Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Honeypot, CloudFlare?


  • This topic is locked This topic is locked
3 replies to this topic

#1 DreSSiKK

DreSSiKK

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 06 April 2015 - 05:19 PM

hi.

 

Last time i need to pass the captcha test to enter websites. Today when i tried to enter the websites i was redirected to honeypot.com and then i saw this:

d1d16188913f80c4e954f7a1364c8ecf.png

 

 

There is a log. from 

 

rkill.exe

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 04/07/2015 12:03:52 AM in x64 mode.
Windows Version: Windows 8 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 04/07/2015 12:09:03 AM
Execution time: 0 hours(s), 5 minute(s), and 10 seconds(s)
 
 
 
 
 
 
FARBAR
Farbar Service Scanner Version: 17-01-2015
Ran by badsy_000 (administrator) on 07-04-2015 at 00:14:57
Running from "C:\Users\badsy_000\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
 
MINITOOLBOX
 
MiniToolBox by Farbar  Version: 09-03-2015
Ran by badsy_000 (administrator) on 07-04-2015 at 00:16:06
Running from "C:\Users\badsy_000\Downloads"
Microsoft Windows 8  (X64)
Model: K56CB Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
Intel® Centrino® Wireless-N 2230 = Wi-Fi (Hardware not present)
Bluetooth Device (Personal Area Network) = Połączenie sieciowe Bluetooth (Media disconnected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)
Evolve Virtual Ethernet Adapter = Evolve Gaming Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=255.255.255.255/32 interface="Evolve Gaming Connection" nexthop=0.0.0.0 metric=1 publish=No
add route prefix=224.0.0.0/4 interface="Evolve Gaming Connection" nexthop=0.0.0.0 metric=1 publish=No
set interface interface="Poczenie lokalne* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Poczenie sieciowe Bluetooth" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Poczenie lokalne* 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Poczenie lokalne* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Poczenie lokalne" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Mieciu
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Evolve Gaming Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Evolve Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-00-9E-DE-A5-16
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Tunngle:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
   Physical Address. . . . . . . . . : 00-FF-B3-45-EF-47
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Poczenie sieciowe Bluetooth:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 68-17-29-14-C9-58
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 74-D0-2B-B4-D1-8A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::bc7e:a6d3:5697:b2d9%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.239(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 6 kwietnia 2015 23:44:04
   Lease Expires . . . . . . . . . . : 7 kwietnia 2015 00:26:08
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 259313707
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-26-1A-D0-74-D0-2B-B4-D1-8A
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{7EC9CA76-57D7-4556-9B2F-3774582B6560}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:28c2:32fe:a1d7:ecf4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::28c2:32fe:a1d7:ecf4%19(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:401b:800::200e
 195.149.238.223
 195.149.238.231
 195.149.238.210
 195.149.238.217
 195.149.238.251
 195.149.238.224
 195.149.238.244
 195.149.238.216
 195.149.238.238
 195.149.238.230
 195.149.238.245
 195.149.238.237
 
 
Pinging google.com [195.149.238.237] with 32 bytes of data:
Reply from 195.149.238.237: bytes=32 time=8ms TTL=56
Reply from 195.149.238.237: bytes=32 time=9ms TTL=56
 
Ping statistics for 195.149.238.237:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 9ms, Average = 8ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=136ms TTL=46
Reply from 98.139.183.24: bytes=32 time=139ms TTL=46
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 136ms, Maximum = 139ms, Average = 137ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 25...00 00 9e de a5 16 ......Evolve Virtual Ethernet Adapter
 24...00 ff b3 45 ef 47 ......TAP-Win32 Adapter V9 (Tunngle)
 15...68 17 29 14 c9 58 ......Bluetooth Device (Personal Area Network)
 12...74 d0 2b b4 d1 8a ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.239     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.239    276
    192.168.1.239  255.255.255.255         On-link     192.168.1.239    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.239    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.239    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.239    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
  255.255.255.255  255.255.255.255         On-link        1
        224.0.0.0        240.0.0.0         On-link        1
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 19    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 19    306 2001::/32                On-link
 19    306 2001:0:9d38:6abd:28c2:32fe:a1d7:ecf4/128
                                    On-link
 12    276 fe80::/64                On-link
 19    306 fe80::/64                On-link
 19    306 fe80::28c2:32fe:a1d7:ecf4/128
                                    On-link
 12    276 fe80::bc7e:a6d3:5697:b2d9/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/06/2015 11:33:00 PM) (Source: Application Hang) (User: )
Description: Program arma3.exe w wersji 1.40.129.533 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.
 
Identyfikator procesu: 113c
 
Godzina rozpoczęcia: 01d070b1328855ee
 
Godzina zakończenia: 27
 
Ścieżka aplikacji: D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
 
Identyfikator raportu: 7d334a1a-dca4-11e4-be91-68172914c958
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (04/06/2015 07:35:29 PM) (Source: Application Hang) (User: )
Description: Program arma3.exe w wersji 1.40.129.533 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.
 
Identyfikator procesu: eb4
 
Godzina rozpoczęcia: 01d0709002752af5
 
Godzina zakończenia: 4
 
Ścieżka aplikacji: D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
 
Identyfikator raportu: 4b9a9c2f-dc83-11e4-be91-68172914c958
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (04/05/2015 08:50:45 PM) (Source: Microsoft-Windows-RestartManager) (User: MIECIU)
Description: Nie można zamknąć aplikacji lub usługi Microsoft Office Document Cache Sync Client Interface.
 
Error: (04/05/2015 08:38:50 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (04/04/2015 08:04:49 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (04/04/2015 06:21:18 PM) (Source: Application Hang) (User: )
Description: Program arma3.exe w wersji 1.40.129.533 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.
 
Identyfikator procesu: 28b4
 
Godzina rozpoczęcia: 01d06eef96fff875
 
Godzina zakończenia: 4294967295
 
Ścieżka aplikacji: D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
 
Identyfikator raportu: 9d2374cc-dae6-11e4-be91-68172914c958
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (04/04/2015 05:52:29 PM) (Source: Application Error) (User: )
Description: Nazwa aplikacji powodującej błąd: arma3.exe, wersja: 1.40.129.533, sygnatura czasowa: 0x54f47474
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.2.9200.17046, sygnatura czasowa: 0x53b485c4
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000617fc
Identyfikator procesu powodującego błąd: 0x15dc
Godzina uruchomienia aplikacji powodującej błąd: 0xarma3.exe0
Ścieżka aplikacji powodującej błąd: arma3.exe1
Ścieżka modułu powodującego błąd: arma3.exe2
Identyfikator raportu: arma3.exe3
Pełna nazwa pakietu powodującego błąd: arma3.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: arma3.exe5
 
Error: (04/04/2015 03:45:32 PM) (Source: Application Hang) (User: )
Description: Program chrome.exe w wersji 41.0.2272.101 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.
 
Identyfikator procesu: b60
 
Godzina rozpoczęcia: 01d06edd12c4111d
 
Godzina zakończenia: 3
 
Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Identyfikator raportu: d9f14cbc-dad0-11e4-be91-68172914c958
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (04/04/2015 01:54:45 PM) (Source: Application Hang) (User: )
Description: Program arma3.exe w wersji 1.40.129.533 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.
 
Identyfikator procesu: 2538
 
Godzina rozpoczęcia: 01d06eccfbd92511
 
Godzina zakończenia: 4294967295
 
Ścieżka aplikacji: D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
 
Identyfikator raportu: 6263c633-dac1-11e4-be91-68172914c958
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (04/03/2015 08:42:40 PM) (Source: Application Error) (User: )
Description: Nazwa aplikacji powodującej błąd: arma3.exe, wersja: 1.40.129.533, sygnatura czasowa: 0x54f47474
Nazwa modułu powodującego błąd: arma3.exe, wersja: 1.40.129.533, sygnatura czasowa: 0x54f47474
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00b333f1
Identyfikator procesu powodującego błąd: 0x2950
Godzina uruchomienia aplikacji powodującej błąd: 0xarma3.exe0
Ścieżka aplikacji powodującej błąd: arma3.exe1
Ścieżka modułu powodującego błąd: arma3.exe2
Identyfikator raportu: arma3.exe3
Pełna nazwa pakietu powodującego błąd: arma3.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: arma3.exe5
 
 
System errors:
=============
Error: (04/07/2015 00:06:14 AM) (Source: Microsoft-Windows-Kernel-General) (User: MIECIU)
Description: 0x8000002a115\??\C:\ProgramData\Malwarebytes' Anti-Malware (portable)\S-1-5-21-2896412401-932190003-3574418465-1005-0-ntuser.dat
 
Error: (04/07/2015 00:06:03 AM) (Source: Microsoft-Windows-Kernel-General) (User: MIECIU)
Description: 0x8000002a115\??\C:\ProgramData\Malwarebytes' Anti-Malware (portable)\S-1-5-21-2896412401-932190003-3574418465-1005-0-ntuser.dat
 
Error: (04/07/2015 00:05:50 AM) (Source: Service Control Manager) (User: )
Description: Usługa WtuSystemSupport niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (04/06/2015 11:44:34 PM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi vToolbarUpdater18.4.0 z powodu następującego błędu: 
%%2
 
Error: (04/06/2015 11:44:31 PM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi Mobile Partner. OUC z powodu następującego błędu: 
%%1053
 
Error: (04/06/2015 11:44:31 PM) (Source: Service Control Manager) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Mobile Partner. OUC.
 
Error: (04/06/2015 00:06:18 AM) (Source: Service Control Manager) (User: )
Description: Usługa MBAMService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (04/05/2015 00:22:57 PM) (Source: Microsoft-Windows-Kernel-General) (User: MIECIU)
Description: 0x8000002a115\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2896412401-932190003-3574418465-501-1-ntuser.dat
 
Error: (04/05/2015 00:22:54 PM) (Source: Microsoft-Windows-Kernel-General) (User: MIECIU)
Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2896412401-932190003-3574418465-1005-1-ntuser.dat
 
Error: (04/05/2015 00:22:34 PM) (Source: Microsoft-Windows-Kernel-General) (User: MIECIU)
Description: 0x8000002a115\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2896412401-932190003-3574418465-501-1-ntuser.dat
 
 
Microsoft Office Sessions:
=========================
Error: (04/06/2015 11:33:00 PM) (Source: Application Hang)(User: )
Description: arma3.exe1.40.129.533113c01d070b1328855ee27D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe7d334a1a-dca4-11e4-be91-68172914c958
 
Error: (04/06/2015 07:35:29 PM) (Source: Application Hang)(User: )
Description: arma3.exe1.40.129.533eb401d0709002752af54D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe4b9a9c2f-dc83-11e4-be91-68172914c958
 
Error: (04/05/2015 08:50:45 PM) (Source: Microsoft-Windows-RestartManager)(User: MIECIU)
Description: 14C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exeMicrosoft Office Document Cache Sync Client Interface0214172548243003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065002000310035005C0072006F006F0074005C007600660073005C00500072006F006700720061006D00460069006C006500730043006F006D006D006F006E005800380036005C004D006900630072006F0073006F006600740020005300680061007200650064005C004F0046004600490043004500310035005C00630032007200330032002E0064006C006C00000043003A005C00500072006F006700720061006D0044006100740061005C004D006900630072006F0073006F00660074005C004F00660066006900630065005C0043006C00690063006B0054006F00520075006E005000610063006B006100670065004C006F0063006B00650072000000
 
Error: (04/05/2015 08:38:50 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (04/04/2015 08:04:49 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (04/04/2015 06:21:18 PM) (Source: Application Hang)(User: )
Description: arma3.exe1.40.129.53328b401d06eef96fff8754294967295D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe9d2374cc-dae6-11e4-be91-68172914c958
 
Error: (04/04/2015 05:52:29 PM) (Source: Application Error)(User: )
Description: arma3.exe1.40.129.53354f47474ntdll.dll6.2.9200.1704653b485c4c0000005000617fc15dc01d06ee3abc2416cD:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exeC:\WINDOWS\SYSTEM32\ntdll.dll9872b73e-dae2-11e4-be91-68172914c958
 
Error: (04/04/2015 03:45:32 PM) (Source: Application Hang)(User: )
Description: chrome.exe41.0.2272.101b6001d06edd12c4111d3C:\Program Files (x86)\Google\Chrome\Application\chrome.exed9f14cbc-dad0-11e4-be91-68172914c958
 
Error: (04/04/2015 01:54:45 PM) (Source: Application Hang)(User: )
Description: arma3.exe1.40.129.533253801d06eccfbd925114294967295D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe6263c633-dac1-11e4-be91-68172914c958
 
Error: (04/03/2015 08:42:40 PM) (Source: Application Error)(User: )
Description: arma3.exe1.40.129.53354f47474arma3.exe1.40.129.53354f47474c000000500b333f1295001d06e1ee03f486dD:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exeD:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe345e9e53-da31-11e4-be91-68172914c958
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-03-14 13:37:53.461
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.310 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4321 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.0.411 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Deluge 1.3.11 (HKLM-x32\...\Deluge) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.10 - Echobit, LLC)
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GRAV (HKLM-x32\...\Steam App 332500) (Version:  - BitMonster, Inc.)
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.31.13 - Oracle Corporation) Hidden
K-Lite Codec Pack 10.9.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version:  - Bitbox Ltd.)
MailShare (HKLM\...\{5846E720-C188-478F-B501-45EA1ACC44D1}_is1) (Version: 2.1.5 - MailShare.pl)
Malwarebytes Anti-Malware wersja 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.05.00.69 - Huawei Technologies Co.,Ltd)
MorphVOX Pro (HKLM-x32\...\{d92c88d7-75c9-461f-a55e-1f4f66e82bfe}) (Version: 4.4.25.18818 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.25.18818 - Screaming Bee) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mumble 1.2.8 (HKLM-x32\...\{71EE2EC3-AF95-4907-BBC4-7A9A867765DD}) (Version: 1.2.8 - Thorvald Natvig)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version:  - )
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.173.1392 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.2 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Sterownik graficzny 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Update Core (Version: 17.12.8 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Panel sterowania NVIDIA 347.52 (Version: 347.52 - NVIDIA Corporation) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version:  - The Indie Stone)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6829 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Reign Of Kings (HKLM-x32\...\Steam App 344760) (Version:  - Code}{atch)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WhoCrashed 5.03 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.21 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.2 - win.rar GmbH)
 
========================= Devices: ================================
 
Name: Intel® Centrino® Wireless-N 2230
Description: Intel® Centrino® Wireless-N 2230
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNe64
Device ID: PCI\VEN_8086&DEV_0887&SUBSYS_40628086&REV_C4\4&3947DF0B&0&00E1
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 52%
Total physical RAM: 6029.54 MB
Available physical RAM: 2849.77 MB
Total Pagefile: 13965.54 MB
Available Pagefile: 10634.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.01 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:279.11 GB) (Free:213.23 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:397.87 GB) (Free:345.65 GB) NTFS
 
========================= Users: ========================================
 
Konta uľytkownik˘w dla \\MIECIU
 
Administrator            badsy_000                Go†                     
Polecenie zostao wykonane pomylnie.
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
21-03-2015 11:48:48 Zainstalowany program DirectX
25-03-2015 15:29:49 Zainstalowano: OpenOffice 4.1.1
29-03-2015 12:58:20 Removed Razer Synapse.
05-04-2015 20:08:23 MorphVOX Pro
 
**** End of log ****
 
 
 
MBAM
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Protection, 2015-04-06 14:52:01, SYSTEM, MIECIU, Protection, Malware Protection, Starting, 
Protection, 2015-04-06 14:52:01, SYSTEM, MIECIU, Protection, Malware Protection, Started, 
Protection, 2015-04-06 14:52:01, SYSTEM, MIECIU, Protection, Malicious Website Protection, Starting, 
Protection, 2015-04-06 14:52:01, SYSTEM, MIECIU, Protection, Malicious Website Protection, Started, 
Update, 2015-04-06 14:52:04, SYSTEM, MIECIU, Scheduler, Malware Database, 2015.4.5.3, 2015.4.6.4, 
Protection, 2015-04-06 14:52:04, SYSTEM, MIECIU, Protection, Refresh, Starting, 
Protection, 2015-04-06 14:52:04, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopping, 
Protection, 2015-04-06 14:52:04, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopped, 
Protection, 2015-04-06 14:52:09, SYSTEM, MIECIU, Protection, Refresh, Success, 
Protection, 2015-04-06 14:52:09, SYSTEM, MIECIU, Protection, Malicious Website Protection, Starting, 
Protection, 2015-04-06 14:52:09, SYSTEM, MIECIU, Protection, Malicious Website Protection, Started, 
Detection, 2015-04-06 14:57:47, badsy_000, MIECIU, Protection, Ochrona przeciw malware, Plik, PUP.Optional.OpenCandy, C:\Users\badsy_000\AppData\Local\temp\uttFA37.tmp, Kwarantanna, [b5a79fca434715210cd8f12d16f059a7]
Detection, 2015-04-06 15:04:00, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 31.192.60.236, 22731, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:04:00, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 31.192.60.236, 22731, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:06:03, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 22731, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:06:03, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 22731, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:17:26, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 59820, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:18:28, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 59895, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:20:00, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 59995, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:21:23, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 60098, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:24:11, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 60224, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:26:40, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 60243, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Detection, 2015-04-06 15:31:25, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 60267, Outbound, C:\Users\badsy_000\AppData\Roaming\uTorrent\uTorrent.exe, 
Update, 2015-04-06 15:36:53, SYSTEM, MIECIU, Scheduler, Malware Database, 2015.4.6.4, 2015.4.6.5, 
Protection, 2015-04-06 15:36:53, SYSTEM, MIECIU, Protection, Refresh, Starting, 
Protection, 2015-04-06 15:36:53, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopping, 
Protection, 2015-04-06 15:36:53, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopped, 
Protection, 2015-04-06 15:36:59, SYSTEM, MIECIU, Protection, Refresh, Success, 
Protection, 2015-04-06 15:36:59, SYSTEM, MIECIU, Protection, Malicious Website Protection, Starting, 
Protection, 2015-04-06 15:36:59, SYSTEM, MIECIU, Protection, Malicious Website Protection, Started, 
Update, 2015-04-06 16:34:35, SYSTEM, MIECIU, Scheduler, Remediation Database, 2015.3.9.1, 2015.4.6.1, 
Protection, 2015-04-06 16:34:35, SYSTEM, MIECIU, Protection, Refresh, Starting, 
Protection, 2015-04-06 16:34:35, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopping, 
Protection, 2015-04-06 16:34:35, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopped, 
Protection, 2015-04-06 16:34:41, SYSTEM, MIECIU, Protection, Refresh, Success, 
Protection, 2015-04-06 16:34:41, SYSTEM, MIECIU, Protection, Malicious Website Protection, Starting, 
Protection, 2015-04-06 16:34:41, SYSTEM, MIECIU, Protection, Malicious Website Protection, Started, 
Detection, 2015-04-06 17:00:18, badsy_000, MIECIU, Protection, Ochrona przeciw malware, Plik, PUP.Optional.OpenCandy, C:\Users\badsy_000\AppData\Local\temp\utt2EF3.tmp, Kwarantanna, [93ca5e0beaa0b185180270afa462a45c]
Detection, 2015-04-06 17:07:48, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:07:48, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:07:52, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62590, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:09:52, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62634, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:09:53, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62635, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:12:53, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62664, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:15:53, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62699, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:18:53, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62726, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:21:54, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62744, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:24:54, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62794, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 17:27:54, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 62825, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Update, 2015-04-06 17:44:54, SYSTEM, MIECIU, Scheduler, Remediation Database, 2015.4.6.1, 2015.4.6.2, 
Update, 2015-04-06 17:45:04, SYSTEM, MIECIU, Scheduler, Malware Database, 2015.4.6.5, 2015.4.6.7, 
Protection, 2015-04-06 17:45:04, SYSTEM, MIECIU, Protection, Refresh, Starting, 
Protection, 2015-04-06 17:45:04, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopping, 
Protection, 2015-04-06 17:45:04, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopped, 
Protection, 2015-04-06 17:45:15, SYSTEM, MIECIU, Protection, Refresh, Success, 
Protection, 2015-04-06 17:45:15, SYSTEM, MIECIU, Protection, Malicious Website Protection, Starting, 
Protection, 2015-04-06 17:45:15, SYSTEM, MIECIU, Protection, Malicious Website Protection, Started, 
Detection, 2015-04-06 18:46:59, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 41.35.108.111, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:46:59, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 41.35.108.111, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:46:59, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 41.35.108.143, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:47:00, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 41.35.108.143, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:47:00, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 41.35.92.105, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:47:00, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 41.35.92.105, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:47:01, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 41.35.80.150, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:47:01, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 41.35.80.150, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:51:49, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 5.166.182.255, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 18:51:49, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 5.166.182.255, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 19:16:31, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 159.224.150.197, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 19:16:32, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 159.224.150.197, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 19:20:32, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 93.170.49.200, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 19:20:34, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 93.170.49.200, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 19:50:23, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 93.171.173.14, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 19:50:23, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 93.171.173.14, 62096, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 23:22:47, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 59591, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 23:22:47, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 59591, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 23:22:51, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 65088, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 23:24:53, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 65306, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 23:24:54, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 65308, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 23:27:54, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 65375, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Detection, 2015-04-06 23:30:54, SYSTEM, MIECIU, Protection, Malicious Website Protection, IP, 109.95.115.33, 65427, Outbound, D:\Program Files (x86)\Deluge\deluge.exe, 
Update, 2015-04-06 23:33:44, SYSTEM, MIECIU, Scheduler, Malware Database, 2015.4.6.7, 2015.4.6.9, 
Protection, 2015-04-06 23:33:44, SYSTEM, MIECIU, Protection, Refresh, Starting, 
Protection, 2015-04-06 23:33:44, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopping, 
Protection, 2015-04-06 23:33:44, SYSTEM, MIECIU, Protection, Malicious Website Protection, Stopped, 
Protection, 2015-04-06 23:33:51, SYSTEM, MIECIU, Protection, Refresh, Success, 
Protection, 2015-04-06 23:33:51, SYSTEM, MIECIU, Protection, Malicious Website Protection, Starting, 
Protection, 2015-04-06 23:33:51, SYSTEM, MIECIU, Protection, Malicious Website Protection, Started, 
Protection, 2015-04-06 23:44:37, SYSTEM, MIECIU, Protection, Malware Protection, Starting, 
Protection, 2015-04-06 23:44:37, SYSTEM, MIECIU, Protection, Malware Protection, Started, 
Protection, 2015-04-06 23:44:37, SYSTEM, MIECIU, Protection, Malicious Website Protection, Starting, 
Protection, 2015-04-06 23:44:43, SYSTEM, MIECIU, Protection, Malicious Website Protection, Started, 
 
(end)
 
 
 
 
I dont know whats going on. Help me, guys.

Edited by Budapest, 07 April 2015 - 04:30 AM.
Moved from AII ~Budapest


BC AdBot (Login to Remove)

 


#2 DreSSiKK

DreSSiKK
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 06 April 2015 - 08:11 PM

ROGUEKILLER

 

 

 

RogueKiller V10.5.8.0 [Mar 30 2015] od Adlice Software
 
System Operacyjny : Windows 8 (6.2.9200 ) 64 bits version
Uruchomiono : Tryb Normalny
Użytkownik : badsy_000 [Administrator]
Started from : C:\Users\badsy_000\Downloads\RogueKiller.exe
Tryb : Usuwanie -- Data : 04/07/2015  03:11:09
 
¤¤¤ Procesy : 2 ¤¤¤
[Suspicious.Path] ouc.exe(3832) -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe[7] -> Zatrzymano [TermProc]
[Suspicious.Path] OneDrive.exe(7116) -- C:\Users\badsy_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe[7] -> Zatrzymano [TermProc]
 
¤¤¤ Rejestr : 14 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2896412401-932190003-3574418465-1005\Software\Microsoft\Windows\CurrentVersion\Run | OneDrive : "C:\Users\badsy_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background  -> Nie wybrano
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2896412401-932190003-3574418465-1005\Software\Microsoft\Windows\CurrentVersion\Run | OneDrive : "C:\Users\badsy_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background  -> Nie wybrano
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\vToolbarUpdater18.4.0 -> Usunięto
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vToolbarUpdater18.4.0 -> Usunięto
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 212.2.96.51 212.2.96.52 [POLAND (PL)][POLAND (PL)]  -> Podmieniono ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 212.2.96.51 212.2.96.52 [POLAND (PL)][POLAND (PL)]  -> Podmieniono ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{27CC7FF4-F000-4480-B963-06646BB0B2C8} | DhcpNameServer : 212.2.96.51 212.2.96.52 [POLAND (PL)][POLAND (PL)]  -> Podmieniono ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B345EF47-6899-4A47-BDFB-531BD44FD9C2} | DhcpNameServer : 7.254.254.254 [UNITED STATES (US)]  -> Podmieniono ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{27CC7FF4-F000-4480-B963-06646BB0B2C8} | DhcpNameServer : 212.2.96.51 212.2.96.52 [POLAND (PL)][POLAND (PL)]  -> Podmieniono ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B345EF47-6899-4A47-BDFB-531BD44FD9C2} | DhcpNameServer : 7.254.254.254 [UNITED STATES (US)]  -> Podmieniono ()
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Podmieniono (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Podmieniono (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Podmieniono (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Podmieniono (0)
 
¤¤¤ Zaplanowane zadania : 0 ¤¤¤
 
¤¤¤ Pliki : 0 ¤¤¤
 
¤¤¤ Plik Hosts : 1 ¤¤¤
[C:\Windows\System32\Drivers\etc\hosts] 127.0.0.1       localhost
 
¤¤¤ Anty-Rootkit : 0 (Driver: Niezaładowany [0xc000036b]) ¤¤¤
 
¤¤¤ Przeglądarki internetowe : 0 ¤¤¤
 
¤¤¤ Sprawdzenie MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABD075 +++++
--- User ---
[MBR] 2fcceb8386be3a1c6a351bad777dd455
[BSP] 07ff70eed4a6a23ed0acddb9550ff3ef : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 300 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 616448 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2459648 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2721792 | Size: 285811 MB
4 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 588062720 | Size: 350 MB
5 - Basic data partition | Offset (sectors): 588779520 | Size: 407424 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1423183872 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: HUAWEI TF CARD Storage USB Device +++++
--- User ---
[MBR] a7f0347c09f048d76b93598875d514ad
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 141 | Size: 1863 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] ??danie nie jest obs?ugiwane. )
 
 
============================================
RKreport_SCN_04072015_030940.log


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,701 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:32 PM

Posted 11 April 2015 - 05:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/572443 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,701 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:32 PM

Posted 16 April 2015 - 05:25 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users