL: C:\Users\Adus\Desktop\Pixel Piracy\2014年全部热门单机游戏及汉化下载.url -> hxxp://bbs.3dmgame.com/thread-4181441-1-1.html
InternetURL: C:\Users\Adus\Desktop\Pixel Piracy\www.3dmgame.com.url -> hxxp://www.3dmgame.com/
InternetURL: C:\Users\Adus\Desktop\inne\NO GAME NO LIFE\Data\enUS\AccountBilling.url -> hxxp://signup.worldofwarcraft.com/
InternetURL: C:\Users\Adus\Desktop\inne\NO GAME NO LIFE\Data\enUS\TechSupport.url -> hxxp://www.worldofwarcraft.com/support/
InternetURL: C:\Users\Adus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Source.url -> steam://rungameid/240
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/

==================== End of log =============================

Jak narazie mam dwa nie wiem gdzie są pozostałe :/

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

To wykonaj ponownie log FRST. głównie na nim mi zależy. Szybko się go wykonuje więc nie będzie chyba z tym żadnych problemów.

 

 

Wstaw do spoiler a nie do code! temat zaraz zacznie wyglądać jak gówno.

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

bbcode, tag [ spoiler] bez spacji.

up szybszy :v

a tak btw czemu ma nie robić skanu mbamem? Na takie ransomware dziala dobrze, przekonalem sie wiele razy.

Gdyż w additional widnieje błąd

Error: (07/17/2014 08:16:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:

{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64

 

ten dziwny wpis jest od adware, w przypadku wywalenia go "od tak" może dojść do nieoczekiwanych zmian.

ᕦ( ͡° ͜ʖ ͡°)ᕤ Bywalec

ᕦ( ͡° ͜ʖ ͡°)ᕤ

Opublikowano
Bywalec

ᕦ( ͡° ͜ʖ ͡°)ᕤ

Opublikowano

Gdyż w additional widnieje błąd

Error: (07/17/2014 08:16:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:

{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64

 

ten dziwny wpis jest od adware, w przypadku wywalenia go "od tak" może dojść do nieoczekiwanych zmian.

I dlatego mbama używa się z mózgiem, a nie wywalam wszystko od razu.

Ale dobra, Tobie zostawiam zabawę w to, bo wierzę, że wiesz o wiele wiecej ode mnie.

Skończ proszę się kompromitować. Jesteś nikim.

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

Odinstaluj Deal Keeper,

 

Stwórz plik tekstowy o nazwie flxlist, wklej do niego:

 

() C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe
() C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe
() C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.PurBrowse64.exe
() C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.BrowserAdapter.exe
HKLM-x32\...\Run: [fst_pl_130] => [X]
HKLM-x32\...\Run: [fst_pl_138] => [X]
HKLM-x32\...\Run: [t4pc_en_6] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,C:\Windows\system32\bhib19yc\7z72uuox.exe,C:\Windows\system32\bhib19yc\7z72uuox.exe [X]
HKU\S-1-5-21-3407546214-3089701442-1241462905-1000\...\Run: [uv4wt2o] => C:\ProgramData\bhib19yc\7z72uuox.exe [142848 2014-07-15] (B***h & B***h)
R1 {5178f938-0bd5-47c1-8242-71f6e3e72925}Gw64; C:\Windows\System32\drivers\{5178f938-0bd5-47c1-8242-71f6e3e72925}Gw64.sys [61120 2014-07-09] (StdLib)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys [61120 2014-06-17] (StdLib)
R1 {fec5ad34-16a9-49f3-900d-0047502262c5}Gw64; C:\Windows\System32\drivers\{fec5ad34-16a9-49f3-900d-0047502262c5}Gw64.sys [61120 2014-06-16] (StdLib)
S3 clwvd6; system32\DRIVERS\clwvd6.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [X]
R2 Util Deal Keeper; C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe [321824 2014-07-18] ()
R2 Update Deal Keeper; C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe [321824 2014-07-18] ()
2014-07-17 23:13 - 2014-07-17 23:13 - 90396104 _____ (The GIMP Team ) C:\Users\Adus\Downloads\gimp-2.8.10-setup(dobreprogramy.pl).exe
2014-07-17 23:11 - 2014-07-18 11:42 - 00000000 ____D () C:\Program Files (x86)\Deal Keeper
2014-07-17 23:11 - 2014-07-17 23:11 - 00776656 _____ ( ) C:\Users\Adus\Downloads\GIMP(13219).exe
2014-07-17 09:57 - 2014-07-17 21:01 - 00000000 ___HD () C:\ProgramData\bhib19yc
2014-07-16 20:41 - 2014-07-09 16:34 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{5178f938-0bd5-47c1-8242-71f6e3e72925}Gw64.sys
Task: {00CAAA14-4241-4748-9C4F-D930B5395B22} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-4 No Task File <==== ATTENTION
Task: {013A38DC-5304-40E1-8EE7-BB049BF10F75} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-11 No Task File <==== ATTENTION
Task: {07FD24E7-848C-47D7-A087-82C177C015B9} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {0970B9D9-998D-4AD6-8546-A2525FA35BFC} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {1EA6847A-8F51-4419-B14C-5B965A6D524A} - \Oxy No Task File <==== ATTENTION
Task: {38F52383-9358-4714-8690-52AAB7122753} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-6 No Task File <==== ATTENTION
Task: {3B50D089-023F-44EE-8047-B097400BCD82} - \WinThruster_UPDATES No Task File <==== ATTENTION
Task: {3D50105E-79F7-443E-BDE0-A70C8564D191} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-5 No Task File <==== ATTENTION
Task: {3E0AE516-4A25-45C7-B526-F2846373269D} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {4D974C49-D0E8-4843-976D-7F87CB88ABD1} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {5315C3CC-A899-4A8A-ACC9-E335F59936D8} - \RegClean Pro No Task File <==== ATTENTION
Task: {5B819CA1-087C-4010-9D51-6E58C8C643F4} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-1 No Task File <==== ATTENTION
Task: {5D2F1F77-843A-4827-810C-451385327F5F} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-3 No Task File <==== ATTENTION
Task: {6194E960-F951-4B25-9621-2FDCFB6389F2} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-7 No Task File <==== ATTENTION
Task: {78D2A941-AAE1-413C-BF4A-D0D9AD2FFA74} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {80173D59-1056-4811-858F-DAA62E88C90D} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {80ADEBC3-445A-485F-9AAA-3AC64549C2B7} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {9B3A9C9C-B043-4D13-A898-B69B60B017A2} - \257682e7-a9e4-43ba-99ca-6965d7cad8ff-2 No Task File <==== ATTENTION
Task: {A3F7A545-B589-48E8-BE62-7805784D7F73} - \BlockAndSurf_wd No Task File <==== ATTENTION
Task: {D2DD50C5-08FE-4026-B0F6-C8473D6BA6BF} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {EED87991-4C53-4516-A25E-82419522ACB0} - \WinThruster_DEFAULT No Task File <==== ATTENTION
Task: {F48B23A0-E4A6-424A-BDD7-13E702C79918} - \WinThruster No Task File <==== ATTENTION

 

Zapisz, umieść obok FRST i kliknij "FIX".

 

Użyj programu TFC Temp File Cleaner http://www.bleepingcomputer.com/download/tfc/

 

Dostarcz Fixlog oraz nowy log FRST wraz z Aditional! upewnij się że dobrze zaznaczyłeś opcje w programie!

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Pytania
×
×
  • Dodaj nową pozycję...