Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-02-2016 Uruchomiony przez Laptop (2016-02-17 00:00:33) Uruchomiony z C:\Users\Laptop\Desktop\Wirusowe_gówna Windows 10 Home (X64) (2015-12-16 03:26:11) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1731102059-3556997550-2256463071-500 - Administrator - Disabled) Gość (S-1-5-21-1731102059-3556997550-2256463071-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1731102059-3556997550-2256463071-1002 - Limited - Enabled) Konto domyślne (S-1-5-21-1731102059-3556997550-2256463071-503 - Limited - Disabled) Laptop (S-1-5-21-1731102059-3556997550-2256463071-1000 - Administrator - Enabled) => C:\Users\Laptop ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) Adobe Reader 9.5.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft) AutoHotkey 1.1.21.02 (HKLM\...\AutoHotkey) (Version: 1.1.21.02 - Lexikos) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation) Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.120 - Broadcom Corporation) Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd) Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®) Dragon Nest Europe (HKLM-x32\...\Steam App 258700) (Version: - Eyedentity Games) Dropbox (HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Fraps (HKLM-x32\...\Fraps) (Version: - ) Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.) God Mode (HKLM-x32\...\Steam App 227480) (Version: - Old School Games) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Gothic II (HKLM-x32\...\{2965C062-FBC0-4505-9EB8-4497252BB41F}) (Version: 1.00.000 - JoWood) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of Might and Magic V - Dzikie Hordy (HKLM-x32\...\{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1) (Version: - Ubisoft) Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}) (Version: - ) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation) K-Lite Codec Pack 11.3.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) MK LOL (HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\MK LOL) (Version: - ) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.002.08.00.45 - Huawei Technologies Co.,Ltd) Nostale(PL) (HKLM-x32\...\NosTale(PL)_is1) (Version: - Gameforge 4D GmbH) NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation) Opera Stable 31.0.1889.230 (HKLM-x32\...\Opera 31.0.1889.230) (Version: 31.0.1889.230 - Opera Software) osu! (HKLM-x32\...\{f79fa874-c8d4-4555-ba25-7ba8c50b3190}) (Version: latest - ppy Pty Ltd) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros) Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7388 - Realtek Semiconductor Corp.) Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.) Slide (HKLM-x32\...\{50552D1D-A3E6-4453-AFB2-2E06AC2CE2F6}) (Version: 1.00.0000 - LKuich) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) System Requirements Lab Detection (HKLM-x32\...\{AA81D21B-5723-406E-89E9-900B9A30D2FE}) (Version: 6.1.6.0 - Husdawg, LLC) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.) TuxGuitar 1.2 (HKLM-x32\...\TuxGuitar_0) (Version: - ) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) VirtualTablet Server (HKLM-x32\...\{df5cb088-2c09-4e59-afb0-437fad91c84e}) (Version: 2.0.0.0 - SunnysideSoft) VirtualTablet Server (x32 Version: 2.0.0 - SunnysideSoft) Hidden Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment) Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinRAR 5.21 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Laptop\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {001EEE96-F5BE-44EF-ADC2-6B0D9DAE6A18} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-12] (Microsoft Corporation) Task: {044C685F-6EE2-4C05-887B-8503D2214936} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {05281368-4B2D-4E67-8342-5C3B313A0ED3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {1027C09A-22F1-426A-9CF0-5E285D75F083} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {19144C6E-F937-4C98-8C05-684E5C118C2A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {1F4DA1A4-F22F-48EC-96C6-8988B50B5B77} - System32\Tasks\{6B250226-EABE-423A-B553-4ADEB88B93D5} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe" Task: {2990FEBC-89A6-4848-BA04-FB44844AA8CA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {29C53618-C170-4056-8C71-CA30DB716556} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {3425C917-799B-4395-8F67-E7DA95B7F138} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {34C33E55-66A2-4DFA-BDDC-6470C41CA5FE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {416E1CA7-1AA7-40FE-B148-02D938473D1C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-03] () Task: {4EBBFFBF-8D9A-4922-9012-E9644486D22F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {5610C9A0-4124-4CA9-8477-C0FF863FB605} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {57318E7C-5870-466D-995F-D5CC5C1B55F4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {5FC9B581-C4DC-4651-A8BA-A490613A5575} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {674016F9-0D3D-4994-9E4B-E0BB32DEFF8E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {75D1317C-11FB-44EB-B0C3-891356A4962C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-13] (Adobe Systems Incorporated) Task: {7C23D056-3271-4DFE-B2BE-3125307E33EA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {A4A6B07C-67B9-430D-8E10-606F6B252B5A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {A61212AE-F9FF-438C-BE70-B0C63FB75588} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {AA442E2E-4360-4A35-A809-6EA401665427} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {AC27D541-6914-45F6-B1F7-07427CA75262} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {B254FBF5-8AFF-4AE9-B903-2F9EF66C3412} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {C0B41477-FDDC-40CA-B1FC-1749CD3340B4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1731102059-3556997550-2256463071-1000Core => C:\Users\Laptop\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.) Task: {CD753530-E580-486D-B4D8-6821164D8A0A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {D2E5C6A7-D2EE-4863-A400-A8253BF51F1C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1731102059-3556997550-2256463071-1000UA => C:\Users\Laptop\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.) Task: {D55837C8-6FA4-4321-9E4F-2EFCCFD995F3} - System32\Tasks\Opera scheduled Autoupdate 1441827031 => C:\Program Files (x86)\Opera\launcher.exe Task: {D69676A2-FE37-42F9-8439-344328B9C2DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {DAE58985-B39B-4E80-802A-F0B4FB68E4BF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {E8D6B186-1441-4FA7-9B54-2134E0BB8A8C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {E8E07C1B-9972-4551-93BC-3FB62E111AA6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F69831CA-C7EF-42CF-B613-BF9D7764AA51} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {FE8D10EB-8248-4D5F-BEB4-C841655B4C09} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1731102059-3556997550-2256463071-1000Core.job => C:\Users\Laptop\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1731102059-3556997550-2256463071-1000UA.job => C:\Users\Laptop\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{9E85D258-AD8B-406D-8A15-44CAFAFE97B5}.job => C:\WINDOWS\system32\msfeedssync.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2016-02-16 22:14 - 2015-07-27 19:33 - 00655712 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe 2015-12-16 03:54 - 2015-12-16 03:54 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-16 03:54 - 2015-12-16 03:54 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-23 11:57 - 2016-01-23 11:58 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-17 19:42 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-17 19:42 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-17 19:42 - 2015-12-07 05:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2016-01-23 11:43 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-23 11:43 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-27 21:20 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-27 21:20 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-02-05 21:01 - 2016-02-05 21:01 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-02-05 21:01 - 2016-02-05 21:01 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-20 16:09 - 2015-11-20 16:11 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-02-12 14:25 - 2016-02-12 14:26 - 09789952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2015-03-17 15:55 - 2015-03-17 15:55 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-03-15 00:18 - 2015-03-15 00:18 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll 2015-03-15 00:18 - 2015-03-15 00:18 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll 2015-03-15 00:18 - 2015-03-15 00:18 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll 2015-03-15 00:18 - 2015-03-15 00:18 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll 2015-03-15 00:18 - 2015-03-15 00:18 - 00835072 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll 2015-03-15 00:18 - 2015-03-15 00:18 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll 2015-03-15 08:03 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2016-01-23 11:57 - 2016-01-23 11:58 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-23 11:57 - 2016-01-23 11:58 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-03-15 13:52 - 2000-01-01 01:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll 2016-02-11 16:17 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-11 16:17 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll 2016-02-11 16:17 - 2016-02-09 12:58 - 16810824 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\100sexlinks.com -> 100sexlinks.com Wykryto więcej niż wyliczono: 4788 witryn. ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-02-16 22:12 - 2016-02-16 22:12 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\Control Panel\Desktop\\Wallpaper -> c:\users\laptop\desktop\wiciu\zdjątka\memy itp\sg anime.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\StartupApproved\Run: => "BingSvc" HKU\S-1-5-21-1731102059-3556997550-2256463071-1000\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{7DE253B2-C253-48A3-B3C4-B5F330364D54}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{038F5F4E-548E-4543-B1B7-44164CDBE6F6}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{43BE1008-1C5B-42F0-8DAA-88D0AE0EB2C3}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{D955B544-231C-4458-A954-50D445480624}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{A14E3A5C-C5B7-45AF-B054-637CAE71D2BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{77090EC2-837F-46D4-B1D2-4CAD2C765B1E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{BC48AA57-11BA-4BFA-B123-B2010986C37A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{86B0A216-A562-406B-B1A9-EFDE0B53B93D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{E31EC60D-C862-4305-A8D3-494335DDF268}C:\program files (x86)\virtualtablet server\virtualtabletserver.exe] => (Allow) C:\program files (x86)\virtualtablet server\virtualtabletserver.exe FirewallRules: [UDP Query User{665C7496-8FFD-4F9D-B25E-FE0AC3EE164D}C:\program files (x86)\virtualtablet server\virtualtabletserver.exe] => (Allow) C:\program files (x86)\virtualtablet server\virtualtabletserver.exe FirewallRules: [{FA37CCA3-BAEA-4BED-8E70-54F137075BFE}] => (Allow) D:\Nowy folder\Steam\Steam.exe FirewallRules: [{EE90F4BB-A116-4BE6-B4DE-469DC1BB9DD9}] => (Allow) D:\Nowy folder\Steam\Steam.exe FirewallRules: [{D862B53D-B402-4847-B3DA-E8B1A0485190}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{6386BEDD-BBDE-4F7A-A108-7862F4EC37A3}] => (Allow) D:\Nowy folder\Steam\bin\steamwebhelper.exe FirewallRules: [{D7E44647-608C-4E19-8C82-AC321D18F4C9}] => (Allow) D:\Nowy folder\Steam\bin\steamwebhelper.exe FirewallRules: [{546ED87B-5A87-472F-9987-89291059FA99}] => (Allow) C:\Users\Laptop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3209DE70-DAA6-413B-B222-12FE829B26D0}] => (Allow) C:\Users\Laptop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3E374997-1883-4BDA-BE0E-24CE0A4B71E0}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{1AE514B5-50A0-47B8-BCA3-7C50BA33E0FA}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{D7652298-121C-4D1F-B65E-0D8E73246E6C}] => (Allow) D:\Nowy folder\Steam\steamapps\common\GodMode\bin\GodMode.exe FirewallRules: [{D1A4B489-FEC1-4BDA-B942-8474C98FF437}] => (Allow) D:\Nowy folder\Steam\steamapps\common\GodMode\bin\GodMode.exe FirewallRules: [{18A835F2-A6D5-4A19-886D-AC247870F45B}] => (Allow) C:\Users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{930FA5A1-C81B-44C8-B550-CD96C5E3D3A0}] => (Allow) C:\Users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{2DD94D0D-3997-43CC-91FB-D82F06C82F34}C:\users\laptop\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\laptop\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{F4F76927-3A3C-4325-AC77-886BD57263AF}C:\users\laptop\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\laptop\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{6A035915-5A4D-4349-AFE0-DDCF8D65F361}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{A078E2CA-E72E-48A8-A9BB-BB6D678F34DC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{7D635919-2B3E-4F60-8952-59CDB622DDC6}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{42B3E78D-4C96-4A81-B1F8-257AD9091485}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{43441295-B919-4B73-93DA-6CFD020CC1D8}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe FirewallRules: [{521B1984-93ED-4C49-95FD-7196998A4A6A}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe FirewallRules: [{21F1BE9B-AA95-466C-B96B-E46191ABE1B1}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{9136600D-9A3B-44D3-9DD8-241FB5175455}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{073A00DA-5550-45FD-8240-6B595C38ADCE}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{8FAEBA8B-DCDD-4F6A-A5E8-CEF526914182}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{B1EC7753-3AB6-4D94-AB95-A7BE230E965D}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{8BE0A225-B035-4B24-BE4A-A5890BB266F8}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{9017AEAD-F80E-410B-A0A0-5770FEA08B04}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{6B7E5D86-29B6-4DFD-BD35-5CD30BAD6377}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{5499B6C0-6A5F-475F-85B8-6ACF120FE2CD}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{0ACBB5B7-0252-4BEF-AE7E-6BBA684E47DB}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{28DE176F-10B3-47A6-86BC-E5B6117C53CF}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{CB7BDE5C-E09B-4E14-A5BA-C08819D6F9C3}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [TCP Query User{0C17867B-8169-477A-A2CF-F2899B137076}C:\program files (x86)\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe FirewallRules: [UDP Query User{B5F6181F-B809-428F-B546-DF912EA0A8B5}C:\program files (x86)\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe FirewallRules: [{9D4E440F-77F3-4669-806D-9BE6BFF6F6D2}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Dragon Nest Europe\DragonNest\DragonNest.exe FirewallRules: [{B045EEA4-2013-430A-96EA-513C650A5AFC}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Dragon Nest Europe\DragonNest\DragonNest.exe FirewallRules: [{FBB6C05A-5E73-407A-AEC5-8AFC8080ED68}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe FirewallRules: [{F26B2712-1502-4DFA-AE31-D200C7D8A900}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe FirewallRules: [{668C99B1-8148-4D74-A4B6-95A5EB3B989D}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [TCP Query User{7FA943A0-3E6B-4F88-BB67-012CB9D38CA3}D:\gry\portal 2\portal2.exe] => (Allow) D:\gry\portal 2\portal2.exe FirewallRules: [UDP Query User{785B82D7-F604-4B65-8CE2-3D4805218EDF}D:\gry\portal 2\portal2.exe] => (Allow) D:\gry\portal 2\portal2.exe FirewallRules: [{6547AC06-D4B2-4730-AD08-E2E90EE7278F}] => (Allow) D:\GRY\StarCraft II\StarCraft II.exe FirewallRules: [{37807A5A-ED2D-449B-8243-B1ABFB2F9C13}] => (Allow) D:\GRY\StarCraft II\StarCraft II.exe FirewallRules: [TCP Query User{37D7BBA0-4475-4CA8-9C39-27A96E7BAC53}D:\gry\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Block) D:\gry\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe FirewallRules: [UDP Query User{2453F2A9-8875-413B-8CCF-8601BB214836}D:\gry\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Block) D:\gry\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe FirewallRules: [{6C2A22CD-6E06-4A13-9F11-A48BA9AE24E2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{832AEE5B-ECCB-4D5F-BB31-5386F1A9E323}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe FirewallRules: [{D0DB6028-30A7-4188-867A-BBD344FAB731}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe FirewallRules: [{947116F1-864A-4D5B-A1C6-B520DDF15E8A}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe FirewallRules: [{E5CA3580-2DDA-4DED-B044-9808811C465D}] => (Allow) C:\Program Files (x86)\SprgFiles\SprgFiles.exe FirewallRules: [{365F8FB2-9315-4D1D-9891-C86108D8FB4B}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe FirewallRules: [{BEF5A77F-F478-4112-B704-5B7E89204EAC}] => (Allow) C:\Program Files (x86)\SprgFiles\downloader.exe FirewallRules: [{9D39D2B4-66C2-4632-9747-E847CF8F63B2}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{040E137B-4A16-4FA3-BBF7-033FB6FC3016}] => (Allow) D:\Nowy folder\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe ==================== Punkty Przywracania systemu ========================= 12-02-2016 12:57:35 Windows Update 13-02-2016 13:01:41 Removed BlueStacks App Player 13-02-2016 13:41:08 Chrome Cleanup Tool 13-02-2016 22:09:12 JRT Pre-Junkware Removal 14-02-2016 23:43:28 Zainstalowano: Microsoft Visual C++ 2005 Redistributable 16-02-2016 01:13:04 Zainstalowane Arc ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/16/2016 10:12:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program 5ifzjhqx.exe w wersji 2.1.19357.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1d84 Godzina rozpoczęcia: 01d168fea710c241 Godzina zakończenia: 4 Ścieżka aplikacji: C:\Users\Laptop\Desktop\Wirusowe_gówna\5ifzjhqx.exe Identyfikator raportu: ea47b2ad-d4f1-11e5-8dc0-2089846cec0f Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/16/2016 01:13:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (02/15/2016 11:47:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program 5ifzjhqx.exe w wersji 2.1.19357.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 3dc Godzina rozpoczęcia: 01d16842cce453de Godzina zakończenia: 8 Ścieżka aplikacji: C:\Users\Laptop\Desktop\Wirusowe_gówna\5ifzjhqx.exe Identyfikator raportu: 1358f817-d436-11e5-8dbe-2089846cec0f Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/15/2016 06:55:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BlackCipher.aes, wersja: 2.12.9.0, sygnatura czasowa: 0x569dc8c0 Nazwa modułu powodującego błąd: BlackCipher.aes, wersja: 2.12.9.0, sygnatura czasowa: 0x569dc8c0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0015ba75 Identyfikator procesu powodującego błąd: 0x1b3c Godzina uruchomienia aplikacji powodującej błąd: 0xBlackCipher.aes0 Ścieżka aplikacji powodującej błąd: BlackCipher.aes1 Ścieżka modułu powodującego błąd: BlackCipher.aes2 Identyfikator raportu: BlackCipher.aes3 Pełna nazwa pakietu powodującego błąd: BlackCipher.aes4 Identyfikator aplikacji względem pakietu powodującego błąd: BlackCipher.aes5 Error: (02/15/2016 06:46:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program 5ifzjhqx.exe w wersji 2.1.19357.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 2ec Godzina rozpoczęcia: 01d16818b8b7c2b5 Godzina zakończenia: 15 Ścieżka aplikacji: C:\Users\Laptop\Desktop\5ifzjhqx.exe Identyfikator raportu: fc388350-d40b-11e5-8dbe-2089846cec0f Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/15/2016 03:42:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SpyHunter4.exe w wersji 4.21.10.4585 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: ee0 Godzina rozpoczęcia: 01d167fe8eda6aed Godzina zakończenia: 1169 Ścieżka aplikacji: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe Identyfikator raportu: 4e882377-d3f2-11e5-8dbd-2089846cec0f Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/15/2016 03:30:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ACER) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (02/15/2016 02:58:44 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (02/14/2016 11:43:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (02/13/2016 11:58:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ACER) Description: Aktywacja aplikacji Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (02/16/2016 10:18:21 PM) (Source: DCOM) (EventID: 10016) (User: ACER) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AcerLaptopS-1-5-21-1731102059-3556997550-2256463071-1000LocalHost (użycie LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (02/16/2016 10:18:17 PM) (Source: DCOM) (EventID: 10016) (User: ACER) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AcerLaptopS-1-5-21-1731102059-3556997550-2256463071-1000LocalHost (użycie LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (02/16/2016 10:14:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Mobile Partner. RunOuc z powodu następującego błędu: %%1053 Error: (02/16/2016 10:14:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Mobile Partner. RunOuc. Error: (02/16/2016 10:14:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi wltrysvc z powodu następującego błędu: %%1053 Error: (02/16/2016 10:14:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą wltrysvc. Error: (02/16/2016 10:14:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa NetTcpActivator zależy od usługi NetTcpPortSharing, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (02/16/2016 10:14:02 PM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Ten komputer jest skonfigurowany jako członek grupy roboczej, a nie domeny. W tej konfiguracji usługa Netlogon nie musi być uruchamiana. Error: (02/16/2016 10:13:17 PM) (Source: DCOM) (EventID: 10010) (User: ACER) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (02/16/2016 10:13:15 PM) (Source: DCOM) (EventID: 10010) (User: ACER) Description: {9AA46009-3CE0-458A-A354-715610A075E6} CodeIntegrity: =================================== Date: 2016-02-16 13:09:43.846 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 14:42:04.415 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-13 20:32:42.157 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements. Date: 2016-02-13 20:32:40.849 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-13 20:32:40.785 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-13 20:31:13.122 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-13 20:31:13.084 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-13 20:30:39.066 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-13 20:30:38.920 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-13 20:26:56.653 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz Procent pamięci w użyciu: 61% Całkowita pamięć fizyczna: 3912.36 MB Dostępna pamięć fizyczna: 1515.61 MB Całkowita pamięć wirtualna: 7880.36 MB Dostępna pamięć wirtualna: 5063.92 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:211.32 GB) (Free:131.66 GB) NTFS Drive d: () (Fixed) (Total:253.91 GB) (Free:195.57 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D1479B34) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=211.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=253.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================