Penny Bee( oraz inne wirusy) Proszę o pomoc !
|
Ania1995
Wdrażany
Liczba postów: 17
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Dobrze , będę czekała 
Nie wiem jak ci dziękować za pomoc , naprawdę , bez ciebie nic bym nie zrobiła , jesteś wielka !
WIEEEELKIEE dzięki  !
(Ten post był ostatnio modyfikowany: 25.03.2015 23:52 przez Ania1995.)
25.03.2015 23:51
|
 Podziękowania od: |
|
|
|
Illidan
Ekspert
Liczba postów: 1.024
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Witaj.Sorry że czekałaś,ale ...czasu mało
Ok,to do roboty...
Uruchom "OTL" i wklej do niego w pole "Własne opcje skanowania/Skrypt":
Cytat::OTL
O2: 64bit: - BHO: (no name) - {7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}} - No CLSID value found.
O2 - BHO: (no name) - {7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}} - No CLSID value found.
O4 - HKLM..\Run: [Driver Genius] File not found
:Commands
[emptytemp]
Wykonaj skrypt i pokaż raport z czyszczenia po restarcie.To w zasadzie kosmetyka tylko,nic groźnego w logach już nie ma.po czyszczeniu systemu oceń jego działanie.
Dobrze by było byś uaktualniła sterowniki jeszcze:
http://forum.komputerswiat.pl/topic/2058...imdrivers/
Po tym wszystkim,jeśli jeszcze chcesz to możesz zrobić jeszcze logi z FRST,są troszkę dokładniejsze ,pełniejsze o tych z "OTL":
http://windows7forum.pl/frst-farbar-reco...ki-42514-t
(Ten post był ostatnio modyfikowany: 26.03.2015 21:40 przez Illidan.)
26.03.2015 21:33
|
| Podziękowania od: |
|
|
|
Ania1995
Wdrażany
Liczba postów: 17
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Log z OTL z tym że gdy po restarcie ukazał się log nie skopiowałam go i przez aktualizacje i ponowny restart zniknął mi i potem znowu odpaliłam OTL , znowu wkleiłam skrypt tym razem w krótką chwilę się wczytał , załadował ( nwm jak to nazwać  ) i ten skrypt jest po tym drugim restarcie , mam nadzieję ,że nie ma to wpływu na wynik ? Wydaje mi się ,że wygląda tak samo jak tamten
Kod:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Driver Genius not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: WIN7
->Temp folder emptied: 362591748 bytes
->Temporary Internet Files folder emptied: 33172 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 57820293 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 553 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 401,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03272015_162722
Files\Folders moved on Reboot...
C: \Users\WIN7\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
LOG z FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by WIN7 (administrator) on WIN7-KOMPUTER on 27-03-2015 19: 58: 07
Running from C: \Users\WIN7\Downloads
Loaded Profiles: WIN7 (Available profiles: WIN7)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 8 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http: //www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C: \Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C: \Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Windows (R) Win 7 DDK provider) C: \Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C: \Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C: \Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C: \Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C: \Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C: \Windows\SysWOW64\PnkBstrA.exe
(SlimWare Utilities, Inc.) C: \Program Files\SlimService\SlimServiceFactory.exe
(NVIDIA Corporation) C: \Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C: \Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C: \Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C: \Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C: \Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C: \Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(SlimWare Utilities, Inc.) C: \Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Atheros Communications) C: \Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C: \Windows\System32\igfxtray.exe
(Intel Corporation) C: \Windows\System32\hkcmd.exe
(Intel Corporation) C: \Windows\System32\igfxpers.exe
(Intel Corporation) C: \Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C: \Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C: \Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C: \Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SlimWare Utilities, Inc.) C: \Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
(NVIDIA Corporation) C: \Program Files\NVIDIA Corporation\Display\nvtray.exe
(SlimWare Utilities, Inc.) C: \Program Files\SlimService\SlimService.exe
(Google Inc.) C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
() C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\Plugin.exe
() C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugincontainer.exe
() C: \Program Files (x86)\Common Files\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\updater.exe
(Intel Corporation) C: \Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C: \Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\Plugin.exe
() C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\5\Plugin.exe
() C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe
() C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe
(Google Inc.) C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C: \Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C: \Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => C: \Windows\system32\rundll32.exe C: \Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C: \Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C: \Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C: \Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
Winlogon\Notify\igfxcui: C: \Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C: \Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\Run: [Yahoo Messengger] => C: \Windows\system32\SSVICHOSST.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\Run: [SlimCleaner Plus] => C: \Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26166552 2015-03-19] (SlimWare Utilities, Inc.)
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: G - G: \AutoRun.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: {0d8fb1a3-2d72-11e4-bb0a-dc85de89f6d4} - G: \AutoRun.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: {3445ca68-98ad-11e3-a777-dc85de89f6d4} - G: \AutoRun.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: {60b8bf48-98ac-11e3-91e2-806e6f6e6963} - G: \AutoRun.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: {60b8bf5e-98ac-11e3-91e2-dc85de89f6d4} - G: \AutoRun.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: {9ab097c9-9e55-11e3-88e2-dc85de89f6d4} - G: \AutoRun.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: {c3debba2-ba9e-11e3-8199-dc85de89f6d4} - G: \AutoRun.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: {c996e714-bbed-11e3-aa16-dc85de89f6d4} - G: \.\StartModem.exe
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\MountPoints2: {cc82665f-59b7-11e3-adf9-806e6f6e6963} - F: \Pentagram.exe
AppInit_DLLs: C: \Windows\system32\nvinitx.dll => C: \Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C: \Windows\SysWOW64\nvinit.dll => C: \Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150325
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150325
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150325
SearchScopes: HKU\S-1-5-21-863054386-3135099446-3108326217-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-863054386-3135099446-3108326217-1000 -> {C3330D77-BFC9-47AB-94E2-2522AA8B73E6} URL = http: //rts.dsrlte.com/?affID=na&q={searchTerms}&r=651
BHO: No Name -> {7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}} -> No File
BHO-x32: browse pulse -> {ed8e593d-1965-4e45-9d55-d56162dcde14} -> C: \Program Files (x86)\browse pulse\Extensions\ed8e593d-1965-4e45-9d55-d56162dcde14.dll [2015-03-25] ()
Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206
Tcpip\..\Interfaces\{400B0EE8-AAEA-4885-97E8-5202898BF3EF}: [NameServer] 194.204.152.34 194.204.159.1
FireFox:
========
FF ProfilePath: C: \Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\ucsqaq9d.default
FF NewTab:
FF DefaultSearchEngine: Yahoo! Search
FF SelectedSearchEngine: Yahoo! Search
FF Keyword.URL:
FF Homepage: www.wp.pl/?src01=dp120150325
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C: \Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C: \Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-28] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C: \Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C: \Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C: \Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C: \Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-863054386-3135099446-3108326217-1000: @unity3d.com/UnityPlayer,version=1.0 -> C: \Users\WIN7\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF user.js: detected! => C: \Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\ucsqaq9d.default\user.js [2014-02-22]
FF Extension: Quick Start - C: \Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\ucsqaq9d.default\Extensions\1393086424_xpi [2014-02-22]
FF Extension: Penny Bee - C: \Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\ucsqaq9d.default\Extensions\tb@pennybee.com [2014-10-22]
FF Extension: browse pulse - C: \Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\ucsqaq9d.default\Extensions\{2e1f8aaa-2524-48ee-b4da-977d3c5b2f51}.xpi [2015-03-25]
FF Extension: Easy Youtube Video Downloader Express - C: \Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\ucsqaq9d.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2013-12-26]
FF Extension: DownThemAll! - C: \Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\ucsqaq9d.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-03-01]
FF Extension: No Name - C: \Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR StartupUrls: Default -> "https: //www.google.pl/"
CHR Profile: C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-05]
CHR Extension: (Google Docs) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-05]
CHR Extension: (Google Drive) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-05]
CHR Extension: (YouTube) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-05]
CHR Extension: (Google Search) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-05]
CHR Extension: (Google Sheets) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-05]
CHR Extension: (AdBlock) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-05]
CHR Extension: (Google Wallet) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06]
CHR Extension: (browse pulse) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkhfedbgmiblchlojhdkibkcakomlmb [2015-03-26]
CHR Extension: (Gmail) - C: \Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-05]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C: \Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 GfExperienceService; C: \Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C: \Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C: \Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C: \Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-28] (Intel Corporation)
S2 MBAMService; C: \Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NvNetworkService; C: \Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C: \Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C: \Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-14] ()
R2 Service Mgr browsepulse; C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugincontainer.exe [584432 2015-03-27] ()
R2 SlimService; C: \Program Files\SlimService\SlimServiceFactory.exe [244504 2015-03-19] (SlimWare Utilities, Inc.)
R2 Update Mgr browsepulse; C: \Program Files (x86)\Common Files\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\updater.exe [514288 2015-03-27] ()
R2 WinDefend; C: \Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C: \Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R0 iaStorF; C: \Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation)
R3 kbfiltr; C: \Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C: \Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C: \Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C: \Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C: \Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C: \Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-08-28] (Intel Corporation)
S3 mtkmbim; C: \Windows\System32\DRIVERS\mtkmbim7_x64.sys [208896 2012-12-13] (MediaTek Inc.)
R1 nvkflt; C: \Windows\System32\DRIVERS\nvkflt.sys [299664 2015-03-13] (NVIDIA Corporation)
R3 NvStreamKms; C: \Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C: \Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 SWDUMon; C: \Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-03-27] (SlimWare Utilities, Inc.)
S3 taphss6; C: \Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 wdf_usb; C: \Windows\System32\DRIVERS\usb2ser.sys [81408 2013-02-21] (MediaTek Inc.)
S3 EagleX64; \?\C: \Windows\system32\drivers\EagleX64.sys [X]
S1 iSafeKrnlMon; \?\C: \Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 19: 58 - 2015-03-27 19: 59 - 00017469 _____ () C: \Users\WIN7\Downloads\FRST.txt
2015-03-27 19: 56 - 2015-03-27 19: 58 - 00000000 ____D () C: \FRST
2015-03-27 19: 56 - 2015-03-27 19: 56 - 02095616 _____ (Farbar) C: \Users\WIN7\Downloads\FRST64.exe
2015-03-27 19: 53 - 2015-03-27 19: 53 - 00000000 ___RD () C: \Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-03-27 16: 37 - 2014-05-14 17: 23 - 02477536 _____ (Microsoft Corporation) C: \Windows\system32\wuaueng.dll
2015-03-27 16: 37 - 2014-05-14 17: 23 - 00700384 _____ (Microsoft Corporation) C: \Windows\system32\wuapi.dll
2015-03-27 16: 37 - 2014-05-14 17: 23 - 00581600 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wuapi.dll
2015-03-27 16: 37 - 2014-05-14 17: 23 - 00058336 _____ (Microsoft Corporation) C: \Windows\system32\wuauclt.exe
2015-03-27 16: 37 - 2014-05-14 17: 23 - 00044512 _____ (Microsoft Corporation) C: \Windows\system32\wups2.dll
2015-03-27 16: 37 - 2014-05-14 17: 23 - 00038880 _____ (Microsoft Corporation) C: \Windows\system32\wups.dll
2015-03-27 16: 37 - 2014-05-14 17: 23 - 00036320 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wups.dll
2015-03-27 16: 37 - 2014-05-14 17: 21 - 02620928 _____ (Microsoft Corporation) C: \Windows\system32\wucltux.dll
2015-03-27 16: 37 - 2014-05-14 17: 20 - 00097792 _____ (Microsoft Corporation) C: \Windows\system32\wudriver.dll
2015-03-27 16: 37 - 2014-05-14 17: 17 - 00092672 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wudriver.dll
2015-03-27 16: 37 - 2014-05-14 09: 23 - 00198600 _____ (Microsoft Corporation) C: \Windows\system32\wuwebv.dll
2015-03-27 16: 37 - 2014-05-14 09: 23 - 00179656 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wuwebv.dll
2015-03-27 16: 37 - 2014-05-14 09: 20 - 00036864 _____ (Microsoft Corporation) C: \Windows\system32\wuapp.exe
2015-03-27 16: 37 - 2014-05-14 09: 17 - 00033792 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wuapp.exe
2015-03-27 16: 25 - 2015-03-27 16: 28 - 00000364 _____ () C: \Windows\Tasks\SlimCleaner Plus (Scheduled Scan - WIN7).job
2015-03-27 16: 25 - 2015-03-27 16: 25 - 00003024 _____ () C: \Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - WIN7)
2015-03-27 16: 19 - 2000-01-01 01: 00 - 71040000 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\RCoRes64.dat
2015-03-27 16: 19 - 2000-01-01 01: 00 - 04263128 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\Drivers\RTKVHD64.sys
2015-03-27 16: 19 - 2000-01-01 01: 00 - 03186544 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\RtkApi64.dll
2015-03-27 16: 19 - 2000-01-01 01: 00 - 02860760 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\RtPgEx64.dll
2015-03-27 16: 19 - 2000-01-01 01: 00 - 02827120 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\RltkAPO64.dll
2015-03-27 16: 19 - 2000-01-01 01: 00 - 02770976 _____ (Fortemedia Corporation) C: \Windows\system32\FMAPO64.dll
2015-03-27 16: 19 - 2000-01-01 01: 00 - 02041432 _____ (Waves Audio Ltd.) C: \Windows\system32\MaxxAudioEQ64.dll
2015-03-27 16: 19 - 2000-01-01 01: 00 - 01959128 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\RTSnMg64.cpl
2015-03-27 16: 19 - 2000-01-01 01: 00 - 01443340 _____ () C: \Windows\system32\Drivers\RTAIODAT.DAT
2015-03-27 16: 19 - 2000-01-01 01: 00 - 01287384 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\RTCOM64.dll
2015-03-27 16: 19 - 2000-01-01 01: 00 - 00959704 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\RCoInstII64.dll
2015-03-27 16: 19 - 2000-01-01 01: 00 - 00629464 _____ (Realtek Semiconductor Corp.) C: \Windows\system32\RtDataProc64.dll
2015-03-27 16: 19 - 2000-01-01 01: 00 - 00560328 _____ (Andrea Electronics Corporation) C: \Windows\system32\AERTAC64.dll
2015-03-27 16: 18 - 2015-03-27 16: 18 - 00000000 ____D () C: \ProgramData\SlimWare Utilities, Inc
2015-03-27 16: 16 - 2015-03-27 19: 53 - 00016056 _____ (SlimWare Utilities, Inc.) C: \Windows\system32\Drivers\SWDUMon.sys
2015-03-27 16: 16 - 2015-03-27 19: 53 - 00002832 _____ () C: \Windows\System32\Tasks\SlimDrivers Startup
2015-03-27 16: 16 - 2015-03-27 19: 53 - 00000408 _____ () C: \Windows\Tasks\SlimDrivers Startup.job
2015-03-27 16: 16 - 2015-03-27 16: 24 - 00000000 ____D () C: \Users\WIN7\AppData\Local\SlimWare Utilities Inc
2015-03-27 16: 15 - 2015-03-27 16: 15 - 00002467 _____ () C: \Users\Public\Desktop\SlimDrivers.lnk
2015-03-27 16: 15 - 2015-03-27 16: 15 - 00002465 _____ () C: \Users\Public\Desktop\SlimCleaner Plus.lnk
2015-03-27 16: 15 - 2015-03-27 16: 15 - 00000000 ____D () C: \Users\WIN7\AppData\Local\Downloaded Installers
2015-03-27 16: 15 - 2015-03-27 16: 15 - 00000000 ____D () C: \Users\Public\Documents\Downloaded Installers
2015-03-27 16: 15 - 2015-03-27 16: 15 - 00000000 ____D () C: \ProgramData\SlimWare Utilities Inc
2015-03-27 16: 15 - 2015-03-27 16: 15 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2015-03-27 16: 15 - 2015-03-27 16: 15 - 00000000 ____D () C: \Program Files\SlimService
2015-03-27 16: 15 - 2015-03-27 16: 15 - 00000000 ____D () C: \Program Files\SlimCleaner Plus
2015-03-27 16: 03 - 2015-03-27 16: 03 - 00000000 ____D () C: \_OTL
2015-03-27 15: 57 - 2015-03-27 15: 57 - 00981592 _____ (SlimWare Utilities, Inc.) C: \Users\WIN7\Downloads\SlimDrivers-setup.exe
2015-03-25 18: 11 - 2015-03-25 18: 11 - 00001186 _____ () C: \Users\WIN7\Desktop\CrystalDiskInfo.lnk
2015-03-25 18: 11 - 2015-03-25 18: 11 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\OpenCandy
2015-03-25 18: 11 - 2015-03-25 18: 11 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-03-25 18: 11 - 2015-03-25 18: 11 - 00000000 ____D () C: \Program Files (x86)\CrystalDiskInfo
2015-03-25 18: 10 - 2015-03-27 19: 53 - 00000000 ____D () C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15
2015-03-25 18: 10 - 2015-03-25 18: 11 - 00000000 ____D () C: \Program Files (x86)\browse pulse
2015-03-25 18: 10 - 2015-03-25 18: 10 - 03014272 _____ (Crystal Dew World ) C: \Users\WIN7\Downloads\CrystalDiskInfo6_3_0-en.exe
2015-03-25 18: 10 - 2015-03-25 18: 10 - 00719424 _____ (Internet Application ) C: \Users\WIN7\Downloads\CrystalDiskInfo(27691)-dp.exe
2015-03-25 09: 05 - 2015-03-25 09: 05 - 00048888 _____ () C: \Users\WIN7\Downloads\Extras.Txt
2015-03-25 08: 59 - 2015-03-25 08: 59 - 00102604 _____ () C: \Users\WIN7\Downloads\OTL.Txt
2015-03-25 08: 43 - 2015-03-25 08: 43 - 00602112 _____ (OldTimer Tools) C: \Users\WIN7\Downloads\OTL.exe
2015-03-25 05: 24 - 2015-03-25 05: 24 - 00002450 _____ () C: \Windows\System32\Tasks\Tempo Runner pennybeeproL64
2015-03-25 05: 24 - 2015-03-25 05: 24 - 00000430 _____ () C: \Windows\Tasks\Tempo Runner pennybeeproL64.job
2015-03-24 22: 55 - 2015-03-25 17: 24 - 00136408 _____ (Malwarebytes Corporation) C: \Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-24 22: 54 - 2015-03-25 08: 33 - 00000000 ____D () C: \AdwCleaner
2015-03-24 22: 54 - 2015-03-24 22: 54 - 02168320 _____ () C: \Users\WIN7\Downloads\AdwCleaner.exe
2015-03-24 22: 54 - 2015-03-24 22: 54 - 00001102 _____ () C: \Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-24 22: 54 - 2015-03-24 22: 54 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-24 22: 54 - 2015-03-24 22: 54 - 00000000 ____D () C: \ProgramData\Malwarebytes
2015-03-24 22: 54 - 2015-03-24 22: 54 - 00000000 ____D () C: \Program Files (x86)\Malwarebytes Anti-Malware
2015-03-24 22: 54 - 2015-03-17 06: 15 - 00107736 _____ (Malwarebytes Corporation) C: \Windows\system32\Drivers\mbamchameleon.sys
2015-03-24 22: 54 - 2015-03-17 06: 15 - 00063704 _____ (Malwarebytes Corporation) C: \Windows\system32\Drivers\mwac.sys
2015-03-24 22: 54 - 2015-03-17 06: 15 - 00025816 _____ (Malwarebytes Corporation) C: \Windows\system32\Drivers\mbam.sys
2015-03-24 22: 52 - 2015-03-24 22: 53 - 21540440 _____ (Malwarebytes Corporation ) C: \Users\WIN7\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-24 22: 48 - 2015-03-24 22: 48 - 03044736 _____ (Enigma Software Group USA, LLC.) C: \Users\WIN7\Downloads\SpyHunter-installer.exe
2015-03-24 22: 12 - 2015-03-24 22: 19 - 00000000 ____D () C: \Program Files (x86)\Elex-tech
2015-03-24 22: 12 - 2015-03-24 22: 12 - 00000000 ____D () C: \Windows\system32\log
2015-03-24 22: 08 - 2015-03-24 22: 08 - 00000000 ____D () C: \Program Files (x86)\AGEIA Technologies
2015-03-24 22: 07 - 2015-03-24 22: 07 - 00000000 ____D () C: \Windows\SysWOW64\NV
2015-03-24 22: 07 - 2015-03-24 22: 07 - 00000000 ____D () C: \Windows\system32\NV
2015-03-24 22: 07 - 2015-03-13 16: 38 - 00622224 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvStreaming.exe
2015-03-24 22: 02 - 2015-03-13 20: 41 - 32114888 _____ (NVIDIA Corporation) C: \Windows\system32\nvoglv64.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 25460880 _____ (NVIDIA Corporation) C: \Windows\system32\nvcompiler.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 24775368 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvoglv32.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 20466376 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvcompiler.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 18580512 _____ (NVIDIA Corporation) C: \Windows\system32\nvwgf2umx.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 17258024 _____ (NVIDIA Corporation) C: \Windows\system32\nvd3dumx.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 16022016 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvwgf2um.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 13297144 _____ (NVIDIA Corporation) C: \Windows\system32\nvopencl.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 13210080 _____ (NVIDIA Corporation) C: \Windows\system32\nvcuda.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 10775080 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvopencl.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 10715864 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvcuda.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 10262160 _____ (NVIDIA Corporation) C: \Windows\system32\Drivers\nvlddmkm.sys
2015-03-24 22: 02 - 2015-03-13 20: 41 - 03611792 _____ (NVIDIA Corporation) C: \Windows\system32\nvcuvid.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 03249352 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvcuvid.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 02906928 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvapi.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 01896136 _____ (NVIDIA Corporation) C: \Windows\system32\nvdispco6434788.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 01557648 _____ (NVIDIA Corporation) C: \Windows\system32\nvdispgenco6434788.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 00970384 _____ (NVIDIA Corporation) C: \Windows\system32\NvIFR64.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 00944784 _____ (NVIDIA Corporation) C: \Windows\system32\NvFBC64.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 00930448 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\NvIFR.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 00909512 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\NvFBC.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 00354112 _____ (NVIDIA Corporation) C: \Windows\system32\nvoglshim64.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 00306208 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvoglshim32.dll
2015-03-24 22: 02 - 2015-03-13 20: 41 - 00299664 _____ (NVIDIA Corporation) C: \Windows\system32\Drivers\nvkflt.sys
2015-03-24 22: 02 - 2015-03-13 20: 41 - 00032456 _____ (NVIDIA Corporation) C: \Windows\system32\Drivers\nvpciflt.sys
2015-03-24 21: 51 - 2014-12-13 01: 12 - 01715224 _____ (NVIDIA Corporation) C: \Windows\system32\nvspbridge64.dll
2015-03-24 21: 51 - 2014-12-13 01: 12 - 01291464 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvspbridge.dll
2015-03-24 21: 51 - 2014-11-22 11: 46 - 00038032 _____ (NVIDIA Corporation) C: \Windows\system32\Drivers\nvvad64v.sys
2015-03-24 21: 51 - 2014-11-22 11: 46 - 00032400 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvaudcap32v.dll
2015-03-24 21: 01 - 2015-03-24 21: 03 - 143593720 _____ (Microsoft Corporation) C: \Users\WIN7\Downloads\msert.exe
2015-03-24 20: 54 - 2015-03-27 19: 52 - 00002950 _____ () C: \Windows\setupact.log
2015-03-24 20: 54 - 2015-03-26 13: 54 - 00032900 _____ () C: \Windows\PFRO.log
2015-03-24 20: 54 - 2015-03-24 20: 54 - 00000000 _____ () C: \Windows\setuperr.log
2015-03-24 20: 49 - 2015-03-25 06: 00 - 00008354 _____ () C: \Users\WIN7\Desktop\Kopia Zapasowa.reg
2015-03-24 20: 41 - 2015-03-24 20: 41 - 00002261 _____ () C: \Users\Public\Desktop\Google Chrome.lnk
2015-03-24 20: 41 - 2015-03-24 20: 41 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-24 19: 47 - 2015-03-24 20: 25 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\Enigma Software Group
2015-03-24 19: 47 - 2015-03-24 19: 47 - 00000000 ____D () C: \sh4ldr
2015-03-24 19: 47 - 2015-03-24 19: 47 - 00000000 _____ () C: \autoexec.bat
2015-03-24 19: 46 - 2015-03-24 19: 46 - 00000000 ____D () C: \Program Files\Enigma Software Group
2015-03-20 19: 37 - 2015-03-24 20: 25 - 00000000 ____D () C: \Program Files\Microsoft Silverlight
2015-03-20 19: 37 - 2015-03-24 20: 25 - 00000000 ____D () C: \Program Files (x86)\Microsoft Silverlight
2015-03-20 18: 55 - 2015-03-20 18: 56 - 00000000 ____D () C: \Users\WIN7\Desktop\na mp3
2015-03-20 13: 29 - 2015-03-20 13: 30 - 00000000 ____D () C: \Users\WIN7\Desktop\mp3
2015-03-09 20: 07 - 2015-03-09 20: 07 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\Wargaming.net
2015-03-09 15: 42 - 2015-03-24 20: 26 - 00000000 ____D () C: \WarThunder
2015-03-09 15: 42 - 2015-03-09 15: 42 - 00001454 _____ () C: \Users\Public\Desktop\WarThunder.lnk
2015-03-09 15: 42 - 2015-03-09 15: 42 - 00000000 ____D () C: \Users\WIN7\Documents\My Games
2015-03-09 15: 42 - 2015-03-09 15: 42 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2015-03-09 15: 40 - 2015-03-09 15: 40 - 04890808 _____ (Gaijin Entertainment ) C: \Users\WIN7\Downloads\wt_launcher_1.0.1.502.exe
2015-03-06 18: 09 - 2015-03-26 03: 55 - 00000832 _____ () C: \Users\WIN7\Desktop\Nowy dokument tekstowy.txt
2015-03-05 22: 18 - 2015-03-24 20: 25 - 00000000 ____D () C: \Program Files (x86)\Mozilla Maintenance Service
2015-03-05 22: 18 - 2015-03-24 20: 25 - 00000000 ____D () C: \Program Files (x86)\Mozilla Firefox
2015-03-05 22: 18 - 2015-03-05 22: 18 - 00001159 _____ () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-05 22: 18 - 2015-03-05 22: 18 - 00001147 _____ () C: \Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-05 22: 16 - 2015-03-05 22: 16 - 00243496 _____ () C: \Users\WIN7\Downloads\Firefox Setup Stub 36.0 (2).exe
2015-03-05 18: 21 - 2015-03-05 18: 21 - 00880208 _____ (Google Inc.) C: \Users\WIN7\Downloads\ChromeSetup(2).exe
2015-03-05 18: 16 - 2015-03-05 18: 16 - 00243496 _____ () C: \Users\WIN7\Downloads\Firefox Setup Stub 36.0 (1).exe
2015-03-03 17: 09 - 2015-03-03 17: 09 - 00880208 _____ (Google Inc.) C: \Users\WIN7\Downloads\ChromeSetup(1).exe
2015-03-03 12: 40 - 2015-03-03 12: 40 - 00003685 _____ () C: \Users\WIN7\Downloads\software_removal_tool.log
2015-03-01 22: 28 - 2015-03-05 23: 22 - 00000000 ____D () C: \Users\WIN7\Desktop\FILMY
2015-03-01 00: 07 - 2015-03-01 00: 07 - 00243496 _____ () C: \Users\WIN7\Downloads\Firefox Setup Stub 36.0.exe
2015-02-25 20: 58 - 2015-02-25 21: 00 - 107754448 _____ () C: \Users\WIN7\Downloads\zetaigreka_wyrwani_z_niewoli_-_ku_wo-YgNuUS9qIak_fmt137.mp4
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 19: 55 - 2009-07-14 05: 45 - 00028736 ____H () C: \Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-27 19: 55 - 2009-07-14 05: 45 - 00028736 ____H () C: \Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-27 19: 53 - 2013-11-30 13: 09 - 01791909 _____ () C: \Windows\WindowsUpdate.log
2015-03-27 19: 52 - 2013-12-06 14: 59 - 00001044 _____ () C: \Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 19: 52 - 2013-12-02 15: 37 - 00000000 ____D () C: \ProgramData\NVIDIA
2015-03-27 19: 52 - 2009-07-14 06: 08 - 00000006 ____H () C: \Windows\Tasks\SA.DAT
2015-03-27 16: 23 - 2013-12-06 15: 30 - 00000000 ___HD () C: \Program Files (x86)\Temp
2015-03-27 16: 21 - 2013-12-06 15: 31 - 00000000 ____D () C: \Windows\SysWOW64\RTCOM
2015-03-27 15: 51 - 2013-12-27 03: 15 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\Skype
2015-03-27 15: 51 - 2013-12-06 14: 59 - 00001048 _____ () C: \Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-26 15: 37 - 2011-02-04 18: 20 - 00687124 _____ () C: \Windows\system32\perfh015.dat
2015-03-26 15: 37 - 2011-02-04 18: 20 - 00130862 _____ () C: \Windows\system32\perfc015.dat
2015-03-26 15: 37 - 2009-07-14 06: 13 - 01520858 _____ () C: \Windows\system32\PerfStringBackup.INI
2015-03-25 05: 48 - 2014-12-29 01: 53 - 00000000 ____D () C: \Program Files (x86)\GameforgeLive
2015-03-25 05: 23 - 2014-10-02 21: 51 - 00000000 ____D () C: \Users\WIN7\AppData\Local\tmp22894
2015-03-24 22: 13 - 2013-12-18 15: 46 - 00000000 ____D () C: \Users\WIN7\AppData\Local\NVIDIA Corporation
2015-03-24 22: 08 - 2013-12-06 16: 30 - 00000000 ____D () C: \Users\WIN7\AppData\Local\CrashDumps
2015-03-24 22: 08 - 2013-12-02 15: 38 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-24 22: 08 - 2013-12-02 15: 36 - 00000000 ____D () C: \Program Files (x86)\NVIDIA Corporation
2015-03-24 22: 05 - 2013-12-02 15: 28 - 00000000 ____D () C: \Program Files\NVIDIA Corporation
2015-03-24 21: 51 - 2013-12-02 15: 36 - 00000000 ____D () C: \ProgramData\NVIDIA Corporation
2015-03-24 20: 27 - 2014-04-04 13: 35 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link Connection Manager
2015-03-24 20: 27 - 2013-11-30 13: 13 - 00000000 ____D () C: \Users\WIN7
2015-03-24 20: 26 - 2013-12-19 10: 01 - 00000000 ____D () C: \Windows\SysWOW64\directx
2015-03-24 20: 25 - 2015-01-14 01: 13 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-03-24 20: 25 - 2014-04-04 13: 35 - 00000000 ____D () C: \Program Files (x86)\D-Link Connection Manager
2015-03-24 20: 25 - 2014-02-18 15: 56 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\PLAY ONLINE
2015-03-24 20: 25 - 2013-12-24 22: 44 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\GG
2015-03-24 20: 25 - 2013-12-23 11: 25 - 00000000 ____D () C: \Program Files (x86)\PLAY ONLINE
2015-03-24 20: 25 - 2010-11-21 08: 16 - 00000000 ___RD () C: \Users\Public\Recorded TV
2015-03-24 20: 25 - 2009-07-14 04: 20 - 00000000 ____D () C: \Program Files\Common Files\Microsoft Shared
2015-03-24 20: 24 - 2013-12-06 14: 58 - 00000000 ____D () C: \Users\WIN7\AppData\Local\Mozilla
2015-03-24 20: 24 - 2009-07-14 04: 20 - 00000000 ____D () C: \Windows\registration
2015-03-24 20: 23 - 2013-12-24 22: 44 - 00000000 ____D () C: \Users\WIN7\AppData\Local\GG
2015-03-13 20: 41 - 2013-12-02 15: 29 - 14121624 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvd3dum.dll
2015-03-13 20: 41 - 2013-12-02 15: 29 - 03303448 _____ (NVIDIA Corporation) C: \Windows\system32\nvapi64.dll
2015-03-13 20: 41 - 2013-12-02 15: 29 - 00997856 _____ (NVIDIA Corporation) C: \Windows\system32\nvumdshimx.dll
2015-03-13 20: 41 - 2013-12-02 15: 29 - 00878328 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvumdshim.dll
2015-03-13 20: 41 - 2013-12-02 15: 29 - 00178512 _____ (NVIDIA Corporation) C: \Windows\system32\nvinitx.dll
2015-03-13 20: 41 - 2013-12-02 15: 29 - 00164568 _____ (NVIDIA Corporation) C: \Windows\SysWOW64\nvinit.dll
2015-03-13 20: 41 - 2013-12-02 15: 29 - 00027441 _____ () C: \Windows\system32\nvinfo.pb
2015-03-13 17: 16 - 2013-12-02 15: 36 - 06861968 _____ (NVIDIA Corporation) C: \Windows\system32\nvcpl.dll
2015-03-13 17: 16 - 2013-12-02 15: 36 - 03526856 _____ (NVIDIA Corporation) C: \Windows\system32\nvsvc64.dll
2015-03-13 17: 16 - 2013-12-02 15: 36 - 02559808 _____ (NVIDIA Corporation) C: \Windows\system32\nvsvcr.dll
2015-03-13 17: 16 - 2013-12-02 15: 36 - 01099408 _____ (NVIDIA Corporation) C: \Windows\system32\nv3dappshext.dll
2015-03-13 17: 16 - 2013-12-02 15: 36 - 00935056 _____ (NVIDIA Corporation) C: \Windows\system32\nvvsvc.exe
2015-03-13 17: 16 - 2013-12-02 15: 36 - 00386248 _____ (NVIDIA Corporation) C: \Windows\system32\nvmctray.dll
2015-03-13 17: 16 - 2013-12-02 15: 36 - 00075976 _____ (NVIDIA Corporation) C: \Windows\system32\nv3dappshextr.dll
2015-03-13 17: 16 - 2013-12-02 15: 36 - 00062608 _____ (NVIDIA Corporation) C: \Windows\system32\nvshext.dll
2015-03-11 14: 10 - 2013-12-02 15: 36 - 04246327 _____ () C: \Windows\system32\nvcoproc.bin
2015-03-05 23: 21 - 2014-09-21 21: 58 - 00000000 ____D () C: \Users\WIN7\Desktop\MOTYWACJA
2015-03-05 18: 24 - 2013-12-06 14: 59 - 00000000 ____D () C: \Users\WIN7\AppData\Local\Google
2015-03-03 18: 34 - 2013-12-24 20: 22 - 00000000 ____D () C: \Users\WIN7\AppData\Local\Facebook
2015-03-03 17: 00 - 2015-02-16 17: 18 - 00000000 ____D () C: \Users\WIN7\Desktop\NA MP4
2015-03-03 16: 56 - 2014-07-02 21: 53 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\Winamp
2015-03-03 16: 52 - 2013-12-02 12: 06 - 00000000 ____D () C: \Users\WIN7\AppData\Local\Adobe
2015-03-03 16: 52 - 2013-12-02 12: 05 - 00000000 ____D () C: \ProgramData\Adobe
2015-03-03 16: 44 - 2015-02-14 17: 41 - 00000000 ____D () C: \ProgramData\Origin
2015-03-03 16: 44 - 2015-02-14 17: 41 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-03-03 16: 44 - 2014-07-02 21: 53 - 00000000 ____D () C: \Program Files (x86)\Opera
2015-03-03 16: 43 - 2014-07-22 18: 55 - 00000000 ____D () C: \Users\WIN7\AppData\Local\OpenFM
2015-03-03 16: 42 - 2014-07-13 22: 47 - 00000000 ____D () C: \Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-03 16: 39 - 2009-07-14 03: 34 - 00000603 _____ () C: \Windows\win.ini
2015-03-01 18: 15 - 2014-07-27 20: 27 - 00000000 ____D () C: \ProgramData\Norton
==================== Files in the root of some directories =======
2014-08-03 12: 33 - 2014-08-04 15: 42 - 0012198 _____ () C: \Users\WIN7\AppData\Local\10040004_loger_03_08_11_52_46_-1343630386.txt
2014-08-03 17: 13 - 2014-08-05 08: 03 - 1070705 _____ () C: \Users\WIN7\AppData\Local\10040004_loger_03_08_18_03_31_2109075976.txt
2014-07-04 00: 11 - 2014-08-03 17: 12 - 1284165 _____ () C: \Users\WIN7\AppData\Local\10040004_loger_04_07_01_10_55_740241877.txt
2014-08-05 08: 02 - 2014-10-02 21: 51 - 4767408 _____ () C: \Users\WIN7\AppData\Local\10040004_loger_05_08_08_54_30_535255642.txt
2014-07-04 00: 06 - 2014-07-04 02: 25 - 0488886 _____ () C: \Users\WIN7\AppData\Local\10040007_loger_03_07_11_43_47_1295074525.txt
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C: \Windows\System32\winlogon.exe => File is digitally signed
C: \Windows\System32\wininit.exe => File is digitally signed
C: \Windows\SysWOW64\wininit.exe => File is digitally signed
C: \Windows\explorer.exe => File is digitally signed
C: \Windows\SysWOW64\explorer.exe => File is digitally signed
C: \Windows\System32\svchost.exe => File is digitally signed
C: \Windows\SysWOW64\svchost.exe => File is digitally signed
C: \Windows\System32\services.exe => File is digitally signed
C: \Windows\System32\User32.dll => File is digitally signed
C: \Windows\SysWOW64\User32.dll => File is digitally signed
C: \Windows\System32\userinit.exe => File is digitally signed
C: \Windows\SysWOW64\userinit.exe => File is digitally signed
C: \Windows\System32\rpcss.dll => File is digitally signed
C: \Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-26 21: 35
==================== End Of Log ============================
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by WIN7 at 2015-03-27 19: 59: 52
Running from C: \Users\WIN7\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aktualizacje NVIDIA 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
browse pulse (HKLM-x32\...\browse pulse) (Version: 2.0.5562.15476 - browse pulse)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
D-Link Connection Manager vV7.0.0PL (HKLM-x32\...\Broad Mobi HSPA Modem Normal Version_is1) (Version: - )
Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.)
GG (HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\GG) (Version: 12 - GG Network S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.6.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
Malwarebytes Anti-Malware wersja 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 pl)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
Panel sterowania NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 11.002.03.11.264 - Huawei Technologies Co.,Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.14.0 - Ralink)
Ravia.eu (HKLM-x32\...\Ravia.eu) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimCleaner Plus (HKLM\...\{A59C5BD8-8AFC-4177-AC56-B29183E722DC}) (Version: 1.2.28175 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKU\S-1-5-21-863054386-3135099446-3108326217-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
War Thunder Launcher 1.0.1.502 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.01 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-863054386-3135099446-3108326217-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C: \Users\WIN7\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
==================== Restore Points =========================
27-03-2015 16: 17: 09 SlimDrivers Installing Drivers
27-03-2015 16: 19: 29 Zainstalowane Realtek High Definition Audio Driver
27-03-2015 16: 36: 40 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03: 34 - 2009-06-10 22: 00 - 00000824 ____A C: \Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {20D74F1E-3A13-4027-A994-4EE8C48514FF} - System32\Tasks\{1C6A9EF9-A70A-40F7-A4E8-40DC8E152364} => C: \Program Files (x86)\Drakensang Online\thinclient.exe
Task: {42901334-DAA0-4000-B66C-0698A2A3F593} - System32\Tasks\Tempo Runner pennybeeproL64 => C: \PROGRA~3\PENNYB~1\110~1.25\pennybeepro.exe <==== ATTENTION
Task: {4306D01C-C2BC-4306-BBA0-3797DEC8D222} - System32\Tasks\CCleanerSkipUAC => C: \Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {94CA4F89-37CB-40EA-8C74-6305B83FB10E} - System32\Tasks\GoogleUpdateTaskMachineCore => C: \Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {B4033774-120E-4341-8178-526B1938238F} - System32\Tasks\GoogleUpdateTaskMachineUA => C: \Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {C0372405-BC31-4A5C-B33F-55D53E92A2BA} - System32\Tasks\SlimDrivers Startup => C: \Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-02-27] (SlimWare Utilities, Inc.)
Task: {C5E23943-0C4D-4837-AFDB-5484ABEA25CD} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - WIN7) => C: \Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [2015-03-19] (SlimWare Utilities, Inc.)
Task: {D0C90DF7-ECD9-4D47-A0BD-97553552CF4D} - System32\Tasks\{500E1F27-FF7F-4EBE-BF5B-0CDA8E8F7906} => C: \Program Files (x86)\Drakensang Online\thinclient.exe
Task: {F17072D7-E526-439A-B9F3-B5181D3BEBAF} - System32\Tasks\{CCCE4E6A-3A3F-45C9-AD90-5F05D3364E04} => pcalua.exe -a C: \Users\WIN7\Desktop\Ravia_GameClient_2014-09-19.exe -d C: \Users\WIN7\Desktop
Task: C: \Windows\Tasks\GoogleUpdateTaskMachineCore.job => C: \Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C: \Windows\Tasks\GoogleUpdateTaskMachineUA.job => C: \Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C: \Windows\Tasks\SlimCleaner Plus (Scheduled Scan - WIN7).job => C: \Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: C: \Windows\Tasks\SlimDrivers Startup.job => C: \Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C: \Windows\Tasks\Tempo Runner pennybeeproL64.job => C: \PROGRA~3\PENNYB~1\110~1.25\pennybeepro.exe9/dgad C: \PROGRA~3\PENNYB~1\110~1.25\pennybeeproL64.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) ==============
2015-01-14 22: 55 - 2015-01-14 23: 06 - 00076888 _____ () C: \Windows\SysWOW64\PnkBstrA.exe
2013-12-02 15: 29 - 2015-03-13 20: 41 - 00011920 _____ () C: \Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-02 15: 36 - 2015-03-13 17: 16 - 00118472 _____ () C: \Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-07 01: 45 - 2013-09-07 01: 45 - 00086016 _____ () C: \Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-10-31 19: 24 - 2013-10-31 10: 24 - 00094208 _____ () C: \Windows\System32\IccLibDll_x64.dll
2015-03-19 19: 02 - 2015-03-19 19: 02 - 00755992 _____ () C: \Program Files\SlimService\MyDefragDll.dll
2015-03-25 14: 36 - 2015-03-27 08: 36 - 00584432 _____ () C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugincontainer.exe
2015-03-25 14: 36 - 2015-03-27 08: 36 - 00514288 _____ () C: \Program Files (x86)\Common Files\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\updater.exe
2015-03-27 03: 36 - 2015-03-27 03: 36 - 01134832 _____ () C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\plugin.exe
2015-03-27 08: 36 - 2015-03-27 08: 36 - 00520432 _____ () C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\5\plugin.exe
2015-03-27 11: 36 - 2015-03-27 11: 36 - 00468720 _____ () C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\plugin.exe
2013-12-02 15: 29 - 2015-03-13 20: 41 - 00011920 _____ () C: \Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-24 20: 41 - 2015-03-14 11: 12 - 01174856 _____ () C: \Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-24 20: 41 - 2015-03-14 11: 12 - 00080200 _____ () C: \Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-24 20: 41 - 2015-03-14 11: 12 - 09278792 _____ () C: \Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2013-12-02 15: 15 - 2013-08-28 02: 02 - 01242584 _____ () C: \Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-24 20: 41 - 2015-03-14 11: 12 - 14974280 _____ () C: \Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\Control Panel\Desktop\\Wallpaper -> C: \Users\WIN7\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 217.172.224.160 - 89.231.1.206
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: GG => "C: \Users\WIN7\AppData\Local\GG\Application\gghub.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-863054386-3135099446-3108326217-500 - Administrator - Disabled)
Gość (S-1-5-21-863054386-3135099446-3108326217-501 - Limited - Disabled)
WIN7 (S-1-5-21-863054386-3135099446-3108326217-1000 - Administrator - Enabled) => C: \Users\WIN7
==================== Faulty Device Manager Devices =============
Name: Zewnętrzne urządzenie Bluetooth
Description: Zewnętrzne urządzenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Zewnętrzne urządzenie Bluetooth
Description: Zewnętrzne urządzenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/27/2015 07: 54: 13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 04: 30: 26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 04: 25: 59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 04: 11: 38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 01: 52: 16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/26/2015 06: 03: 34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/26/2015 01: 56: 20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/25/2015 09: 09: 38 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: C: \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe . Error code = 0x8013101b
Error: (03/25/2015 05: 19: 33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/25/2015 08: 28: 09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/27/2015 07: 52: 52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (03/27/2015 04: 28: 57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (03/27/2015 04: 27: 22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
Error: (03/27/2015 04: 24: 29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (03/27/2015 04: 10: 09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (03/27/2015 04: 03: 03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
Error: (03/27/2015 01: 50: 49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (03/26/2015 06: 02: 09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (03/26/2015 01: 54: 56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Error: (03/25/2015 05: 18: 11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
iSafeKrnlMon
Microsoft Office Sessions:
=========================
Error: (03/27/2015 07: 54: 13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 04: 30: 26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 04: 25: 59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 04: 11: 38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2015 01: 52: 16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/26/2015 06: 03: 34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/26/2015 01: 56: 20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/25/2015 09: 09: 38 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: C: \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe . Error code = 0x8013101b
C: \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
Error: (03/25/2015 05: 19: 33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/25/2015 08: 28: 09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 47%
Total physical RAM: 8102.06 MB
Available physical RAM: 4262.51 MB
Total Pagefile: 16202.32 MB
Available Pagefile: 12192.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total: 107.89 GB) (Free: 34.35 GB) NTFS
Drive d: () (Fixed) (Total: 195.21 GB) (Free: 161.96 GB) NTFS
Drive e: () (Fixed) (Total: 292.97 GB) (Free: 247.03 GB) NTFS
==================== MBR & Partition Table ==================
===================================
(Ten post był ostatnio modyfikowany: 27.03.2015 20:31 przez Ania1995.)
27.03.2015 20:14
|
| Podziękowania od: |
|
|
|
Illidan
Ekspert
Liczba postów: 1.024
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Na razie otwórz notatnik w systemie i wklej do niego:
Kod:
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugincontainer.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\Plugin.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\Plugin.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\5\Plugin.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: No Name -> {7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}} -> No File
Reg: reg delete "HKU\S-1-5-21-863054386-3135099446-3108326217-1000\Software\Microsoft\Internet Explorer\SearchScopes" /f
SearchScopes: HKU\S-1-5-21-863054386-3135099446-3108326217-1000 -> {C3330D77-BFC9-47AB-94E2-2522AA8B73E6} URL = http: //rts.dsrlte.com/?affID=na&q={searchTerms}&r=651
S3 EagleX64; \?\C: \Windows\system32\drivers\EagleX64.sys [X]
S1 iSafeKrnlMon; \?\C: \Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]
Task: {42901334-DAA0-4000-B66C-0698A2A3F593} - System32\Tasks\Tempo Runner pennybeeproL64 => C: \PROGRA~3\PENNYB~1\110~1.25\pennybeepro.exe <==== ATTENTION
Task: C: \Windows\Tasks\Tempo Runner pennybeeproL64.job => C: \PROGRA~3\PENNYB~1\110~1.25\pennybeepro.exe9/dgad C: \PROGRA~3\PENNYB~1\110~1.25\pennybeeproL64.exe <==== ATTENTION
EmptyTemp:
Zapisz notatnik jako "fixlist',umieść obok "FRST",uruchom "FRST" a w nim opcje "Fix".Po czyszczeniu i restarcie kompa otrzymasz raport z czyszczenia "fixlog",pokaż go na forum.
Instalować wszystkie 134 ważne aktualizacje,opcjonalne to zależy jakie,jak językowe to pomijasz,resztę instaluj.
Z programu zmieniło się menu?Pokaż to powiem co masz aktualizować dalej.
(Ten post był ostatnio modyfikowany: 28.03.2015 00:19 przez Illidan.)
28.03.2015 00:16
|
| Podziękowania od: |
|
|
|
Ania1995
Wdrażany
Liczba postów: 17
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Kod:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by WIN7 at 2015-03-28 13: 57: 13 Run: 1
Running from C: \Users\WIN7\Desktop
Loaded Profiles: WIN7 (Available profiles: WIN7)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugincontainer.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\Plugin.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\Plugin.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\5\Plugin.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: No Name -> {7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}} -> No File
Reg: reg delete "HKU\S-1-5-21-863054386-3135099446-3108326217-1000\Software\Microsoft\Internet Explorer\SearchScopes" /f
SearchScopes: HKU\S-1-5-21-863054386-3135099446-3108326217-1000 -> {C3330D77-BFC9-47AB-94E2-2522AA8B73E6} URL = http: //rts.dsrlte.com/?affID=na&q={searchTerms}&r=651
S3 EagleX64; \?\C: \Windows\system32\drivers\EagleX64.sys [X]
S1 iSafeKrnlMon; \?\C: \Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]
Task: {42901334-DAA0-4000-B66C-0698A2A3F593} - System32\Tasks\Tempo Runner pennybeeproL64 => C: \PROGRA~3\PENNYB~1\110~1.25\pennybeepro.exe <==== ATTENTION
Task: C: \Windows\Tasks\Tempo Runner pennybeeproL64.job => C: \PROGRA~3\PENNYB~1\110~1.25\pennybeepro.exe9/dgad C: \PROGRA~3\PENNYB~1\110~1.25\pennybeeproL64.exe <==== ATTENTION
EmptyTemp:
*****************
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugincontainer.exe => Error: No automatic fix found for this entry.
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\Plugin.exe => Error: No automatic fix found for this entry.
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\2\Plugin.exe => Error: No automatic fix found for this entry.
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\5\Plugin.exe => Error: No automatic fix found for this entry.
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe => Error: No automatic fix found for this entry.
C: \ProgramData\5b4b2b13-bc3c-4690-a9ac-2f28c7e74c15\plugins\3\Plugin.exe => Error: No automatic fix found for this entry.
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}}" => Key deleted successfully.
HKCR\CLSID\{7F96F190-09C4-4BEC-B7FB-A9E26151EAB0}} => Key not found.
========= reg delete "HKU\S-1-5-21-863054386-3135099446-3108326217-1000\Software\Microsoft\Internet Explorer\SearchScopes" /f =========
Operacja ukoäczona pomylnie.
========= End of Reg: =========
HKU\S-1-5-21-863054386-3135099446-3108326217-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKU\S-1-5-21-863054386-3135099446-3108326217-1000 -> {C3330D77-BFC9-47AB-94E2-2522AA8B73E6} URL = http: //rts.dsrlte.com/?affID=na&q={searchTerms}&r=651 => Value not found.
EagleX64 => Service deleted successfully.
iSafeKrnlMon => Service deleted successfully.
Task: {42901334-DAA0-4000-B66C-0698A2A3F593} - System32\Tasks\Tempo Runner pennybeeproL64 => C: \PROGRA~3\PENNYB~1\110~1.25\pennybeepro.exe <==== ATTENTION => Error: No automatic fix found for this entry.
Task: C: \Windows\Tasks\Tempo Runner pennybeeproL64.job => C: \PROGRA~3\PENNYB~1\110~1.25\pennybeepro.exe9/dgad C: \PROGRA~3\PENNYB~1\110~1.25\pennybeeproL64.exe <==== ATTENTION => Error: No automatic fix found for this entry.
EmptyTemp: => Removed 515.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 13: 57: 25 ====
(Ten post był ostatnio modyfikowany: 13.04.2015 16:55 przez Ania1995.)
28.03.2015 14:12
|
| Podziękowania od: |
|
|
|
Illidan
Ekspert
Liczba postów: 1.024
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Dobrze,teraz jeszcze pobierz http://forum.komputerswiat.pl/topic/5242...ntry274369 i http://www.bleepingcomputer.com/download...oval-tool/" użyj po kolei i pokaż raporty z czyszczenia.Zrób na koniec jeszcze nowe logi z "FRST".
Dysk twardy jest sprawny.
(Ten post był ostatnio modyfikowany: 29.03.2015 00:14 przez Illidan.)
29.03.2015 00:11
|
| Podziękowania od: |
|
|
|
Ania1995
Wdrażany
Liczba postów: 17
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Przepraszam bardzo za zwlekanie , jednak pewne sytuacje zmusiły mnie do tego ,że będę mogła wrzucić te logi dopiero w przyszłym tygodniu środa/czwartek przepraszam bardzo za to , to nie z mojej winy , proszę o nie zamykanie tematu .
|
| Podziękowania od: |
|
|
|
Illidan
Ekspert
Liczba postów: 1.024
|
RE: Penny Bee( oraz inne wirusy) Proszę o pomoc !
Ok,nie ma problemu,ja też odpisuje jak mam czas,zamieść kiedy możesz to będziemy kontynuować temat.Nie ma za co przepraszać.
|
| Podziękowania od: |
|
|
|
Post: #21
