Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:04-10-2015 Uruchomiony przez Admin (2015-10-05 21:20:01) Uruchomiony z C:\Users\Admin\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2012-03-24 22:05:05) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Admin (S-1-5-21-1156661441-3988215128-3090756461-1000 - Administrator - Enabled) => C:\Users\Admin Administrator (S-1-5-21-1156661441-3988215128-3090756461-500 - Administrator - Disabled) Gość (S-1-5-21-1156661441-3988215128-3090756461-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1156661441-3988215128-3090756461-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Dr.Web Anti-virus (Enabled - Out of date) {43B072E9-61D5-D2DF-0530-CE16F6F72D60} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Dr.Web Anti-virus (Enabled - Out of date) {F8D1930D-47EF-DD51-3F80-F5648D7067DD} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) AnySend (HKLM-x32\...\ASPackage) (Version: - CMI Limited) <==== UWAGA CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP) CinemaP-1.9cV05.10 (HKLM-x32\...\CinemaP-1.9cV05.10) (Version: 1.36.01.22 - Cinema PlusV05.10) <==== UWAGA CinemaPlus-3.2cV05.10 (HKLM-x32\...\CinemaPlus-3.2cV05.10) (Version: 1.36.01.22 - Cinema PlusV05.10) <==== UWAGA Connectify (HKLM\...\Connectify) (Version: 3.1.0.21402 - Connectify) Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== UWAGA Detektor Winampa (HKU\S-1-5-21-1156661441-3988215128-3090756461-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Dr.Web Anti-virus for Windows (HKLM\...\{937CFD3F-8BFB-4208-81CB-F5004CD7B000}) (Version: 10.0.1.03310 - Doctor Web, Ltd.) Feed Notifier 2.6 (HKLM-x32\...\{6091F327-2B13-4193-A6F1-4B2271613A74}_is1) (Version: - Michael Fogleman) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.3.1.606 - Foxit Corporation) Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) jogotempo 3.4 (HKLM-x32\...\jogotempo) (Version: 3.4 - DN) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 41.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 pl)) (Version: 41.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla) MyBrowser (HKLM-x32\...\MyBrowser) (Version: 39.5.2171.95 - The MyBrowser Authors) Nero 2015 (HKLM-x32\...\{844793C4-4D2E-463E-B02B-585FFC2FB6F3}) (Version: 16.0.05000 - Nero AG) Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1007 - Nero AG) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.) SnadBoy's Revelation v2 (HKLM-x32\...\SnadBoy's Revelation v2) (Version: 2.0.1.100 - SnadBoy Software) Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: - ) <==== UWAGA System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC) TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12799 - TeamViewer) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.5.0.77 - KMP Media co., Ltd) Web Amplified (HKLM\...\Web Amplified) (Version: 2015.10.05.151512 - Web Amplified) <==== UWAGA Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WordWizard 1.10.0.24 (HKLM-x32\...\WordWizard_1.10.0.24) (Version: 1.10.0.24 - WordWizard) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= 03-10-2015 08:35:17 Zaplanowany punkt kontrolny ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2015-04-02 17:54 - 00000928 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01850DB9-795D-41EE-B0C4-5242AD333CF9} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4 => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {02F0F047-DDAC-44D7-8045-BBC27642C325} - System32\Tasks\WordWizard Auto Updater 1.10.0.24 Pending Update => C:\Program Files (x86)\WordWizard_1.10.0.24\Update\WordwizardAutoUpdateClient.exe [2015-09-02] (WordWizard) Task: {047553BA-E03A-4B40-BA0C-1C825F0E77ED} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-10.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {0643CD62-8A92-42CB-BA15-B7425961BFC4} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-03-04] (Nero AG) Task: {07E80383-D18B-4AC8-9859-7AA9F4F050C5} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5 => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {27361F43-B13E-42BE-A8DF-2A058D6EFECD} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {45BE8743-9CC1-4E05-9ADA-83703A748B59} - System32\Tasks\MyBrowser => C:\Program Files (x86)\MyBrowser\MyBrowser\Application\utility.exe [2015-10-05] () Task: {47F8F3E7-CF9F-4F73-9C36-12DAC6B0EE0D} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {4A9F7F78-DA08-4683-81F9-EBA0BED42B79} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-4 => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-4.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {58D40295-AC27-4E68-BBD8-C7B3E907579A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated) Task: {6BA3F1A0-C70B-4B4C-95F2-B33CBCFBA75D} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7 => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {6E21745E-0AAF-4740-86F7-18E9BE9AB973} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [2015-04-02] (Doctor Web, Ltd.) Task: {70ED1F79-0B60-4BD1-80F2-42B8EA1DB06A} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-5.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {748891BD-1EE0-4492-84C8-B787579ABEED} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-10-05] () <==== UWAGA Task: {826DF2FE-21CC-4C72-AA3C-A89A528F063F} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5 => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-5.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {A2EAEC6E-5D8D-4756-8725-D661EF00E3F1} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10_user => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {A9E3407B-5730-4DF5-AA87-C6885D5E2F30} - System32\Tasks\AmiUpdXp => C:\Users\Admin\AppData\Local\891\Updater.exe [2015-10-05] () <==== UWAGA Task: {BB72F97F-B528-437B-BDA2-7E156DBB84D3} - System32\Tasks\{28511603-1814-48B9-843A-AD3AD921E4E5} => pcalua.exe -a C:\Users\Admin\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cor Task: {CE33C86C-9D85-436C-B85F-0AD03E841D75} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6 => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {D38A480F-DB11-4877-81A9-394D7D46A2D3} - System32\Tasks\WordWizard Auto Updater 1.10.0.24 Core => C:\Program Files (x86)\WordWizard_1.10.0.24\Update\WordwizardAutoUpdateClient.exe [2015-09-02] (WordWizard) Task: {D5D6FA99-2EC1-4729-8BB3-B3F4AA2BBCE7} - System32\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA Task: {E53D6FE4-6B1D-4090-B03B-D36886CAFFC4} - System32\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5_user => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.exe [2015-10-05] (Cinema PlusV05.10) <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-1-6.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-1-7.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-10.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-4.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-4.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-5.exe <==== UWAGA Task: C:\Windows\Tasks\6055b7eb-df8d-4281-afd8-560810fc40d7-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.10\6055b7eb-df8d-4281-afd8-560810fc40d7-5.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-6.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-1-7.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-10.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-4.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.exe <==== UWAGA Task: C:\Windows\Tasks\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV05.10\a929e9f6-b235-4ae4-b8e7-591c45f1670d-5.exe <==== UWAGA Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Admin\AppData\Local\891\Updater.exe <==== UWAGA Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== UWAGA Task: C:\Windows\Tasks\MyBrowser.job => C:\Program Files (x86)\MyBrowser\MyBrowser\Application\utility.exe ==================== Załadowane moduły (filtrowane) ============== 2011-09-29 20:10 - 2011-09-29 20:10 - 00069632 _____ () C:\Program Files (x86)\Connectify\ConnectifyService.exe 2012-03-24 17:14 - 2011-04-15 04:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-10-05 18:49 - 2015-10-05 18:49 - 00181760 _____ () C:\Program Files (x86)\27DAD760-1444063731-11D9-BB64-5404A6A214B1\jnskA760.tmp 2015-10-05 18:49 - 2015-10-05 18:49 - 00203776 _____ () C:\Program Files (x86)\27DAD760-1444063731-11D9-BB64-5404A6A214B1\hnsaBF84.tmp 2015-10-05 16:28 - 2015-10-05 16:28 - 00460536 _____ () C:\Program Files (x86)\Web Amplified\bin\utilWebAmplified.exe 2015-10-05 19:02 - 2015-10-05 19:02 - 00228674 _____ () C:\Users\Admin\AppData\Local\Temp\nsf8107.tmp 2015-10-05 19:02 - 2015-10-05 06:36 - 00115448 _____ () C:\Program Files (x86)\Web Amplified\bin\WebAmplified.expext.exe 2015-10-05 19:03 - 2015-10-05 06:36 - 00353528 _____ () C:\Program Files (x86)\Web Amplified\bin\WebAmplified.PurBrowse64.exe 2015-10-05 19:05 - 2015-10-05 19:05 - 00460536 _____ () C:\Program Files (x86)\Web Amplified\updateWebAmplified.exe 2015-10-05 19:21 - 2015-09-23 14:31 - 00058880 _____ () C:\Program Files (x86)\Feed Notifier\notifier.exe 2011-09-29 20:10 - 2011-09-29 20:10 - 00353096 _____ () C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe 2015-10-05 19:53 - 2015-10-05 19:53 - 00346112 _____ () C:\Program Files (x86)\27DAD760-1444063731-11D9-BB64-5404A6A214B1\knspC6FD.tmp 2011-09-29 20:10 - 2011-09-29 20:10 - 00022856 _____ () C:\Program Files (x86)\Connectify\DriverLib.dll 2011-09-29 20:10 - 2011-09-29 20:10 - 00441672 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll 2011-09-29 20:10 - 2011-09-29 20:10 - 00014152 _____ () C:\Program Files (x86)\Connectify\BuildProps.dll 2011-09-29 20:10 - 2011-09-29 20:10 - 00669000 _____ () C:\Program Files (x86)\Connectify\Vendors.dll 2011-09-29 20:10 - 2011-09-29 20:10 - 00024904 _____ () C:\Program Files (x86)\Connectify\gma.Windows.Firewall.dll 2011-09-29 20:10 - 2011-09-29 20:10 - 00035144 _____ () C:\Program Files (x86)\Connectify\Scannify.dll 2015-10-05 18:51 - 2015-05-11 18:01 - 01070592 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libglesv2.dll 2015-10-05 18:51 - 2015-05-11 18:01 - 00204800 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libegl.dll 2015-10-05 19:00 - 2015-08-29 23:28 - 01070592 _____ () C:\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\libglesv2.dll 2015-10-05 19:00 - 2015-08-29 23:28 - 00204800 _____ () C:\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\libegl.dll 2015-10-05 19:02 - 2015-10-05 19:02 - 00011264 _____ () C:\Users\Admin\AppData\Local\Temp\nsk8D2D.tmp\System.dll 2015-10-05 19:02 - 2015-10-05 19:02 - 00009728 _____ () C:\Users\Admin\AppData\Local\Temp\nsk8D2D.tmp\nsDialogs.dll 2015-10-05 19:02 - 2015-10-05 19:02 - 00025088 _____ () C:\Users\Admin\AppData\Local\Temp\nsk8D2D.tmp\registry.dll 2015-10-05 19:02 - 2015-10-05 19:02 - 00067584 _____ () C:\Users\Admin\AppData\Local\Temp\nsk8D2D.tmp\Math.dll 2015-10-05 19:02 - 2015-10-05 19:02 - 00058368 _____ () C:\Users\Admin\AppData\Local\Temp\nsk8D2D.tmp\nsCBHTML5.dll 2015-09-22 11:38 - 2015-09-22 11:38 - 17592008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1156661441-3988215128-3090756461-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.146.1 - 217.8.168.244 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows - funkcja wyłączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{0E26EAEA-98FA-4FA6-9224-FA1EE29887DE}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{BFE3B857-0FAC-4530-A0A9-6A6397582958}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{A8E092DF-E9FD-4E1F-A4D3-54F3F22912F1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe FirewallRules: [{2E0AB44D-1688-480D-9E54-9169D2F9FF19}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe FirewallRules: [{B797E7E4-25F9-4881-8D7C-EFD67EC0FEF6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe FirewallRules: [{41103FEE-E022-4E54-93A4-F1F1D675D1CC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe FirewallRules: [{CF53D008-44C8-4AF0-B471-740790C825B3}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{CC5AC03B-BAA1-4AAF-818C-6F08B92B952B}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{67200999-CF59-4C2C-9E94-27A2712DD339}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{725C12D6-0759-4432-B2D5-B2B7C0E24CDE}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{F01823E7-FE10-4AC4-B1BB-0C745D061CF3}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{54A41F18-BEB9-4A69-A5E9-CC2D3376E7E8}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{6B95AFA0-79B9-4EF8-AF4C-C3AF0E159D5D}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{4C7F1333-8A9D-446A-B3C2-5C905943EC5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe FirewallRules: [{C184DDA5-2847-4BDB-B2A5-807B8B2D185B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe FirewallRules: [{1429DD5A-EF98-4315-8632-7D8F411D9747}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe FirewallRules: [{E43779F0-2F6F-44AA-9707-90F436CEA293}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe FirewallRules: [{8C950B97-FDBA-4F11-A56F-D0415DEEA1FF}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{72DB67C5-F28F-477E-BB21-160C95F1D8DB}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{0B399FF2-6763-4477-BC9A-A100686A59E0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{6D6033F2-2386-4978-919A-2B4C85B9EDBA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{FB59DE65-2E01-4114-943B-1BCE9D05FED1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{FC5E068E-2BC8-4E39-914D-0CAF53603F9F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{BC02D358-56EC-4D01-8BE7-BEBC9E9B6AF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe FirewallRules: [{A950A969-7048-4D9C-B48A-CB2215C629EE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe FirewallRules: [{C46012A0-EDCF-442F-BA08-4B495394FE7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{958E1893-CBEE-48AB-912D-E43F2C50D09F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{0ACC1582-6A62-4AC6-8FAD-F1A935E7DF6B}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{96FEFFA5-68BC-4592-BE53-8FB67D7984AC}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{DCB57227-229E-45D4-8CED-21EB549B709C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe FirewallRules: [{CE478DD9-21F3-466F-A0D5-5FB877025F15}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe FirewallRules: [{F3830415-AA19-43EE-AA82-7DA5E1BCCEE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{99DCFF38-35CE-45CF-B5CA-6567E6F44802}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{02BF643B-F2BE-4212-AD88-16C9A4C1BE27}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{7D818106-A733-4E1A-BE89-58E29A25376D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{7F85B624-4F23-4C61-A0B6-009EE8FD92F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{6BB6EAA5-D5F0-4B7B-BFAA-FC087C8184E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{A4CF14DA-855D-43BB-82B2-240997D3CA54}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C31285B1-FBD9-442A-97CF-AE2E2076B8B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0D760F37-38E7-457D-BB74-0718444E8BFA}] => (Allow) C:\Program Files\DrWeb\spideragent.exe FirewallRules: [{3B7928C7-41D0-4A32-91AF-AFAD4DAE4F9D}] => (Allow) C:\Program Files\DrWeb\dwservice.exe FirewallRules: [{56DC2484-833D-4830-8624-C8828F16FEBA}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe FirewallRules: [{66DBFCFA-CCF5-4078-BD0B-5629BF6D47CD}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{F3122C0D-36D3-4EDA-A3AD-2A5A14688D36}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{40A96DA4-05AA-4915-98B6-B8887EE99E07}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe FirewallRules: [{3CE97625-44D2-4FFB-9912-F3CEA17976A9}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{C8969597-18B7-4EA4-AE1F-C4AA65AC863C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe FirewallRules: [{C0727DB0-EEF1-4A2C-92CE-CF8D44A2C610}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{B09831AE-EC28-4FC9-B8C5-14AE3FB9E66C}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{F1B0B9CF-9EE0-4D96-8F0A-B53EC1AD6E16}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe FirewallRules: [{318C5C4E-6E22-48C1-95B9-B8582DB03F1A}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe FirewallRules: [{F6E33CAF-A898-4266-84AC-BAAAA5CDDC9B}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{83421A20-2076-4F11-BAAB-87AF396B2200}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{56050C61-D10E-496D-9D40-37B534B99589}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{65B5DF6D-B3B3-4AB4-9684-D1D230E36791}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe FirewallRules: [{266D4C9A-6778-4CE8-BC95-BFEBC69FEC76}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe FirewallRules: [{A1A7E134-1182-4C3B-9DBF-C08B66487DFA}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{2FC6B5D8-2098-4E68-8032-40E4A7AB04ED}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{F2FA63B4-0DA3-40FC-9F03-F5D61DCE6337}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe FirewallRules: [{4C56FC5A-643B-464D-B173-06569857A1B7}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/05/2015 08:49:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: rnsp9FDD.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x56129c15 Nazwa modułu powodującego błąd: kernel32.dll, wersja: 6.1.7601.18933, sygnatura czasowa: 0x55a69ec3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037708 Identyfikator procesu powodującego błąd: 0x1928 Godzina uruchomienia aplikacji powodującej błąd: 0xrnsp9FDD.exe0 Ścieżka aplikacji powodującej błąd: rnsp9FDD.exe1 Ścieżka modułu powodującego błąd: rnsp9FDD.exe2 Identyfikator raportu: rnsp9FDD.exe3 Error: (10/05/2015 08:14:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 90080108 Error: (10/05/2015 07:44:12 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 90080108 Error: (10/05/2015 07:20:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 41.0.1.5750, sygnatura czasowa: 0x560b37be Nazwa modułu powodującego błąd: mozglue.dll, wersja: 41.0.1.5750, sygnatura czasowa: 0x560b229d Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x0000ec7f Identyfikator procesu powodującego błąd: 0x16a8 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (10/05/2015 07:19:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: rnsp9FDD.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x56129c15 Nazwa modułu powodującego błąd: kernel32.dll, wersja: 6.1.7601.18933, sygnatura czasowa: 0x55a69ec3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037708 Identyfikator procesu powodującego błąd: 0x163c Godzina uruchomienia aplikacji powodującej błąd: 0xrnsp9FDD.exe0 Ścieżka aplikacji powodującej błąd: rnsp9FDD.exe1 Ścieżka modułu powodującego błąd: rnsp9FDD.exe2 Identyfikator raportu: rnsp9FDD.exe3 Error: (10/05/2015 10:33:43 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (10/05/2015 09:36:35 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/04/2015 06:03:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/03/2015 10:43:23 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (10/03/2015 07:21:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (10/05/2015 09:34:54 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\athExt.dll Kod błędu: 126 Error: (10/04/2015 06:05:57 PM) (Source: ipnathlp) (EventID: 30013) (User: ) Description: 192.168.146.1192.168.173.0255.255.255.0 Error: (10/04/2015 06:01:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\athExt.dll Kod błędu: 126 Error: (10/03/2015 07:19:57 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\athExt.dll Kod błędu: 126 Error: (10/02/2015 09:49:02 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (10/02/2015 02:28:26 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (10/02/2015 01:59:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\athExt.dll Kod błędu: 126 Error: (10/02/2015 01:59:42 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 11:14:53 na ‎2015-‎10-‎02 było nieoczekiwane. Error: (10/02/2015 10:04:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\athExt.dll Kod błędu: 126 Error: (10/02/2015 10:04:01 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 07:31:58 na ‎2015-‎10-‎02 było nieoczekiwane. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Celeron(R) CPU G530 @ 2.40GHz Procent pamięci w użyciu: 64% Całkowita pamięć fizyczna: 4008.32 MB Dostępna pamięć fizyczna: 1420.11 MB Całkowita pamięć wirtualna: 8014.84 MB Dostępna pamięć wirtualna: 4683.25 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:88.65 GB) (Free:11.58 GB) NTFS Drive d: () (Fixed) (Total:97.56 GB) (Free:56.66 GB) NTFS Drive e: (Digital_LG) (CDROM) (Total:0.68 GB) (Free:0 GB) CDFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186.3 GB) (Disk ID: EFC5EFC5) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=88.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================