Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:05-03-2016 01 Uruchomiony przez Agata (2016-03-12 13:27:09) Uruchomiony z C:\Users\Agata\Downloads Windows 8.1 (X64) (2014-11-08 20:58:09) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-132808117-4188919328-2083618679-500 - Administrator - Disabled) Agata (S-1-5-21-132808117-4188919328-2083618679-1002 - Administrator - Enabled) => C:\Users\Agata Gość (S-1-5-21-132808117-4188919328-2083618679-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-132808117-4188919328-2083618679-1004 - Limited - Enabled) UpdatusUser (S-1-5-21-132808117-4188919328-2083618679-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) .sol Editor 1.1.0.1 (HKLM-x32\...\.sol Editor) (Version: 1.1.0.1 - alexisisaac.net) µTorrent (HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.) Aktualizacje NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation) Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung) Ask Toolbar Updater (HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.4.45269 - Ask.com) <==== UWAGA Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform) Counter-Strike 1.6 [p48] build 4554 (HKLM-x32\...\Counter-Strike 1.6) (Version: [p48] build 4554 - CSSetti.pl) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC) Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.) Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: 1.0 - ) E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.) Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited) Fortera-Global (HKLM-x32\...\Fortera-Global) (Version: - ) Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3368 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) Kingsoft Office 2013 (9.1.0.4550) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4550 - Kingsoft Corp.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden Lollipop (HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\lollipop_08310725) (Version: - Lollipop Network, S.L.) <==== UWAGA Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Matroska Pack (HKLM-x32\...\Matroska Pack) (Version: - ) Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 15.0.4797.1003 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 15.0.4797.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MioMore Desktop 7.50 (HKLM-x32\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50) (Version: 7.50.0110.129 - Mio Technology) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 37.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 pl)) (Version: 37.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Nero 2015 (HKLM-x32\...\{F9592BA0-AA0D-454C-95AA-9782DF00CB4B}) (Version: 16.0.04000 - Nero AG) Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG) NSIS Example2 (HKLM-x32\...\Tibia Auto) (Version: - ) NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation) NVIDIA Sterownik graficzny 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Opera Stable 35.0.2066.92 (HKLM-x32\...\Opera 35.0.2066.92) (Version: 35.0.2066.92 - Opera Software) Panel sterowania NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Pokki (HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Pokki) (Version: 0.267.1.208 - Pokki) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden Qtrax Player (HKLM-x32\...\{58C91689-85E3-4B25-ADEC-2697986DF817}) (Version: 1.00.0001 - Qtrax) Qtrax Player (HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\3485951803.portal.qtrax.com) (Version: - portal.qtrax.com) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) RealDownloader (x32 Version: 18.1.3.103 - RealNetworks, Inc.) Hidden RealDownloader (x32 Version: 18.1.3.104 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.1 - Samsung Electronics CO., LTD.) S Agent (Version: 1.1.47 - Samsung Electronics CO., LTD.) Hidden Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype Web Plugin (HKLM-x32\...\{8A9079EA-59DE-491F-937A-D421399B7762}) (Version: 7.6.0.295 - Skype Technologies S.A.) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.) SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Support Center (HKLM\...\{C178F0E8-75AF-4C21-9828-98B9BED82470}) (Version: 2.0.10 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.1 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{D2B5F1E3-EA56-4D84-A453-A213B32974CB}) (Version: 2.1.25 - Samsung Electronics CO., LTD.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Sims 2 Na studiach (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version: - ) The Sims 2 Rozrywka rodzinna - Akcesoria (HKLM-x32\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version: - ) The Sims 2 Szyk i elegancja - Akcesoria (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - ) The Sims 2 Własny biznes (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - ) The Sims™ 2 Zwierzaki (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - ) The Sims™ 2 Czas wolny (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts) The Sims™ 2 Cztery pory roku (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - ) The Sims™ 2 Double Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version: - Electronic Arts) The Sims™ 2 Moda z H&M® Akcesoria (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - ) The Sims™ 2 Osiedlowe życie (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts) The Sims™ 2 Podróże (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts) Unity Web Player (HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 4.20 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24101}) (Version: 20.0.11659 - WinZip Computing, S.L. ) Worms Armageddon (HKLM-x32\...\{9B4E5CB1-7A1A-420A-B851-3F9206B5D0C1}) (Version: 1.00 - ) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-132808117-4188919328-2083618679-1002_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\Agata\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-132808117-4188919328-2083618679-1002_Classes\CLSID\{82C13295-2E78-45DD-9973-21F20A7D6F5C}\localserver32 -> C:\Users\Agata\AppData\Local\SkypePlugin\7.6.0.295\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-132808117-4188919328-2083618679-1002_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () CustomCLSID: HKU\S-1-5-21-132808117-4188919328-2083618679-1002_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Agata\AppData\Local\SkypePlugin\7.6.0.295\EdgeCalling.exe (Skype Technologies S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01A92C01-A358-4D87-912B-88591AA92157} - System32\Tasks\{0566335F-2F32-464A-A985-7C29CF2DA4FC} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.60.106/pl/abandoninstall?page=tsProgressBar Task: {07879486-0B76-44BD-982F-F5054429B3D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {0DF1666D-C4F2-42DF-98DA-965B0FE75B47} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation) Task: {1026B228-B890-4653-BD6B-9CBEF517C2CF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-132808117-4188919328-2083618679-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.) Task: {14B50B77-F149-4CAE-AE87-76A0223DFD5C} - System32\Tasks\Norton Security Scan for Agata => C:\Program Files (x86)\Norton Security Scan\Engine\4.0.1.16\Nss.exe Task: {23AB83B6-7CE9-48C1-83E9-E173DD3EA22B} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8ff03b64e7c4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {2EFDA665-88A2-4EC8-A896-C3854D67D1E1} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe Task: {30AFDD3F-4F5C-4393-B7FD-565574A7066E} - System32\Tasks\GoogleUpdateTaskMachineCore1cef44ffd2e2294 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {3C48D787-2262-48B6-AE9D-56F43731B00D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-02-27] (Microsoft Corporation) Task: {584FB65B-4078-4F2D-A88E-7C562F160446} - System32\Tasks\{B836B11F-1660-4C64-8E2D-6EF6FB4366C2} => pcalua.exe -a D:\Autorun.exe -d D:\ Task: {60DA1000-F598-4F6E-8CEA-640184976AF4} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-02-03] () Task: {722DF2F7-FA23-4859-9411-B551866C4EF3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {7ADE6B42-129E-48E3-8B77-E510D01A16FD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {814C8C47-66E5-44B3-A19E-C8FB31FF4FCA} - System32\Tasks\{AEBBDEE1-AD2E-4167-920B-7B0DB92A7A82} => pcalua.exe -a D:\Autorun.exe -d D:\ Task: {833162F7-34C7-4B8C-94C0-3B56AAC7AED2} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6a3075a97324 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {9069087C-177C-426C-BF6E-F358F960AB61} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-03-11] (Microsoft Corporation) Task: {A59D82EC-E509-4C66-86A1-5EC677A22288} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-132808117-4188919328-2083618679-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.) Task: {A79CDCB8-2E62-4E14-A669-6012AB68D53B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-132808117-4188919328-2083618679-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.) Task: {B667652A-52D1-40D5-BAC9-BAD41BAC05A5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {B9F15098-169E-4E49-8C7C-754079D34890} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd) Task: {C3028416-C499-4EDA-A339-6DFDE87511A7} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-132808117-4188919328-2083618679-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.) Task: {C651FE74-02B0-40EC-9828-591A2604DC92} - System32\Tasks\Opera scheduled Autoupdate 1398597349 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-01] (Opera Software) Task: {C76BF53A-98F0-4AF7-8028-AF2407F3768C} - System32\Tasks\GoogleUpdateTaskMachineUA1cf29ae8a5842cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {D9C0DA1F-DC3E-4607-B8DC-3079601FBEB9} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG) Task: {DA646AEB-1D7B-4284-A290-7CA3FA9289AD} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-03-19] (Samsung Electronics CO., LTD.) Task: {DF777929-9766-456E-9B90-C38CD675F66B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation) Task: {E20EB405-74D2-4ECB-9BA6-3655D7F217E7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe Task: {E6FAEFC0-9FA8-4B31-9CA1-EDB4FA08625F} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-04] (SEC) Task: {EB05B0CC-A5B2-42BB-9ED7-9CFF35A87CEA} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-01] (Adobe Systems Incorporated) Task: {EB111A5A-CB51-4E44-A06F-7EE9C97D412D} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.) Task: {EBD81A33-878F-4BC1-9718-CDA682260CBD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {EE298761-5C4F-4F27-8FC8-C713D667AFA3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-11] (Microsoft Corporation) Task: {F431BD8C-19D4-4E34-830D-38AAA79A65BA} - System32\Tasks\GoogleUpdateTaskMachineUA1d09089ad57c6fa => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-132808117-4188919328-2083618679-1002Core.job => C:\Users\Agata\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8ff03b64e7c4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6a3075a97324.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d09089ad57c6fa.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Norton Security Scan for Agata.job => C:\Program Files (x86)\Norton Security Scan\Engine\4.0.1.16\Nss.exe Task: C:\WINDOWS\Tasks\RMSchedule.job => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe Task: C:\WINDOWS\Tasks\WpsNotifyTask_Agata.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Agata.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2016-02-27 12:11 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2016-02-03 18:49 - 2016-02-03 18:49 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2014-03-19 10:41 - 2014-03-19 10:41 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll 2012-08-10 10:28 - 2012-08-10 10:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-08-10 10:23 - 2012-08-10 10:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\pl-PL\BtTray.pl-PL.dll 2012-09-07 09:57 - 2012-09-07 09:57 - 04238968 _____ () C:\Program Files\Samsung\Support Center\GuaranaAgent.exe 2015-08-24 19:28 - 2015-08-24 19:28 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2016-02-03 18:00 - 2016-02-03 18:00 - 00712432 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe 2012-09-05 08:50 - 2012-09-05 08:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2016-02-03 18:48 - 2016-02-03 18:48 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2016-02-03 18:48 - 2016-02-03 18:48 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2016-02-03 18:49 - 2016-02-03 18:49 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll 2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2016-02-03 17:53 - 2016-02-03 17:53 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll 2016-03-04 17:22 - 2016-03-04 17:22 - 00654608 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll 2016-02-19 22:13 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll 2016-02-19 22:13 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll 2016-03-11 21:55 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\Agata\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll 2016-03-12 13:05 - 2016-03-12 13:05 - 00380928 _____ () C:\Users\Agata\Downloads\qhiem2iz.exe ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Temp:373E1720 [119] AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112] AlternateDataStreams: C:\ProgramData\Temp:E41EAF13 [119] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-132808117-4188919328-2083618679-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Agata\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Tapeta z Galerii fotografii.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: BrowserProtect => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: Easy Launcher => 2 MSCONFIG\Services: GlobalUpdater => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) ME Service => 2 MSCONFIG\Services: iumsvc => 3 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: NOBU => 2 MSCONFIG\Services: nvUpdatusService => 2 MSCONFIG\Services: PCToolsSSDMonitorSvc => 2 MSCONFIG\Services: PSI_SVC_2_x64 => 2 MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SWUpdateService => 2 MSCONFIG\Services: TunngleService => 3 MSCONFIG\Services: UNS => 2 MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Facebook Update => "C:\Users\Agata\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk" HKLM\...\StartupApproved\Run: => "ETDCtrl" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "egui" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "ApnUpdater" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKLM\...\StartupApproved\Run32: => "DivXUpdate" HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center" HKLM\...\StartupApproved\Run32: => "Norton Online Backup" HKLM\...\StartupApproved\Run32: => "SSDMonitor" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "RealDownloader" HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\StartupApproved\Run: => "GG" HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\StartupApproved\Run: => "Facebook Update" HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\StartupApproved\Run: => "Pokki" HKU\S-1-5-21-132808117-4188919328-2083618679-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\StartupApproved\Run: => "NextLive" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "GG" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "Facebook Update" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "Pokki" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "NextLive" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "Gameo" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "FlashPlayerUpdate" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-132808117-4188919328-2083618679-1002\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{AA1DAA76-B76D-4A37-B73D-299CACB0C992}] => (Allow) c:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{A99CB61E-3F44-4F5B-B832-A3EFEA664FB4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{549A3F88-6EB0-49DF-8D3F-E76E049D8C38}] => (Block) C:\program files (x86)\counter strike\hl.exe FirewallRules: [{6C261E3E-CC1A-442F-8D48-C7DE10DA1CCC}] => (Block) C:\program files (x86)\counter strike\hl.exe FirewallRules: [UDP Query User{24DE3B0B-5705-493F-978D-E322C3862091}C:\program files (x86)\counter strike\hl.exe] => (Allow) C:\program files (x86)\counter strike\hl.exe FirewallRules: [TCP Query User{6E360E37-A2E7-4EA2-AFEB-C1EF7649A169}C:\program files (x86)\counter strike\hl.exe] => (Allow) C:\program files (x86)\counter strike\hl.exe FirewallRules: [UDP Query User{B318B274-7420-4260-8053-A04EDFF4EE3E}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe FirewallRules: [TCP Query User{9DD9D933-F928-4C22-B70B-353442B7BABD}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe FirewallRules: [{C178C8E9-0F22-48B1-BDDD-1D556CFD3D99}] => (Allow) LPort=1900 FirewallRules: [{DE2187DC-4CB4-4A5B-86F0-81A7285F766D}] => (Allow) LPort=2869 FirewallRules: [{329924BA-36AC-4C32-A727-187582FEBCDA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A9CB3083-F85F-4376-846F-B7AAE9EFF7F7}] => (Allow) C:\Users\Agata\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{F9529033-8613-43E1-B943-00C1BFEEBCE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E80E76CC-89E5-4845-8361-026B2D822BD5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{7F25848B-6E37-4141-A9DA-4DF4264886FB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{6B15925D-E046-453D-A3EE-02A5D727430A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{70A1CEB7-8234-4CA9-A6A6-9052C37E3E7F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [TCP Query User{EE2F03E5-29A0-4F18-B923-806853796A8D}C:\users\agata\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\agata\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{18B75D09-305E-485D-B65D-264D07D11B6D}C:\users\agata\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\agata\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{6CE0C038-D580-4148-9D32-BE38C1A05DAB}C:\gry\cs 1.6 p48\hl.exe] => (Allow) C:\gry\cs 1.6 p48\hl.exe FirewallRules: [UDP Query User{6A19D41B-21B7-45E1-BA7B-AEF62394A9E3}C:\gry\cs 1.6 p48\hl.exe] => (Allow) C:\gry\cs 1.6 p48\hl.exe FirewallRules: [{2A363A3F-F268-428F-981B-A5136DB38B49}] => (Allow) C:\Program Files (x86)\Nero2015\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{ED87EF60-217B-49D0-961D-7FAE679D1BD3}] => (Allow) C:\Program Files (x86)\Nero2015\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{31DDD99D-5782-4364-8385-790C6C021B72}] => (Allow) C:\Program Files (x86)\Nero2015\Nero 2015\Nero Burning ROM\StartNBR.exe FirewallRules: [{32DE0641-A5D7-40AB-B3B6-D9B9B01AA882}] => (Allow) C:\Program Files (x86)\Nero2015\KM\NMDllHost.exe FirewallRules: [{158B786B-438D-4558-9A78-14548612BF03}] => (Allow) C:\Program Files (x86)\Nero2015\Nero 2015\Nero Burning ROM\nero.exe FirewallRules: [{72952772-AA70-4C93-ADC1-519222710286}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9B1B75BD-3D59-4E7A-8DC0-B1C25B3C2FF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E2281F0E-D4FB-46A1-9089-2713C833EF9F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{F87E7C71-5DAA-40E9-A21D-2FCFDEBDB5D7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [TCP Query User{7B0DC12E-CCD2-4E39-96A0-CD2AF2174DCA}C:\users\agata\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe] => (Allow) C:\users\agata\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe FirewallRules: [UDP Query User{72E8620F-413E-4EC7-AC34-FF3A3A47224B}C:\users\agata\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe] => (Allow) C:\users\agata\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe FirewallRules: [{4C09B803-8D79-443C-9A07-8C5D21DBF706}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{679E87EE-5C06-42FD-A668-50CAEDFF2897}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D1656864-7D28-47B2-84DF-58A63E266316}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2D75CE6A-3547-4632-B447-B1E200A3AE8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{127B1801-0AA6-4B1B-AEF1-59222BCE16F6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{1C14B60E-D9B5-4997-A3EE-EC65A961CD23}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [TCP Query User{9AA41621-85C8-4A42-973F-D7994FFD36A1}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Allow) C:\program files (x86)\sierra\empire earth\empire earth.exe FirewallRules: [UDP Query User{85BDB13C-20DE-4A05-B7D6-BE12783CE791}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Allow) C:\program files (x86)\sierra\empire earth\empire earth.exe FirewallRules: [{3F7F3B19-9B48-4CBC-927A-FA0CF523F6EC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4F2F0100-A38B-4636-92B2-A00CF566BB1D}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe ==================== Punkty Przywracania systemu ========================= 12-03-2016 11:28:47 F-Secure Ultralight updated ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/12/2016 01:17:16 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (03/12/2016 12:50:37 PM) (Source: Python Service) (EventID: 255) (User: ) Description: Exception : (1058, 'StartService', 'Nie mo\xbfna uruchomi\xe6 okre\x9clonej us\xb3ugi, poniewa\xbf jest ona wy\xb3\xb9czona lub poniewa\xbf nie s\xb9 w\xb3\xb9czone skojarzone z ni\xb9 urz\xb9dzenia.') Error: (03/12/2016 12:48:39 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (03/12/2016 12:09:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: ce0 Godzina rozpoczęcia: 01d17c4ee4b2e474 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: d8909969-e842-11e5-bfb3-50b7c37c1ad7 Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (03/12/2016 12:09:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: cb8 Godzina rozpoczęcia: 01d17c4ee4abbd3c Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\syswow64\wwahost.exe Identyfikator raportu: d89ee799-e842-11e5-bfb3-50b7c37c1ad7 Pełna nazwa pakietu powodującego błąd: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (03/12/2016 11:54:23 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 504 Godzina rozpoczęcia: 01d17c4ccc37ca0d Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\syswow64\wwahost.exe Identyfikator raportu: c3b403da-e840-11e5-bfb3-50b7c37c1ad7 Pełna nazwa pakietu powodującego błąd: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (03/12/2016 11:26:05 AM) (Source: Python Service) (EventID: 255) (User: ) Description: Exception : (1058, 'StartService', 'Nie mo\xbfna uruchomi\xe6 okre\x9clonej us\xb3ugi, poniewa\xbf jest ona wy\xb3\xb9czona lub poniewa\xbf nie s\xb9 w\xb3\xb9czone skojarzone z ni\xb9 urz\xb9dzenia.') Error: (03/12/2016 11:09:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: adwcleaner_5.101.exe, wersja: 5.1.0.1, sygnatura czasowa: 0x56dd6488 Nazwa modułu powodującego błąd: adwcleaner_5.101.exe, wersja: 5.1.0.1, sygnatura czasowa: 0x56dd6488 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00020fea Identyfikator procesu powodującego błąd: 0x1238 Godzina uruchomienia aplikacji powodującej błąd: 0xadwcleaner_5.101.exe0 Ścieżka aplikacji powodującej błąd: adwcleaner_5.101.exe1 Ścieżka modułu powodującego błąd: adwcleaner_5.101.exe2 Identyfikator raportu: adwcleaner_5.101.exe3 Pełna nazwa pakietu powodującego błąd: adwcleaner_5.101.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: adwcleaner_5.101.exe5 Error: (03/12/2016 07:09:54 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (03/12/2016 07:07:51 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Dziennik System: ============= Error: (03/12/2016 12:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: %%1275 Error: (03/12/2016 12:49:11 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Agata\AppData\Local\Temp\ehdrv.sys Error: (03/12/2016 12:49:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: %%1275 Error: (03/12/2016 12:49:10 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Agata\AppData\Local\Temp\ehdrv.sys Error: (03/12/2016 12:49:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: %%1275 Error: (03/12/2016 12:49:10 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Agata\AppData\Local\Temp\ehdrv.sys Error: (03/12/2016 12:43:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił następujący błąd: %%1062 Error: (03/12/2016 11:11:32 AM) (Source: DCOM) (EventID: 10010) (User: AGATA) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (03/12/2016 11:11:32 AM) (Source: DCOM) (EventID: 10010) (User: AGATA) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (03/12/2016 11:08:22 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. CodeIntegrity: =================================== Date: 2015-12-15 20:53:12.926 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Procent pamięci w użyciu: 38% Całkowita pamięć fizyczna: 5845.53 MB Dostępna pamięć fizyczna: 3576.56 MB Całkowita pamięć wirtualna: 7061.54 MB Dostępna pamięć wirtualna: 4473.77 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:673.13 GB) (Free:559.78 GB) NTFS ==================== MBR & Tablica partycji ================== ==================== Koniec Addition.txt ============================