CHR Profile: C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole [2017-06-02] <==== UWAGA
RemoveDirectory: C:\Program Files (x86)\Ruzeghneriph
RemoveDirectory: C:\Program Files (x86)\Maoha
RemoveDirectory: C:\Users\Krzysiek\AppData\Roaming\Jarodomateterph
RemoveDirectory: C:\Program Files (x86)\jkFXvSZ8pqIw Updater
2017-06-01 21:10 - 2017-06-02 01:18 - 00000000 ____D C:\Program Files (x86)\MIO
2017-06-01 21:08 - 2017-06-01 21:10 - 00000000 ____D C:\Program Files\MK
2017-06-01 20:07 - 2017-06-02 01:18 - 00000000 ____D C:\Program Files (x86)\Plowiry Community
2017-06-01 20:07 - 2017-06-01 20:09 - 00000000 ____D C:\Users\Krzysiek\AppData\Local\Wercationsterjeck
2017-06-01 20:07 - 2017-06-01 20:08 - 00006008 _____ C:\Windows\System32\Tasks\Plowiry Community
Task: {11C86362-550B-4F8B-B992-EAB26A9C2F54} - System32\Tasks\Plowiry Community => C:\Program Files (x86)\Ruzeghneriph\yaupdcache.exe
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA
Task: {3EB67423-9C83-4786-896C-9CAFBB88DDEB} - System32\Tasks\{BB40E09C-49F8-4C6C-A972-9862AEB2FB90} => pcalua.exe -a C:\Users\Krzysiek\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA
Task: {964CC98A-3E16-4A14-8482-C16567FA24C0} - System32\Tasks\jkFXvSZ8pqIw => jkfxvsz8pqiw.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
Task: {B0007F09-2A21-4EEA-87D9-026C4A5019B9} - System32\Tasks\{67E12A51-0A83-4581-B295-F6501E648550} => pcalua.exe -a C:\Users\Krzysiek\Pobrane.exe\RemoveWGA1.2_www.INSTALKI.pl.exe -d C:\Users\Krzysiek\Pobrane.exe
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Brak pliku <==== UWAGA
Task: {E3D1BE4F-1CEA-4A1F-BB32-CE80D9B5D316} - \Microsoft\Windows\DeviceSettings\Ckiwoing -> Brak pliku <==== UWAGA
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Brak pliku <==== UWAGA
Task: {FBABEDFE-A484-41B1-8D2F-7FF4FEEDEF25} - System32\Tasks\{9A678A8E-0293-43E5-BC6E-8EABC2B2F355} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe"
HKLM\ DisallowedCertificates: 1916A2AF346D399F50313C393200F14140456616 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 2A83E9020591A55FC6DDAD3FB102794C52B24E70 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 3A850044D8A195CD401A680C012CB0A3B5F8DC08 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 40AA38731BD189F9CDB5B9DC35E2136F38777AF4 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 43D9BCB568E039D073A74A71D8511F7476089CC3 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 471C949A8143DB5AD5CDF1C972864A2504FA23C9 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 61793FCBFA4F9008309BBA5FF12D2CB29CD4151A (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 6431723036FD26DEA502792FA595922493030F97 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 7D7F4414CCEF168ADF6BF40753B5BECD78375931 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 80962AE4D6C5B442894E95A13E4A699E07D694CF (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 86E817C81A5CA672FE000F36F878C19518D6F844 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 8E5BD50D6AE686D65252F843A9D4B96D197730AB (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: 9845A431D51959CAF225322B4A4FE9F223CE6D15 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: B533345D06F64516403C00DA03187D3BFEF59156 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: C060ED44CBD881BD0EF86C0BA287DDCF8167478C (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: CEA586B2CE593EC7D939898337C57814708AB2BE (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: D018B62DC518907247DF50925BB09ACF4A5CB3AD (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: F8A54E03AADC5692B850496A4C4630FFEAA29D83 (Avast Antivirus/Software) <==== UWAGA
HKLM\ DisallowedCertificates: FA6660A94AB45F6A88C0D7874D89A863D74DEE97 (Avast Antivirus/Software) <==== UWAGA
HKU\S-1-5-21-3697319723-2004547232-485423195-1000\...\Run: [ASRockXTU] => [X]
ShellExecuteHooks: Brak nazwy - {CD839464-41E8-11E7-8092-64006A5CFC23} - C:\Users\Krzysiek\AppData\Roaming\Jarodomateterph\Proreied.dll -> Brak pliku
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
ShellIconOverlayIdentifiers: [JzShlobj] -> {9A0700D2-920A-4E52-8697-9B5230C92612} => C:\Program Files (x86)\Maoha\JiSuZip\JZipExt.dll [2016-12-27] (深圳市猫哈网络科技发展有限公司)
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.aqovd.com?oem=sunadplv3&uid=WD-WXR1 ... 1443433106
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku]
CHR DefaultProfile: jezghtjihuturole
CHR DefaultSearchURL: jezghtjihuturole -> hxxp://www.mystarting123.com/search/index.php?z=c98f5073a27c822c08d6950gcz6t0qfcezcz3o6o0b&q={searchTerms}
CHR DefaultSearchKeyword: jezghtjihuturole -> mystarting123
CHR Profile: C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole [2017-06-02] <==== UWAGA
CHR Extension: (Prezentacje Google) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-02]
CHR Extension: (Dokumenty Google) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-02]
CHR Extension: (Dysk Google) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-02]
CHR Extension: (YouTube) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-02]
CHR Extension: (Arkusze Google) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-02]
CHR Extension: (Gmail) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\jezghtjihuturole\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-02]
S2 jkFXvSZ8pqIw Updater; C:\Program Files (x86)\jkFXvSZ8pqIw Updater\jkFXvSZ8pqIw Updater.exe [X]
S2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [X]
R3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 cpuz134; \??\C:\Users\Krzysiek\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== UWAGA
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Krzysiek\filmy.exe
C:\Users\Krzysiek\HPUSBDisk-2.2.3.exe
C:\Users\Krzysiek\Pobrane.exe
EmptyTemp:
Uruchomiony przez Krzysiek (administrator) ASROCK (02-06-2017 12:18:52)
Uruchomiony przez Krzysiek (administrator) ASROCK (02-06-2017 12:18:52)
*mystarting123*.*
mystarting123;
CHR DefaultSearchURL: Profile 2 -> hxxp://www.mystarting123.com/search/index.php?z=c98f5073a27c822c08d6950gcz6t0qfcezcz3o6o0b&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> mystarting123
EmptyTemp:
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 23 gości