CloseProcesses: CreateRestorePoint: EmptyTemp: File: C:\Users\spejson023\zeebei.exe (Pokki -> Pokki) C:\Users\spejson023\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki -> Pokki) C:\Users\spejson023\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki -> Pokki) C:\Users\spejson023\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (Pokki -> Pokki) C:\Users\spejson023\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe******************************************************************** [53504 2014-06-27] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-4291272340-2643005322-3467024192-1002\...\Run: [zeebei] => C:\Users\spejson023\zeebei.exe [61440 2019-04-09] () [Brak podpisu cyfrowego] HKU\S-1-5-21-4291272340-2643005322-3467024192-1002\...\RunOnce: [Application Restart #0] => C:\Users\spejson023\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2019-04-09] (Pokki -> Pokki) HKU\S-1-5-21-4291272340-2643005322-3467024192-1002\...\MountPoints2: {1e9a398c-4678-11e9-8261-f0761c2c864a} - "E:\autorun.exe" HKU\S-1-5-21-4291272340-2643005322-3467024192-1002\...\MountPoints2: {1e9a3d05-4678-11e9-8261-f0761c2c864a} - "E:\autorun.exe" Task: {A673C7F6-821D-434F-9895-EA2660452E24} - System32\Tasks\SweetLabs App Platform => C:\Users\spejson023\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [7561424 2019-04-09] (Pokki -> Pokki) Task: {CC3976E8-4061-4BC1-A718-4D1A3DB92BBD} - System32\Tasks\Opera scheduled Autoupdate 1552314485 => C:\Users\spejson023\AppData\Local\Programs\Opera\launcher.exe [1493592 2019-06-14] (Opera Software AS -> Opera Software) Tcpip\..\Interfaces\{01E441DB-7B0B-429F-8CE3-90149E4ED12C}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{7D3A3724-B0C6-417B-AE9E-7EEE43EA9AD3}: [DhcpNameServer] 192.168.10.20 HKU\S-1-5-21-4291272340-2643005322-3467024192-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-4291272340-2643005322-3467024192-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4291272340-2643005322-3467024192-1002 -> DefaultScope {190F4328-8D6B-41D2-8484-E1CF966F3E60} URL = SearchScopes: HKU\S-1-5-21-4291272340-2643005322-3467024192-1002 -> {190F4328-8D6B-41D2-8484-E1CF966F3E60} URL = Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Brak pliku Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Brak pliku CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx S5 EasyAntiCheatSys; <==== UWAGA: Zablokowana usługa 2019-06-23 13:53 - 2019-06-30 13:22 - 000000295 _____ C:\Users\spejson023\d4ac4633ebd6440fa397b84f1bc94a3c.7z 2019-07-07 11:30 - 2019-03-10 22:37 - 000000000 ____D C:\Users\spejson023\AppData\Local\SweetLabs App Platform 2019-06-18 13:59 - 2019-03-11 16:28 - 000004130 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1552314485 2019-04-09 17:54 - 2019-04-09 17:54 - 000061440 __RSH () C:\Users\spejson023\zeebei.exe ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480] AlternateDataStreams: C:\Users\spejson023\ntuser.ini:NTV [12518] FirewallRules: [{80386162-F41D-4031-83F2-073C9E49FD26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe Brak pliku FirewallRules: [{1624C36E-444C-42D3-832D-31A4D3F3FB78}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe Brak pliku FirewallRules: [{F7308C37-561A-4348-9F3A-2A2F500F793D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe Brak pliku FirewallRules: [{338DBB7E-5337-4D4A-B7C2-DC5DBD7CACC2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe Brak pliku FirewallRules: [{5D9B60E7-652E-46AC-91F5-4602585DAE0C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe Brak pliku FirewallRules: [{5C3CCBFE-930E-4B77-A0D9-A72E8B7CCF4D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe Brak pliku FirewallRules: [TCP Query User{68F901DB-0C1A-433C-A629-106E814FA4B4}C:\program files (x86)\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files (x86)\flashget network\flashget 3\flashget3.exe Brak pliku FirewallRules: [UDP Query User{FB6F8D8D-09E6-4AB9-92B7-CE8D31FE21ED}C:\program files (x86)\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files (x86)\flashget network\flashget 3\flashget3.exe Brak pliku FirewallRules: [TCP Query User{722DC712-8E93-4BBF-A3D6-26B6BBB12A92}C:\users\spejson023\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\spejson023\appdata\local\warthunder\win64\aces.exe Brak pliku FirewallRules: [UDP Query User{CD9D9E0E-FEB5-4B11-9465-D8641488A047}C:\users\spejson023\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\spejson023\appdata\local\warthunder\win64\aces.exe Brak pliku FirewallRules: [TCP Query User{E8A5A551-7EA5-456B-B23C-2B89C0BF3DB2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe Brak pliku FirewallRules: [UDP Query User{0CD3C5FB-880C-4D34-AF46-7D0082177FD8}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe Brak pliku FirewallRules: [TCP Query User{DA10AE49-E1FC-4410-9C60-C6DA24440FCF}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe Brak pliku FirewallRules: [UDP Query User{3705B126-9271-4C1C-9C7C-D2EA4D98D012}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe Brak pliku StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3