Win 7 wyskakujące reklamy- wirus

**Posty:** 9 · przez **anial** 30 Kwi 2014, 22:26

Witam .

Problem jak w temacie , ktoś pomoże ?

, kompletnym laikiem jestem , niestety

. Próbowałam już go usunąć zgodnie ze wskazówkami znalezionymi w necie , ale gdzieś popełniłam błąd i się nie udało . Łopatologicznie poproszę

Linki z logami :
http://wklej.org/id/1348383/
http://wklej.org/id/1348385/

**Posty:** 2183 · przez **NieWiem** 01 Maj 2014, 00:57

Pobierz GMER i zapisz do na pulpicie.
Jeśli posiadasz wirtualne napędy, to zrób z nimi porządek zgodnie z tym tematem.

Uruchom GMERa z prawokliku jako administrator.
Gdy skończy się pre-skan, w małym oknie zaznacz C: oraz upewnij się, że opcja 3rd party NIE JEST zaznaczona.
Kliknij Szukaj i w międzyczasie nie rób nic więcej na komputerze. Ten ma skan może trwać długo, ale musi przelecieć spokojnie i możliwie bez przeszkód.

Na zakończenie zapisz raport i przeklej go.
Prawdopodobnie będziesz musiała zmienić rozszerzenie zapisanego pliku z *.log na *.txt.

**Posty:** 9 · przez **anial** 01 Maj 2014, 13:32

Dziękuję bardzo , zrobiłam wszystko tak jak napisałeś . Zapisałam raport i ... hmm . Bardzo głupie pytanie . Przekleić , czyli co ? Skopiować i wkleić tu ? i ... Prawdopodobnie będziesz musiała zmienić rozszerzenie zapisanego pliku z *.log na *.txt. ?

Kod: Zaznacz wszystko: GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-05-01 13:31:52 Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.AX00 298,09GB Running: uuzjrw1e.exe; Driver: C:\Users\MIOSZ~1\AppData\Local\Temp\ugrdrpow.sys ---- Kernel code sections - GMER 2.1 ---- .text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82048A15 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82082212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[160] USER32.dll!RegisterMessagePumpHook + 2F1 76998B9E 7 Bytes JMP 6A51E610 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[160] USER32.dll!IsDialogMessageW + 340 769A4444 7 Bytes JMP 6A51E681 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[160] USER32.dll!GetWindowInfo 769A4B5E 5 Bytes JMP 6A522366 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[160] USER32.dll!ToUnicodeEx + 71 769B2223 7 Bytes JMP 6A51BD82 C:\Program Files\Mozilla Firefox\xul.dll .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtCreateFile + 6 7744560E 4 Bytes [28, 80, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtCreateFile + B 77445613 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtCreateKey + 6 7744564E 4 Bytes [68, 81, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtCreateKey + B 77445653 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtCreateMutant + 6 7744568E 4 Bytes [68, 82, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtCreateMutant + B 77445693 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtCreateSection + 6 7744572E 4 Bytes [A8, 82, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtCreateSection + B 77445733 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtMapViewOfSection + B 77445C73 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenFile + 6 77445D1E 4 Bytes [68, 80, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenFile + B 77445D23 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenKey + 6 77445D4E 4 Bytes [A8, 81, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenKey + B 77445D53 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenKeyEx + B 77445D63 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenMutant + 6 77445D9E 4 Bytes [28, 82, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenMutant + B 77445DA3 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenProcess + 6 77445DCE 4 Bytes [68, 83, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenProcess + B 77445DD3 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenProcessToken + 6 77445DDE 4 Bytes [A8, 83, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenProcessToken + B 77445DE3 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenProcessTokenEx + 6 77445DEE 4 Bytes [68, 84, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenProcessTokenEx + B 77445DF3 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenSection + B 77445E13 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenThread + 6 77445E4E 4 Bytes [28, 83, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenThread + B 77445E53 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenThreadToken + 6 77445E5E 4 Bytes [28, 84, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenThreadToken + B 77445E63 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenThreadTokenEx + 6 77445E6E 4 Bytes [A8, 84, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtOpenThreadTokenEx + B 77445E73 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtQueryAttributesFile + 6 77445F7E 4 Bytes [A8, 80, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtQueryAttributesFile + B 77445F83 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtQueryFullAttributesFile + B 77446033 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtSetInformationFile + 6 7744667E 4 Bytes [28, 81, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtSetInformationFile + B 77446683 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtSetInformationThread + B 774466E3 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtUnmapViewOfSection + 6 774469FE 4 Bytes [28, 85, 07, 00] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ntdll.dll!NtUnmapViewOfSection + B 77446A03 1 Byte [E2] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] kernel32.dll!CreateProcessW 7587204D 5 Bytes JMP 00180030 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] kernel32.dll!CreateProcessA 75872082 5 Bytes JMP 00180070 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!ActivateKeyboardLayout 76998203 5 Bytes JMP 002004F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!ScreenToClient 7699A506 7 Bytes JMP 00200670 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!RegisterClipboardFormatA 7699C091 5 Bytes JMP 002002F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!RegisterClipboardFormatW 7699DF8D 5 Bytes JMP 002002B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!SetCursor 769A3075 5 Bytes JMP 00200530 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!MonitorFromWindow 769A3622 7 Bytes JMP 00200630 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!PostMessageW 769A447B 5 Bytes JMP 002005F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!IsWindowVisible 769A4D69 7 Bytes JMP 002006B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetClientRect 769A54DD 7 Bytes JMP 002005B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!MapWindowPoints 769A5CAA 5 Bytes JMP 00200570 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetParent 769A6029 7 Bytes JMP 002006F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!EmptyClipboard 769B290C 5 Bytes JMP 00200130 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!SetClipboardData 769B2962 5 Bytes JMP 00200170 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetClipboardData 769B2BA7 5 Bytes JMP 00200030 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetClipboardFormatNameW 769B5FD2 5 Bytes JMP 00200230 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!SetClipboardViewer 769B6FF6 5 Bytes JMP 002004B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetClipboardFormatNameA 769B700A 5 Bytes JMP 00200270 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!ChangeClipboardChain 769C147C 5 Bytes JMP 00200430 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetTopWindow 769C24D9 7 Bytes JMP 00200730 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!CloseClipboard 769C446C 5 Bytes JMP 002000B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!OpenClipboard 769C447E 5 Bytes JMP 00200070 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!IsClipboardFormatAvailable 769C44FF 5 Bytes JMP 002000F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetClipboardSequenceNumber 769C4513 5 Bytes JMP 00200330 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetClipboardOwner 769C4525 5 Bytes JMP 00200370 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!CountClipboardFormats 769C470A 5 Bytes JMP 002001F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!EnumClipboardFormats 769C47EC 5 Bytes JMP 002001B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetOpenClipboardWindow 769C480B 5 Bytes JMP 002003F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!SetCursorPos 769DC1B0 5 Bytes JMP 00200770 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetClipboardViewer 769F4AF7 5 Bytes JMP 00200470 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] user32.DLL!GetPriorityClipboardFormat 769F4BF9 5 Bytes JMP 002003B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!DeleteObject 77545F14 5 Bytes JMP 002101B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SelectObject 77546640 5 Bytes JMP 002105F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SetTextColor 77546906 5 Bytes JMP 00210A30 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SetBkMode 775469B1 5 Bytes JMP 002108F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!DeleteDC 77546EAA 5 Bytes JMP 00210170 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetDeviceCaps 77546F7F 5 Bytes JMP 002103B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!ExtSelectClipRgn 77547114 5 Bytes JMP 002102F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SelectClipRgn 77547242 5 Bytes JMP 002105B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SetStretchBltMode 77547705 5 Bytes JMP 002106B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetCurrentObject 77547917 5 Bytes JMP 00210370 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetTextMetricsW 77547B8F 5 Bytes JMP 00210E30 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetTextAlign 77547DAF 5 Bytes JMP 00210D70 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!IntersectClipRect 77547DFE 5 Bytes JMP 002103F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!ExtTextOutW 77548192 5 Bytes JMP 00210970 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SetTextAlign 7754828E 5 Bytes JMP 002109F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetClipBox 77548525 5 Bytes JMP 00210330 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!MoveToEx 77548C21 5 Bytes JMP 00210470 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!StretchDIBits 7754A53E 5 Bytes JMP 00210770 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!RestoreDC 7754A67B 5 Bytes JMP 00210530 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SaveDC 7754A74B 5 Bytes JMP 00210570 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetTextExtentPoint32W 7754B4B5 5 Bytes JMP 00210670 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetTextFaceW 7754B73A 2 Bytes JMP 00210D30 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetTextFaceW + 3 7754B73D 2 Bytes [CC, 88] .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetFontData 7754BCC4 5 Bytes JMP 00210C70 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SetWorldTransform 7754C90A 5 Bytes JMP 002106F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!CreateDCA 7754CCA9 5 Bytes JMP 002100B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!CreateDCW 7754CF79 5 Bytes JMP 002100F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!CreateICW 7754CFD0 5 Bytes JMP 00210130 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetTextMetricsA 7754D0F2 5 Bytes JMP 00210DF0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!Rectangle 7754F1FF 5 Bytes JMP 002109B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!LineTo 7754F59B 5 Bytes JMP 00210430 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SetICMMode 7754FAA4 5 Bytes JMP 00210DB0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!ExtTextOutA 77550D20 5 Bytes JMP 00210930 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetTextExtentPoint32A 7755117F 5 Bytes JMP 00210630 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!ExtEscape 77552D49 5 Bytes JMP 002102B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!Escape 77553400 5 Bytes JMP 00210270 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!ResetDCW 77553A9B 5 Bytes JMP 00210AB0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!EndPage 775540DA 5 Bytes JMP 00210230 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SetPolyFillMode 775567E1 5 Bytes JMP 00210B30 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SetMiterLimit 7755699D 5 Bytes JMP 00210B70 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetTextFaceA 77560D22 5 Bytes JMP 00210CF0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!GetGlyphOutlineW 7756C2DA 5 Bytes JMP 00210CB0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!CreateScalableFontResourceW 7756E937 5 Bytes JMP 00210BB0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!AddFontResourceW 7756ED33 5 Bytes JMP 00210BF0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!RemoveFontResourceW 7756F229 5 Bytes JMP 00210C30 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!AbortDoc 77574E29 5 Bytes JMP 00210030 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!EndDoc 77575270 5 Bytes JMP 002101F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!StartPage 7757535B 5 Bytes JMP 00210730 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!StartDocW 77575D76 5 Bytes JMP 002107F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!BeginPath 7757651D 5 Bytes JMP 00210830 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!SelectClipPath 77576574 5 Bytes JMP 00210AF0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!CloseFigure 775765CF 5 Bytes JMP 00210070 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!EndPath 77576626 5 Bytes JMP 00210A70 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!StrokePath 77576859 5 Bytes JMP 002107B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!FillPath 775768E6 5 Bytes JMP 00210870 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!PolylineTo 77576D54 5 Bytes JMP 002104F0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!PolyBezierTo 77576DE5 5 Bytes JMP 002104B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] GDI32.dll!PolyDraw 77576E97 5 Bytes JMP 002108B0 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ole32.dll!OleSetClipboard 77250045 5 Bytes JMP 00230030 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ole32.dll!OleIsCurrentClipboard 772536B2 5 Bytes JMP 00230070 .text C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe[1484] ole32.dll!OleGetClipboard 7727FDCD 5 Bytes JMP 002300B0 .text C:\Program Files\Mozilla Firefox\firefox.exe[2488] ntdll.dll!LdrGetProcedureAddress + 26 774622A9 7 Bytes JMP 72C01FD9 C:\Program Files\Mozilla Firefox\mozglue.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2488] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 758B94E6 7 Bytes JMP 6AC240E1 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2488] kernel32.dll!QueryPerformanceCounter + 13 758BC4E5 7 Bytes JMP 6AC24104 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2488] kernel32.dll!LoadAppInitDlls + 355 758BF5A6 7 Bytes JMP 6A2F3255 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[2488] GDI32.dll!GetViewportOrgEx + 26C 7754884B 7 Bytes JMP 6AC24062 C:\Program Files\Mozilla Firefox\xul.dll ---- User IAT/EAT - GMER 2.1 ---- IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [718A24CB] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [7188562E] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [718856EC] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipFree] [718A2546] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [718985AA] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [71894D5E] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [71895105] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [718951DA] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [71896707] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [71898301] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [71898850] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [718990B1] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7189E254] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll IAT C:\windows\Explorer.EXE[556] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [71894C90] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll ---- Devices - GMER 2.1 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys ---- Processes - GMER 2.1 ---- Library C:\Users\miłosz\Downloads\uuzjrw1e.exe (*** hidden *** ) @ C:\Users\miłosz\Downloads\uuzjrw1e.exe [5388] 0x00400000 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002454f1e0bc Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b80305bf6250 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b80305bf6250@e892a4b0b920 0x0E 0x7E 0x63 0x75 ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\b80305bf6250@9463d1b961d1 0x55 0xF1 0xFC 0x8C ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\dca971071cd6 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002454f1e0bc (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b80305bf6250 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b80305bf6250@e892a4b0b920 0x0E 0x7E 0x63 0x75 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\b80305bf6250@9463d1b961d1 0x55 0xF1 0xFC 0x8C ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\dca971071cd6 (not active ControlSet) Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{34E54A02-D51C-11E1-BB16-806E6F6E6963} 3079253440 ---- EOF - GMER 2.1 ----

**Posty:** 2183 · przez **NieWiem** 05 Maj 2014, 09:53

Przepraszam za przerwę, weekend majowy wypadł mi po drodze z życiorysu

Gmer sam siebie podejrzewa o bycie szkodliwym :1:

Pobierz AdwCleaner.
Uruchom i wciśnij Scan.
Kiedy skończy wciśnij Clean i zgodź się na restart.
Wyświetlony po restarcie raport załącz.

Pobierz Junkware Removal Tool.
Uruchom i poczekaj cierpliwie.
Uwaga: na czas pracy programu należy wyłączyć programy z rezydentną ochroną (AV, AS), ponieważ "ubijają" one składniki JRT.
Po ukończeniu pojawi się raport - załącz go w odpowiedzi.

**Posty:** 9 · przez **anial** 07 Maj 2014, 15:45

Ok , zrobione

Kod: Zaznacz wszystko: Folder Usunięto : C:\Users\miłosz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4 Plik Usunięto : C:\Users\miłosz\AppData\Roaming\Mozilla\Firefox\Profiles\hhw4f414.default\Extensions\{4e38134d-ba98-4066-b898-e296d8acc938}.xpi Plik Usunięto : C:\Users\miłosz\AppData\Roaming\Mozilla\Firefox\Profiles\hhw4f414.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi ***** [ Skróty ] ***** ***** [ Rejestr ] ***** Klucz Usunięto : HKCU\Software\Softonic ***** [ Przeglądarki internetowe ] ***** -\\ Internet Explorer v11.0.9600.17041 -\\ Mozilla Firefox v28.0 (pl) [ Plik : C:\Users\miłosz\AppData\Roaming\Mozilla\Firefox\Profiles\hhw4f414.default\prefs.js ] ************************* AdwCleaner[R0].txt - [16313 octets] - [26/03/2014 18:18:26] AdwCleaner[R1].txt - [6300 octets] - [04/04/2014 17:02:16] AdwCleaner[R2].txt - [3087 octets] - [27/04/2014 07:17:06] AdwCleaner[R3].txt - [1201 octets] - [27/04/2014 07:25:48] AdwCleaner[R4].txt - [1276 octets] - [30/04/2014 21:23:26] AdwCleaner[R5].txt - [1824 octets] - [07/05/2014 15:14:07] AdwCleaner[S0].txt - [15933 octets] - [26/03/2014 18:29:22] AdwCleaner[S1].txt - [4763 octets] - [04/04/2014 17:06:26] AdwCleaner[S2].txt - [2967 octets] - [27/04/2014 07:20:11] AdwCleaner[S3].txt - [1258 octets] - [27/04/2014 07:29:34] AdwCleaner[S4].txt - [1335 octets] - [30/04/2014 21:48:19] AdwCleaner[S5].txt - [1734 octets] - [07/05/2014 15:18:19] ########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1794 octets] ##########

Kod: Zaznacz wszystko: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Starter x86 Ran by miosz on 2014-05-07 at 15:29:20,78 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1672387985-1913603920-378005710-1000\Software\sweetim ~~~ Files Successfully deleted: [File] "C:\Users\miosz\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com" ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\miosz\appdata\local\{55856A2D-F71D-43A0-B0D8-221ECF4844EE} Successfully deleted: [Empty Folder] C:\Users\miosz\appdata\local\{D72DEA19-F99D-4F71-B23B-A0A7B6129074} ~~~ FireFox Emptied folder: C:\Users\miosz\AppData\Roaming\mozilla\firefox\profiles\hhw4f414.default\minidumps [87 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 2014-05-07 at 15:37:10,04 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

**Posty:** 2183 · przez **NieWiem** 07 Maj 2014, 16:55

Bardzo Cię proszę o wklejanie raportów w całości, bo potem nie mogę nic z nich odczytać sensownego...

Pobierz FRST w wersji zgodnej z Twoim systemem - 64bit.
Zapisz na pulpicie, uruchom, kliknij scan.
Wygeneruje dwa logi. Obydwa proszę załączyć na forum.

**Posty:** 9 · przez **anial** 08 Maj 2014, 22:17

Jeżeli nie wkleiłam w całości to przepraszam , nie było to celowe . Wiem ,że tłumaczenie i pomoc laikowi może być frustrująca , dlatego dziękuję za cierpliwość

. A teraz wklejam to coś co wyskoczyło po scanie i mam nadzieję , że w całości

:

Kod: Zaznacz wszystko: Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-05-2014 Ran by miłosz at 2014-05-08 22:01:02 Running from C:\Users\miłosz\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== „Windows Live Essentials“ (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Mail“ (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden „Windows Live“ fotogalerija (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden 32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden Chuzzle Deluxe (Version: 2.2.0.82 - WildTangent) Hidden Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.) CyberLink YouCam (Version: 3.1.4417 - CyberLink Corp.) Hidden D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden Diner Dash 2 Restaurant Rescue (Version: 2.2.0.82 - WildTangent) Hidden DirectVobSub 2.40.4209 (HKLM\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team) DJ_AIO_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden DJ_AIO_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden DJ_AIO_Software_min (Version: 130.0.365.000 - Hewlett-Packard) Hidden Dziobas Rar Player 0.009.52 (HKLM\...\Dziobas Rar Player_is1) (Version: - Kamil Dzióbek) Easy File Share (HKLM\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.2.2 - Samsung Electronics Co., Ltd.) Easy Settings (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.) Easy Support Center 1.0 (HKLM\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.47 - Samsung) F4100 (Version: 130.0.365.000 - Hewlett-Packard) Hidden F4100_Help (Version: 90.0.222.000 - Hewlett-Packard) Hidden Farm Frenzy (Version: 2.2.0.82 - WildTangent) Hidden Fotogalerija Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Customer cenzura! Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Support Solutions Framework (HKLM\...\{23CCE784-A812-4647-AEFF-1DCCD4E57478}) (Version: 11.50.0000 - Hewlett-Packard Company) HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden Insaniquarium Deluxe (Version: 2.2.0.82 - WildTangent) Hidden Intel PROSet Wireless (Version: - ) Hidden Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1083 - Intel Corporation) Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 10.4.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.0 - ) Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) Malwarebytes Anti-Malware wersja 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Polski (HKLM\...\{90140011-0066-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Minecraft (HKLM\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net) Moduł Szybka instalacja pakietu Microsoft Office 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Mozilla Firefox 28.0 (x86 pl) (HKLM\...\Mozilla Firefox 28.0 (x86 pl)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Peggle (Version: 2.2.0.82 - WildTangent) Hidden Penguins! (Version: 2.2.0.82 - WildTangent) Hidden Plants vs. Zombies (Version: 2.2.0.82 - WildTangent) Hidden PLAY ONLINE (HKLM\...\PLAY ONLINE) (Version: 11.302.09.06.264 - Huawei Technologies Co.,Ltd) Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raccolta foto di Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.) S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden Samsung Recovery Solution 5 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.2.0 - Samsung) Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden Software Launcher (HKLM\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung) SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.) Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden SW Update (HKLM\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.7.0 - Synaptics Incorporated) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden Ultimate Codec Packages (HKCU\...\Ultimate Codec Packages) (Version: - ) <==== ATTENTION Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.1 - ) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden webssearches uninstaller (HKLM\...\webssearches uninstaller) (Version: - webssearches) <==== ATTENTION WildTangent Games (HKLM\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.3 - WildTangent) WildTangent ORB Game Console (Version: - WildTangent) Hidden Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live fotoattēlu galerija (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Foto-galerija (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotoğraf Galerisi (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Messenger (Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Pošta (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 메일 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 사진 갤러리 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 필수 패키지 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 影像中心 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 照片库 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 程式集 (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live 程式集 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 软件包 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 5.01 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) Zuma Deluxe (Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 11-04-2014 10:18:51 Windows Update 12-04-2014 07:43:00 Windows Update 15-04-2014 18:00:51 Windows Update 19-04-2014 16:07:14 Windows Update 23-04-2014 13:06:45 Windows Update 24-04-2014 13:20:19 Installed Java 7 Update 55 26-04-2014 16:29:28 Windows Update 30-04-2014 03:55:48 Windows Update 03-05-2014 11:36:07 Windows Update 04-05-2014 07:57:54 Windows Update 06-05-2014 20:49:09 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {02FDC127-1DDA-42AD-8EA8-CD9D4AAE6903} - System32\Tasks\{2D9CB363-3AC6-49CC-8C32-BB55903CF928} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.259&LastError=404 Task: {0587E92B-DE4A-4B04-9A44-E27D69C7E306} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe Task: {10E6A17B-71B2-4EC0-B0C4-BBB17E7284AE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: {1AA86763-733A-4E0F-9841-98A7EC30FA38} - System32\Tasks\SmartSetting => C:\Program Files\Samsung\Easy Settings\SmartSetting.exe [2011-12-06] (Samsung Electronics Co., Ltd.) Task: {2962A167-5920-4194-8B09-DCCB9BCA0C13} - System32\Tasks\EasySpeedUpManager => C:\Program Files\Samsung\Easy Settings\EasySpeedUpManager.exe [2011-12-06] (Samsung Electronics) Task: {2EA25794-D06C-41FD-B391-A6811917AC99} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink) Task: {53A0B2B5-6176-4A54-BFAB-5A3AB6BC9F8B} - System32\Tasks\SCCSpeedBoot => C:\Program Files\Samsung\Easy Settings\SCCSpeedBoot.exe [2011-12-06] (Samsung Electronics Co., Ltd.) Task: {8951E146-5563-4B08-A3EA-0A387ED40F8F} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-12-06] (SAMSUNG Electronics co., LTD.) Task: {8FC9B747-ED34-4A9F-93EC-9E60A818B59B} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.) Task: {A1A2EA55-9819-40E7-A94B-D31A0F921663} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Settings\dmhkcore.exe [2011-12-06] (Samsung Electronics Co., Ltd.) Task: {A651A74F-E8FF-4E3F-A4F8-2D86CE7C1CD3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe Task: {ACABA8C5-072F-4F4E-9B42-B7212C5A8CD8} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Easy Support Center\SSCKbdHk.exe [2011-12-08] (SAMSUNG Electronics) Task: {B30ED2E8-B8B4-491A-B925-86BBFABF2830} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated) Task: {D3F533C0-E8A0-4562-9CEC-007ADFB43E34} - System32\Tasks\advSRS5 => C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-11-13] (SEC) Task: {EC6C040E-C3AE-4FAC-BBA2-C93F39DCB0C5} - System32\Tasks\MovieColorEnhancer => C:\Program Files\Samsung\Easy Settings\MovieColorEnhancer.exe [2011-12-06] (Samsung Electronics Co., Ltd.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2012-07-23 09:53 - 2011-09-22 07:11 - 00203776 _____ () C:\Program Files\Samsung\Easy Settings\WinCRT.dll 2010-11-16 15:37 - 2010-11-16 15:37 - 00264704 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe 2014-04-30 12:38 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-04-30 12:38 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl 2014-04-30 12:38 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-04-30 12:38 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll 2014-04-30 12:38 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2012-07-23 09:53 - 2011-09-22 07:11 - 00049152 _____ () C:\Program Files\Samsung\Easy Settings\HookDllPS2.dll 2012-07-23 09:35 - 2011-09-08 12:40 - 01645056 _____ () C:\Program Files\Samsung\Samsung Recovery Solution 5\Resdll.dll 2014-02-16 13:57 - 2014-03-19 10:28 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-04-29 11:41 - 2014-04-29 11:41 - 16351920 _____ () C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: MpKslcebb2640 Description: MpKslcebb2640 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: MpKslcebb2640 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (05/08/2014 04:58:29 PM) (Source: DCOM) (User: ) (EventID: 10010) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (05/08/2014 07:10:01 AM) (Source: Service Control Manager) (User: ) (EventID: 7011) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi WwanSvc. Error: (05/07/2014 04:55:36 PM) (Source: DCOM) (User: ) (EventID: 10010) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 91% Total physical RAM: 1012.14 MB Available physical RAM: 89.79 MB Total Pagefile: 2218.39 MB Available Pagefile: 512.9 MB Total Virtual: 2047.88 MB Available Virtual: 1910.62 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:280.77 GB) (Free:235.76 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298 GB) (Disk ID: 8710E6A6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=17 GB) - (Type=27) ==================== End Of Log ============================

i

Kod: Zaznacz wszystko: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-05-2014 Ran by miłosz (administrator) on MILOSZ-KOMPUTER on 08-05-2014 21:59:00 Running from C:\Users\miłosz\Desktop Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Huawei Technologies Co., Ltd.) C:\Users\miłosz\AppData\Roaming\PLAY ONLINE\ouc.exe (Hewlett-Packard Co.) C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Settings\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Settings\SmartSetting.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Hewlett-Packard Co.) C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe (SEC) C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (Hewlett-Packard Co.) C:\Program Files\Hp\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\Hp\Digital Imaging\bin\hpqgpc01.exe (Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (SAMSUNG Electronics) C:\Program Files\Samsung\Easy Support Center\SSCKbdHk.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [GfxServiceInstall] => C:\windows\system32\GfxCUIServiceInstall.vbs [131 2012-06-26] () HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11463272 2011-11-04] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2262312 2011-05-13] (Synaptics Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\Run: [HW_OPENEYE_OUC_PLAY ONLINE] => C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [110592 2009-04-14] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: D - D:\AutoRun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {021a8c4b-a08a-11e3-ab07-b80305bf6250} - D:\autorun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {22bab28b-d684-11e2-8925-b80305bf6250} - D:\AutoRun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {22bab29a-d684-11e2-8925-b80305bf6250} - D:\AutoRun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {7dff1df1-7267-11e3-a46d-b80305bf6250} - D:\AutoRun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {fb5be088-e09a-11e2-8e75-b80305bf6250} - D:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== SearchScopes: HKLM - DefaultScope value is missing. BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{29563F33-E006-4493-99AF-E616CBFB5F59}: [NameServer]89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{7546BB1F-66F1-4023-8741-E3715E4DBF61}: [NameServer]89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{78C28109-CDB8-486C-8F3A-79E84EB4C2B1}: [NameServer]89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{9FC967C2-96F2-4BC6-9F8C-1E24DA750205}: [NameServer]89.108.195.20 89.108.202.20 FireFox: ======== FF ProfilePath: C:\Users\miłosz\AppData\Roaming\Mozilla\Firefox\Profiles\hhw4f414.default FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/GENUINE - C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\miłosz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-02-04] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-02-04] ========================== Services (Whitelisted) ================= S3 GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [246520 2010-06-03] (WildTangent, Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] () R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.) ==================== Drivers (Whitelisted) ==================== S3 BtFilter; C:\windows\System32\DRIVERS\btfilter.sys [249504 2011-04-29] (Atheros) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation) R3 NETwNs32; C:\windows\System32\DRIVERS\NETwNs32.sys [7515136 2011-09-17] (Intel Corporation) S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2012-08-22] (Windows (R) 2003 DDK 3790 provider) R2 SGDrv; C:\windows\System32\DRIVERS\SGdrv.sys [6144 2011-04-12] (Phoenix Technologies Ltd.) R1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw; C:\windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw.sys [52928 2014-04-24] (StdLib) S1 MpKslcebb2640; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{54F54DDA-B604-457F-BC1F-C9743CF53058}\MpKslcebb2640.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-08 21:59 - 2014-05-08 22:00 - 00013064 _____ () C:\Users\miłosz\Desktop\FRST.txt 2014-05-08 21:58 - 2014-05-08 21:59 - 00000000 ____D () C:\FRST 2014-05-08 21:53 - 2014-05-08 21:53 - 01053184 _____ (Farbar) C:\Users\miłosz\Desktop\FRST.exe 2014-05-08 12:49 - 2014-05-08 12:49 - 00007837 _____ () C:\Users\miłosz\Downloads\transakcje.txt 2014-05-07 15:37 - 2014-05-07 15:37 - 00001284 _____ () C:\Users\miłosz\Desktop\JRT.txt 2014-05-07 15:29 - 2014-05-07 15:29 - 00000000 ____D () C:\windows\ERUNT 2014-05-07 15:28 - 2014-05-07 15:28 - 01016261 _____ (Thisisu) C:\Users\miłosz\Downloads\JRT.exe 2014-05-07 15:22 - 2014-05-07 15:22 - 00001530 _____ () C:\Users\miłosz\Documents\adwcleaner.txt 2014-05-07 15:10 - 2014-05-07 15:10 - 01316991 _____ () C:\Users\miłosz\Downloads\AdwCleaner(4).exe 2014-05-06 22:50 - 2014-05-06 22:50 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-06 15:12 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-05-06 15:12 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-05-06 05:56 - 2014-05-07 06:50 - 00000000 ____D () C:\Users\miłosz\Desktop\rok 2014-05-04 10:02 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-05-04 10:02 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-05-03 09:11 - 2014-05-03 09:11 - 00003288 ____N () C:\bootsqm.dat 2014-05-01 13:22 - 2014-05-01 13:24 - 00000474 _____ () C:\Users\miłosz\Downloads\defogger_disable.log 2014-05-01 13:22 - 2014-05-01 13:22 - 00000000 _____ () C:\Users\miłosz\defogger_reenable 2014-05-01 13:19 - 2014-05-01 13:19 - 00050477 _____ () C:\Users\miłosz\Downloads\Defogger.exe 2014-05-01 13:14 - 2014-05-01 13:14 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\miłosz\Downloads\SPTDinst-v186-x86.exe 2014-05-01 13:02 - 2014-05-01 13:02 - 00030540 _____ () C:\Users\miłosz\Documents\s.log 2014-05-01 11:30 - 2014-05-01 11:31 - 00380416 _____ () C:\Users\miłosz\Desktop\uuzjrw1e.exe 2014-05-01 00:36 - 2014-05-01 00:36 - 00000060 _____ () C:\Users\miłosz\Documents\30.04.2014.txt 2014-04-30 21:55 - 2014-04-30 21:56 - 00602112 _____ (OldTimer Tools) C:\Users\miłosz\Downloads\OTL(2).exe 2014-04-30 21:21 - 2014-04-30 21:22 - 01310621 _____ () C:\Users\miłosz\Downloads\adwcleaner(3).exe 2014-04-30 12:39 - 2014-04-30 12:39 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-30 12:39 - 2014-04-30 12:39 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-30 12:39 - 2014-04-30 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-30 12:38 - 2014-04-30 12:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-30 12:38 - 2014-04-30 12:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2014-04-30 12:38 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\windows\system32\sdnclean.exe 2014-04-30 12:36 - 2014-04-30 12:36 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\miłosz\Downloads\spybot-2.3.exe 2014-04-30 12:32 - 2014-04-30 12:33 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\Spybot-Search-Destroy(12546).exe 2014-04-30 08:09 - 2014-04-30 09:35 - 00000000 ____D () C:\Users\miłosz\Doctor Web 2014-04-30 08:00 - 2014-04-30 08:02 - 147896696 _____ () C:\Users\miłosz\Downloads\fx0dpnh7.exe 2014-04-27 10:49 - 2014-04-27 10:52 - 71151475 _____ () C:\Users\miłosz\Downloads\ania lewandowska_tokkyo_max.zip 2014-04-27 07:16 - 2014-04-27 07:16 - 01329501 _____ () C:\Users\miłosz\Downloads\adwcleaner(2).exe 2014-04-27 07:09 - 2014-04-27 07:10 - 00000000 ____D () C:\Users\miłosz\Downloads\kopernika 5 2014-04-25 05:59 - 2014-04-24 12:34 - 00052928 _____ (StdLib) C:\windows\system32\Drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw.sys 2014-04-24 15:24 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2014-04-24 15:23 - 2014-04-24 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-24 15:23 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll 2014-04-24 15:23 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2014-04-24 15:23 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\windows\system32\java.exe 2014-04-24 15:22 - 2014-04-24 15:23 - 00004117 _____ () C:\windows\system32\jupdate-1.7.0_55-b14.log 2014-04-19 11:14 - 2014-04-19 11:14 - 00607080 _____ () C:\Users\miłosz\Downloads\DirectX-10_23514_pc (3).exe 2014-04-17 20:41 - 2014-04-17 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-04-17 20:40 - 2014-04-17 20:41 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2014-04-17 20:36 - 2014-04-17 20:36 - 28030411 _____ ( ) C:\Users\miłosz\Downloads\K-Lite_Codec_Pack_1040_Full.exe 2014-04-17 20:34 - 2014-04-17 20:34 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\KLite-Codec-Pack(13137).exe 2014-04-17 20:30 - 2014-04-17 20:30 - 00000000 _____ () C:\m.txt 2014-04-17 20:26 - 2014-04-17 20:26 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\Dziobas-RAR-Player(12669).exe 2014-04-17 20:21 - 2014-04-17 20:30 - 00000000 ____D () C:\Program Files\Dziobas Rar Player 2014-04-17 20:21 - 2014-04-17 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player 2014-04-17 20:19 - 2014-04-17 20:27 - 05697971 _____ (Kamil Dzióbek ) C:\Users\miłosz\Downloads\setupDziobasRarPlayer0.009.52(dobreprogramy.pl).exe 2014-04-17 19:12 - 2014-04-17 19:12 - 00000000 ____D () C:\Users\miłosz\AppData\Roaming\Unity 2014-04-16 20:21 - 2014-04-16 20:25 - 00438384 _____ () C:\Users\miłosz\Downloads\Dragon_City_Hack_Tool_5_8v.exe 2014-04-16 20:15 - 2014-04-16 20:15 - 00323720 _____ (SuperbApp) C:\Users\miłosz\Downloads\Dragon City Hack Tool 5 8v.exe 2014-04-15 13:33 - 2014-04-15 13:33 - 00000000 ____D () C:\Users\miłosz\AppData\Local\Unity 2014-04-12 10:02 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-04-12 10:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-04-12 10:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-04-12 10:02 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-04-12 10:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-04-12 10:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-04-12 10:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-04-12 10:02 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-04-12 10:02 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-04-12 10:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-04-12 10:02 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-04-12 10:02 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-04-12 10:02 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-04-12 10:02 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-04-12 10:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-04-12 10:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-04-12 10:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-04-12 10:01 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-04-12 10:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-04-12 10:01 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-04-12 10:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-04-12 10:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-04-12 10:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-04-12 10:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-04-10 09:52 - 2014-04-10 13:35 - 00000432 _____ () C:\Users\miłosz\Documents\mail.txt 2014-04-10 06:36 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys 2014-04-10 06:36 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2014-04-10 06:36 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys 2014-04-10 06:36 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll 2014-04-10 06:34 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2014-04-10 06:34 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2014-05-08 22:00 - 2014-05-08 21:59 - 00013064 _____ () C:\Users\miłosz\Desktop\FRST.txt 2014-05-08 21:59 - 2014-05-08 21:58 - 00000000 ____D () C:\FRST 2014-05-08 21:53 - 2014-05-08 21:53 - 01053184 _____ (Farbar) C:\Users\miłosz\Desktop\FRST.exe 2014-05-08 21:40 - 2013-05-31 18:49 - 00000930 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-05-08 18:14 - 2012-07-24 01:18 - 01086008 _____ () C:\windows\WindowsUpdate.log 2014-05-08 12:49 - 2014-05-08 12:49 - 00007837 _____ () C:\Users\miłosz\Downloads\transakcje.txt 2014-05-07 15:37 - 2014-05-07 15:37 - 00001284 _____ () C:\Users\miłosz\Desktop\JRT.txt 2014-05-07 15:29 - 2014-05-07 15:29 - 00000000 ____D () C:\windows\ERUNT 2014-05-07 15:29 - 2009-07-14 06:34 - 00016384 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-07 15:29 - 2009-07-14 06:34 - 00016384 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-07 15:28 - 2014-05-07 15:28 - 01016261 _____ (Thisisu) C:\Users\miłosz\Downloads\JRT.exe 2014-05-07 15:22 - 2014-05-07 15:22 - 00001530 _____ () C:\Users\miłosz\Documents\adwcleaner.txt 2014-05-07 15:20 - 2010-11-20 23:48 - 00709720 _____ () C:\windows\PFRO.log 2014-05-07 15:20 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-05-07 15:20 - 2009-07-14 06:39 - 00098126 _____ () C:\windows\setupact.log 2014-05-07 15:18 - 2014-03-26 18:17 - 00000000 ____D () C:\AdwCleaner 2014-05-07 15:10 - 2014-05-07 15:10 - 01316991 _____ () C:\Users\miłosz\Downloads\AdwCleaner(4).exe 2014-05-07 06:50 - 2014-05-06 05:56 - 00000000 ____D () C:\Users\miłosz\Desktop\rok 2014-05-06 22:50 - 2014-05-06 22:50 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-05 08:32 - 2012-07-24 00:34 - 00740770 _____ () C:\windows\system32\perfh015.dat 2014-05-05 08:32 - 2012-07-24 00:34 - 00156054 _____ () C:\windows\system32\perfc015.dat 2014-05-05 08:32 - 2010-11-20 23:01 - 01670610 _____ () C:\windows\system32\PerfStringBackup.INI 2014-05-03 09:11 - 2014-05-03 09:11 - 00003288 ____N () C:\bootsqm.dat 2014-05-02 10:54 - 2013-09-13 18:51 - 00000000 ____D () C:\Users\miłosz\AppData\Roaming\.minecraft 2014-05-02 10:36 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2014-05-01 13:24 - 2014-05-01 13:22 - 00000474 _____ () C:\Users\miłosz\Downloads\defogger_disable.log 2014-05-01 13:22 - 2014-05-01 13:22 - 00000000 _____ () C:\Users\miłosz\defogger_reenable 2014-05-01 13:22 - 2013-05-26 14:12 - 00000000 ____D () C:\Users\miłosz 2014-05-01 13:19 - 2014-05-01 13:19 - 00050477 _____ () C:\Users\miłosz\Downloads\Defogger.exe 2014-05-01 13:14 - 2014-05-01 13:14 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\miłosz\Downloads\SPTDinst-v186-x86.exe 2014-05-01 13:02 - 2014-05-01 13:02 - 00030540 _____ () C:\Users\miłosz\Documents\s.log 2014-05-01 12:14 - 2013-05-27 20:38 - 00000000 ____D () C:\Users\miłosz\AppData\Local\CrashDumps 2014-05-01 11:31 - 2014-05-01 11:30 - 00380416 _____ () C:\Users\miłosz\Desktop\uuzjrw1e.exe 2014-05-01 00:36 - 2014-05-01 00:36 - 00000060 _____ () C:\Users\miłosz\Documents\30.04.2014.txt 2014-04-30 21:56 - 2014-04-30 21:55 - 00602112 _____ (OldTimer Tools) C:\Users\miłosz\Downloads\OTL(2).exe 2014-04-30 21:22 - 2014-04-30 21:21 - 01310621 _____ () C:\Users\miłosz\Downloads\adwcleaner(3).exe 2014-04-30 12:39 - 2014-04-30 12:39 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-30 12:39 - 2014-04-30 12:39 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-30 12:39 - 2014-04-30 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-30 12:39 - 2014-04-30 12:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-30 12:39 - 2014-04-30 12:38 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2014-04-30 12:36 - 2014-04-30 12:36 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\miłosz\Downloads\spybot-2.3.exe 2014-04-30 12:33 - 2014-04-30 12:32 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\Spybot-Search-Destroy(12546).exe 2014-04-30 09:35 - 2014-04-30 08:09 - 00000000 ____D () C:\Users\miłosz\Doctor Web 2014-04-30 08:02 - 2014-04-30 08:00 - 147896696 _____ () C:\Users\miłosz\Downloads\fx0dpnh7.exe 2014-04-29 14:48 - 2014-05-04 10:02 - 17384448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-04-29 14:34 - 2014-05-04 10:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-04-29 11:41 - 2013-05-31 18:49 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2014-04-29 11:41 - 2013-05-31 18:49 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2014-04-27 19:33 - 2014-02-19 21:10 - 00000000 ____D () C:\Users\miłosz\Desktop\desmune 2014-04-27 10:52 - 2014-04-27 10:49 - 71151475 _____ () C:\Users\miłosz\Downloads\ania lewandowska_tokkyo_max.zip 2014-04-27 07:16 - 2014-04-27 07:16 - 01329501 _____ () C:\Users\miłosz\Downloads\adwcleaner(2).exe 2014-04-27 07:10 - 2014-04-27 07:09 - 00000000 ____D () C:\Users\miłosz\Downloads\kopernika 5 2014-04-27 07:07 - 2013-05-31 18:46 - 00000000 ____D () C:\Users\miłosz\AppData\Local\Adobe 2014-04-24 15:24 - 2013-09-13 19:02 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-24 15:23 - 2014-04-24 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-24 15:23 - 2014-04-24 15:22 - 00004117 _____ () C:\windows\system32\jupdate-1.7.0_55-b14.log 2014-04-24 15:23 - 2013-09-13 19:00 - 00000000 ____D () C:\Program Files\Java 2014-04-24 12:34 - 2014-04-25 05:59 - 00052928 _____ (StdLib) C:\windows\system32\Drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw.sys 2014-04-19 11:14 - 2014-04-19 11:14 - 00607080 _____ () C:\Users\miłosz\Downloads\DirectX-10_23514_pc (3).exe 2014-04-17 20:41 - 2014-04-17 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-04-17 20:41 - 2014-04-17 20:40 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2014-04-17 20:37 - 2013-07-29 11:33 - 00000000 ____D () C:\Program Files\DSP-worx 2014-04-17 20:36 - 2014-04-17 20:36 - 28030411 _____ ( ) C:\Users\miłosz\Downloads\K-Lite_Codec_Pack_1040_Full.exe 2014-04-17 20:34 - 2014-04-17 20:34 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\KLite-Codec-Pack(13137).exe 2014-04-17 20:30 - 2014-04-17 20:30 - 00000000 _____ () C:\m.txt 2014-04-17 20:30 - 2014-04-17 20:21 - 00000000 ____D () C:\Program Files\Dziobas Rar Player 2014-04-17 20:29 - 2014-04-17 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player 2014-04-17 20:27 - 2014-04-17 20:19 - 05697971 _____ (Kamil Dzióbek ) C:\Users\miłosz\Downloads\setupDziobasRarPlayer0.009.52(dobreprogramy.pl).exe 2014-04-17 20:26 - 2014-04-17 20:26 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\Dziobas-RAR-Player(12669).exe 2014-04-17 20:22 - 2013-05-26 14:12 - 00000000 ____D () C:\Users\miłosz\AppData\Local\VirtualStore 2014-04-17 19:12 - 2014-04-17 19:12 - 00000000 ____D () C:\Users\miłosz\AppData\Roaming\Unity 2014-04-16 20:25 - 2014-04-16 20:21 - 00438384 _____ () C:\Users\miłosz\Downloads\Dragon_City_Hack_Tool_5_8v.exe 2014-04-16 20:15 - 2014-04-16 20:15 - 00323720 _____ (SuperbApp) C:\Users\miłosz\Downloads\Dragon City Hack Tool 5 8v.exe 2014-04-15 13:33 - 2014-04-15 13:33 - 00000000 ____D () C:\Users\miłosz\AppData\Local\Unity 2014-04-14 20:13 - 2014-04-24 15:23 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll 2014-04-14 20:05 - 2014-04-24 15:24 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2014-04-14 20:05 - 2014-04-24 15:23 - 00175528 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2014-04-14 20:04 - 2014-04-24 15:23 - 00175016 _____ (Oracle Corporation) C:\windows\system32\java.exe 2014-04-14 04:11 - 2014-05-06 15:12 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-04-14 04:07 - 2014-05-06 15:12 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-04-13 20:11 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache 2014-04-12 10:26 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\pl-PL 2014-04-12 10:25 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\pt-PT 2014-04-12 10:01 - 2014-03-26 18:11 - 00000000 ____D () C:\windows\system32\MRT 2014-04-12 09:49 - 2014-03-26 18:11 - 88028728 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-04-10 13:35 - 2014-04-10 09:52 - 00000432 _____ () C:\Users\miłosz\Documents\mail.txt Some content of TEMP: ==================== C:\Users\miłosz\AppData\Local\Temp\ICReinstall_MinecraftSetup.exe C:\Users\miłosz\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\windows\explorer.exe => MD5 is legit C:\windows\system32\winlogon.exe => MD5 is legit C:\windows\system32\wininit.exe => MD5 is legit C:\windows\system32\svchost.exe [2012-07-23 09:58] - [2011-03-01 10:05] - 0021504 ____A (Microsoft Corporation) ECDB182F885292145826C58252B53000 C:\windows\system32\services.exe => MD5 is legit C:\windows\system32\User32.dll => MD5 is legit C:\windows\system32\userinit.exe => MD5 is legit C:\windows\system32\rpcss.dll => MD5 is legit C:\windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-30 06:13 ==================== End Of Log ============================

Dodano Dzisiaj, 22:22:
Ważna rzecz po poprzednim skanowaniu itd. (ale też nie od razu - 1-2 dni ) jak na razie żadnych reklam. O co chodzi ?

**Posty:** 2183 · przez **NieWiem** 09 Maj 2014, 08:09

Pobierz załączony plik

fixlist.txt: (274 Bajty) Ściągnięto 112 razy

i umieść go obok FRST.
Uruchom FRST jako administrator i wciśnij tym razem FIX.
Poczekaj aż ukończy zadanie.

Następnie poproszę raport z usuwania (fixlog.txt) i nowy raport z FRST z opcji Scan.

**Posty:** 9 · przez **anial** 09 Maj 2014, 22:14

Kod: Zaznacz wszystko: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:07-05-2014 Ran by miłosz at 2014-05-09 22:09:41 Run:1 Running from C:\Users\miłosz\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** SearchScopes: HKLM - DefaultScope value is missing. R1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw; C:\windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw.sys [52928 2014-04-24] (StdLib) C:\windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw.sys ***************** HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. {b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw => Service stopped successfully. {b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw => Service deleted successfully. C:\windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw.sys => Moved successfully. ==== End of Fixlog ====

Kod: Zaznacz wszystko: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-05-2014 Ran by miłosz (administrator) on MILOSZ-KOMPUTER on 09-05-2014 22:11:25 Running from C:\Users\miłosz\Desktop Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Hewlett-Packard Co.) C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Huawei Technologies Co., Ltd.) C:\Users\miłosz\AppData\Roaming\PLAY ONLINE\ouc.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Samsung Electronics) C:\Program Files\Samsung\Easy Settings\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Settings\SmartSetting.exe (CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Settings\MovieColorEnhancer.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Hewlett-Packard Co.) C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\Hp\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\Hp\Digital Imaging\bin\hpqgpc01.exe (SEC) C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (SAMSUNG Electronics) C:\Program Files\Samsung\Easy Support Center\SSCKbdHk.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [GfxServiceInstall] => C:\windows\system32\GfxCUIServiceInstall.vbs [131 2012-06-26] () HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11463272 2011-11-04] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2262312 2011-05-13] (Synaptics Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\Run: [HW_OPENEYE_OUC_PLAY ONLINE] => C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [110592 2009-04-14] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: D - D:\AutoRun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {021a8c4b-a08a-11e3-ab07-b80305bf6250} - D:\autorun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {22bab28b-d684-11e2-8925-b80305bf6250} - D:\AutoRun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {22bab29a-d684-11e2-8925-b80305bf6250} - D:\AutoRun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {7dff1df1-7267-11e3-a46d-b80305bf6250} - D:\AutoRun.exe HKU\S-1-5-21-1672387985-1913603920-378005710-1000\...\MountPoints2: {fb5be088-e09a-11e2-8e75-b80305bf6250} - D:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{29563F33-E006-4493-99AF-E616CBFB5F59}: [NameServer]89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{7546BB1F-66F1-4023-8741-E3715E4DBF61}: [NameServer]89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{78C28109-CDB8-486C-8F3A-79E84EB4C2B1}: [NameServer]89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{9FC967C2-96F2-4BC6-9F8C-1E24DA750205}: [NameServer]89.108.195.20 89.108.202.20 FireFox: ======== FF ProfilePath: C:\Users\miłosz\AppData\Roaming\Mozilla\Firefox\Profiles\hhw4f414.default FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/GENUINE - C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\miłosz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-02-04] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-02-04] ========================== Services (Whitelisted) ================= S3 GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [246520 2010-06-03] (WildTangent, Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] () R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.) ==================== Drivers (Whitelisted) ==================== S3 BtFilter; C:\windows\System32\DRIVERS\btfilter.sys [249504 2011-04-29] (Atheros) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation) R3 NETwNs32; C:\windows\System32\DRIVERS\NETwNs32.sys [7515136 2011-09-17] (Intel Corporation) S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2012-08-22] (Windows (R) 2003 DDK 3790 provider) R2 SGDrv; C:\windows\System32\DRIVERS\SGdrv.sys [6144 2011-04-12] (Phoenix Technologies Ltd.) S1 MpKslcebb2640; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{54F54DDA-B604-457F-BC1F-C9743CF53058}\MpKslcebb2640.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-09 10:09 - 2014-05-09 10:09 - 01874212 _____ () C:\Users\miłosz\Downloads\Pokemon Black and White Version (E).rar(1).crdownload 2014-05-09 09:59 - 2014-05-09 19:47 - 00002190 _____ () C:\Users\miłosz\Desktop\vba.ini 2014-05-09 09:59 - 2014-05-09 19:47 - 00000000 ____D () C:\Users\miłosz\Desktop\Nowy folder 2014-05-09 09:59 - 2004-05-25 19:47 - 01757264 _____ (None) C:\Users\miłosz\Desktop\VisualBoyAdvance.exe 2014-05-09 09:52 - 2014-05-09 09:59 - 00502333 _____ () C:\Users\miłosz\Desktop\VisualBoyAdvance-1.7.2.rar 2014-05-08 22:01 - 2014-05-08 22:02 - 00024414 _____ () C:\Users\miłosz\Desktop\Addition.txt 2014-05-08 21:59 - 2014-05-09 22:11 - 00012949 _____ () C:\Users\miłosz\Desktop\FRST.txt 2014-05-08 21:58 - 2014-05-09 22:11 - 00000000 ____D () C:\FRST 2014-05-08 21:53 - 2014-05-08 21:53 - 01053184 _____ (Farbar) C:\Users\miłosz\Desktop\FRST.exe 2014-05-08 12:49 - 2014-05-08 12:49 - 00007837 _____ () C:\Users\miłosz\Downloads\transakcje.txt 2014-05-07 15:37 - 2014-05-07 15:37 - 00001284 _____ () C:\Users\miłosz\Desktop\JRT.txt 2014-05-07 15:29 - 2014-05-07 15:29 - 00000000 ____D () C:\windows\ERUNT 2014-05-07 15:28 - 2014-05-07 15:28 - 01016261 _____ (Thisisu) C:\Users\miłosz\Downloads\JRT.exe 2014-05-07 15:22 - 2014-05-07 15:22 - 00001530 _____ () C:\Users\miłosz\Documents\adwcleaner.txt 2014-05-07 15:10 - 2014-05-07 15:10 - 01316991 _____ () C:\Users\miłosz\Downloads\AdwCleaner(4).exe 2014-05-06 22:50 - 2014-05-06 22:50 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-06 15:12 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-05-06 15:12 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-05-06 05:56 - 2014-05-09 22:01 - 00000000 ____D () C:\Users\miłosz\Desktop\rok 2014-05-04 10:02 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-05-04 10:02 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-05-03 09:11 - 2014-05-03 09:11 - 00003288 ____N () C:\bootsqm.dat 2014-05-01 13:22 - 2014-05-01 13:24 - 00000474 _____ () C:\Users\miłosz\Downloads\defogger_disable.log 2014-05-01 13:22 - 2014-05-01 13:22 - 00000000 _____ () C:\Users\miłosz\defogger_reenable 2014-05-01 13:19 - 2014-05-01 13:19 - 00050477 _____ () C:\Users\miłosz\Downloads\Defogger.exe 2014-05-01 13:14 - 2014-05-01 13:14 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\miłosz\Downloads\SPTDinst-v186-x86.exe 2014-05-01 13:02 - 2014-05-01 13:02 - 00030540 _____ () C:\Users\miłosz\Documents\s.log 2014-05-01 11:30 - 2014-05-01 11:31 - 00380416 _____ () C:\Users\miłosz\Desktop\uuzjrw1e.exe 2014-05-01 00:36 - 2014-05-01 00:36 - 00000060 _____ () C:\Users\miłosz\Documents\30.04.2014.txt 2014-04-30 21:55 - 2014-04-30 21:56 - 00602112 _____ (OldTimer Tools) C:\Users\miłosz\Downloads\OTL(2).exe 2014-04-30 21:21 - 2014-04-30 21:22 - 01310621 _____ () C:\Users\miłosz\Downloads\adwcleaner(3).exe 2014-04-30 12:39 - 2014-04-30 12:39 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-30 12:39 - 2014-04-30 12:39 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-30 12:39 - 2014-04-30 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-30 12:38 - 2014-04-30 12:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-30 12:38 - 2014-04-30 12:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2014-04-30 12:38 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\windows\system32\sdnclean.exe 2014-04-30 12:36 - 2014-04-30 12:36 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\miłosz\Downloads\spybot-2.3.exe 2014-04-30 12:32 - 2014-04-30 12:33 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\Spybot-Search-Destroy(12546).exe 2014-04-30 08:09 - 2014-04-30 09:35 - 00000000 ____D () C:\Users\miłosz\Doctor Web 2014-04-30 08:00 - 2014-04-30 08:02 - 147896696 _____ () C:\Users\miłosz\Downloads\fx0dpnh7.exe 2014-04-27 10:49 - 2014-04-27 10:52 - 71151475 _____ () C:\Users\miłosz\Downloads\ania lewandowska_tokkyo_max.zip 2014-04-27 07:16 - 2014-04-27 07:16 - 01329501 _____ () C:\Users\miłosz\Downloads\adwcleaner(2).exe 2014-04-27 07:09 - 2014-04-27 07:10 - 00000000 ____D () C:\Users\miłosz\Downloads\kopernika 5 2014-04-24 15:24 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2014-04-24 15:23 - 2014-04-24 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-24 15:23 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll 2014-04-24 15:23 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2014-04-24 15:23 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\windows\system32\java.exe 2014-04-24 15:22 - 2014-04-24 15:23 - 00004117 _____ () C:\windows\system32\jupdate-1.7.0_55-b14.log 2014-04-19 11:14 - 2014-04-19 11:14 - 00607080 _____ () C:\Users\miłosz\Downloads\DirectX-10_23514_pc (3).exe 2014-04-17 20:41 - 2014-04-17 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-04-17 20:40 - 2014-04-17 20:41 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2014-04-17 20:36 - 2014-04-17 20:36 - 28030411 _____ ( ) C:\Users\miłosz\Downloads\K-Lite_Codec_Pack_1040_Full.exe 2014-04-17 20:34 - 2014-04-17 20:34 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\KLite-Codec-Pack(13137).exe 2014-04-17 20:30 - 2014-04-17 20:30 - 00000000 _____ () C:\m.txt 2014-04-17 20:26 - 2014-04-17 20:26 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\Dziobas-RAR-Player(12669).exe 2014-04-17 20:21 - 2014-04-17 20:30 - 00000000 ____D () C:\Program Files\Dziobas Rar Player 2014-04-17 20:21 - 2014-04-17 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player 2014-04-17 20:19 - 2014-04-17 20:27 - 05697971 _____ (Kamil Dzióbek ) C:\Users\miłosz\Downloads\setupDziobasRarPlayer0.009.52(dobreprogramy.pl).exe 2014-04-17 19:12 - 2014-04-17 19:12 - 00000000 ____D () C:\Users\miłosz\AppData\Roaming\Unity 2014-04-16 20:21 - 2014-04-16 20:25 - 00438384 _____ () C:\Users\miłosz\Downloads\Dragon_City_Hack_Tool_5_8v.exe 2014-04-16 20:15 - 2014-04-16 20:15 - 00323720 _____ (SuperbApp) C:\Users\miłosz\Downloads\Dragon City Hack Tool 5 8v.exe 2014-04-15 13:33 - 2014-04-15 13:33 - 00000000 ____D () C:\Users\miłosz\AppData\Local\Unity 2014-04-12 10:02 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-04-12 10:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-04-12 10:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-04-12 10:02 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-04-12 10:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-04-12 10:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-04-12 10:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-04-12 10:02 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-04-12 10:02 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-04-12 10:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-04-12 10:02 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-04-12 10:02 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-04-12 10:02 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-04-12 10:02 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-04-12 10:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-04-12 10:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-04-12 10:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-04-12 10:01 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-04-12 10:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-04-12 10:01 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-04-12 10:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-04-12 10:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-04-12 10:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-04-12 10:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-04-10 09:52 - 2014-04-10 13:35 - 00000432 _____ () C:\Users\miłosz\Documents\mail.txt 2014-04-10 06:36 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys 2014-04-10 06:36 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2014-04-10 06:36 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys 2014-04-10 06:36 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll 2014-04-10 06:34 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2014-04-10 06:34 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2014-05-09 22:12 - 2014-05-08 21:59 - 00012949 _____ () C:\Users\miłosz\Desktop\FRST.txt 2014-05-09 22:11 - 2014-05-08 21:58 - 00000000 ____D () C:\FRST 2014-05-09 22:01 - 2014-05-06 05:56 - 00000000 ____D () C:\Users\miłosz\Desktop\rok 2014-05-09 22:00 - 2014-02-16 13:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-09 21:40 - 2013-05-31 18:49 - 00000930 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-05-09 19:47 - 2014-05-09 09:59 - 00002190 _____ () C:\Users\miłosz\Desktop\vba.ini 2014-05-09 19:47 - 2014-05-09 09:59 - 00000000 ____D () C:\Users\miłosz\Desktop\Nowy folder 2014-05-09 17:31 - 2012-07-24 01:18 - 01122155 _____ () C:\windows\WindowsUpdate.log 2014-05-09 10:09 - 2014-05-09 10:09 - 01874212 _____ () C:\Users\miłosz\Downloads\Pokemon Black and White Version (E).rar(1).crdownload 2014-05-09 09:59 - 2014-05-09 09:52 - 00502333 _____ () C:\Users\miłosz\Desktop\VisualBoyAdvance-1.7.2.rar 2014-05-09 09:58 - 2013-12-25 16:48 - 00000000 ____D () C:\Users\miłosz\Documents\milosz 2014-05-09 08:46 - 2009-07-14 06:34 - 00016384 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-09 08:46 - 2009-07-14 06:34 - 00016384 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-09 08:37 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-05-09 08:37 - 2009-07-14 06:39 - 00098182 _____ () C:\windows\setupact.log 2014-05-08 22:02 - 2014-05-08 22:01 - 00024414 _____ () C:\Users\miłosz\Desktop\Addition.txt 2014-05-08 21:53 - 2014-05-08 21:53 - 01053184 _____ (Farbar) C:\Users\miłosz\Desktop\FRST.exe 2014-05-08 12:49 - 2014-05-08 12:49 - 00007837 _____ () C:\Users\miłosz\Downloads\transakcje.txt 2014-05-07 15:37 - 2014-05-07 15:37 - 00001284 _____ () C:\Users\miłosz\Desktop\JRT.txt 2014-05-07 15:29 - 2014-05-07 15:29 - 00000000 ____D () C:\windows\ERUNT 2014-05-07 15:28 - 2014-05-07 15:28 - 01016261 _____ (Thisisu) C:\Users\miłosz\Downloads\JRT.exe 2014-05-07 15:22 - 2014-05-07 15:22 - 00001530 _____ () C:\Users\miłosz\Documents\adwcleaner.txt 2014-05-07 15:20 - 2010-11-20 23:48 - 00709720 _____ () C:\windows\PFRO.log 2014-05-07 15:18 - 2014-03-26 18:17 - 00000000 ____D () C:\AdwCleaner 2014-05-07 15:10 - 2014-05-07 15:10 - 01316991 _____ () C:\Users\miłosz\Downloads\AdwCleaner(4).exe 2014-05-06 22:50 - 2014-05-06 22:50 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-05 08:32 - 2012-07-24 00:34 - 00740770 _____ () C:\windows\system32\perfh015.dat 2014-05-05 08:32 - 2012-07-24 00:34 - 00156054 _____ () C:\windows\system32\perfc015.dat 2014-05-05 08:32 - 2010-11-20 23:01 - 01670610 _____ () C:\windows\system32\PerfStringBackup.INI 2014-05-03 09:11 - 2014-05-03 09:11 - 00003288 ____N () C:\bootsqm.dat 2014-05-02 10:54 - 2013-09-13 18:51 - 00000000 ____D () C:\Users\miłosz\AppData\Roaming\.minecraft 2014-05-02 10:36 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2014-05-01 13:24 - 2014-05-01 13:22 - 00000474 _____ () C:\Users\miłosz\Downloads\defogger_disable.log 2014-05-01 13:22 - 2014-05-01 13:22 - 00000000 _____ () C:\Users\miłosz\defogger_reenable 2014-05-01 13:22 - 2013-05-26 14:12 - 00000000 ____D () C:\Users\miłosz 2014-05-01 13:19 - 2014-05-01 13:19 - 00050477 _____ () C:\Users\miłosz\Downloads\Defogger.exe 2014-05-01 13:14 - 2014-05-01 13:14 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\miłosz\Downloads\SPTDinst-v186-x86.exe 2014-05-01 13:02 - 2014-05-01 13:02 - 00030540 _____ () C:\Users\miłosz\Documents\s.log 2014-05-01 12:14 - 2013-05-27 20:38 - 00000000 ____D () C:\Users\miłosz\AppData\Local\CrashDumps 2014-05-01 11:31 - 2014-05-01 11:30 - 00380416 _____ () C:\Users\miłosz\Desktop\uuzjrw1e.exe 2014-05-01 00:36 - 2014-05-01 00:36 - 00000060 _____ () C:\Users\miłosz\Documents\30.04.2014.txt 2014-04-30 21:56 - 2014-04-30 21:55 - 00602112 _____ (OldTimer Tools) C:\Users\miłosz\Downloads\OTL(2).exe 2014-04-30 21:22 - 2014-04-30 21:21 - 01310621 _____ () C:\Users\miłosz\Downloads\adwcleaner(3).exe 2014-04-30 12:39 - 2014-04-30 12:39 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-30 12:39 - 2014-04-30 12:39 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-30 12:39 - 2014-04-30 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-30 12:39 - 2014-04-30 12:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-30 12:39 - 2014-04-30 12:38 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2014-04-30 12:36 - 2014-04-30 12:36 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\miłosz\Downloads\spybot-2.3.exe 2014-04-30 12:33 - 2014-04-30 12:32 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\Spybot-Search-Destroy(12546).exe 2014-04-30 09:35 - 2014-04-30 08:09 - 00000000 ____D () C:\Users\miłosz\Doctor Web 2014-04-30 08:02 - 2014-04-30 08:00 - 147896696 _____ () C:\Users\miłosz\Downloads\fx0dpnh7.exe 2014-04-29 14:48 - 2014-05-04 10:02 - 17384448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-04-29 14:34 - 2014-05-04 10:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-04-29 11:41 - 2013-05-31 18:49 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2014-04-29 11:41 - 2013-05-31 18:49 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2014-04-27 19:33 - 2014-02-19 21:10 - 00000000 ____D () C:\Users\miłosz\Desktop\desmune 2014-04-27 10:52 - 2014-04-27 10:49 - 71151475 _____ () C:\Users\miłosz\Downloads\ania lewandowska_tokkyo_max.zip 2014-04-27 07:16 - 2014-04-27 07:16 - 01329501 _____ () C:\Users\miłosz\Downloads\adwcleaner(2).exe 2014-04-27 07:10 - 2014-04-27 07:09 - 00000000 ____D () C:\Users\miłosz\Downloads\kopernika 5 2014-04-27 07:07 - 2013-05-31 18:46 - 00000000 ____D () C:\Users\miłosz\AppData\Local\Adobe 2014-04-24 15:24 - 2013-09-13 19:02 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-24 15:23 - 2014-04-24 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-24 15:23 - 2014-04-24 15:22 - 00004117 _____ () C:\windows\system32\jupdate-1.7.0_55-b14.log 2014-04-24 15:23 - 2013-09-13 19:00 - 00000000 ____D () C:\Program Files\Java 2014-04-19 11:14 - 2014-04-19 11:14 - 00607080 _____ () C:\Users\miłosz\Downloads\DirectX-10_23514_pc (3).exe 2014-04-17 20:41 - 2014-04-17 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-04-17 20:41 - 2014-04-17 20:40 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2014-04-17 20:37 - 2013-07-29 11:33 - 00000000 ____D () C:\Program Files\DSP-worx 2014-04-17 20:36 - 2014-04-17 20:36 - 28030411 _____ ( ) C:\Users\miłosz\Downloads\K-Lite_Codec_Pack_1040_Full.exe 2014-04-17 20:34 - 2014-04-17 20:34 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\KLite-Codec-Pack(13137).exe 2014-04-17 20:30 - 2014-04-17 20:30 - 00000000 _____ () C:\m.txt 2014-04-17 20:30 - 2014-04-17 20:21 - 00000000 ____D () C:\Program Files\Dziobas Rar Player 2014-04-17 20:29 - 2014-04-17 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziobas Rar Player 2014-04-17 20:27 - 2014-04-17 20:19 - 05697971 _____ (Kamil Dzióbek ) C:\Users\miłosz\Downloads\setupDziobasRarPlayer0.009.52(dobreprogramy.pl).exe 2014-04-17 20:26 - 2014-04-17 20:26 - 00700824 _____ ( ) C:\Users\miłosz\Downloads\Dziobas-RAR-Player(12669).exe 2014-04-17 20:22 - 2013-05-26 14:12 - 00000000 ____D () C:\Users\miłosz\AppData\Local\VirtualStore 2014-04-17 19:12 - 2014-04-17 19:12 - 00000000 ____D () C:\Users\miłosz\AppData\Roaming\Unity 2014-04-16 20:25 - 2014-04-16 20:21 - 00438384 _____ () C:\Users\miłosz\Downloads\Dragon_City_Hack_Tool_5_8v.exe 2014-04-16 20:15 - 2014-04-16 20:15 - 00323720 _____ (SuperbApp) C:\Users\miłosz\Downloads\Dragon City Hack Tool 5 8v.exe 2014-04-15 13:33 - 2014-04-15 13:33 - 00000000 ____D () C:\Users\miłosz\AppData\Local\Unity 2014-04-14 20:13 - 2014-04-24 15:23 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll 2014-04-14 20:05 - 2014-04-24 15:24 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2014-04-14 20:05 - 2014-04-24 15:23 - 00175528 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2014-04-14 20:04 - 2014-04-24 15:23 - 00175016 _____ (Oracle Corporation) C:\windows\system32\java.exe 2014-04-14 04:11 - 2014-05-06 15:12 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-04-14 04:07 - 2014-05-06 15:12 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-04-13 20:11 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache 2014-04-12 10:26 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\pl-PL 2014-04-12 10:25 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\pt-PT 2014-04-12 10:01 - 2014-03-26 18:11 - 00000000 ____D () C:\windows\system32\MRT 2014-04-12 09:49 - 2014-03-26 18:11 - 88028728 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-04-10 13:35 - 2014-04-10 09:52 - 00000432 _____ () C:\Users\miłosz\Documents\mail.txt Some content of TEMP: ==================== C:\Users\miłosz\AppData\Local\Temp\ICReinstall_MinecraftSetup.exe C:\Users\miłosz\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\windows\explorer.exe => MD5 is legit C:\windows\system32\winlogon.exe => MD5 is legit C:\windows\system32\wininit.exe => MD5 is legit C:\windows\system32\svchost.exe [2012-07-23 09:58] - [2011-03-01 10:05] - 0021504 ____A (Microsoft Corporation) ECDB182F885292145826C58252B53000 C:\windows\system32\services.exe => MD5 is legit C:\windows\system32\User32.dll => MD5 is legit C:\windows\system32\userinit.exe => MD5 is legit C:\windows\system32\rpcss.dll => MD5 is legit C:\windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-30 06:13 ==================== End Of Log ============================

**Posty:** 2183 · przez **NieWiem** 10 Maj 2014, 12:48

Wygląda na to, że widać już koniec pracy

Pobierz i zainstaluj Malwarebytes' Anti-Malware.
Podczas instalacji odznacz opcję "free pro-version trial" czy jakoś tak.
Uaktualnij i przeprowadź skanowanie.
Załącz wynikowy raport.

**Posty:** 9 · przez **anial** 10 Maj 2014, 17:58

Oj , miło by było , dziękuję

Raport:

Kod: Zaznacz wszystko: Malwarebytes Anti-Malware http://www.malwarebytes.org Data skanu: 2014-05-10 Czas skanu: 17:56:23 Raport: raport.txt Administrator: Tak Wersja: 2.00.1.1004 Baza danych malware: v2014.05.10.06 Baza danych rootkitów: v2014.03.27.01 Licencja: Darmowy Ochrona przeciw malware: Wyłączony Ochrona przeciw szkodliwymi stronami: Wyłączony Chameleon: Wyłączony System operacyjny: Windows 7 Service Pack 1 Procesor: x86 System plików: NTFS Użytkownik: miA?osz Typ skanu: Skanowanie w poszukiwaniu zagrożeń Wynik: Zakończono Objekty zeskanowane: 237834 Minęło: 40 min, 39 s Pamięć: Włączony Autostart: Włączony System plików: Włączony Archiwa: Włączony Rootkity: Wyłączony Shuriken: Włączony PNP: Ostrzegaj PNM: Włączony Procesy: 0 (No malicious items detected) Moduły: 0 (No malicious items detected) Klucze rejestru: 1 PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [1ea0d47b9dde6ec8a1dfe1436c9604fc], Wartości rejestru: 0 (No malicious items detected) Dane rejestru: 0 (No malicious items detected) Foldery: 0 (No malicious items detected) Pliki: 7 PUP.Optional.InstallCore, C:\Users\miA?osz\AppData\Local\Temp\ICReinstall_MinecraftSetup.exe, , [ba0480cf5823ba7c4b6737ff4bb9c63a], PUP.Optional.Bundle, C:\Users\miA?osz\Downloads\KLite-Codec-Pack(13137).exe, , [9b23014e34475dd98b7c86eb0df4847c], PUP.Optional.InstalleRex, C:\Users\miA?osz\Downloads\Dragon City Hack Tool 5 8v.exe, , [7f3fa8a7abd060d67be1d89632cfd927], PUP.Optional.OneClickDownloader.A, C:\Users\miA?osz\Downloads\Dragon_City_Hack_Tool_5_8v.exe, , [c5f976d9c2b94beb1b74729ebf42e917], PUP.Optional.Bundle, C:\Users\miA?osz\Downloads\Dziobas-RAR-Player(12669).exe, , [07b7f75895e6c57146c1f081a35eb848], PUP.Optional.Bundle, C:\Users\miA?osz\Downloads\Spybot-Search-Destroy(12546).exe, , [7d415ef114671c1ac2454c257a87de22], PUP.Optional.Bundle, C:\Users\miA?osz\Downloads\WinRAR(12398).exe, , [d1ed3f100e6d0b2b3bccc5aceb165da3], Sektory fizyczne: 0 (No malicious items detected) (end)

**Posty:** 2183 · przez **NieWiem** 10 Maj 2014, 19:01

No tak, naściągane cracki/hacktoole a potem się dziwimy że śmieci po kompie latają...
PUP.Optional.InstallCore, C:\Users\miA?osz\AppData\Local\Temp\ICReinstall_MinecraftSetup.exe, , [ba0480cf5823ba7c4b6737ff4bb9c63a],
PUP.Optional.InstalleRex, C:\Users\miA?osz\Downloads\Dragon City Hack Tool 5 8v.exe, , [7f3fa8a7abd060d67be1d89632cfd927],
PUP.Optional.OneClickDownloader.A, C:\Users\miA?osz\Downloads\Dragon_City_Hack_Tool_5_8v.exe, , [c5f976d9c2b94beb1b74729ebf42e917],

Bez komentarza. Rób sobie z tym co chcesz. Tą pozycję usuń:
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [1ea0d47b9dde6ec8a1dfe1436c9604fc],

A w kwestii tego do poczytania: http://www.fixitpc.pl/topic/19809-portale-z-oprogramowaniem-instalatory-na-co-uwa%C5%BCa%C4%87/
PUP.Optional.Bundle, C:\Users\miA?osz\Downloads\Dziobas-RAR-Player(12669).exe, , [07b7f75895e6c57146c1f081a35eb848],
PUP.Optional.Bundle, C:\Users\miA?osz\Downloads\Spybot-Search-Destroy(12546).exe, , [7d415ef114671c1ac2454c257a87de22],
PUP.Optional.Bundle, C:\Users\miA?osz\Downloads\WinRAR(12398).exe, , [d1ed3f100e6d0b2b3bccc5aceb165da3],
PUP.Optional.Bundle, C:\Users\miA?osz\Downloads\KLite-Codec-Pack(13137).exe, , [9b23014e34475dd98b7c86eb0df4847c],

Wszystko, co tutaj było, było na Twoje własne życzenie.

**Posty:** 9 · przez **anial** 10 Maj 2014, 21:32

Ogromne dzięki za pomoc

i masz rację bez komentarza

. Twój komentarz dam do poczytania mojemu 9-letniemu synowi

, bo to jego sprzęcik. Nie posłuchał niestety próśb o skonsultowanie co chce ściągnąć . Pozdrawiam

**Posty:** 2183 · przez **NieWiem** 10 Maj 2014, 21:40

Na zakończenie, posprzątajmy mój burdel narzędziowy:

Pobierz DelFix na pulpit.
Uruchom jako administrator.
Zaznacz opcje:

Remove disinfection tools
Create registry backup
Purge system restore

Kliknij Run i przedstaw raport po działaniu programu.
Delfix powinien posprzątać po wszystkim.

**Posty:** 9 · przez **anial** 11 Maj 2014, 23:24

Kod: Zaznacz wszystko: # DelFix v10.7 - Logfile created 11/05/2014 at 23:25:56 # Updated 27/04/2014 by Xplode # Username : miłosz - MILOSZ-KOMPUTER # Operating System : Windows 7 Starter Service Pack 1 (32 bits) ~ Removing disinfection tools ... ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #151 [Windows Update | 04/15/2014 18:00:51] Deleted : RP #153 [Windows Update | 04/19/2014 16:07:14] Deleted : RP #154 [Windows Update | 04/23/2014 13:06:45] Deleted : RP #155 [Installed Java 7 Update 55 | 04/24/2014 13:20:19] Deleted : RP #156 [Windows Update | 04/26/2014 16:29:28] Deleted : RP #157 [Windows Update | 04/30/2014 03:55:48] Deleted : RP #158 [Windows Update | 05/03/2014 11:36:07] Deleted : RP #159 [Windows Update | 05/04/2014 07:57:54] Deleted : RP #160 [Windows Update | 05/06/2014 20:49:09] Deleted : RP #161 [Windows Update | 05/10/2014 12:08:24] New restore point created ! ########## - EOF - ##########

**Posty:** 2183 · przez **NieWiem** 11 Maj 2014, 23:29

Komputer czysty, dzieciakowi klapsa na tyłek i niech uważa gdzie chodzi i co robi z komputerem.

Pozdrowienia

**Posty:** 9 · przez **anial** 12 Maj 2014, 09:58

Szlabanik na komputery , myślę że działa bardziej motywująco . Wielkie dzięki za łopatologiczne tłumaczenie co robić , żeby rozwiązać problem

. Wszystkiego dobrego

**Posty:** 2183 · przez **NieWiem** 12 Maj 2014, 18:37

Wzajemnie

Kto jest na forum