Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27-02-2017 01 Uruchomiony przez Daniel (28-02-2017 18:12:04) Uruchomiony z C:\Users\Daniel\Desktop Windows 7 Professional Service Pack 1 (X64) (2015-11-14 17:14:27) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4075855626-25370417-906772903-500 - Administrator - Disabled) Daniel (S-1-5-21-4075855626-25370417-906772903-1000 - Administrator - Enabled) => C:\Users\Daniel Gość (S-1-5-21-4075855626-25370417-906772903-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4075855626-25370417-906772903-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Smart Security Premium 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Smart Security Premium 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Zapora osobista ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4075855626-25370417-906772903-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.) Ad-Aware SE Personal (HKLM-x32\...\Ad-Aware SE Personal) (Version: 1.06 - Lavasoft) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_Origami_is1) (Version: 1.0 - R.G. Origami, Seraph1) Age of Mythology: Extended Edition (HKLM-x32\...\QWdlb2ZNeXRob2xvZ3lFeHRlbmRlZEVkaXRpb24=_is1) (Version: 1 - ) Age of Mythology: Extended Edition Tale of the Dragon (HKLM\...\YWdlb2ZteXRob2xvZ3lleHRlbmRlZGVkaXRpb24_is1) (Version: 1 - ) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - ) Battlefield 2: Jednostki Specjalne (HKLM-x32\...\{50D4CB89-AF34-4978-96DC-C3034062E901}) (Version: - ) Brother MFL-Pro Suite DCP-150C (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.0.2.0 - Brother Industries, Ltd.) Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Licomp EMPiK Multimedia) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Licomp EMPiK Multimedia) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) Creative Live! Cam Center (HKLM-x32\...\Creative Live! Cam Center) (Version: - ) Creative Live! Cam Vista IM Driver (1.11.02.00) (HKLM\...\Creative VF0260) (Version: - ) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) ESET Smart Security Premium (HKLM\...\{EB469DFC-E468-49F7-9F4B-62EE36D8A820}) (Version: 10.0.390.0 - ESET, spol. s r.o.) Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC) GameRanger (HKU\S-1-5-21-4075855626-25370417-906772903-1000\...\GameRanger) (Version: - GameRanger Technologies) GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Grand Theft Auto Episodes From Liberty City version 1.1.2.0 (HKLM-x32\...\Grand Theft Auto Episodes From Liberty City_is1) (Version: 1.1.2.0 - GMT-MAX.ORG) Grand Theft Auto IV version 1.0.7.0 (HKLM-x32\...\Grand Theft Auto IV_is1) (Version: 1.0.7.0 - GMT-MAX.ORG) Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Kits Configuration Installer (x32 Version: 8.100.26846 - Microsoft) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.) Łatka polonizacyjna GTA IV v1.0 (HKLM-x32\...\Łatka polonizacyjna GTA IV v1.0) (Version: 1.0 - GTAPOLSKA.PL) Mafia III (HKLM-x32\...\Mafia III_is1) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Mozilla Firefox 42.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pl)) (Version: 42.0 - Mozilla) Mozilla Firefox 46.0.1 (x86 pl) (HKU\S-1-5-21-4075855626-25370417-906772903-1000\...\Mozilla Firefox 46.0.1 (x86 pl)) (Version: 46.0.1 - Mozilla) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Notepad2 (Notepad Replacement) (HKLM\...\Notepad2) (Version: 4.2.25 - Florian Balmer) PhotoFiltre 7 (HKU\S-1-5-21-4075855626-25370417-906772903-1000\...\PhotoFiltre 7) (Version: - ) QForlLgs0EYm Updater version 1.2.0.4 (HKLM-x32\...\QForlLgs0EYm Updater_is1) (Version: 1.2.0.4 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek) Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) SafeFinder (HKLM-x32\...\{0FFFC823-1B36-43E1-9C16-692EC6B31268}) (Version: 1.0.0.0 - Linkury) <==== UWAGA SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) SDK ARM Additions (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden SDK ARM Additions EULA (x32 Version: 8.100.26846 - Microsoft Corporations) Hidden SDK ARM Redistributables (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden SDK Debuggers ARM (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version: - ) Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.) Sony Mobile Xperia Flash Tool (HKLM-x32\...\Xperia Flash Tool) (Version: 2.16.17.201612091557 - Sony Mobile Communications Inc.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer) Total War - Rome II (HKLM-x32\...\Total War - Rome II_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Traffic Exchange (x32 Version: 2.1.0 - Microleaves) Hidden <==== UWAGA Twierdza Krzyżowiec Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1002 - Firefly Studios) Usługa Xperia Companion (Version: 1.4.7.0 - Sony) Hidden Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows Driver Kit for Windows 8.1 (HKLM-x32\...\{aba88724-37eb-4f03-b83b-45199c5a7cf5}) (Version: 8.100.26846 - Microsoft Corporation) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Warcraft Classic (HKU\S-1-5-21-4075855626-25370417-906772903-1000\...\{D55ED80F-FAFD-40E1-99FC-89AF8614A9B5}_is1) (Version: 1.12.1.5875 - Blizzard Entertainment) WTFast 3.5 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.5.9.511 - Initex & AAA Internet Publishing) Xperia Companion (HKLM-x32\...\{efee6944-1231-492a-a157-93409130a098}) (Version: 1.4.7.0 - Sony) Xperia Companion (x32 Version: 1.4.7.0 - Sony) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {036A43D0-2296-4FBA-8C92-879DD235BFC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-14] (Google Inc.) Task: {0F85B90E-DF19-4B9B-A8D5-66FE28C58AFD} - System32\Tasks\QForlLgs0EYm => qforllgs0eym.exe Task: {1993EA93-792D-4088-99F2-5C4BF6BC9C78} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2017-02-28] (UCWeb Inc) <==== UWAGA Task: {275C45DC-DB84-4103-8419-B467F6553B0C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-14] (Google Inc.) Task: {34A0FBA9-BC8B-4E6B-ABB3-4C71BD18C695} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-16] (Advanced Micro Devices, Inc.) Task: {4E535AC2-F8B6-4B7A-AA57-F41FAF1D7F26} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {86C273BB-801A-44DE-8674-A4D97C63A4A7} - System32\Tasks\Butspplikule System => C:\Program Files (x86)\Codtheraternity\gherfegh.exe [2017-02-28] (Glarysoft Ltd) Task: {9ECB4862-7499-44C0-9165-941F13E2135A} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2017-02-28] (UC Web Inc.) <==== UWAGA Task: {A7FB74E2-60C5-45E6-9D91-C439EFA17263} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {CA96C101-3522-4CCD-8A76-1B80B333B395} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2017-02-28] (UCWeb Inc) <==== UWAGA Task: {CAAAE786-1022-422E-ABBB-D00C0BC21BA8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-03-18] () Task: {E6B89740-96EF-42E0-9B63-82B777361269} - System32\Tasks\58R656h8568i777 => Rundll32.exe "C:\ProgramData\58R656h8568i777\58R656h8568i777.dll",RhiBTBgLj <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA Shortcut: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite\Visit GameTracker Website.lnk -> hxxp://www.gametracker.com ShortcutWithArgument: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Daniel\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Daniel\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Daniel\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Daniel\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/ ==================== Załadowane moduły (filtrowane) ============== 2016-05-13 00:02 - 2016-05-13 14:16 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2017-02-28 14:00 - 2017-02-22 15:40 - 00313344 _____ () C:\Program Files (x86)\QForlLgs0EYm Updater\QForlLgs0EYm Updater.exe 2017-02-28 13:56 - 2017-02-28 08:37 - 00599440 _____ () C:\Program Files (x86)\UCBrowser\Application\UCService.exe 2016-09-13 02:01 - 2016-09-13 02:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2015-12-08 20:25 - 2015-12-08 20:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2017-02-28 13:53 - 2017-02-28 13:53 - 00524696 _____ () C:\Program Files\żěŃą\X64\KZipShell.dll 2016-01-05 15:12 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [25444] AlternateDataStreams: C:\Windows\system32\drivers:x64 [1496610] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1221154] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-02-28 17:43 - 2017-02-28 17:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4075855626-25370417-906772903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: LVPrcS64 => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupfolder: C:^Users^Daniel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk => C:\Windows\pss\GameRanger.lnk.Startup MSCONFIG\startupfolder: C:^Users^Daniel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Rejestracja produktu.lnk => C:\Windows\pss\Logitech . Rejestracja produktu.lnk.Startup MSCONFIG\startupreg: BCSSync => "D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite Automount => "D:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: EvolveClient => "E:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot MSCONFIG\startupreg: LogitechQuickCamRibbon => "D:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup MSCONFIG\startupreg: Skype => "D:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: WTFast Tray => "D:\Program Files (x86)\WTFast\WTFast.exe" trayonly MSCONFIG\startupreg: XperiaCompanionAgent => "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{7F0D0BD8-F21D-4846-A9D1-E09FA605FBD5}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{77166B74-0F1B-4B79-9BA6-3D49C881BCDC}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{582E5840-34C9-45B0-837A-99EF8641DCF7}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{72A195FC-29AA-4338-9A54-1258ABCDA25A}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8EF2F44F-E41E-465F-8718-041109880B75}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{7F85176C-69A4-40B5-AA73-B5A8450F760B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{F5C21235-B32D-41BD-AA36-1E547345C314}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DE8FD011-9563-4B9B-8A8A-0AF755B4D817}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4CE85214-38F9-4190-86DC-82005641DF0F}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F3B81686-9EA2-4D6B-B407-3BC6DE3E2041}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7ED89C54-72FB-4792-B5B4-B6DD32DAC18C}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{31B31731-AEDD-4F69-9C8D-AA782B4515AD}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{89AF39C3-BF4D-4AC6-A5E2-CAE012F7C165}E:\program files (x86)\grand theft auto v\gta5.exe] => (Block) E:\program files (x86)\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{E6FEACF7-5052-498C-883F-D78FA5CD2FB4}E:\program files (x86)\grand theft auto v\gta5.exe] => (Block) E:\program files (x86)\grand theft auto v\gta5.exe FirewallRules: [{E48CDFBF-3197-4AD6-AA88-9659C7EA78F1}] => (Allow) D:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B6B4295F-FC53-47A0-85E9-F8419D90DFCC}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EC25E98F-9F15-44D3-9507-DCFC1B748441}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{489A7291-4E1B-4455-B58C-F36085B1AD2B}E:\program files (x86)\total war - rome ii\rome2.exe] => (Allow) E:\program files (x86)\total war - rome ii\rome2.exe FirewallRules: [UDP Query User{D5219010-1417-4753-A897-BBB763E49080}E:\program files (x86)\total war - rome ii\rome2.exe] => (Allow) E:\program files (x86)\total war - rome ii\rome2.exe FirewallRules: [TCP Query User{FEF34077-32D9-47FF-8D77-ED42D409E627}E:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) E:\program files (x86)\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{711C0986-79A7-47A0-9D0F-79685B47FE27}E:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) E:\program files (x86)\grand theft auto v\gta5.exe FirewallRules: [{57E726FE-736B-4ED1-9D23-460174BE9C30}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{93AA9492-B103-4E35-BC8B-951B11386ECD}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{684C9493-1C65-4CB0-9998-C7A24BA9051D}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{68DD1D18-6F8C-4449-9471-6B2C4D2EDDB8}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{40C86EE2-867F-4733-BFFA-F8566CDA4067}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe FirewallRules: [{6676421C-A16E-4F83-A1C0-28F18EF33955}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe FirewallRules: [{5BE01D8B-F9F7-4E15-BFE6-5711B0F8D956}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe FirewallRules: [{C66E4F4F-9AC3-4483-B55A-CB7E86B08F35}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe FirewallRules: [TCP Query User{6DD27318-C179-4722-BA5B-0BA872A049F0}C:\users\daniel\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\daniel\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [UDP Query User{10BF9C0C-5E09-4140-B6EC-D7247337FDA1}C:\users\daniel\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\daniel\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [TCP Query User{A79595EB-4BF3-4CAF-95C8-4ECD5E289FB7}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{EDA8C2B2-70E3-40AC-8169-CD6FB8ABA4C4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [TCP Query User{C73912A8-54DD-4084-8A90-35EE36C3639D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{5880B506-E48A-49BC-8EF7-47C7CDCAB6D7}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{85033C31-186D-41C0-A431-59E371C8A789}E:\honorbuddy\hbcd auth\hbcd_auth.exe] => (Allow) E:\honorbuddy\hbcd auth\hbcd_auth.exe FirewallRules: [UDP Query User{AAB9B7B3-A40E-4D9C-BCC9-45513CCC911A}E:\honorbuddy\hbcd auth\hbcd_auth.exe] => (Allow) E:\honorbuddy\hbcd auth\hbcd_auth.exe FirewallRules: [TCP Query User{1DD4884A-4962-4B90-8129-8ABC0A5BE7D9}E:\honorbuddy\cmhonorbuddy434reloaded\honorbuddy.exe] => (Allow) E:\honorbuddy\cmhonorbuddy434reloaded\honorbuddy.exe FirewallRules: [UDP Query User{EFFB0010-98AE-4E49-AEA4-8B66122E280C}E:\honorbuddy\cmhonorbuddy434reloaded\honorbuddy.exe] => (Allow) E:\honorbuddy\cmhonorbuddy434reloaded\honorbuddy.exe FirewallRules: [{8A3C0AE7-F3EF-44EC-B1B3-16FF88D64350}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5D9895EC-481D-4531-B5FC-22D7A4E50928}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B983FC1E-91AC-4495-8116-D5A0B5AEC132}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{7BBE4D7B-078E-41B7-B5FF-E21C105E9237}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F976AC6E-C1F2-4B44-B0D2-D632522BE35C}] => (Allow) E:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe FirewallRules: [{B9C52094-5636-459F-AF94-2650AB87DE7B}] => (Allow) E:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe FirewallRules: [{10E0FC74-1331-4D4C-9C8A-D703FAEFD8BC}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{A97CCAF9-DD5C-4B45-842F-F3576E3DD638}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{D131A633-54E2-46FF-A611-D7011D5740E5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{D585B66F-9F90-4971-9532-8E1863EB3A4C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{F8CB7616-6261-4436-BA91-3334F80AED5D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{6D30E913-602B-4A5F-9592-A77D9BCF113A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{69C8AFC4-900F-4487-AFE7-3F4EB6DB54B0}] => (Block) E:\Program Files (x86)\Mafia III\mafia3.exe FirewallRules: [{CD29E4A1-3AF9-4BC1-A66E-E751BBF56E0A}] => (Block) E:\Program Files (x86)\Mafia III\mafia3.exe FirewallRules: [{DA9BF937-82A3-4228-9F01-F5DDE8B25C79}] => (Block) E:\Program Files (x86)\Mafia III\launcher.exe FirewallRules: [{18F6EFE0-A4E9-472C-9CCE-E0C1521C2EC4}] => (Block) E:\Program Files (x86)\Mafia III\launcher.exe FirewallRules: [TCP Query User{68D8A22D-617B-4EF6-A3B4-F3E666397394}E:\program files (x86)\age of empires iii - complete collection\age3.exe] => (Allow) E:\program files (x86)\age of empires iii - complete collection\age3.exe FirewallRules: [UDP Query User{B7FDBC70-A8B8-4913-AAB0-E535626F49A4}E:\program files (x86)\age of empires iii - complete collection\age3.exe] => (Allow) E:\program files (x86)\age of empires iii - complete collection\age3.exe FirewallRules: [{EB2CB894-0650-4B67-87B9-95D4C64AF673}] => (Allow) E:\Program Files\Echobit\Evolve\EvoSvc.exe FirewallRules: [{0C3F0728-A784-4BFE-9168-5C1B5813F67B}] => (Allow) E:\Program Files\Echobit\Evolve\EvolveClient.exe FirewallRules: [TCP Query User{F94AC8FF-B8F5-4837-AAB6-334D30AA2658}E:\program files (x86)\age of empires iii - complete collection\age3y.exe] => (Allow) E:\program files (x86)\age of empires iii - complete collection\age3y.exe FirewallRules: [UDP Query User{4050FA04-0ECB-4FC0-849F-06A2B72B7E0B}E:\program files (x86)\age of empires iii - complete collection\age3y.exe] => (Allow) E:\program files (x86)\age of empires iii - complete collection\age3y.exe FirewallRules: [{012DA0C9-8E92-40B2-84BC-FED79B87DFFA}] => (Block) E:\Program Files (x86)\Sid Meiers Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe FirewallRules: [{FC9C4B84-13DF-4637-8E2C-ADAF41935B24}] => (Allow) D:\Program Files (x86)\Sony Mobile\Xperia Flash Tool\Emma.exe FirewallRules: [{4403EB42-B6C6-482A-8319-F736BF58DB13}] => (Allow) D:\Program Files (x86)\Sony Mobile\Xperia Flash Tool\Emma.exe FirewallRules: [{29565444-CD42-44A5-A2B7-76C16E8372B9}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe FirewallRules: [{D87FDBB6-8045-4529-A9F8-4B9AA6AE8F61}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C934F6A5-9E9C-4BC1-9B91-B8D137AC889B}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{51BB484D-E37E-427B-9474-547EDC3B49A2}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{73D29923-E2E9-4635-B1FD-64C5A650D92C}] => (Allow) E:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe FirewallRules: [{2DEFBA01-7CE1-4DAB-9288-C0EA10AB92BB}] => (Allow) E:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe FirewallRules: [TCP Query User{89D3BFB9-DB3E-4304-A7D4-927FA48B9B3E}E:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe] => (Block) E:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe FirewallRules: [UDP Query User{49F857D6-BEC9-4B97-B8EF-EA653F7ADB8C}E:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe] => (Block) E:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe FirewallRules: [TCP Query User{664BA75C-1EF7-4DDE-8AC4-2D7C2E955B82}E:\program files (x86)\bf bc2\battlefield bad company 2\bfbc2game.exe] => (Allow) E:\program files (x86)\bf bc2\battlefield bad company 2\bfbc2game.exe FirewallRules: [UDP Query User{0EEFC88F-FA6B-405B-B3BE-92398771B24B}E:\program files (x86)\bf bc2\battlefield bad company 2\bfbc2game.exe] => (Allow) E:\program files (x86)\bf bc2\battlefield bad company 2\bfbc2game.exe FirewallRules: [{526A456C-3720-4FD6-A9E9-FF80FE7AE33F}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{D5AB3D28-EDEB-4732-8A51-C8439C82A57E}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{402475BE-7B75-4A41-876C-1743A9585051}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{8E68B2BF-94FF-45F7-A371-D442A9EA934E}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{A397C2CF-6934-4FC3-9644-2BACD10D02F7}] => (Allow) C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe ==================== Punkty Przywracania systemu ========================= 16-02-2017 23:26:39 Zainstalowane Battlefield 2: Europejskie siły zbrojne pakiet dod¤Ć›[ů 16-02-2017 23:30:00 Zainstalowane Battlefield 2: Pancerny atak, pakiet dodatkowy 16-02-2017 23:31:10 Zainstalowane Battlefield 2 - aktualizacja v1.41 16-02-2017 23:44:40 Instalacja pakietu sterownika urządzenia: Disc Soft Ltd Kontrolery magazynu 16-02-2017 23:45:07 Instalacja pakietu sterownika urządzenia: Disc Soft Ltd Kontrolery uniwersalnej magistrali szeregowej 17-02-2017 00:27:47 Zainstalowane Battlefield 2 Patch 17-02-2017 14:56:05 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 28-02-2017 17:36:08 ComboFix created restore point ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/28/2017 02:02:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program PCCleanPlus.exe w wersji 3.6.81.400 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 10c8 Godzina rozpoczęcia: 01d291c2c4f81bce Godzina zakończenia: 10 Ścieżka aplikacji: C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe Identyfikator raportu: 10b88288-fdb6-11e6-bc5c-001d7d9cb150 Error: (02/28/2017 01:53:14 PM) (Source: MsiInstaller) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Product: Online.io Application -- Online.io Application cannot be installed on systems with less physical memory than 4096 MB. Error: (02/16/2017 11:04:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BF2VoiceSetup.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x428ca89a Nazwa modułu powodującego błąd: BF2VoiceSetup.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x428ca89a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00008661 Identyfikator procesu powodującego błąd: 0xdc8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d288a0900c0bfe Ścieżka aplikacji powodującej błąd: E:\Program Files (x86)\EA GAMES\Battlefield 2\BF2VoiceSetup.exe Ścieżka modułu powodującego błąd: E:\Program Files (x86)\EA GAMES\Battlefield 2\BF2VoiceSetup.exe Identyfikator raportu: eabdaa0e-f493-11e6-bd43-001d7d9cb150 Error: (02/08/2017 02:33:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: updater.exe, wersja: 1.0.0.6, sygnatura czasowa: 0x583f4bc0 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.23418, sygnatura czasowa: 0x5708a89c Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000000000001a06d Identyfikator procesu powodującego błąd: 0x16cc Godzina uruchomienia aplikacji powodującej błąd: 0x01d2820fe4964a06 Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\Tibia Loader\updater.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\KERNELBASE.dll Identyfikator raportu: 3cbbdc7a-ee03-11e6-bef7-001d7d9cb150 Error: (02/08/2017 02:33:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: updater.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.ArgumentException Stos: w System.Diagnostics.Process.GetProcessById(Int32) w updater.netupdater.DownloadUpdates() w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w System.Threading.ThreadHelper.ThreadStart() Error: (02/08/2017 12:01:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2017/02/08 00:01:36.888]: [00002792]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/08/2017 12:01:35 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2017/02/08 00:01:35.343]: [00002792]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/08/2017 12:01:33 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2017/02/08 00:01:33.799]: [00002792]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/08/2017 12:01:32 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2017/02/08 00:01:32.290]: [00002792]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/08/2017 12:01:30 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2017/02/08 00:01:30.790]: [00002792]: lperrcode->api = 1 , lperrcode->code = 2 Dziennik System: ============= Error: (02/28/2017 05:43:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (02/28/2017 05:42:48 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/28/2017 05:40:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (02/28/2017 05:38:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa QForlLgs0EYm Updater niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/28/2017 04:45:36 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (02/28/2017 03:45:25 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (02/28/2017 03:45:23 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (02/28/2017 03:43:03 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: Jedno wystąpienie usługi już działa. . Error: (02/28/2017 03:42:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (02/28/2017 03:42:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2017-02-28 17:42:48.472 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-28 17:42:48.409 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz Procent pamięci w użyciu: 47% Całkowita pamięć fizyczna: 4094.49 MB Dostępna pamięć fizyczna: 2162.72 MB Całkowita pamięć wirtualna: 8187.17 MB Dostępna pamięć wirtualna: 6458.23 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:102.44 GB) (Free:36.87 GB) NTFS Drive d: () (Fixed) (Total:53.71 GB) (Free:40.53 GB) NTFS Drive e: () (Fixed) (Total:309.51 GB) (Free:88.23 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 91D714BF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=102.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=53.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=309.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================