Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 18-07-2017 Uruchomiony przez Yoogi (20-07-2017 12:08:26) Uruchomiony z C:\Users\Yoogi\Desktop\Nowy folder Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2017-02-13 17:04:02) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3403083442-3079574581-3742481433-500 - Administrator - Disabled) => C:\Users\Administrator Gość (S-1-5-21-3403083442-3079574581-3742481433-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3403083442-3079574581-3742481433-1002 - Limited - Enabled) Yoogi (S-1-5-21-3403083442-3079574581-3742481433-1000 - Administrator - Enabled) => C:\Users\Yoogi ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-3403083442-3079574581-3742481433-1000\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.) Adobe Flash Player 26 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Advanced RAR Repair v1.2 (HKLM\...\Advanced RAR Repair v1.2) (Version: - ) Aktualizacje NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) AVG (HKLM\...\{AAA44C6A-BB6F-46CA-918F-C88F02C8E301}) (Version: 1.201.2 - AVG Technologies) Hidden AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.5.3022 - AVG Technologies) ClassicMT2 (HKLM\...\ClassicMT2) (Version: - ) Counter-Strike 1.6 v43 (HKLM\...\{1BD2212B-8287-4F33-A6DC-903D423AB814}_is1) (Version: v43 - CSSetti.pl) Curse (HKLM\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Debestia (HKLM\...\{24604664-348D-4DA3-AA13-14B3B085B92E}_is1) (Version: 1.0.0 - Debestia) FMW 1 (HKLM\...\{E72F3EB1-4C5D-4AB5-9ACD-CCDF32D68F54}) (Version: 1.214.2 - AVG Technologies) Hidden GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team) Google Chrome (HKLM\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Gothic (HKLM\...\{758A4269-70E5-4B11-B419-F692882408A9}) (Version: 1.08 - Piranha Bytes) Gothic II - Noc Kruka (HKLM\...\{6FB6D550-DDC4-4996-9CDF-91C34F0A4C4A}) (Version: 2.60.000 - ) GOTHIC2 - Noc Kruka - 'Pakiet systemowy' (HKLM\...\GOTHIC2 - Noc Kruka - 'Pakiet systemowy') (Version: 1.6 - World of Gothic RU © 2016) gpedt.msc 1.0 (HKLM\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard) Hextech Repair Tool (HKLM\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.14 - Riot Games, Inc.) Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) League of Legends (HKLM\...\{2F5D7825-7460-43B1-B467-7F9737557108}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) Malwarebytes (wersja 3.1.2.1733) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Medal of Honor: Pacific Assault™ (HKLM\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.281 - Electronic Arts) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2017 x86 Additional Runtime - 14.11.25325 (HKLM\...\{568CD07E-0824-3EEB-AEC1-8FD51F3C85CF}) (Version: 14.11.25325 - Microsoft Corporation) Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.11.25325 (HKLM\...\{029DA848-1A80-34D3-BFC1-A6447BFC8E7F}) (Version: 14.11.25325 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{DCFD26A8-60A5-4C69-A52D-264D0386FDB3}) (Version: 1.20.146.0 - Microsoft) Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation) NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA Sterownik graficzny 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Origin (HKLM\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.) Outlast (HKLM\...\Outlast_is1) (Version: - ) Panel sterowania NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden Port Forward Network Utilities (HKLM\...\{4C109C49-5A19-458B-8DF6-A2C469A92679}) (Version: 3.0.30 - Portforward, LLC) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.) Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.6.6 - Reimage) <==== UWAGA S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005] (HKLM\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0005 - THQ) ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions) Secure Driver Updater (HKLM\...\Secure Driver Updater_is1) (Version: 2.7.1086.17247 - Secure Driver Updater) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden Skype™ 7.37 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.) SlimDrivers (HKLM\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.) Spotify (HKU\S-1-5-21-3403083442-3079574581-3742481433-1000\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-3403083442-3079574581-3742481433-1000\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH) Two Worlds (HKLM\...\Two Worlds) (Version: 1.7.0 - ) Velaya - Historia wojowniczki (HKLM\...\Velaya - Historia wojowniczki) (Version: 1.1 - Piranha Bytes) WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3403083442-3079574581-3742481433-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Yoogi\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers01: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-03-08] () ContextMenuHandlers01: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-07-19] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers01: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers03: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers06: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-07-19] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers06: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {04331410-577D-4BA5-9C49-0657A80159BF} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2017-07-03] (Reimage ltd.) <==== UWAGA Task: {0CF33E4C-CE3D-490B-8F40-1C07A4F22384} - System32\Tasks\SMW_UpdateTask_Time_3634333038373637342d3437415a556c2a3223346c41 => wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== UWAGA Task: {21C4B02D-96FA-4FBF-A166-94B0BFE13E7A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-11] (Adobe Systems Incorporated) Task: {30A0A113-C606-4124-8DBD-B23D0C6B7C8D} - System32\Tasks\Bear PC Spy => C:\Windows\system32\rundll32.exe "C:\Program Files\Bear PC Spy\Bear PC Spy.dll",eMzJHusNnHst <==== UWAGA Task: {3515ECB3-E3F3-4D9C-992A-C32A392958A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-02-13] (Google Inc.) Task: {3613CC60-4C86-40A8-8754-A59E45FB4842} - System32\Tasks\{0D17533B-66AB-4339-8EBD-167A664B9595} => C:\Windows\system32\pcalua.exe -a "D:\Users\Yoogi\AppData\Local\TeamSpeak 3 Client\package_inst.exe" -d C:\Users\Yoogi\Downloads -c "C:\Users\Yoogi\Downloads\ClownfishVoiceChanger-v1.65.ts3_plugin" Task: {3F8D2D26-02EC-4F46-BD83-00D474D148F1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation) Task: {4780DC63-44BA-4468-9180-7AB6A6137E2E} - System32\Tasks\SecureDriverUpdaterRunAtStartup => C:\Program Files\Secure Driver Updater\SDU.exe [2017-07-13] (Secure Driver Updater.) Task: {49EE5B7C-8E10-403A-B0B4-F2CB7907F64B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation) Task: {4E43B82E-DF1C-458C-A1E1-08305FCF0575} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-07-19] (AVG Technologies CZ, s.r.o.) Task: {4FFF2BAB-557A-441B-8C7A-238DDD3106E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated) Task: {53086158-DCEE-4FE3-ABB8-48FB2B69CB10} - System32\Tasks\{F9C678C8-7689-4688-9F74-50E18858413E} => D:\Games\World_of_Tanks\WorldOfTanks.exe Task: {55C0A847-8F46-4EB0-83DA-ED1998978228} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2015-08-19] (SlimWare Utilities, Inc.) Task: {5666E3B4-D0FB-4ABB-9E83-34F4D0C3B58F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation) Task: {5DF63A43-8133-4A7F-B90A-39B25090FE70} - System32\Tasks\SecureDriverUpdater_UPDATES => C:\Program Files\Secure Driver Updater\SDU.exe [2017-07-13] (Secure Driver Updater.) Task: {63ED7F2A-E062-4D22-A165-5F8ACA10C0AD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation) Task: {78BB8CA4-0EDA-4832-95AA-AE63C134A51C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-06-21] (NVIDIA Corporation) Task: {7B3EBF07-3F44-42AE-B21C-D60B3748BADB} - System32\Tasks\RunAtStartup => C:\Users\Yoogi\AppData\Roaming\Event Monitor\em.exe [2017-05-29] () <==== UWAGA Task: {7B7CE3A6-A06A-40A7-9995-1DF382FF9E4B} - System32\Tasks\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B => rundll32 "C:\Program Files\YiuAskU\Iw3d7Ud.dll",#1 <==== UWAGA Task: {7BA3520C-045A-4235-8915-EDA6E4EE35D3} - System32\Tasks\B3A986DC-C2DD-40A0-8C0C-FEF66B7835112 => rundll32 "C:\Program Files\MafarchU\SlTMNry.dll",#1 <==== UWAGA Task: {7E52B5BB-5E27-4152-B56E-FE8379E4CB5E} - System32\Tasks\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B2 => rundll32 "C:\Program Files\YiuAskU\Iw3d7Ud.dll",#1 <==== UWAGA Task: {8A86A917-581A-4553-9C1E-26757591392B} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== UWAGA Task: {8A89211B-BCF1-454D-AEDF-33EEDB01140D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation) Task: {942D70F3-8723-40B3-BC75-732896FA39F8} - System32\Tasks\U2_B3A986DC-C2DD-40A0-8C0C-FEF66B783511 => rundll32 "C:\Program Files\MafarchU2\tRwbN87.dll",#1 Task: {B4829199-E71F-4CBC-AE94-CF5194F07D13} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe Task: {B9494153-118A-46E3-B668-0D1F10700658} - System32\Tasks\U2_2C6A44CB-AD42-4731-A544-3FBD3D83AB5B => rundll32 "C:\Program Files\YiuAskU2\81q7Xn9.dll",#1 Task: {BE9625D2-D881-4741-B568-C7587AEEE770} - System32\Tasks\{BC1C1B80-0AFB-4DDD-AD67-538FA40C2358} => C:\Windows\system32\pcalua.exe -a C:\Users\Yoogi\Desktop\vcredist_x86.exe -d C:\Users\Yoogi\Desktop Task: {CE7839A1-B552-4126-992B-667228D498EB} - System32\Tasks\B3A986DC-C2DD-40A0-8C0C-FEF66B783511 => rundll32 "C:\Program Files\MafarchU\SlTMNry.dll",#1 <==== UWAGA Task: {D71B29E6-FE7C-4286-BF13-1F21F7D5690D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-06-21] (NVIDIA Corporation) Task: {DA46E89E-5F6F-44E5-821E-1262AB7B85BC} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe <==== UWAGA Task: {E38EACFE-4A6D-457B-AA68-ADA7EB3C6CA0} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {F0A246A6-8939-4CED-AF86-3FC665B9B826} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-02-13] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\2C6A44CB-AD42-4731-A544-3FBD3D83AB5B.job => C:\Program Files\YiuAskU\Iw3d7Ud.dll <==== UWAGA Task: C:\Windows\Tasks\B3A986DC-C2DD-40A0-8C0C-FEF66B783511.job => C:\Program Files\MafarchU\SlTMNry.dll <==== UWAGA Task: C:\Windows\Tasks\SecureDriverUpdater_UPDATES.job => C:\Program Files\Secure Driver Updater\SDU.exe Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI_ActiveScriptEventConsumer_ASEC: <==== UWAGA ShortcutWithArgument: C:\Users\Yoogi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeadesktopbr.com/ ShortcutWithArgument: C:\Users\Yoogi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epf&s=h7jzbcnbl1bu,4248c706-03ca-4560-8c17-0c28a0fb0234, ShortcutWithArgument: C:\Users\Yoogi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Yoogi\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/ ShortcutWithArgument: C:\Users\Yoogi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeadesktopbr.com/ ShortcutWithArgument: C:\Users\Yoogi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Yoogi\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Yoogi\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Yoogi\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Yoogi\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/ ==================== Załadowane moduły (filtrowane) ============== 2017-07-19 23:37 - 2017-07-19 23:37 - 00171344 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll 2017-07-19 23:37 - 2017-07-19 23:37 - 00193784 _____ () C:\Program Files\AVG\Antivirus\event_routing_rpc.dll 2017-07-19 23:37 - 2017-07-19 23:37 - 00225376 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll 2017-07-19 23:41 - 2017-07-19 23:41 - 05882720 _____ () C:\Program Files\AVG\Antivirus\defs\17071908\algo.dll 2017-07-19 23:37 - 2017-07-19 23:37 - 00690392 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll 2017-07-19 23:37 - 2017-07-19 23:37 - 00232784 _____ () C:\Program Files\AVG\Antivirus\streamback.dll 2017-03-08 04:42 - 2017-03-08 04:42 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2017-07-19 23:32 - 2017-07-19 23:31 - 48920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll 2017-07-19 23:37 - 2017-07-19 23:37 - 01067056 _____ () C:\Program Files\AVG\Antivirus\AvChrome.dll 2017-07-19 23:37 - 2017-07-19 23:37 - 67109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll 2017-07-19 18:09 - 2017-05-29 18:50 - 03325888 _____ () C:\Users\Yoogi\AppData\Roaming\Event Monitor\em.exe 2017-07-19 23:37 - 2017-07-19 23:37 - 00136048 _____ () c:\Program Files\AVG\Antivirus\vaarclient.dll 2017-06-27 23:32 - 2017-06-23 04:21 - 02877272 _____ () C:\Program Files\Google\Chrome\Application\59.0.3071.115\libglesv2.dll 2017-06-27 23:32 - 2017-06-23 04:21 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\59.0.3071.115\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:04 - 2017-07-19 18:24 - 00000834 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3403083442-3079574581-3742481433-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Yoogi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 91.231.24.4 - 91.231.24.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: avgsvc => 2 MSCONFIG\Services: Disc Soft Lite Bus Service => 3 MSCONFIG\Services: Ds3Service => 2 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: GfExperienceService => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HiPatchService => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamNetworkSvc => 3 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: NvTelemetryContainer => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SMUpd => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: updater => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ScpToolkit Tray Notifications.lnk => C:\Windows\pss\ScpToolkit Tray Notifications.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Yoogi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup MSCONFIG\startupfolder: C:^Users^Yoogi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Twitch.lnk => C:\Windows\pss\Twitch.lnk.Startup MSCONFIG\startupreg: 9xwfzbr.exe => C:\Users\Yoogi\AppData\Roaming\b7020d26b76b40b3bcf027f9a3027af7\9xwfzbr.exe -r1_1 -r2_2 MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: i19Q6OJ.exe => C:\Users\Yoogi\AppData\Local\Temp\6c9a1a102f994302b9b14eb106350d43\i19Q6OJ.exe -r1_1 -r2_2 MSCONFIG\startupreg: msiql => C:\Users\Yoogi\AppData\Local\Temp\00007951\msiql.exe /RUNNING MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: p-uTiYL-Wn.exe => C:\Program Files\Scarlet.Crush Productions\LDY13LURAIRTY2RVJQCOK5ANOYUAKOL9QB\p-uTiYL-Wn.exe MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\Yoogi\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Yoogi\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: Steam => "D:\Program Files\Steam\steam.exe" -silent MSCONFIG\startupreg: SteamServerBrowser => C:\Program Files\SteamServerBrowser\SteamServerBrowser.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: WhdV2oCczld.exe => C:\ProgramData\351f5023a4d2407b9117d4422490b9ee\WhdV2oCczld.exe -r1_1 -r2_2 MSCONFIG\startupreg: World of Tanks => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe" MSCONFIG\startupreg: World of Tanks (1) => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe" MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun MSCONFIG\startupreg: YeaDesktop => C:\Program Files\YeaDesktop\YeaDesktop.exe /autostart ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{930D12E9-8D4B-42EA-90B8-9710D27B5FBC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{2B07F262-65F1-4DB6-8C28-137899D3E496}C:\users\yoogi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yoogi\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{94E8F42D-59EC-43A2-AE78-0A7F30622145}C:\users\yoogi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yoogi\appdata\roaming\spotify\spotify.exe FirewallRules: [{92444A89-6A97-4B6B-A73F-4BF52D00FDBD}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{4BDEB01F-F8D4-4849-A775-6770C5959185}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{39D119A8-2951-4D47-9586-069783FA9279}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{4C46677C-9B3A-4B2F-BD68-3A602310EAAC}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [TCP Query User{95D7706B-95A2-4DFD-87F0-B1734AD69B85}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{2BF83E0D-2108-4601-A3AA-B997D4D62176}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [{54448FA6-8D48-44A4-B530-93C89B45F426}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{0CCD26BA-27B9-4483-8E1D-C79D4AD936B1}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{889078D0-7D94-4593-AC43-4DE3288C79F6}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{26688330-EEFB-4C23-86C3-DD313B4FD974}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{6144286D-2EE8-4C1C-8AA4-4388D1B7F51D}] => (Allow) C:\Users\Yoogi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F3F18B78-DE22-49CB-81EA-933E86BC974F}] => (Allow) C:\Users\Yoogi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{81586556-5F83-4E46-B8AD-722701D3F560}] => (Allow) C:\Users\Yoogi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D4E0A818-146A-48A8-BB47-2D8DCAE4A1F6}] => (Allow) C:\Users\Yoogi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8DA13BE4-1D2A-4EE9-9E56-41022D827E8A}] => (Allow) C:\Users\Yoogi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2597B858-536A-4F17-9CD3-AFBBA344B769}] => (Allow) C:\Users\Yoogi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{02768A66-187A-4BC1-85DB-72D2CA449E26}C:\users\yoogi\desktop\7.days.to.die.alpha.12.steam.edition.x32\7daystodie.exe] => (Allow) C:\users\yoogi\desktop\7.days.to.die.alpha.12.steam.edition.x32\7daystodie.exe FirewallRules: [UDP Query User{EC82339A-A149-47A1-844B-FF8B60479552}C:\users\yoogi\desktop\7.days.to.die.alpha.12.steam.edition.x32\7daystodie.exe] => (Allow) C:\users\yoogi\desktop\7.days.to.die.alpha.12.steam.edition.x32\7daystodie.exe FirewallRules: [{D87D4FEE-E484-4CFC-883F-B32A0E04F186}] => (Allow) D:\Program Files\Steam\Steam.exe FirewallRules: [{EBAAC863-DE22-4C7C-84BF-B6DA2597B1A0}] => (Allow) D:\Program Files\Steam\Steam.exe FirewallRules: [{1634E6B0-8436-44E9-ABE0-D5BA4E318A34}] => (Allow) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{07D4C250-A479-4632-A84F-07DC45EEDA62}] => (Allow) D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{7D529DE7-9654-423A-BA90-33F5A4EE296C}C:\gry\counter-strike 1.6 v43\hl.exe] => (Allow) C:\gry\counter-strike 1.6 v43\hl.exe FirewallRules: [UDP Query User{CF018D99-8966-4401-8184-6882FADFB5E2}C:\gry\counter-strike 1.6 v43\hl.exe] => (Allow) C:\gry\counter-strike 1.6 v43\hl.exe FirewallRules: [{73BDA6C7-2650-4AB1-97B0-28F4BE7F70CF}] => (Allow) D:\Program Files\Reality Pump\Two Worlds\TwoWorlds.exe FirewallRules: [{47ECC74B-C986-480E-9FE1-F47CD37CDA20}] => (Allow) D:\Program Files\Reality Pump\Two Worlds\TwoWorlds.exe FirewallRules: [{05DA6BF3-0844-4B64-9500-400DDB5256FF}] => (Allow) D:\Program Files\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe FirewallRules: [{1A287586-5766-4BCC-BEC3-9AA644662F8F}] => (Allow) D:\Program Files\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe FirewallRules: [TCP Query User{CB4A067F-0CB9-4A8B-A7B4-4AF423F304C0}C:\users\yoogi\desktop\7.days.to.die.alpha.15.1.x86\7.days.to.die.alpha.15.1.x86\7daystodie.exe] => (Allow) C:\users\yoogi\desktop\7.days.to.die.alpha.15.1.x86\7.days.to.die.alpha.15.1.x86\7daystodie.exe FirewallRules: [UDP Query User{AF916A10-E3FD-477F-AA26-3E8ACF75D121}C:\users\yoogi\desktop\7.days.to.die.alpha.15.1.x86\7.days.to.die.alpha.15.1.x86\7daystodie.exe] => (Allow) C:\users\yoogi\desktop\7.days.to.die.alpha.15.1.x86\7.days.to.die.alpha.15.1.x86\7daystodie.exe FirewallRules: [TCP Query User{EDAF9325-CE38-45A5-9C34-4E4890E52DB2}D:\program files\red barrels\outlast\binaries\win32\olgame.exe] => (Allow) D:\program files\red barrels\outlast\binaries\win32\olgame.exe FirewallRules: [UDP Query User{F60F049B-FEC5-45AA-A3C7-E130CA6C56FB}D:\program files\red barrels\outlast\binaries\win32\olgame.exe] => (Allow) D:\program files\red barrels\outlast\binaries\win32\olgame.exe FirewallRules: [{45A413D3-A40D-43D7-8CE1-D85C80DBCEED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{31AEF1C6-8C3E-443E-B689-E04F2C9220A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{CF166CC4-F4C3-4E2E-94D3-56E295627C54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{6B9C4CC3-9A11-42EA-8EB5-75F2C1DC9ED0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{43ABC7DE-2DDA-4D68-A41A-8B9B7EA4BBF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{EA3C57DB-A9F7-4122-B00D-0936592640C5}] => (Allow) D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe FirewallRules: [{2A3215CF-3889-446C-8CF0-4CDC0C3A31C6}] => (Allow) D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe FirewallRules: [{B7AC3040-92EE-45D0-B37B-1236B9457634}] => (Allow) D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe FirewallRules: [{B28A9274-6CB6-4D7C-B450-3031183A11DD}] => (Allow) D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe FirewallRules: [{F5B30CEE-3391-43BF-8C1A-35C4A71F3A8A}] => (Allow) C:\Program Files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe FirewallRules: [{D90125C8-6ECD-46CD-9EA9-3991349ECBE8}] => (Allow) C:\Program Files\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe FirewallRules: [{35686585-A115-4793-800A-51AE141A04F3}] => (Allow) C:\Program Files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe FirewallRules: [{DE975AD9-CA5E-4373-9527-24148731FCDD}] => (Allow) C:\Program Files\Origin Games\Medal of Honor Pacific Assault\mohpa.exe FirewallRules: [{5EFEE4AF-3F8F-4155-8F61-6ABF50EFE815}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{5F2A74FF-E1E9-4932-8BA1-91BDD736C726}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{65E591BB-A112-43B3-ADC2-0CF520F088AF}] => (Allow) D:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{277EF63F-7D4E-4CBA-8795-BB03642B4B2A}] => (Allow) D:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{2320671C-DD62-45F6-B5C2-408905883765}] => (Allow) D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe FirewallRules: [{0E86AEBD-0810-4429-8F7A-CBE4B33F5831}] => (Allow) D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe FirewallRules: [{1028E615-665F-43FF-AD13-20828C7655BA}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{8C425E4A-5FD6-45D0-9D6A-0105DD1A8C5B}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{A4EC1FA9-278B-4B4F-9188-6D8471B7F551}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{8A99F849-9915-4E10-A742-93E271033304}] => (Allow) C:\Program Files\Secure Driver Updater\SDU.exe FirewallRules: [{114252BC-21FB-452A-9E61-7A2DE388AD9E}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{3484E794-F1D2-4164-9D5E-9EED02C4947A}] => (Allow) C:\Windows\System32\rundll32.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Ralink RT61 Turbo Wireless LAN Card Description: Ralink RT61 Turbo Wireless LAN Card Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology Corp. Service: rt61x86 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (07/20/2017 11:50:54 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: adwcleaner_7.0.0.0_www.INSTALKI.pl.exe, wersja: 7.0.0.0, sygnatura czasowa: 0x596d30ca Nazwa modułu powodującego błąd: adwcleaner_7.0.0.0_www.INSTALKI.pl.exe, wersja: 7.0.0.0, sygnatura czasowa: 0x596d30ca Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000e9da0 Identyfikator procesu powodującego błąd: 0x1730 Godzina uruchomienia aplikacji powodującej błąd: 0x01d3013d621d7980 Ścieżka aplikacji powodującej błąd: C:\Users\Yoogi\Downloads\adwcleaner_7.0.0.0_www.INSTALKI.pl.exe Ścieżka modułu powodującego błąd: C:\Users\Yoogi\Downloads\adwcleaner_7.0.0.0_www.INSTALKI.pl.exe Identyfikator raportu: eba9ff70-6d30-11e7-a903-001fd0b439ce Error: (07/20/2017 11:45:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Parametr jest niepoprawny. . Error: (07/20/2017 11:45:56 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {6bc2a26c-4ac4-4563-90b1-d4e55db300a0} Error: (07/20/2017 11:16:51 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "d:\program files\red barrels\outlast\binaries\win64\OLGame_R.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (07/20/2017 11:16:51 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "d:\program files\red barrels\outlast\binaries\win64\OLGame.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (07/20/2017 11:08:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/19/2017 11:43:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service Subair since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (07/19/2017 11:43:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service Prefs Secure since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (07/19/2017 11:43:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service Background Logic Handler since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (07/19/2017 11:43:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {a7325d38-6122-4605-bc51-2b440ea7a49a} Dziennik System: ============= Error: (07/20/2017 11:08:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Reimage Real Time Protector z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (07/20/2017 11:08:09 AM) (Source: SNMP) (EventID: 1500) (User: ) Description: Usługa SNMP napotkała błąd podczas dostępu do klucza rejestru SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (07/20/2017 11:07:56 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 23:47:25 na ‎2017-‎07-‎19 było nieoczekiwane. Error: (07/20/2017 11:07:39 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Error: (07/19/2017 11:46:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (07/19/2017 11:46:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (07/19/2017 11:42:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Background Logic Handler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/19/2017 11:42:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Subair niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/19/2017 06:53:42 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: Usługa SNMP napotkała błąd podczas dostępu do klucza rejestru SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (07/19/2017 06:53:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Reimage Real Time Protector z powodu następującego błędu: Nie można odnaleźć określonego pliku. ==================== Statystyki pamięci =========================== Procesor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ Procent pamięci w użyciu: 68% Całkowita pamięć fizyczna: 2047.55 MB Dostępna pamięć fizyczna: 637.98 MB Całkowita pamięć wirtualna: 4095.11 MB Dostępna pamięć wirtualna: 2599.23 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:143.46 GB) (Free:78.54 GB) NTFS Drive d: () (Fixed) (Total:89.33 GB) (Free:66.86 GB) NTFS ==================== MBR & Tablica partycji ================== ==================== Koniec Addition.txt ============================