Anty wariuje

**Posty:** 268 · przez **Samaramabezkol** 23 Paź 2013, 19:18

Siemanko,
dzisiaj mój NIS zaczął wariować tzn. pokazywał, że pełno wirusów m.in w "system" i prosi cały czas o ponowne uruchomienie co nic nie daje ;-)

Screeny:

Logi:

Kod: Zaznacz wszystko: OTL logfile created on: 2013-10-23 19:06:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SamaRama\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 55,87% Memory free 5,99 Gb Paging File | 4,58 Gb Available in Paging File | 76,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 24,41 Gb Total Space | 1,80 Gb Free Space | 7,36% Space Free | Partition Type: NTFS Drive D: | 149,04 Gb Total Space | 17,16 Gb Free Space | 11,51% Space Free | Partition Type: NTFS Drive E: | 9,58 Gb Total Space | 5,62 Gb Free Space | 58,74% Space Free | Partition Type: NTFS Drive F: | 40,39 Gb Total Space | 9,29 Gb Free Space | 23,00% Space Free | Partition Type: NTFS Computer Name: SAMARAMABEZKOL | User Name: SamaRama | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-10-23 19:03:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SamaRama\Desktop\OTL.exe PRC - [2013-10-15 11:37:15 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe PRC - [2013-10-15 11:37:05 | 001,673,680 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe PRC - [2013-10-08 14:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\21.1.0.18\nis.exe PRC - [2013-10-01 10:55:24 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-05-16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013-05-12 21:58:09 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2013-05-12 21:58:09 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2013-05-12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013-03-08 17:26:41 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe PRC - [2013-03-08 17:26:41 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe PRC - [2012-12-18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-11-30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2012-11-29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012-09-28 09:25:56 | 000,586,904 | ---- | M] (PandoraTV) -- C:\Program Files\PANDORA.TV\PanService\PanProcess.exe PRC - [2012-09-28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 23:29:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2009-09-21 19:40:50 | 001,681,408 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe PRC - [2007-05-11 09:58:58 | 000,103,344 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3300 Series\ezprint.exe PRC - [2007-05-11 09:58:38 | 000,205,744 | ---- | M] () -- C:\Program Files\Lexmark 3300 Series\lxccmon.exe PRC - [2007-03-26 08:49:26 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcccoms.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-10-01 10:55:24 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2010-01-30 03:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2009-09-02 10:28:04 | 047,628,288 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll MOD - [2009-05-07 17:53:18 | 000,106,496 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll MOD - [2009-05-07 17:50:46 | 000,073,728 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll MOD - [2008-02-14 14:57:00 | 000,094,208 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll MOD - [2007-05-11 09:58:38 | 000,205,744 | ---- | M] () -- C:\Program Files\Lexmark 3300 Series\lxccmon.exe MOD - [2005-12-13 16:51:56 | 000,122,880 | ---- | M] () -- C:\Program Files\Lexmark 3300 Series\lxccdrec.dll MOD - [2005-06-14 18:08:28 | 000,196,608 | ---- | M] () -- C:\Program Files\Lexmark 3300 Series\iptk.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) SRV - [2013-10-15 11:37:15 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2013-10-09 04:19:14 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013-10-08 14:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe -- (NIS) SRV - [2013-10-01 10:55:24 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-05-16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013-05-12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013-03-08 17:26:41 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService) SRV - [2013-03-05 16:14:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2013-02-28 19:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-12-18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-11-29 21:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2012-09-28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService) SRV - [2010-03-25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Nowy folder\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-03-26 08:49:26 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcccoms.exe -- (lxcc_device) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - [2013-10-17 17:13:53 | 000,393,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20131022.001\IDSvix86.sys -- (IDSVix86) DRV - [2013-10-10 21:28:52 | 000,022,560 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\System32\drivers\HWiNFO32.SYS -- (HWiNFO32) DRV - [2013-10-02 05:20:14 | 001,097,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20131002.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2013-09-27 05:18:30 | 000,935,512 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1501000.012\symefa.sys -- (SymEFA) DRV - [2013-09-27 04:26:03 | 000,651,352 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\NIS\1501000.012\srtsp.sys -- (SRTSP) DRV - [2013-09-26 05:28:00 | 000,446,552 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1501000.012\symnets.sys -- (SymNetS) DRV - [2013-09-26 04:50:25 | 000,127,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1501000.012\ccsetx86.sys -- (ccSet_NIS) DRV - [2013-09-21 16:15:42 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20131022.040\NAVEX15.SYS -- (NAVEX15) DRV - [2013-09-21 16:15:42 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2013-09-21 16:15:42 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013-09-21 16:15:42 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20131022.040\NAVENG.SYS -- (NAVENG) DRV - [2013-09-21 16:12:34 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2013-08-01 05:19:50 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1501000.012\symds.sys -- (SymDS) DRV - [2013-07-31 06:13:30 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1501000.012\ironx86.sys -- (SymIRON) DRV - [2013-07-31 05:44:44 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1501000.012\srtspx.sys -- (SRTSPX) DRV - [2013-06-26 22:28:24 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2013-06-26 22:28:24 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2013-06-23 17:10:25 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2013-06-23 17:02:01 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2013-06-21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2013-06-21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2013-05-12 23:37:58 | 009,053,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2013-05-02 06:23:42 | 000,153,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2013-05-02 06:23:42 | 000,136,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2013-05-02 06:23:42 | 000,130,248 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2013-05-02 06:23:42 | 000,017,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2013-02-25 07:27:46 | 000,154,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2012-12-29 22:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan) DRV - [2012-08-23 16:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt) DRV - [2012-08-23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012-08-23 16:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2012-08-23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub) DRV - [2010-11-20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc) DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-01-29 12:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2009-09-17 20:02:04 | 001,086,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009-08-22 20:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\Program Files (x86)\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32) DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3867699018-2041179564-140357553-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3867699018-2041179564-140357553-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3867699018-2041179564-140357553-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2 FF - prefs.js..extensions.enabledAddons: %7Bbcba2942-0c80-4c18-9d69-8e74049b2ca4%7D:0.9.9 FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.2.8%20-%201 FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2014.6.0.27 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\NOWYFO~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\NOWYFO~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\SamaRama\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\SamaRama\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\SamaRama\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\SamaRama\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\SamaRama\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-03-05 16:24:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-03-05 16:24:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ [2013-10-23 19:01:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-10-10 16:56:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-03-05 15:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SamaRama\AppData\Roaming\mozilla\Extensions [2013-10-17 16:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SamaRama\AppData\Roaming\mozilla\Firefox\Profiles\iysoazqv.default\extensions [2013-03-05 15:20:25 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\SamaRama\AppData\Roaming\mozilla\firefox\profiles\iysoazqv.default\extensions\autorefresh@plugin.xpi [2013-10-17 16:57:39 | 000,494,925 | ---- | M] () (No name found) -- C:\Users\SamaRama\AppData\Roaming\mozilla\firefox\profiles\iysoazqv.default\extensions\toolbar_KMPV7@apn.ask.com.xpi [2013-04-05 19:23:10 | 000,246,095 | ---- | M] () (No name found) -- C:\Users\SamaRama\AppData\Roaming\mozilla\firefox\profiles\iysoazqv.default\extensions\{bcba2942-0c80-4c18-9d69-8e74049b2ca4}.xpi [2013-10-10 08:21:46 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\SamaRama\AppData\Roaming\mozilla\firefox\profiles\iysoazqv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-01 10:55:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-10-01 10:55:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-10-23 19:01:02 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\COFFPLGN [2013-10-10 16:56:44 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF O1 HOSTS File: ([2013-06-23 18:05:06 | 000,000,853 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Nowy folder\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Nowy folder\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3300 Series\ezprint.exe (Lexmark International Inc.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [LXCCCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.DLL () O4 - HKLM..\Run: [lxccmon.exe] C:\Program Files\Lexmark 3300 Series\lxccmon.exe () O4 - HKU\S-1-5-21-3867699018-2041179564-140357553-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3867699018-2041179564-140357553-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) F3 - HKU\S-1-5-21-3867699018-2041179564-140357553-1001 WinNT: Load - (C:\Users\SamaRama\LOCALS~1\Temp\msqkuiuf.com) - C:\Users\SamaRama\LOCALS~1\Temp\msqkuiuf.com () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3867699018-2041179564-140357553-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3867699018-2041179564-140357553-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-3867699018-2041179564-140357553-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Nowy folder\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Wyślij &do programu OneNote - D:\Nowy folder\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Nowy folder\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Nowy folder\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Nowy folder\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Nowy folder\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD9E5974-C25C-4FE3-909A-578692B1DF61}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Nowy folder\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-10-23 19:03:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\SamaRama\Desktop\OTL.exe [2013-10-23 00:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 [2013-10-15 17:42:05 | 000,000,000 | ---D | C] -- C:\Users\SamaRama\Desktop\sprawdziany [2013-10-15 14:29:01 | 000,000,000 | ---D | C] -- C:\Users\SamaRama\Documents\FIFA 14 [2013-10-15 13:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 [2013-10-12 17:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft [2013-10-11 16:43:04 | 000,000,000 | ---D | C] -- C:\Users\SamaRama\AppData\Local\2K Games [2013-10-10 21:27:07 | 000,022,560 | ---- | C] (REALiX(tm)) -- C:\Windows\System32\drivers\HWiNFO32.SYS [2013-10-10 08:18:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-10-06 18:15:53 | 000,000,000 | ---D | C] -- C:\Users\SamaRama\AppData\Roaming\2K Sports [2013-10-06 18:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports [2013-10-03 16:40:23 | 000,000,000 | ---D | C] -- C:\Users\SamaRama\AppData\Local\LogMeIn [2013-10-03 16:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn [2013-10-01 18:34:38 | 000,000,000 | ---D | C] -- C:\Users\SamaRama\AppData\Local\Chris_Pietschmann_(http__ [2013-10-01 10:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-10-23 19:03:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SamaRama\Desktop\OTL.exe [2013-10-23 19:01:50 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-10-23 19:00:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-10-23 17:04:32 | 000,016,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-10-23 17:04:32 | 000,016,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-10-23 16:56:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-10-23 16:37:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3867699018-2041179564-140357553-1001UA.job [2013-10-23 15:07:28 | 000,063,905 | ---- | M] () -- C:\Users\SamaRama\Desktop\Beztyt2.png [2013-10-23 15:06:43 | 000,047,837 | ---- | M] () -- C:\Users\SamaRama\Desktop\Bez.png [2013-10-19 15:04:06 | 004,868,311 | ---- | M] () -- C:\Users\SamaRama\Desktop\Bez nazwy-2.png [2013-10-19 15:03:57 | 000,000,132 | ---- | M] () -- C:\Users\SamaRama\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2013-10-19 12:29:14 | 000,002,423 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2013-10-19 12:28:51 | 001,311,653 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\Cat.DB [2013-10-17 23:43:51 | 095,444,323 | ---- | M] () -- C:\Users\SamaRama\Desktop\2.psd [2013-10-16 23:26:10 | 000,015,248 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\VT20131016.019 [2013-10-15 17:30:39 | 002,509,472 | ---- | M] () -- C:\Users\SamaRama\Desktop\sprawdziany z geografii.rar [2013-10-15 13:57:48 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 14.lnk [2013-10-15 13:37:02 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3867699018-2041179564-140357553-1001Core.job [2013-10-12 17:10:18 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\Minecraft.lnk [2013-10-10 21:28:52 | 000,022,560 | ---- | M] (REALiX(tm)) -- C:\Windows\System32\drivers\HWiNFO32.SYS [2013-10-08 14:27:43 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\isolate.ini [2013-10-06 20:30:28 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2013-10-06 20:30:28 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013-10-06 20:30:28 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2013-10-06 20:30:28 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013-10-06 18:11:35 | 000,000,815 | ---- | M] () -- C:\Users\Public\Desktop\NBA 2K14.lnk [2013-10-04 20:54:01 | 000,007,604 | ---- | M] () -- C:\Users\SamaRama\AppData\Local\Resmon.ResmonCfg [2013-10-03 19:05:50 | 000,074,426 | ---- | M] () -- C:\Users\SamaRama\Desktop\pomoce_naukowe.zip [2013-10-03 08:13:14 | 000,008,176 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\srtsp.cat [2013-09-29 04:38:04 | 000,008,184 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\symnet.cat [2013-09-29 03:44:10 | 000,008,194 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\ccsetx86.cat [2013-09-27 05:18:30 | 000,935,512 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501000.012\symefa.sys [2013-09-27 05:18:30 | 000,008,182 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\symefa.cat [2013-09-27 05:18:30 | 000,003,433 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\symefa.inf [2013-09-27 04:26:03 | 000,651,352 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501000.012\srtsp.sys [2013-09-27 04:26:03 | 000,001,388 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\srtsp.inf [2013-09-26 05:28:00 | 000,446,552 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501000.012\symnets.sys [2013-09-26 05:27:52 | 000,001,440 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\symnet.inf [2013-09-26 04:50:25 | 000,127,064 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1501000.012\ccsetx86.sys [2013-09-26 04:50:25 | 000,000,829 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1501000.012\ccsetx86.inf [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [14 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-10-23 15:07:28 | 000,063,905 | ---- | C] () -- C:\Users\SamaRama\Desktop\Beztyt2.png [2013-10-23 15:06:43 | 000,047,837 | ---- | C] () -- C:\Users\SamaRama\Desktop\Bez.png [2013-10-19 15:03:54 | 004,868,311 | ---- | C] () -- C:\Users\SamaRama\Desktop\Bez nazwy-2.png [2013-10-17 23:34:56 | 095,444,323 | ---- | C] () -- C:\Users\SamaRama\Desktop\2.psd [2013-10-15 17:30:41 | 002,509,472 | ---- | C] () -- C:\Users\SamaRama\Desktop\sprawdziany z geografii.rar [2013-10-15 13:40:34 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 14.lnk [2013-10-12 17:10:18 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\Minecraft.lnk [2013-10-06 18:11:33 | 000,000,815 | ---- | C] () -- C:\Users\Public\Desktop\NBA 2K14.lnk [2013-10-03 19:05:55 | 000,074,426 | ---- | C] () -- C:\Users\SamaRama\Desktop\pomoce_naukowe.zip [2013-08-27 14:51:38 | 000,641,024 | ---- | C] () -- C:\Windows\System32\ficvdec_x86.dll [2013-08-25 18:09:19 | 000,022,528 | ---- | C] () -- C:\Windows\System32\drivers\96EW.sys [2013-08-25 18:09:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\Hidhlp.dll [2013-08-25 18:09:06 | 000,049,152 | ---- | C] () -- C:\Windows\System32\iFT329D.dll [2013-06-29 16:20:37 | 000,007,604 | ---- | C] () -- C:\Users\SamaRama\AppData\Local\Resmon.ResmonCfg [2013-06-26 22:28:24 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2013-06-26 22:28:24 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2013-06-11 19:54:19 | 000,000,640 | RHS- | C] () -- C:\Users\SamaRama\ntuser.pol [2013-05-22 22:09:53 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe [2013-04-29 16:27:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2013-04-24 13:48:39 | 000,000,132 | ---- | C] () -- C:\Users\SamaRama\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2013-04-05 23:54:50 | 000,140,072 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2013-04-05 23:54:45 | 000,138,056 | ---- | C] () -- C:\Users\SamaRama\AppData\Roaming\PnkBstrK.sys [2013-04-05 23:54:12 | 000,280,904 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2013-04-05 23:54:11 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2013-03-10 23:12:03 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxccserv.dll [2013-03-10 23:12:03 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxccusb1.dll [2013-03-10 23:12:03 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcchbn3.dll [2013-03-10 23:12:03 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcccomc.dll [2013-03-10 23:12:03 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxccpmui.dll [2013-03-10 23:12:03 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcclmpm.dll [2013-03-10 23:12:03 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcccoms.exe [2013-03-10 23:12:03 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcccomm.dll [2013-03-10 23:12:03 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxccinpa.dll [2013-03-10 23:12:03 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcciesc.dll [2013-03-10 23:12:03 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxccih.exe [2013-03-10 23:12:03 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxcccfg.exe [2013-03-10 23:12:03 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcchcp.dll [2013-03-10 23:12:03 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxccinst.dll [2013-03-10 23:12:03 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxccprox.dll [2013-03-10 23:12:03 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxccpplc.dll [2013-03-10 22:55:44 | 000,000,600 | ---- | C] () -- C:\Windows\Quake.INI [2013-03-08 17:26:58 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe [2013-03-08 17:26:58 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2013-03-05 15:07:52 | 003,165,737 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2013-03-05 15:03:37 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2013-02-05 17:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013-02-05 17:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2013-02-05 17:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2013-02-05 17:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2013-02-05 17:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012-09-28 21:45:16 | 000,246,272 | ---- | C] () -- C:\Windows\System32\rtvcvfw64.dll [2012-09-28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll [2012-06-19 14:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\System32\pbsvc.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-10-12 17:18:18 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\.minecraft [2013-07-28 21:48:40 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\.mono [2005-10-17 21:07:24 | 000,000,000 | -H-D | M] -- C:\Users\SamaRama\AppData\Roaming\10467186 [2013-10-06 18:15:53 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\2K Sports [2013-06-23 17:14:12 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\DAEMON Tools Lite [2013-08-27 14:50:15 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\dclogs [2013-09-21 16:57:44 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\eDownload [2013-07-12 14:54:57 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\FlashFXP [2013-07-09 19:14:53 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\FlowStone [2013-05-19 19:23:36 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\GameRanger [2013-03-16 16:20:33 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\HD Tune Pro [2013-07-09 19:15:03 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Image-Line [2013-07-15 23:09:50 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Locktime [2013-05-04 22:27:18 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\LolClient [2013-08-27 14:51:42 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Mirillis [2013-03-21 16:01:22 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\MonoDevelop-Unity-2.8 [2013-04-07 00:50:40 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\NapiProjekt [2013-03-30 23:31:43 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\OBS [2013-09-10 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Origin [2013-03-06 14:56:21 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Publish Providers [2013-07-09 17:56:50 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Rockstar Games [2013-07-16 11:07:19 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Samsung [2013-03-06 15:20:12 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Sony [2013-04-07 18:57:48 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Sony Creative Software Inc [2013-08-27 12:02:43 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\SplitMediaLabs [2013-03-21 16:01:28 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\stetic [2013-06-23 18:05:37 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\The Witcher [2013-07-30 16:49:14 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Theta [2013-06-27 13:40:34 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\TS3Client [2013-04-29 16:38:00 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Tunngle [2013-03-21 16:07:57 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\Unity [2013-10-20 23:15:17 | 000,000,000 | ---D | M] -- C:\Users\SamaRama\AppData\Roaming\uTorrent [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2013-10-23 19:06:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SamaRama\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 55,87% Memory free 5,99 Gb Paging File | 4,58 Gb Available in Paging File | 76,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 24,41 Gb Total Space | 1,80 Gb Free Space | 7,36% Space Free | Partition Type: NTFS Drive D: | 149,04 Gb Total Space | 17,16 Gb Free Space | 11,51% Space Free | Partition Type: NTFS Drive E: | 9,58 Gb Total Space | 5,62 Gb Free Space | 58,74% Space Free | Partition Type: NTFS Drive F: | 40,39 Gb Total Space | 9,29 Gb Free Space | 23,00% Space Free | Partition Type: NTFS Computer Name: SAMARAMABEZKOL | User Name: SamaRama | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3867699018-2041179564-140357553-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "D:\Nowy folder\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "D:\Nowy folder\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- D:\Games\PS\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{09A08A9B-DE0A-4094-838C-07D424A26E4F}" = lport=445 | protocol=6 | dir=in | app=system | "{0F258E5B-4FB6-45E5-B9A9-185A9C9F95BE}" = rport=138 | protocol=17 | dir=out | app=system | "{1945FDC5-F68F-4477-9CDD-EFE268799B36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{28B91239-5A62-449F-9434-93E89BACF85D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{2C692B4B-978D-43D9-A601-7D3F000D09AE}" = lport=137 | protocol=17 | dir=in | app=system | "{37E11D5E-ABB2-42D4-82D6-15A2DFCA866F}" = lport=139 | protocol=6 | dir=in | app=system | "{391ACD4A-7622-4E9C-978F-8392926F60DF}" = rport=445 | protocol=6 | dir=out | app=system | "{3A6562FB-50FB-4751-97B9-98F96BFB9CED}" = rport=139 | protocol=6 | dir=out | app=system | "{6FC72421-2D4C-45C9-8AE7-5AF01C7AFB71}" = lport=3389 | protocol=17 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe | "{80FF964F-33B3-4722-B725-9042E1BAA9CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{87BF403F-67CE-4D56-A5CC-8F5A126D0D3A}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe | "{8C9285AC-44AA-4746-99DD-E60EC5CF5755}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{93294E39-AB89-4E75-BBB2-7CB43CA332C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9E2F3F30-AD7C-4E42-AFCE-49828B09C565}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | "{A21358BE-AB70-4739-8136-64BC8C310871}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A7E35B7E-209F-4263-9909-C2C4D5B20311}" = lport=138 | protocol=17 | dir=in | app=system | "{E73A6A7D-EB53-46F2-A66B-3D66A8DA8976}" = lport=3389 | protocol=6 | dir=in | app=system | "{E93FBC8C-1558-49B1-AA12-F0D19E9B26E1}" = lport=6004 | protocol=17 | dir=in | app=d:\nowy folder\office14\outlook.exe | "{F849857F-6851-4BE6-8BEF-DDEC3DD31807}" = rport=137 | protocol=17 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0B5F90C9-F98F-4C3C-836B-3318D2EC3EDD}" = protocol=17 | dir=in | app=d:\program files\2k sports\nba 2k14\nba2k14.exe | "{0BAB8F2F-C683-40BB-A3D9-E4913B0775F7}" = protocol=17 | dir=in | app=c:\users\samarama\appdata\local\google\google talk plugin\googletalkplugin.exe | "{0C24F930-90F4-428D-ADF5-F8EE9BB39108}" = protocol=17 | dir=in | app=f:\games\battlefield 3\bf3.exe | "{10EE72F5-96FE-4A8D-83F5-3A9F6AEB76DF}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{12361205-5C93-4251-88FC-D52A78CB8E45}" = dir=out | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{14808189-9D29-4E10-853C-2A9568AC270D}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe | "{165974A4-F40A-48A7-BF52-921F883038F9}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steam.exe | "{1E5D9C4E-BAE0-4FB6-82DC-E6EF0FF727ED}" = protocol=6 | dir=in | app=f:\games\battlefield 3\bf3.exe | "{23263B42-01BC-45FD-834D-46BE2456AE68}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2F9BFDAE-FAE3-4213-83DB-FFEB9AA32E09}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3726386F-7B1D-4362-8797-401E3A3E292C}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe | "{3CEA0236-8CFF-484F-951D-AE2D68DABEF3}" = protocol=6 | dir=in | app=d:\nowy folder\office14\onenote.exe | "{4020BF70-F646-46D7-BC6E-6286682DB352}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{4247F629-36B0-4270-B2B5-553D5E2A35DE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{4F25E27A-3B99-4368-B581-1146F47014C2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{56C1D3EB-60DD-4AA4-BF3B-8B71E7A68374}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe | "{5B83C777-5A63-4FD2-9015-B66D2D7C540D}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe | "{61AD332D-6163-4787-A680-1E5683034F34}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{659B0ADC-1E57-42DB-9B8F-ADE1C3DE64A1}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe | "{67FC48B8-565B-4548-8C28-DA2454B13445}" = protocol=17 | dir=in | app=d:\games\simcity\simcity\simcity.exe | "{69D459F8-2E61-4070-A72F-DBE3BD2EC519}" = protocol=6 | dir=in | app=d:\games\simcity\simcity\simcity.exe | "{73042589-016C-44E2-98E2-F9C77A0A22EB}" = protocol=6 | dir=in | app=d:\nowy folder\office14\groove.exe | "{73C1697D-139D-4A6E-8CB3-53D4D61D42CD}" = protocol=17 | dir=in | app=c:\windows\system32\lxcccoms.exe | "{74DA9940-9B00-4990-9C12-AD20067B8CC3}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe | "{75B602CA-0A68-4493-9112-00D4F0E01376}" = protocol=17 | dir=in | app=d:\nowy folder\office14\groove.exe | "{7974E5EA-ADD2-4EE0-A140-96A9E4791725}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{79F59EA2-0604-4EBA-8AB3-6ADCE2FAE782}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{7AACEAAD-9DF7-4E06-BDD7-D916557232EC}" = dir=out | app=d:\program files\image-line\fl studio 11\fl.exe | "{7F12D939-B1F2-4243-A430-807CB1E558E5}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{88CAA19C-1EAC-4B5D-9219-EE3757BA5B89}" = protocol=6 | dir=in | app=c:\users\samarama\appdata\roaming\utorrent\utorrent.exe | "{8961FD4C-87DF-4B70-91FA-935F3665F086}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxccpswx.exe | "{8DA4746E-6CEA-4D5B-B37F-4E6DDD68BDDE}" = protocol=17 | dir=in | app=c:\users\samarama\appdata\roaming\utorrent\utorrent.exe | "{9363D4FE-305E-4426-8713-8867B16D051D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{955ED597-18E9-4A06-8DD9-9F185B5764BF}" = protocol=6 | dir=in | app=d:\program files\2k sports\nba 2k14\nba2k14.exe | "{9E58025F-3422-4688-9E95-92911C16EA94}" = protocol=6 | dir=in | app=c:\windows\system32\lxcccoms.exe | "{C2F23C63-6A0F-4DB9-95B0-76E19B99533E}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxccpswx.exe | "{C620444F-FB45-421D-951A-B735F50C0146}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe | "{CCAD53D3-3304-4A53-AE12-8C15276069F3}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe | "{D339F23C-963A-4146-AC20-6686B892281C}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{D5994EEA-DE21-451C-A64C-A9836571EE8E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{D7403913-5AF7-4851-8DBC-556718DF6D31}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{D7B443EF-BBD0-41EC-8ADF-3E7ED1A133C9}" = protocol=6 | dir=in | app=c:\users\samarama\appdata\local\google\google talk plugin\googletalkplugin.exe | "{E2AE77A7-4812-4E24-9043-21F60F6BD4C4}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{E558F5F1-32B0-4D8C-A3B8-670E22127719}" = protocol=17 | dir=in | app=d:\nowy folder\office14\onenote.exe | "{E79D0601-D0A0-4734-A951-21F40B7A8E3A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F3265FEE-6CEA-41C1-8063-9693BEF1A728}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe | "{FAFD291E-779A-4582-B89B-E8AC8F66375B}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe | "{FC05B3DD-7A99-4E89-8316-E3EA9E2928C3}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steam.exe | "TCP Query User{16F489FE-8544-4C81-9DCB-470EAFD3133F}D:\downloads\m-skidrowcrack.com\6545641526sc-xeu\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=d:\downloads\m-skidrowcrack.com\6545641526sc-xeu\binaries\win32\xcomgame.exe | "TCP Query User{23DAB7DB-FE8F-4E9A-96CF-DCC788ADD5E6}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{24FA938A-A5C0-4EBD-93D1-82E229B8A11D}C:\windows\system32\wuauclt.exe" = protocol=6 | dir=in | app=c:\windows\system32\wuauclt.exe | "TCP Query User{25238EA6-7E97-4604-87C2-36CA39DCC2A4}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | "TCP Query User{26C6403A-8B8C-4F94-AD8F-5A50CE992F20}D:\program files\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=d:\program files\electronic arts\shift 2 unleashed\shift2u.exe | "TCP Query User{29461328-5AE3-412C-8467-1E0CF2E096C6}D:\downloads\smcity\start.exe" = protocol=6 | dir=in | app=d:\downloads\smcity\start.exe | "TCP Query User{29F45BBC-A8F8-439B-9CAA-02911A522F9E}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "TCP Query User{338729F3-18CB-41C6-A9A9-9193D2FDBECD}D:\pain\left 4 dead full game mp - sp -=aviara=-\left4dead\left4dead.exe" = protocol=6 | dir=in | app=d:\pain\left 4 dead full game mp - sp -=aviara=-\left4dead\left4dead.exe | "TCP Query User{3F575E5E-BC61-49DD-9FA9-F0981202E33C}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe | "TCP Query User{40F9C803-B06F-4F8C-A646-6AC51D941E18}D:\smcity\start.exe" = protocol=6 | dir=in | app=d:\smcity\start.exe | "TCP Query User{5A85F0B6-4FF8-46C3-947E-6ED8D5696D0B}D:\downloads\simcity\apache\httpd.exe" = protocol=6 | dir=in | app=d:\downloads\simcity\apache\httpd.exe | "TCP Query User{5D381C83-46BC-4206-8913-B98E7F73069A}D:\program files\ea games\mohaa\mohaa.exe" = protocol=6 | dir=in | app=d:\program files\ea games\mohaa\mohaa.exe | "TCP Query User{5D6DCF38-2D99-4476-9C05-EED0DBBF8EAD}F:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=f:\program files\wolfenstein - enemy territory\et.exe | "TCP Query User{6713DCBE-3759-40D9-B5B7-219657C49E5D}D:\program files\arma 3\arma3.exe" = protocol=6 | dir=in | app=d:\program files\arma 3\arma3.exe | "TCP Query User{676832BB-5659-4BC2-867E-C249288B120F}D:\downloads\simcity\start.exe" = protocol=6 | dir=in | app=d:\downloads\simcity\start.exe | "TCP Query User{6AF32F65-CC1E-4616-AB72-D628553D19A5}C:\users\samarama\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\samarama\appdata\roaming\gameranger\gameranger\gameranger.exe | "TCP Query User{7B4A7318-4839-4868-B53C-0F8BD06F7550}D:\downloads\fifa 13 full unlocked multi 12+dlc\fifa 13\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=d:\downloads\fifa 13 full unlocked multi 12+dlc\fifa 13\fifa 13\game\fifa13.exe | "TCP Query User{812001E5-1F43-4D6E-9568-D4C3CC518487}D:\r.g. catalyst\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=d:\r.g. catalyst\max payne 3\maxpayne3.exe | "TCP Query User{8F31D504-E737-42A0-8AAB-A4BDC214B7F5}D:\program files\honor_pol\mohaa.exe" = protocol=6 | dir=in | app=d:\program files\honor_pol\mohaa.exe | "TCP Query User{93004DB6-FFA9-4DB3-BB9C-6F600AE59A13}C:\program files\unity\editor\unity.exe" = protocol=6 | dir=in | app=c:\program files\unity\editor\unity.exe | "TCP Query User{98EA5EA2-5DB2-43B5-A57A-65A5B3247C94}D:\painkiller\bin\painkiller.exe" = protocol=6 | dir=in | app=d:\painkiller\bin\painkiller.exe | "TCP Query User{A0B73BA2-78B5-4A5F-983D-6BE205F4EB11}D:\downloads\simcity-drmless-beta-1.0\start.exe" = protocol=6 | dir=in | app=d:\downloads\simcity-drmless-beta-1.0\start.exe | "TCP Query User{A31A8BF9-A792-4EA8-BE1E-5BDB980C142D}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{A3674EF8-F704-437D-86A6-598DED82DB68}D:\downloads\simcity\start.exe" = protocol=6 | dir=in | app=d:\downloads\simcity\start.exe | "TCP Query User{B8913AC2-CF60-48ED-A5BF-E6ACE145A367}D:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe | "TCP Query User{BF21CDEC-68D3-4D42-BF66-1DBD0A43E878}D:\downloads\antichamber\antichamber\antichamber\binaries\win32\udk.exe" = protocol=6 | dir=in | app=d:\downloads\antichamber\antichamber\antichamber\binaries\win32\udk.exe | "TCP Query User{C3B23221-DEE7-4936-AE4D-6FACA3D7306F}D:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "TCP Query User{CDB1AEC8-5E89-48BB-9443-B1B8120038BC}D:\downloads\simcity-drmless-beta-1.0\apache\httpd.exe" = protocol=6 | dir=in | app=d:\downloads\simcity-drmless-beta-1.0\apache\httpd.exe | "TCP Query User{D0A42C25-9AF2-403E-B212-849DED0ECD61}F:\program files\heroes3\heroes3.exe" = protocol=6 | dir=in | app=f:\program files\heroes3\heroes3.exe | "TCP Query User{D11E1198-787B-477C-BA69-81C071D1E5F5}D:\program files\dead island riptide\deadislandgame_x86_rwdi.exe" = protocol=6 | dir=in | app=d:\program files\dead island riptide\deadislandgame_x86_rwdi.exe | "TCP Query User{D73EFA72-2FAE-4DAE-9415-4611779084B6}D:\downloads\simcity [multi5][pcdvd][drmless][vulpeszedra][www.gamestorrents.com]\vpzedra-simcity\vpzedra-simcity\smcity\start.exe" = protocol=6 | dir=in | app=d:\downloads\simcity [multi5][pcdvd][drmless][vulpeszedra][www.gamestorrents.com]\vpzedra-simcity\vpzedra-simcity\smcity\start.exe | "TCP Query User{E453F2FC-27A3-41A0-BF16-9A8AD0441B1F}D:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "TCP Query User{ED4347E4-C6B9-4BF9-AF82-C1B38BD39769}F:\program files\heroes3\erathia\heroes3.exe" = protocol=6 | dir=in | app=f:\program files\heroes3\erathia\heroes3.exe | "TCP Query User{EDC4235D-BA60-41BA-9266-6484FC447740}D:\games\assassin's creed 3\ac3sp.exe" = protocol=6 | dir=in | app=d:\games\assassin's creed 3\ac3sp.exe | "TCP Query User{F4D6F0D0-BB72-47BD-B588-1A4EC0784CEA}D:\smcity\apache\httpd.exe" = protocol=6 | dir=in | app=d:\smcity\apache\httpd.exe | "TCP Query User{FD6B6422-D2A3-4561-91A6-286599F66627}F:\program files\heroes3\death\heroes3.exe" = protocol=6 | dir=in | app=f:\program files\heroes3\death\heroes3.exe | "TCP Query User{FEC509D6-3098-4B7B-B040-054E86F01E4B}F:\program files\heroes3\death\heroes33.exe" = protocol=6 | dir=in | app=f:\program files\heroes3\death\heroes33.exe | "UDP Query User{14B45DF5-D590-43BD-A27D-1F076FC5D872}D:\downloads\m-skidrowcrack.com\6545641526sc-xeu\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=d:\downloads\m-skidrowcrack.com\6545641526sc-xeu\binaries\win32\xcomgame.exe | "UDP Query User{1CDBCC8F-7272-4CC5-9491-DC004528BBA3}F:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=f:\program files\wolfenstein - enemy territory\et.exe | "UDP Query User{231CBEB5-C719-4553-82D2-243D338F6820}D:\program files\honor_pol\mohaa.exe" = protocol=17 | dir=in | app=d:\program files\honor_pol\mohaa.exe | "UDP Query User{2A19FDB9-58AB-4CE9-BB5F-2FF77F25D817}D:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "UDP Query User{3728EB9E-E9A0-4F8F-920D-94E6D3EC9086}C:\users\samarama\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\samarama\appdata\roaming\gameranger\gameranger\gameranger.exe | "UDP Query User{37E232EF-43DF-4F02-B63B-48E825D26C00}D:\downloads\simcity\start.exe" = protocol=17 | dir=in | app=d:\downloads\simcity\start.exe | "UDP Query User{388C5AE2-FFDB-4BC7-85CA-F7D598562B22}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{41EB5A69-B074-4CD0-B69D-6408F0C973C7}D:\smcity\start.exe" = protocol=17 | dir=in | app=d:\smcity\start.exe | "UDP Query User{51DFBAA7-BB09-48E1-A8E8-A13C61FE22D0}F:\program files\heroes3\heroes3.exe" = protocol=17 | dir=in | app=f:\program files\heroes3\heroes3.exe | "UDP Query User{62FABF92-EC8A-45EA-BD95-9DEBD98F2179}D:\downloads\antichamber\antichamber\antichamber\binaries\win32\udk.exe" = protocol=17 | dir=in | app=d:\downloads\antichamber\antichamber\antichamber\binaries\win32\udk.exe | "UDP Query User{6495A2F9-A255-412A-AA8D-D5341ADB9674}F:\program files\heroes3\erathia\heroes3.exe" = protocol=17 | dir=in | app=f:\program files\heroes3\erathia\heroes3.exe | "UDP Query User{69B8729B-361E-4BC1-8531-0CAB93040BE6}D:\downloads\simcity\start.exe" = protocol=17 | dir=in | app=d:\downloads\simcity\start.exe | "UDP Query User{6DE9875D-DBD4-489F-8936-837D81351F5B}D:\downloads\smcity\start.exe" = protocol=17 | dir=in | app=d:\downloads\smcity\start.exe | "UDP Query User{726E0C57-54C2-4706-8C17-FC9604B5AFF0}D:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe | "UDP Query User{7D150CA7-A6B7-4404-9C9E-4649DFD1D5D4}D:\program files\dead island riptide\deadislandgame_x86_rwdi.exe" = protocol=17 | dir=in | app=d:\program files\dead island riptide\deadislandgame_x86_rwdi.exe | "UDP Query User{7D508FF8-5643-4DE3-B8F3-D3457A1467E3}D:\downloads\simcity [multi5][pcdvd][drmless][vulpeszedra][www.gamestorrents.com]\vpzedra-simcity\vpzedra-simcity\smcity\start.exe" = protocol=17 | dir=in | app=d:\downloads\simcity [multi5][pcdvd][drmless][vulpeszedra][www.gamestorrents.com]\vpzedra-simcity\vpzedra-simcity\smcity\start.exe | "UDP Query User{9947F004-F897-4A41-BC58-BF53AF40BFAF}C:\program files\unity\editor\unity.exe" = protocol=17 | dir=in | app=c:\program files\unity\editor\unity.exe | "UDP Query User{9D9C8F5A-FE41-4CAA-B264-CF9947742B10}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe | "UDP Query User{A04360DA-2E42-4DF1-B1F9-F5DE84DC70F0}D:\r.g. catalyst\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=d:\r.g. catalyst\max payne 3\maxpayne3.exe | "UDP Query User{A09435E5-6A74-4D35-A9E6-B54780C1A97C}D:\program files\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=d:\program files\electronic arts\shift 2 unleashed\shift2u.exe | "UDP Query User{A4ED6B2A-4F26-4BCA-855D-6E61DA5C6AE0}D:\downloads\simcity-drmless-beta-1.0\apache\httpd.exe" = protocol=17 | dir=in | app=d:\downloads\simcity-drmless-beta-1.0\apache\httpd.exe | "UDP Query User{A90FFD00-11A2-46CA-B5D3-2861254824D0}C:\windows\system32\wuauclt.exe" = protocol=17 | dir=in | app=c:\windows\system32\wuauclt.exe | "UDP Query User{AD2E4839-7779-472A-876D-082189BEA6EE}D:\downloads\fifa 13 full unlocked multi 12+dlc\fifa 13\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=d:\downloads\fifa 13 full unlocked multi 12+dlc\fifa 13\fifa 13\game\fifa13.exe | "UDP Query User{AD87E524-11F2-414A-8A8E-B481B3F494BF}D:\painkiller\bin\painkiller.exe" = protocol=17 | dir=in | app=d:\painkiller\bin\painkiller.exe | "UDP Query User{AE36C088-DF27-41C0-AB79-4D678E944756}D:\smcity\apache\httpd.exe" = protocol=17 | dir=in | app=d:\smcity\apache\httpd.exe | "UDP Query User{B0DC230C-1068-4A38-82D9-4EB10DC3A891}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | "UDP Query User{B69FE1F3-1D22-41EC-979D-680B219184A4}D:\downloads\simcity-drmless-beta-1.0\start.exe" = protocol=17 | dir=in | app=d:\downloads\simcity-drmless-beta-1.0\start.exe | "UDP Query User{D121BE8E-6BC2-4C92-8978-827F61BDC18A}D:\pain\left 4 dead full game mp - sp -=aviara=-\left4dead\left4dead.exe" = protocol=17 | dir=in | app=d:\pain\left 4 dead full game mp - sp -=aviara=-\left4dead\left4dead.exe | "UDP Query User{D234B895-3ACC-4C31-94DA-1EF12B4FD421}D:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "UDP Query User{D5386F37-9F03-4890-8374-0C88F75A3AEE}F:\program files\heroes3\death\heroes3.exe" = protocol=17 | dir=in | app=f:\program files\heroes3\death\heroes3.exe | "UDP Query User{D7EC1BE7-3E7C-4F3E-AB47-8C64F9453193}D:\games\assassin's creed 3\ac3sp.exe" = protocol=17 | dir=in | app=d:\games\assassin's creed 3\ac3sp.exe | "UDP Query User{D931D8FE-CB9E-49A0-B9E2-01C9BEE7FA08}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{DE195264-1194-4278-9D6F-1AB00B14FC07}F:\program files\heroes3\death\heroes33.exe" = protocol=17 | dir=in | app=f:\program files\heroes3\death\heroes33.exe | "UDP Query User{E0BDEEC3-3055-4934-B25A-38DB1EF0E0F5}D:\program files\arma 3\arma3.exe" = protocol=17 | dir=in | app=d:\program files\arma 3\arma3.exe | "UDP Query User{E20E9F70-1FC7-4C3C-9968-316C07648E04}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "UDP Query User{E9881D63-C916-4967-8693-03D5514DC555}D:\program files\ea games\mohaa\mohaa.exe" = protocol=17 | dir=in | app=d:\program files\ea games\mohaa\mohaa.exe | "UDP Query User{F57EF793-1152-4895-97D7-4C2314F6C472}D:\downloads\simcity\apache\httpd.exe" = protocol=17 | dir=in | app=d:\downloads\simcity\apache\httpd.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}" = Medal of Honor Allied Assault(tm) Spearhead Patch 2.15 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{228CEA74-6DD1-40B9-B95F-77273F4316B5}" = Desktop Restore "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B4D5056-3700-A76A-76A7-A758B70C0600}" = KMP Media Toolbar "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}" = NBA 2K14 "{554894C6-A12C-4CE6-8FDC-F1BBEABB69B4}_is1" = Dead Island Riptide version 5.1 "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5ED9E38C-9A96-49D8-89B3-92E278003FCF}" = TRS2006 "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer "{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}" = Google Talk Plugin "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{781B7F3D-8107-4049-80C0-16FF46420184}" = XSplit Broadcaster "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) "{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 320.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 320.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 320.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 320.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 4.11.9 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.24.2 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B5B98340-0296-11E2-8B8E-F04DA23A5C58}" = Vegas Pro 11.0 "{B8D84F70-0296-11E2-8DF5-F04DA23A5C58}" = MSVCRT Redists "{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}" = Medal of Honor Allied Assault(tm) Spearhead "{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}" = LG United Mobile Drivers "{C8C4CAD2-B5AD-4260-98E9-FAD0AB935BEE}_is1" = Minecraft version 1.64 "{CC90F4CA-E243-469F-924F-5B9BF8624080}_is1" = Bus Driver 1.5 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™ "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service "5513-1208-7298-9440" = JDownloader 0.9 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Afterburner" = MSI Afterburner 2.3.1 "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.80 "Audacity_is1" = Audacity 2.0.3 "Battlelog Web Plugins" = Battlelog Web Plugins "Call of Duty BO2 MP_is1" = Call of Duty BO2 MP "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "CWK" = CWK (Czasowy Wyłącznik Komputera) "DAEMON Tools Lite" = DAEMON Tools Lite "ESN Sonar-0.70.4" = ESN Sonar "Euro Truck Simulator 2_is1" = Euro Truck Simulator 2 wersja 1.5.2.1s "FIFA 14_is1" = FIFA 14 version 1.0 u1 "FIFA 2000" = FIFA 2000 "FlashFXP 4" = FlashFXP 4 "Fraps" = Fraps (remove only) "Freemake Audio Converter_is1" = Freemake Audio Converter wersja 1.1.0 "Freemake Video Converter_is1" = Freemake Video Converter wersja 4.0.0 "FT329D" = USB Steering Wheel "GOM Player" = GOM Player "Google Chrome" = Google Chrome "HD Tune Pro_is1" = HD Tune Pro 5.00 "Heroes III Armageddon's Blade" = Heroes III Armageddon's Blade "Heroes III The Restoration of Erathia" = Heroes III The Restoration of Erathia "Heroes III The Shadow of Death" = Heroes III The Shadow of Death "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń "InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "Lexmark 3300 Series" = Lexmark 3300 Series "Max Payne 3_is1" = «Max Payne 3» 1.0.0.114 "Medal of Honor" = Medal of Honor "Medal of Honor - Spearhead" = Medal of Honor - Spearhead "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mirillis Action!" = Action! "Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.1.1.2314) "NIS" = Norton Internet Security "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Open Broadcaster Software" = Open Broadcaster Software "OpenAL" = OpenAL "Origin" = Origin "Poker Night 2_is1" = Poker Night 2 "PunkBusterSvc" = PunkBuster Services "R2FtZURldlR5Y29vbnYxMzI=_is1" = Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1 "RealPlayer 16.0" = RealPlayer "reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0 "RegDoctor_is1" = RegDoctor 2.37 "Rockstar Games Social Club" = Rockstar Games Social Club "SopCast" = SopCast 3.8.3 "SpeedFan" = SpeedFan (remove only) "Steam App 42680" = Call of Duty: Modern Warfare 3 "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer "Steam App 43110" = Metro 2033 "Steam App 50130" = Mafia II "Steam App 8930" = Sid Meier's Civilization V "T3V0bGFzdA==_is1" = Outlast "TeamExtreme Minecraft Installer 1.3.2" = TeamExtreme Minecraft Installer 1.3.2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "The KMPlayer" = The KMPlayer (remove only) "The Witcher_R.G. Mechanics_is1" = The Witcher "UltraISO_is1" = UltraISO Premium V9.53 "Uplay" = Uplay "uTorrent" = µTorrent "Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions "WinRAR archiver" = WinRAR 4.20 (32-bitowy) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3867699018-2041179564-140357553-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GameRanger" = GameRanger "MyFreeCodec" = MyFreeCodec [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-10-09 10:29:00 | Computer Name = SamaRamaBezKol | Source = Software Protection Platform Service | ID = 8193 Description = Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error - 2013-10-09 11:41:55 | Computer Name = SamaRamaBezKol | Source = Software Protection Platform Service | ID = 8193 Description = Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error - 2013-10-09 13:09:23 | Computer Name = SamaRamaBezKol | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-10-09 13:10:33 | Computer Name = SamaRamaBezKol | Source = WinMgmt | ID = 10 Description = Error - 2013-10-09 13:54:19 | Computer Name = SamaRamaBezKol | Source = Software Protection Platform Service | ID = 8193 Description = Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error - 2013-10-10 02:16:54 | Computer Name = SamaRamaBezKol | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-10-10 02:18:19 | Computer Name = SamaRamaBezKol | Source = WinMgmt | ID = 10 Description = Error - 2013-10-10 10:35:28 | Computer Name = SamaRamaBezKol | Source = Winlogon | ID = 4103 Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error - 2013-10-10 10:36:46 | Computer Name = SamaRamaBezKol | Source = WinMgmt | ID = 10 Description = Error - 2013-10-10 11:20:26 | Computer Name = SamaRamaBezKol | Source = Software Protection Platform Service | ID = 8193 Description = Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 [ System Events ] Error - 2013-07-19 07:24:28 | Computer Name = SamaRamaBezKol | Source = Microsoft-Windows-WHEA-Logger | ID = 18 Description = Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 10 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error - 2013-07-19 07:45:19 | Computer Name = SamaRamaBezKol | Source = DCOM | ID = 10010 Description = Error - 2013-07-19 08:09:26 | Computer Name = SamaRamaBezKol | Source = DCOM | ID = 10001 Description = Error - 2013-07-19 08:09:40 | Computer Name = SamaRamaBezKol | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2013-07-19 09:05:39 | Computer Name = SamaRamaBezKol | Source = DCOM | ID = 10001 Description = Error - 2013-07-19 10:22:20 | Computer Name = SamaRamaBezKol | Source = volsnap | ID = 393252 Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error - 2013-07-20 04:41:59 | Computer Name = SamaRamaBezKol | Source = Application Popup | ID = 875 Description = Sterownik atksgt.sys został zablokowany dla ładowania. Error - 2013-07-20 04:41:59 | Computer Name = SamaRamaBezKol | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275 Error - 2013-07-20 04:42:07 | Computer Name = SamaRamaBezKol | Source = Microsoft-Windows-WHEA-Logger | ID = 18 Description = Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 10 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error - 2013-07-20 05:27:03 | Computer Name = SamaRamaBezKol | Source = DCOM | ID = 10001 Description = < End of report >

**Posty:** 4765 · przez **ordynat** 23 Paź 2013, 19:51

W logach widzę tylko ślad w Rejestrze po infekcji.
I nic więcej.
Kosmetyka:
Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
F3 - HKU\S-1-5-21-3867699018-2041179564-140357553-1001 WinNT: Load - (C:\Users\SamaRama\LOCALS~1\Temp\msqkuiuf.com) - C:\Users\SamaRama\LOCALS~1\Temp\msqkuiuf.com ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\SamaRama\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\SamaRama\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt.

Jeśli Norton w dalszym ciągu będzie wykrywał nieistniejące infekcje, to zaczekasz do najbliższej aktualizacji jego bazy wirusów (mmoże Nortonskoryguje te fałszywewykrycia.
Jeśli natomiast NORTON tego nie skoryguje, to pozbędziesz się tego Antywirusa.
.

Anty wariuje

Anty wariuje

Anty wariuje

Kto jest na forum