Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:24-02-2016 Uruchomiony przez Mama (2016-02-25 10:08:16) Uruchomiony z C:\Users\Mama\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TH5TOUTJ Microsoft Windows 7 Home Premium (X86) (2010-05-05 13:54:16) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3559837788-3003761988-3719058285-500 - Administrator - Disabled) Guest (S-1-5-21-3559837788-3003761988-3719058285-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-3559837788-3003761988-3719058285-1004 - Limited - Enabled) Mama (S-1-5-21-3559837788-3003761988-3719058285-1000 - Administrator - Enabled) => C:\Users\Mama ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Smart Security 9.0.349.14 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Ad-Aware Antivirus (Enabled - Up to date) {B0CC18C6-E527-6EE6-874C-9D19920E5619} AS: Ad-Aware Antivirus (Enabled - Up to date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 9.0.349.14 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Ad-Aware Antivirus (HKLM\...\{A6E2BA31-F8AF-4DD0-806D-B884D8DDBBAD}_AdAwareUpdater) (Version: 11.10.767.8917 - Lavasoft) AdAwareInstaller (Version: 11.10.767.8917 - Lavasoft) Hidden AdAwareUpdater (Version: 11.10.767.8917 - Lavasoft) Hidden Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden AntispamEngine (Version: 2.4.4244.0 - Lavasoft) Hidden Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) AvcEngine (Version: 3.11.12293.0 - Lavasoft) Hidden Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Bullzip PDF Printer 9.6.0.1582 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.6.0.1582 - Bullzip) ChomikBox (HKLM\...\{A907E9CD-683E-49FC-BE59-9EB059D266D5}) (Version: 2.0.2.1 - Chomikuj.pl) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd) Detektor Winampa (HKU\S-1-5-21-3559837788-3003761988-3719058285-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) ESET Smart Security (HKLM\...\{83D892B2-82C3-4B8D-82FD-7DE8FE98F8E7}) (Version: 9.0.349.14 - ESET, spol. s r.o.) FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.) Google Drive (HKLM\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.1.0 - LIGHTNING UK!) Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation) Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) LIVE! Control Center 1.05 (HKLM\...\{271F5A67-A83A-4985-B41B-201EB267E6CF}) (Version: 1.05 - OEM) LIVE! OSD 1.14(AD) (HKLM\...\{73289228-1853-4623-982A-EB17FF0270CA}) (Version: 1.14 - OEM) Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation) Mozilla Firefox 44.0.2 (x86 pl) (HKLM\...\Mozilla Firefox 44.0.2 (x86 pl)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 7 Lite 7.11.10.0 (HKLM\...\Nero7Lite_is1) (Version: 7.11.10.0 - Updatepack.nl) OnlineThreatsEngine (Version: 3.0.1.23 - Lavasoft) Hidden Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5928 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM\...\{D4EEC21C-04F0-4CF4-8078-82C11E38EF11}) (Version: 1.01.0094 - REALTEK Semiconductor Corp.) Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.) Skype™ 7.18 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.3.0 - Synaptics Incorporated) System Requirements Lab for Intel (HKLM\...\{C71067FC-288F-4E0B-88C6-44DFDA8311E2}) (Version: 4.5.9.0 - Husdawg, LLC) TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer) Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH) Web Companion (HKLM\...\{378ae3b5-b064-40d9-af2a-d1907f9e40c8}) (Version: 2.2.1337.2613 - Lavasoft) Winamp (HKLM\...\Winamp) (Version: 5.621 - Nullsoft, Inc) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3559837788-3003761988-3719058285-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3559837788-3003761988-3719058285-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3559837788-3003761988-3719058285-1000_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Mama\AppData\Local\Roblox\Versions\version-21cdb2fff9fb4df2\RobloxProxy.dll (ROBLOX Corporation) CustomCLSID: HKU\S-1-5-21-3559837788-3003761988-3719058285-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {2C27A829-127F-4CE1-A07E-62BF9F937564} - System32\Tasks\{74E386E7-18DE-4CA2-BF24-722952DAFB80} => pcalua.exe -a "E:\PLAY ONLINE\Setup.exe" -d "E:\PLAY ONLINE" Task: {3A2CF0B0-8E5D-44DB-8FA9-62183C417C47} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3559837788-3003761988-3719058285-1000UA => C:\Users\Mama\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {3C689939-E689-4E44-9F7B-334D9BD33769} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3559837788-3003761988-3719058285-1000Core => C:\Users\Mama\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {43021B01-16B4-45EA-B95A-A152787CBB63} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {500D7549-1A4F-44EF-91EC-3B54CB4364D6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-22] (AVAST Software) Task: {554EAD3E-5371-47C4-B6E8-96DA2A9C253B} - System32\Tasks\SafeZone scheduled Autoupdate 1456175402 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {598D7309-0CB0-48EA-9B9F-DC4FE1CF6E60} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {5A54B034-4E64-4C90-B8EB-A36179485BE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-07] (Adobe Systems Incorporated) Task: {70FF5019-13E6-4204-900C-8DB0C6816040} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 4.2\upgrade.exe [2015-08-09] (ESET) Task: {91EEE47C-2C24-45EC-B029-78B567688721} - System32\Tasks\{9690A21D-7BEE-443A-A809-A85DD4C4F4DC} => C:\Program Files\Skype\Phone\Skype.exe [2016-02-02] (Skype Technologies S.A.) Task: {B832E569-491A-4705-87FE-761F929D74FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {C42BDB3F-E058-4B61-921A-789CB5925474} - System32\Tasks\{C99F3EDE-D3CE-4AEE-AE2A-2C64AA283065} => pcalua.exe -a C:\Install\Kaspersky.Internet.Security.PL\K.I.S.2011.PL\kis11.0.1.400pl_pl.exe -d C:\Install\Kaspersky.Internet.Security.PL\K.I.S.2011.PL Task: {D4A0B6E4-C280-4A50-A1A6-B7CB9164EA8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {F8BC2598-3B46-42E0-9C55-1F8961F644BE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3559837788-3003761988-3719058285-1000 Task: {FA0F660C-EB4F-48A1-8D39-3A7FF878207E} - System32\Tasks\{EC4820A4-DD6C-458B-92A4-894D4E8104CB} => pcalua.exe -a E:\DataCard_Setup.exe -d E:\ (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-01-28 16:44 - 2016-01-28 16:44 - 00659872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe 2016-01-28 16:47 - 2016-01-28 16:47 - 00023296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_system-vc120-mt-1_57.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00047368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_date_time-vc120-mt-1_57.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_filesystem-vc120-mt-1_57.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 08872184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareServiceKernel.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 02372816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\RCF.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00634624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_regex-vc120-mt-1_57.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00089344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_thread-vc120-mt-1_57.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00032000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_chrono-vc120-mt-1_57.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 00783088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareActivation.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 00452864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareApplicationUpdater.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 00679664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareGamingMode.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00084712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareReset.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00102624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTime.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 00821504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdater.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 00729872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDefinitionsUpdaterScheduler.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 00897264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIgnoreList.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00205552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareQuarantine.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 01274624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiMalwareEngine.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 00169728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiRootkitEngine.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00902392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerHistory.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 01082088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScanner.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00032512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_timer-vc120-mt-1_57.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00812280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareScannerScheduler.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00940288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtection.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 02081528 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareIncompatibles.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 01188584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiSpam.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 01143536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAntiPhishing.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 02519288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareParentalControl.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 02806008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareWebProtection.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 01045752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareEmailProtection.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00048392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_iostreams-vc120-mt-1_57.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 01477376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNetworkProtection.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00825576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePromo.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 00377576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareFeedback.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 02280192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareThreatWorkAlliance.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 01062120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwarePinCode.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00827112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareNotice.dll 2016-01-28 16:46 - 2016-01-28 16:46 - 01252080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareAvcEngine.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00955664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareRealTimeProtectionHistory.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00424176 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareStatistics.dll 2016-02-24 22:37 - 2015-01-06 12:47 - 00135288 _____ () C:\Windows\system32\bdfwcore.dll 2016-02-24 22:48 - 2016-02-24 22:48 - 00947640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\definitions\loc2\ashttpbr.mdl 2016-02-24 22:48 - 2016-02-24 22:48 - 00678528 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\definitions\loc2\ashttpdsp.mdl 2016-02-24 22:48 - 2016-02-24 22:48 - 02492080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\definitions\loc2\ashttpph.mdl 2016-02-24 22:48 - 2016-02-24 22:48 - 01388752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\definitions\loc2\ashttprbl.mdl 2016-02-24 22:38 - 2016-02-24 22:38 - 00017168 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe 2016-02-24 22:38 - 2016-02-24 22:38 - 00008976 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00028944 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 08007392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe 2016-01-28 16:47 - 2016-01-28 16:47 - 00386816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\boost_locale-vc120-mt-1_57.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 01731304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\HtmlFramework.dll 2016-01-28 16:47 - 2016-01-28 16:47 - 00867576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTrayDefaultSkin.dll 2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files\Skype\Phone\ssScreenVVS2.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00118032 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00049936 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Common.Platform.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00010000 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.UpdateComponents.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00275216 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00022288 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.AvastWrapper.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00046864 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00012560 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll 2016-02-24 22:38 - 2016-02-24 22:38 - 00120080 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-3559837788-3003761988-3719058285-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3559837788-3003761988-3719058285-1000\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:04 - 2016-02-07 21:15 - 00000967 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3559837788-3003761988-3719058285-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launch.lnk => C:\Windows\pss\Launch.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OSD.lnk => C:\Windows\pss\OSD.lnk.CommonStartup ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{838E26FA-385B-4FF5-A62D-C421BFD157E2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{718C2B08-C4F7-40A5-83EF-1D60510872ED}] => (Allow) C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{6ECF3C9B-2D26-4C50-AF77-D6C7C145C8BE}] => (Allow) C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{3AA96A26-997A-473B-A12C-4610937C68B1}] => (Allow) C:\Program Files\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{5A7606FE-474B-4FB6-BBFC-68689AA5FACA}] => (Allow) C:\Program Files\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{6776AA7D-E052-4542-BBA6-ED9FFC23B2AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{7E95A3D1-E376-43CF-9195-C50F30852DF0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F1E561B7-6A31-42FE-83B1-B8F9B90B476B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{7E14AE0E-8F2E-470E-9B12-D55FA94B4DDB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{AB4F1399-864E-49A8-B50F-24D7765129D4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{21C89D1A-AE12-49CE-8F22-F186EE82F02F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{58CA2310-92D4-4411-94E5-E30443C94349}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{115AD7DE-CE69-4C72-AF94-52D34385ECC2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6542FAB9-9769-4170-9C95-C0439BE24331}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2008F2AF-149A-47EE-BDAE-3F9182CADBFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D905511B-D0AF-450E-96A4-4DAD33EECF7D}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{73AE2B96-6A1D-4AB5-AEB6-4EDD3F071574}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{4CB41286-2503-46AE-9DB4-7AB5763E13B6}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{DCD3FE52-80DD-4D59-AF57-152E024E46B8}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{DCD63E22-DE90-4663-8028-E5FB206DEB46}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{B27364EB-BE4A-40F3-820E-7308F317BAA0}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe FirewallRules: [{C0C379D1-ECD9-423B-9EA5-E6D80FADC498}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe FirewallRules: [{EA637847-95E0-45E0-A81A-301D02FA2A0A}] => (Allow) C:\Program Files\SpringFiles\downloader.exe FirewallRules: [{D385DAEB-0143-4FAF-A1BA-9A608ADB842C}] => (Allow) C:\Program Files\SpringFiles\downloader.exe FirewallRules: [{AA058905-62D1-4303-80B6-E2DFF310D000}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{3259A2C7-9332-420C-A04E-029F800BD4DA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{43CAE10E-2716-48AC-B52B-31E275BCE5D8}] => (Allow) C:\Users\Mama\AppData\Roaming\Andy\Setup.exe FirewallRules: [{B69F8D87-DC1A-4073-B50E-4FE7D5566AE2}] => (Allow) C:\Users\Mama\AppData\Roaming\Andy\Setup.exe ==================== Punkty Przywracania systemu ========================= 07-02-2016 21:28:39 Removed League of Legends 16-02-2016 21:17:25 Instalacja avast! Free Antivirus 24-02-2016 16:02:33 Removed League of Legends 24-02-2016 22:31:48 AA11 25-02-2016 09:34:16 Removed Launch 25-02-2016 09:36:12 Removed PlayReady PC Runtime x86 25-02-2016 09:37:09 Removed VMware VIX. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/25/2016 12:26:00 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (02/25/2016 12:26:00 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (02/25/2016 12:26:00 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (02/25/2016 12:25:59 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (02/24/2016 04:02:22 PM) (Source: MsiInstaller) (EventID: 11704) (User: MAMA) Description: Product: Launch -- Error 1704. An installation for VMware Player is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes? Error: (02/24/2016 04:01:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7600.16450, sygnatura czasowa: 0x4aeba271 Nazwa modułu powodującego błąd: SHELL32.dll, wersja: 6.1.7600.16532, sygnatura czasowa: 0x4b7cec9c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0009c959 Identyfikator procesu powodującego błąd: 0x6bc Godzina uruchomienia aplikacji powodującej błąd: 0xExplorer.EXE0 Ścieżka aplikacji powodującej błąd: Explorer.EXE1 Ścieżka modułu powodującego błąd: Explorer.EXE2 Identyfikator raportu: Explorer.EXE3 Error: (02/24/2016 03:57:41 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Users\Mama\AppData\Local\Temp\{0A48513B-9BCF-4A09-8A58-00AC0298673F}\Sims3Setup.exe -runfromtemp -l0x0015 -removeonly -media_path:"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\" -tempdisk1folder:"C:\Users\Mama\AppData\Local\Temp\{0A48513B-9BCF-4A09-8A58-00AC0298673F}\"; Opis = Usunięte The Sims 3; Błąd = 0x8007043c). Error: (02/24/2016 01:57:25 PM) (Source: MsiInstaller) (EventID: 11704) (User: MAMA) Description: Product: VMware VIX -- Error 1704.An installation for VMware Player is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes? Error: (02/24/2016 12:24:09 PM) (Source: MsiInstaller) (EventID: 1002) (User: MAMA) Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageName”, wartość: „”) w kluczu „HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList” Error: (02/10/2016 01:25:30 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3323 Dziennik System: ============= Error: (02/25/2016 08:54:13 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (02/25/2016 08:54:13 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (02/25/2016 08:54:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi HWDeviceService.exe z powodu następującego błędu: %%2 Error: (02/24/2016 11:01:56 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80004005 Error: (02/24/2016 10:59:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi HWDeviceService.exe z powodu następującego błędu: %%2 Error: (02/24/2016 10:59:35 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (02/24/2016 10:59:34 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (02/24/2016 10:27:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi HWDeviceService.exe z powodu następującego błędu: %%2 Error: (02/24/2016 10:27:50 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (02/24/2016 10:27:50 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz Procent pamięci w użyciu: 75% Całkowita pamięć fizyczna: 2008.9 MB Dostępna pamięć fizyczna: 493.05 MB Całkowita pamięć wirtualna: 4017.8 MB Dostępna pamięć wirtualna: 1927.36 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:292.72 GB) (Free:173.63 GB) NTFS Drive d: (CD230A1) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: BE659A05) Partition 1: (Active) - (Size=5.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=292.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================