Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23.02.2018 Uruchomiony przez Łukasz (24-02-2018 08:18:51) Uruchomiony z C:\Users\Łukasz\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2016-02-19 15:40:35) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3069082019-2975524053-1918208989-500 - Administrator - Disabled) Gość (S-1-5-21-3069082019-2975524053-1918208989-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3069082019-2975524053-1918208989-1002 - Limited - Enabled) Łukasz (S-1-5-21-3069082019-2975524053-1918208989-1000 - Administrator - Enabled) => C:\Users\Łukasz ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Atak na zamek (HKLM-x32\...\{DEDD4955-2517-48B1-87E6-0FBC0161D551}) (Version: - ) ATI AVIVO64 Codecs (HKLM\...\{98BA2F7A-DCC7-C939-9A77-ABAFA55E0AF6}) (Version: 10.12.0.00113 - ATI Technologies Inc.) Hidden Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.1.2326 - AVAST Software) Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform) Crossfire Europe version 1.0 (HKLM-x32\...\{557293B8-1840-44F4-BBEC-0F26A8399075}_is1) (Version: 1.0 - SUPER GENIUS GAMES) Crossout Launcher 1.0.3.29 (HKU\S-1-5-21-3069082019-2975524053-1918208989-1000\...\CrossOutLauncher_is1) (Version: - ) Cybereason RansomFree 2.4.2.0 (HKLM-x32\...\{2A15E1FB-A1F5-4F11-B033-D8DB1E37C1E9}) (Version: 2.4.2.0 - Cybereason Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Epic Games Launcher (HKLM-x32\...\{5C62BEB3-DB6F-4B27-BCEB-F350F85B32D3}) (Version: 1.1.135.0 - Epic Games, Inc.) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON SX218 Series Printer Uninstall (HKLM\...\EPSON SX218 Series) (Version: - SEIKO EPSON Corporation) FPS Creator Free (HKLM-x32\...\{800218C2-2E07-461C-85D6-8FDB4F9161D9}) (Version: - ) FreeMouseAutoClicker 3.8 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version: - Advanced Mouse Auto Clicker ltd.) Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GameLoad 2.0.0 (HKLM-x32\...\{7FEA7AEB-C073-4687-B3E1-5282DFABAB56}_is1) (Version: 2.0.0 - Ant Media, s. r. o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden LastChaosPoland (HKLM-x32\...\{A56028FC-1F40-4369-9941-7AAAC6ACE924}) (Version: 1.00.000 - BarunsonGames CO., LTD.) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LibreOffice 5.1.0.3 (HKLM\...\{C7F3829A-D959-417F-8A0A-EFAA5D484BE1}) (Version: 5.1.0.3 - The Document Foundation) Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden My.com Game Center (HKU\S-1-5-21-3069082019-2975524053-1918208989-1000\...\MyComGames) (Version: 3.222 - My.com B.V.) Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.150 - Symantec Corporation) Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6024 - Realtek Semiconductor Corp.) Roblox Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation) Roblox Player for Łukasz (HKU\S-1-5-21-3069082019-2975524053-1918208989-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation) Roblox Studio (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation) Rollercoaster Tycoon 2 (HKLM-x32\...\{6B714273-F9B5-4C11-A920-F06FC5B4DA80}) (Version: 1.0 - ) SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stronghold 2 Deluxe (HKLM-x32\...\{417FE195-C31B-4A41-A057-E7404188B32E}) (Version: 1.00.000 - ) TeamSpeak 3 Client (HKU\S-1-5-21-3069082019-2975524053-1918208989-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Transport Giant - Złota Edycja (HKLM-x32\...\{E3A64E20-EDA4-4B93-9176-FD3B4C7B085F}) (Version: 2.0 - ) UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Unity Web Player (HKU\S-1-5-21-3069082019-2975524053-1918208989-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-17] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-17] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-17] (AVAST Software) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-17] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Łukasz\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-17] (AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-3069082019-2975524053-1918208989-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku ContextMenuHandlers4_S-1-5-21-3069082019-2975524053-1918208989-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku ContextMenuHandlers5_S-1-5-21-3069082019-2975524053-1918208989-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => -> Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01D52E21-1B8E-48BA-85F8-5F0A21E23A4E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software) Task: {09EF2719-D69C-4BBF-8EBB-9DD5B8BDA0C6} - System32\Tasks\Cybereason RansomFree Autostart => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-11-20] (Cybereason) Task: {247B8E66-101B-4A14-B1C9-0EC5565339BC} - System32\Tasks\{9D4DC6C6-1037-41B0-8210-A64C59F4B5BC} => C:\Program Files (x86)\The Game Creators\FPS Creator Free\FPSCreator.exe Task: {24C3AD45-7D8F-41BC-979B-C78D93EEA186} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated) Task: {24F0158E-45B7-49AC-95DD-4BE94D221B3C} - System32\Tasks\{D5373167-5E41-4516-9895-1E370FDD4793} => C:\Program Files (x86)\Firefly Studios\Castle Attack 2\CastleAttack.exe Task: {28F63759-9F5E-406A-907A-C6CB40715A4E} - System32\Tasks\Cybereason RansomFree Keepalive => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-11-20] (Cybereason) Task: {2D352980-F404-45B8-A912-6C4543765015} - System32\Tasks\{C70D9406-0DD1-41B7-93A8-26030DC64D83} => C:\Users\Łukasz\Desktop\Minecraft by Zyczu.exe Task: {467204E6-D9D2-43AF-9FE8-C6873D82DA8C} - System32\Tasks\{8A6C7F7D-2743-44A3-B657-4D4698F6ADB9} => C:\Windows\system32\pcalua.exe -a "C:\Users\Łukasz\Downloads\AMT_Intel_6.0.0.1179_W7x86W7x64_A\AMT_Intel_6.0.0.1179_Win7x86x64_ASX3950\Intel Control Center\SetupICC.exe" -d "C:\Users\Łukasz\Downloads\AMT_Intel_6.0.0.1179_W7x86W7x64_A\AMT_Intel_6.0.0.1179_Win7x86x64_ASX3950\Intel Control Center" Task: {4C8A37C4-9A51-42C3-93F0-B2EEF79A5796} - System32\Tasks\{B4990BBB-D1E1-4E7D-B429-4E93BD141AF8} => E:\V1.05b_Raft_Win32\V1.05b_Raft_Wind32.exe Task: {4E6BBD37-D615-4DF7-83A7-B79DCB987ED3} - System32\Tasks\{92C6EA50-A217-430E-B68C-919DA6708040} => C:\games\car mechanic simulator 2015\cms2015_Loader.exe Task: {4FB1466C-A7A3-4D49-B74D-944E8476E4DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-20] (Google Inc.) Task: {57620902-6A32-4FE8-9A10-E53D725ACF26} - System32\Tasks\{AAE3E4F1-EB5F-4AB2-BFCB-494ED9911CA8} => E:\V1.05b_Raft_Win32\V1.05b_Raft_Wind32.exe Task: {707B65A3-7D16-4873-B6FD-A5E794C96AFF} - System32\Tasks\{F89A8CFF-C7B0-4F06-B5BD-FFDB80C31C4B} => C:\games\car mechanic simulator 2015\cms2015_Loader.exe Task: {755DD793-FE8A-4577-B670-DF2FB212EFB7} - System32\Tasks\{863A1433-936D-494D-81D1-DDE128DA732B} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\ Task: {7CBB2667-27D8-4357-B36A-1591B45BC7FE} - System32\Tasks\{10A91CE7-3FF6-40B5-837C-0100D5AE8866} => C:\Windows\system32\pcalua.exe -a E:\mortyr3setup.exe -d E:\ Task: {7E2470D4-7EB0-4817-A363-5131C715BDD2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-02-17] (AVAST Software) Task: {817E9AD6-F9D0-44BD-AE54-545670364492} - System32\Tasks\{F235973D-4EA4-420F-BACE-CC882FE7A033} => C:\Users\Łukasz\Desktop\Minecraft by Zyczu.exe Task: {85894450-9C87-4C9E-BFAC-27F33B038751} - System32\Tasks\{CFB5798B-75A0-4D3D-8110-987E5C617453} => E:\V1.05b_Raft_Win32\V1.05b_Raft_Wind32.exe Task: {87C3AFD1-E553-4268-9916-74A02F3447BF} - System32\Tasks\{8029A874-0913-452F-8FF7-53AB039B3492} => C:\games\car mechanic simulator 2015\cms2015_Loader.exe Task: {97F8B56D-2DE7-4F99-9AC6-82C8B5FD42F9} - System32\Tasks\{1888546D-E857-4FA2-8EDC-E2520CBA1088} => E:\V1.05b_Raft_Win32\V1.05b_Raft_Wind32.exe Task: {A13D3476-9D8C-4D80-A202-CAC2747BDF29} - System32\Tasks\{600A9D07-53E4-4EBF-80CD-9ED79B804F92} => C:\Windows\system32\pcalua.exe -a "I:\Install TomTom HOME.exe" -d I:\ Task: {AA27772B-2D20-47E9-8A91-8D35D67D8AEA} - System32\Tasks\Norton Security Scan for Łukasz => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [2018-01-10] (Symantec Corporation) Task: {B4062042-71D9-4B81-AB4F-42A84250E50D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-07] (Adobe Systems Incorporated) Task: {B97EA2F5-C530-4CC8-861B-A6869303DF9A} - System32\Tasks\{D6FB3F17-1255-4342-A692-CADBE3821123} => C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe Task: {BC36E984-D2C9-47C1-BF32-7B2F5A7B70CE} - System32\Tasks\{F4A95530-B7A6-457B-94B1-164F85F7770C} => C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe Task: {C291F13D-B942-43A9-8D35-C49B5F10A575} - System32\Tasks\{C07B483C-A6AC-426E-9539-86D099939867} => C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe Task: {CE9377DF-A2AE-4795-8955-B4DDA2721B4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-20] (Google Inc.) Task: {D0F75533-338E-449C-B0ED-333C5A309F55} - System32\Tasks\{1A635094-3A4C-470F-B2B7-3FAF08C99830} => C:\games\car mechanic simulator 2015\cms2015_Loader.exe Task: {E8C3AFB5-8470-4036-8A20-0DD9B879997C} - System32\Tasks\{3DBA01B2-63C3-4113-85C2-BA40C404B0C5} => C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe Task: {EA07585F-9746-4E73-BE28-FAA5F0229AB6} - System32\Tasks\{94416947-6927-4B46-9083-E9FEA1F8CA15} => C:\games\car mechanic simulator 2015\cms2015_Loader.exe Task: {F0CD899A-BBFB-4F41-9AFF-64017EC16D95} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd) Task: {F8E35EF5-91D2-4B48-B680-5E9AB275CFA4} - System32\Tasks\{8881BAAA-C078-4881-A0AD-DE141AE9DC68} => C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe Task: {FB00CFD2-8EE8-4BDE-B6CB-DDFF5778E3BB} - System32\Tasks\{2F95A3BB-02D6-4C5A-99B3-AB94B279D259} => E:\V1.05b_Raft_Win32\V1.05b_Raft_Wind32.exe Task: {FDAC36D6-6BA3-4D55-851C-329BBE2A59B8} - System32\Tasks\{CD59B252-B5EA-4D8A-8A79-2872F6F7D732} => E:\V1.05b_Raft_Win32\V1.05b_Raft_Wind32.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-02-21 07:15 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-02-21 07:15 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2016-07-15 13:37 - 2016-07-15 13:37 - 000062168 ____N () C:\Program Files\CCleaner\branding.dll 2018-01-09 06:37 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll 2018-01-09 06:37 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll 2018-02-17 09:04 - 2018-02-17 09:04 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-02-17 09:04 - 2018-02-17 09:04 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2018-02-23 07:08 - 2018-02-23 07:08 - 005822096 _____ () C:\Program Files\AVAST Software\Avast\defs\18022202\algo.dll 2018-02-17 09:04 - 2018-02-17 09:04 - 000756952 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2018-02-17 09:04 - 2018-02-17 09:04 - 000172248 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll 2018-02-17 09:04 - 2018-02-17 09:04 - 000963288 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll 2018-02-17 09:04 - 2018-02-17 09:04 - 000468696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll 2018-02-17 09:04 - 2018-02-17 09:04 - 000339160 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll 2018-02-24 08:14 - 2018-02-24 08:14 - 005822096 _____ () C:\Program Files\AVAST Software\Avast\defs\18022400\algo.dll 2017-12-15 12:13 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-12-15 12:13 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-12-15 12:13 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-12-15 12:13 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-12-15 12:13 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll 2017-12-15 12:13 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2017-12-15 12:13 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-15 12:13 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-15 12:13 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-15 12:13 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2017-12-15 12:13 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-12-15 12:13 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2018-02-10 08:26 - 2018-02-10 08:26 - 000144896 _____ () C:\Users\Łukasz\AppData\Local\MyComGames\zlib1.dll 2018-02-10 08:26 - 2018-02-10 08:26 - 002170768 _____ () C:\Users\Łukasz\AppData\Local\MyComGames\SkiAcc.dll 2018-02-10 08:26 - 2018-02-10 08:26 - 000076176 _____ () C:\Users\Łukasz\AppData\Local\MyComGames\pxd.dll 2018-02-10 08:26 - 2018-02-10 08:26 - 000249232 _____ () C:\Users\Łukasz\AppData\Local\MyComGames\LightUpdate.dll 2018-02-10 08:26 - 2018-02-10 08:26 - 002495376 _____ () C:\Users\Łukasz\AppData\Local\MyComGames\BigUp2.dll 2017-12-26 00:29 - 2017-12-26 00:29 - 071645184 _____ () C:\Users\Łukasz\AppData\Local\MyComGames\Chrome\3.3239.1710\libcef.dll 2018-02-07 17:38 - 2018-02-07 17:38 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-02-17 09:04 - 2018-02-17 09:04 - 000275672 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-12-15 12:15 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2017-12-15 12:15 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-12-15 12:13 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3069082019-2975524053-1918208989-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 208.67.222.222 - 208.67.220.220 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{0A1B3118-A7EC-48F8-9D10-1B966CA8694C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{B0B1FAB5-8CDF-450D-B1BA-E9AFB36134E2}] => (Allow) LPort=2869 FirewallRules: [{A48FD871-B7CC-4434-A5F2-BD48B237C608}] => (Allow) LPort=1900 FirewallRules: [{9C338A4A-9DC6-49C6-9715-01B4ADB1BF9C}] => (Allow) LPort=8317 FirewallRules: [{64C82219-3F28-4ABB-BA34-544C448E507D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{D2012861-9B96-40DA-9F70-32BC00E1A8C7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [TCP Query User{7603E541-6353-4A84-B70C-A4D5640DEB10}C:\users\łukasz\desktop\metin\metin2-legend.pl\metin2-legend.exe] => (Allow) C:\users\łukasz\desktop\metin\metin2-legend.pl\metin2-legend.exe FirewallRules: [UDP Query User{0AA11B0C-4C09-46B1-A6D1-92EABC871A73}C:\users\łukasz\desktop\metin\metin2-legend.pl\metin2-legend.exe] => (Allow) C:\users\łukasz\desktop\metin\metin2-legend.pl\metin2-legend.exe FirewallRules: [TCP Query User{E9EFB887-9A7F-45BF-AF31-AEA6F38F9706}C:\users\łukasz\desktop\virtualmt2\virtualcafe_launcher.exe] => (Allow) C:\users\łukasz\desktop\virtualmt2\virtualcafe_launcher.exe FirewallRules: [UDP Query User{2932BB2A-C425-4DFA-B18C-A8E82CB8FBA8}C:\users\łukasz\desktop\virtualmt2\virtualcafe_launcher.exe] => (Allow) C:\users\łukasz\desktop\virtualmt2\virtualcafe_launcher.exe FirewallRules: [TCP Query User{BEFEC7AB-7F93-4634-9CF4-3F195742D3CE}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{4F119928-55D9-4635-9568-C26AA285AB58}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{60A9A50A-6DA7-4A1F-8BDE-67B8553620E3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{F471848E-8CC4-469E-B1D2-579EC0366E45}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{FE4E3E20-4903-4ED3-B4F9-E489A19588E9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{047CC619-E354-44A7-B9BE-49A467DFB0AD}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{F24D88D1-F174-4062-B95F-EB1830B59A2B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{19B6460E-23B4-4429-9E33-889C07A77F93}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{FFB787E2-F36C-40B1-92E1-43C745FAAD42}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{726D6195-71A7-4E9D-9BA2-9E997AF0AB45}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [TCP Query User{AA4AB3B9-2649-4096-B9E0-2E43B72EC23D}C:\games\car mechanic simulator 2015\cms2015.exe] => (Allow) C:\games\car mechanic simulator 2015\cms2015.exe FirewallRules: [UDP Query User{98A3A148-6F92-4A4A-8B24-780F28910D88}C:\games\car mechanic simulator 2015\cms2015.exe] => (Allow) C:\games\car mechanic simulator 2015\cms2015.exe FirewallRules: [TCP Query User{42194324-0A18-4185-8675-0CF09E99C2CB}C:\nowy folder\game.dat] => (Allow) C:\nowy folder\game.dat FirewallRules: [UDP Query User{7AB75451-6DCB-491A-A9DE-2B1E068921F6}C:\nowy folder\game.dat] => (Allow) C:\nowy folder\game.dat FirewallRules: [TCP Query User{B85374E9-6CDE-4F41-88F1-15BEFBC23154}C:\program files (x86)\firefly studios\stronghold 2 deluxe\game.dat] => (Block) C:\program files (x86)\firefly studios\stronghold 2 deluxe\game.dat FirewallRules: [UDP Query User{16C48B03-E074-48E6-9876-552D01A23C73}C:\program files (x86)\firefly studios\stronghold 2 deluxe\game.dat] => (Block) C:\program files (x86)\firefly studios\stronghold 2 deluxe\game.dat FirewallRules: [{3D999584-FEDE-4B20-9B8D-6DE67E4BC469}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\FarmingSimulator2017.exe FirewallRules: [{CC7A9826-B936-4A6A-8D8F-98D9CAE5CA06}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\FarmingSimulator2017.exe FirewallRules: [{49F6DA1D-BAE8-4111-AC2E-00F71E5D3B75}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe FirewallRules: [{F188FB6C-D940-463E-B110-41D51D6A3C36}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe FirewallRules: [{C1B7275D-8881-4F48-BEE5-8F3BF4DE3E5B}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe FirewallRules: [{421E6B2E-AD87-45FD-B9E3-0E827962F04F}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe FirewallRules: [{E1A87770-9A0C-40ED-9A87-693D25D2625E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A973FB35-07D0-42C7-AF1A-F5CAAFC4EB93}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{59C1F43F-4046-4716-A9C7-762EE52612ED}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{34D770FD-34EB-4253-956A-6B6EBF9FB50C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{24FF9C85-56F5-4846-90C5-BAAABED6FB58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{E7C44F11-B3BD-42CE-A4F7-3F2A67A78351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{D2B0646E-6F2E-4AAA-B14E-88D663CA0C0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{35A81A32-3780-4806-A196-F697EF5939BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{143479E3-696F-4131-A2FF-192E57A67A40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe FirewallRules: [{E6A6B5CB-060E-41F5-B897-2093BCB09586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe FirewallRules: [{314132CD-2FA4-4577-8703-F116F3E305B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe FirewallRules: [{C38003B6-5CD0-4DFF-8D46-E7C989C209C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe FirewallRules: [{1D331C05-B8FB-412C-AEDD-7B39BB074F71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{D5BF6A52-AECE-493A-BE78-F75C01ED2280}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{0C5E96E2-9D14-4B6B-8E96-42E2DDC1E6A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5A2C056F-EB80-4DE7-8CD4-F142F4141AA6}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe FirewallRules: [{081DAA1D-B936-4A40-92D3-F6724B55E414}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe FirewallRules: [{FB9D9ADB-6211-4A84-91D9-5CDC9261AE0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Dummy Experiment\thedummyexperiment.exe FirewallRules: [{643B918F-221E-4CDA-B393-FEC138E3ED76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Dummy Experiment\thedummyexperiment.exe FirewallRules: [{B3BA856A-C49F-43B0-901B-BB9EE9B49937}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aimtastic\Aimtastic.exe FirewallRules: [{20F59372-D4BE-4998-9B0B-A577C6008726}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aimtastic\Aimtastic.exe FirewallRules: [{FEEBB1A5-6324-45C1-8BE6-25EECC487E50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Crucible Firestorm\Red Crucible.exe FirewallRules: [{A16EBC44-CE76-423E-B9C6-EFD451A5E9AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Crucible Firestorm\Red Crucible.exe FirewallRules: [{85A283D4-3BF5-4652-917C-FCD3D866FDF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Crucible® Reloaded\Red Crucible Reloaded.exe FirewallRules: [{70F275B6-8D14-4066-BBD4-21B45CBF2A96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Crucible® Reloaded\Red Crucible Reloaded.exe FirewallRules: [{EFE7C5C6-C22A-44B9-93E9-A9A728598195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleRush\Cv2_Base\Binaries\Win64\Cv2_BaseClient_Shipping.exe FirewallRules: [{FEF72739-D77D-43B3-83A5-99F7C7C7C89A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleRush\Cv2_Base\Binaries\Win64\Cv2_BaseClient_Shipping.exe ==================== Punkty Przywracania systemu ========================= 10-02-2018 07:29:58 Zainstalowany program DirectX 14-02-2018 09:57:36 Windows Update 20-02-2018 17:43:54 Installed Cybereason RansomFree 2.4.2.0 22-02-2018 08:56:39 Usunięte Medieval II Total War 22-02-2018 08:58:35 Usunięte Medieval II Total War Kingdoms 22-02-2018 08:59:53 Removed Java 8 Update 151 (64-bit) 22-02-2018 09:02:07 Usunięte Worms Forts - Oblężenie 23-02-2018 07:13:47 Removed Java 8 Update 151 (64-bit) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Standardowa klawiatura PS/2 Description: Standardowa klawiatura PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Klawiatury standardowe) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Mysz Microsoft PS/2 Description: Mysz Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/24/2018 08:11:11 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/23/2018 07:07:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/22/2018 09:15:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: CompatTelRunner.exe, wersja: 10.0.17060.1019, sygnatura czasowa: 0x0206ae46 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.24024, sygnatura czasowa: 0x5a58e571 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x00000000000bf6b2 Identyfikator procesu powodującego błąd: 0x17d0 Godzina uruchomienia aplikacji powodującej błąd: 0x01d3abb254a4cf46 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\CompatTelRunner.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 7e9368c6-17a8-11e8-b24a-d027881e52b4 Error: (02/22/2018 08:53:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: mbamtray.exe, wersja: 3.0.0.1284, sygnatura czasowa: 0x5a15a98e Nazwa modułu powodującego błąd: Qt5Core.dll, wersja: 5.6.2.0, sygnatura czasowa: 0x59a63e00 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0018de83 Identyfikator procesu powodującego błąd: 0x1194 Godzina uruchomienia aplikacji powodującej błąd: 0x01d3abb2117fc0eb Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Ścieżka modułu powodującego błąd: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Identyfikator raportu: 6b462807-17a5-11e8-b24a-d027881e52b4 Error: (02/22/2018 08:51:54 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/21/2018 01:36:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/21/2018 07:11:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/20/2018 05:44:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver. System Error: Nie można odnaleźć określonego pliku. . Dziennik System: ============= Error: (02/24/2018 08:16:36 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Update zawiesiła się podczas uruchamiania. Error: (02/24/2018 08:12:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi aswbIDSAgent z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/24/2018 08:12:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą aswbIDSAgent. Error: (02/20/2018 05:15:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Live ID Sign-in Assistant z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/20/2018 05:15:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Windows Live ID Sign-in Assistant. Error: (02/12/2018 07:43:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Norton Security with Backup z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/12/2018 07:43:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Norton Security with Backup. Error: (02/05/2018 08:05:24 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 15:29:54 na ‎2018-‎02-‎05 było nieoczekiwane. CodeIntegrity: =================================== Date: 2016-07-17 21:24:07.242 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-17 21:24:07.086 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-16 10:54:27.663 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-16 10:54:27.554 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-15 22:40:00.286 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz Procent pamięci w użyciu: 84% Całkowita pamięć fizyczna: 4023.11 MB Dostępna pamięć fizyczna: 642.56 MB Całkowita pamięć wirtualna: 8044.39 MB Dostępna pamięć wirtualna: 4236.66 MB ==================== Dyski ================================ Drive a: () (Network) (Total:595.83 GB) (Free:434.16 GB) NTFS Drive c: () (Fixed) (Total:595.83 GB) (Free:434.16 GB) NTFS Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 17836D08) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=595.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================