Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 24.10.2018 Uruchomiony przez TES1 (04-11-2018 11:46:59) Uruchomiony z C:\FRST2 Windows 7 Professional Service Pack 1 (X64) (2018-10-11 09:16:02) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2714874936-2885573605-2700010397-500 - Administrator - Disabled) Gość (S-1-5-21-2714874936-2885573605-2700010397-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2714874936-2885573605-2700010397-1002 - Limited - Enabled) TES1 (S-1-5-21-2714874936-2885573605-2700010397-1000 - Administrator - Enabled) => C:\Users\TES1 ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160} AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated) Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated) Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM-x32\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) cCloud (HKLM\...\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}) (Version: 3.0.8.84 - COMODO) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP) CodeStuff Starter (HKLM-x32\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff) COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 69.0.3497.81 - Comodo) CrystalDiskInfo 7.8.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.8.3 - Crystal Dew World) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DeepBurner v1.9.0.228 (HKLM-x32\...\{2ADE2157-7A5E-122C-B51D-EB8A01B15943}) (Version: - ) EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd) Eraser 6.2.0.2982 (HKLM\...\{DFCF78CC-3DAD-4C1E-8BC6-94DC5B73461E}) (Version: 6.2.2982 - The Eraser Project) FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski) Glary Utilities 5.108 (HKLM-x32\...\Glary Utilities 5) (Version: 5.108.0.133 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.5.463447.175 - Comodo) Iperius Backup (wersja 5.8.0.0) (HKLM-x32\...\Iperius Backup_is1) (Version: 5.8.0.0 - Enter Srl) IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan) Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.8.19377 - McAfee, Inc.) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Mozilla Firefox 63.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 63.0.1 (x64 pl)) (Version: 63.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0 - Mozilla) OpenOffice 4.1.5 (HKLM-x32\...\{7076105B-6FE8-464A-AC28-FFBB2686B68F}) (Version: 4.15.9789 - Apache Software Foundation) OpenOffice 4.1.5 Language Pack (Polish) (HKLM-x32\...\{C263EE24-DF40-4CE0-8E98-58EA1B0A379E}) (Version: 4.15.9789 - Apache Software Foundation) Opera Stable 56.0.3051.43 (HKU\S-1-5-21-2714874936-2885573605-2700010397-1000\...\Opera 56.0.3051.43) (Version: 56.0.3051.43 - Opera Software) Opera Stable 56.0.3051.52 (HKU\S-1-5-21-2714874936-2885573605-2700010397-1000\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software) Paragon Partition Manager™ 12 Professional Demo (HKLM-x32\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software) PartitionMagic (HKLM-x32\...\{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}) (Version: 8.00.000 - PowerQuest) Hidden Personal Backup 5.9.4.6 (64-bit) (HKLM\...\Personal Backup 5_is1) (Version: 5.9.4.6 - Dr. J. Rathlev) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) PowerQuest PartitionMagic 8.0 Demo (HKLM-x32\...\InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}) (Version: 8.00.000 - PowerQuest) Quick Startup 5.10.1.141 (HKLM-x32\...\Quick Startup) (Version: 5.10.1.141 - Glarysoft Ltd) Speedtest by Ookla (HKLM\...\{83BDD24D-5643-4BC0-9AA5-B5D073D76C26}) (Version: 1.1.23.001 - Ookla) Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WizFile v1.06 (HKLM\...\WizFile_is1) (Version: - Antibody Software) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\progra\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers1: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O) ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\progra\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers2: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O) ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\progra\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\progra\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers4: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O) ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project) ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\progra\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-03-20] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\progra\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0813BCCC-8C2E-4E6B-A330-04525B2F4850} - System32\Tasks\{C6DE61B3-E891-4465-97F3-1C530251292E} => C:\Windows\system32\pcalua.exe -a "E:\Różne\Progra.komp\Eraser 6.2.0.2982.exe" -d E:\Różne\Progra.komp Task: {298B06E2-327E-46C9-AC6A-A6D4FBCC2580} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-29] (AVAST Software) Task: {4450E13E-744E-4392-9178-25EB2F2E1FF8} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe <==== UWAGA Task: {57DEC37D-19FE-4D8F-B319-ABF31909C323} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-19] (Google Inc.) Task: {6303CA6B-FB91-42E2-9325-C73E79CB3A66} - System32\Tasks\Opera scheduled Autoupdate 1539337648 => C:\Users\TES1\AppData\Local\Programs\Opera\launcher.exe [2018-10-17] (Opera Software) Task: {67500A0F-E666-42F1-BF64-7536D0CCEF90} - System32\Tasks\{926777A1-BD5F-490B-BDC5-251456697640} => C:\Windows\system32\pcalua.exe -a C:\Users\TES1\Downloads\Partition_Magic8.0-PL_www.INSTALKI.pl.exe -d C:\Users\TES1\Downloads Task: {69681C6B-8CAF-453E-B32E-1FA7FB623E2C} - System32\Tasks\{740D12BC-B2A4-4BB7-BD92-6F9786225A82} => C:\Windows\system32\pcalua.exe -a "C:\progra\deepburn\DeepBurner Free 1.9.0.228.exe" -d C:\progra\deepburn Task: {7A525662-946A-471C-AD52-1D51FFE37CB6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd) Task: {7E7B2BE0-4E35-428B-9F0F-E2A286F13978} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd) Task: {8C81E48F-0B07-43EB-ACC1-7D55D5ACC62B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-24] (Adobe Systems Incorporated) Task: {96CB51EB-E24D-48FB-AD59-E2BEBD7A487E} - System32\Tasks\{00E9F834-E52D-465D-BD49-E3018036D475} => C:\Windows\system32\pcalua.exe -a C:\Users\TES1\Downloads\adguardInstaller.exe -d C:\Users\TES1\Downloads Task: {973C6D04-EA61-4FEE-A8B6-B0F22E237B97} - System32\Tasks\{9DAB5A2E-B04B-4E46-A669-75EDBF9625AB} => C:\Windows\system32\pcalua.exe -a C:\Users\TES1\DeepBurner1.exe -d C:\Users\TES1 Task: {9E917D18-9B6B-4B6D-A0D1-59223EDB390C} - System32\Tasks\{225113C6-3842-4CF4-9306-22345D1862DF} => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe Task: {B4CD321B-43FF-4411-834E-B1F0C7BCE9A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-19] (Google Inc.) Task: {B63DD270-5399-480C-85D3-8D6D4577DE17} - System32\Tasks\{ABD7644E-167E-4BA7-B864-82529385B91B} => C:\Windows\system32\pcalua.exe -a C:\progra\DeepBurner1.exe -d C:\progra Task: {CF0A033F-8680-4B26-A084-1CB100686FB3} - System32\Tasks\{454B65E5-EBEC-4FC9-BE8B-5B34925806DF} => C:\Windows\system32\pcalua.exe -a C:\progra\deepburn\DeepBurner1.exe -d C:\progra\deepburn (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-10-31 13:53 - 2014-09-03 12:53 - 001508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll 2018-10-31 13:53 - 2014-09-03 12:53 - 000338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll 2015-02-12 09:12 - 2014-03-20 19:34 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000270480 _____ () C:\progra\Todo Backup\bin\TodoBackupService.exe 2018-11-02 13:42 - 2018-10-10 11:01 - 000070800 _____ () C:\progra\Todo Backup\bin\x64\CodeLog.dll 2018-11-02 13:42 - 2018-10-10 11:01 - 000109712 _____ () C:\progra\Todo Backup\bin\CodeLog.dll 2018-11-02 13:42 - 2016-03-07 18:08 - 001291264 _____ () C:\progra\Todo Backup\bin\libxml2.dll 2018-11-02 13:42 - 2004-10-05 03:08 - 000055808 _____ () C:\progra\Todo Backup\bin\zlib1.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000019600 _____ () C:\progra\Todo Backup\bin\CompressFile.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000024720 _____ () C:\progra\Todo Backup\bin\CmcTbProxy.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000188560 _____ () C:\progra\Todo Backup\bin\CMCPipeCenter.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000195728 _____ () C:\progra\Todo Backup\bin\CMCAdapt.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000163472 _____ () C:\progra\Todo Backup\bin\CMCAdapt_RTTO.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000055952 _____ () C:\progra\Todo Backup\bin\TBInfo.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000018064 _____ () C:\progra\Todo Backup\bin\CMCNetTokenProxy.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000058000 _____ () C:\progra\Todo Backup\bin\ActivationOnline.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000704144 _____ () C:\progra\Todo Backup\bin\EuActiveOnline.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000487568 _____ () C:\progra\Todo Backup\bin\EULicenseDLL.DLL 2018-11-02 13:42 - 2018-10-22 14:17 - 000021648 _____ () C:\progra\Todo Backup\bin\fsclog.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000264336 _____ () C:\progra\Todo Backup\bin\AuthorizedMng.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000112272 _____ () C:\progra\Todo Backup\bin\CalcScheduleTime.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000085648 _____ () C:\progra\Todo Backup\bin\logsys.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000032912 _____ () C:\progra\Todo Backup\bin\DiskSearchImg.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000070800 _____ () C:\progra\Todo Backup\bin\MountImg.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000169616 _____ () C:\progra\Todo Backup\bin\ImgFile.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000539280 _____ () C:\progra\Todo Backup\bin\DsImgFile.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000078480 _____ () C:\progra\Todo Backup\bin\FatLib.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000318608 _____ () C:\progra\Todo Backup\bin\NTFSUtil.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000211088 _____ () C:\progra\Todo Backup\bin\NTFSLib.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000026256 _____ () C:\progra\Todo Backup\bin\CallbackOperator.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000074384 _____ () C:\progra\Todo Backup\bin\CheckImg.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000141968 _____ () C:\progra\Todo Backup\bin\vhdvmdk.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000089232 _____ () C:\progra\Todo Backup\bin\BootDriver.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 002458768 _____ () C:\progra\Todo Backup\bin\ExImage.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000266384 _____ () C:\progra\Todo Backup\bin\EmailBackupSize.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000162960 _____ () C:\progra\Todo Backup\bin\EnumDisk.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000029328 _____ () C:\progra\Todo Backup\bin\DeviceAdapter.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000131216 _____ () C:\progra\Todo Backup\bin\FileStorage.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000026768 _____ () C:\progra\Todo Backup\bin\GetDriverInfo.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000024720 _____ () C:\progra\Todo Backup\bin\CorrectMbr.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000034448 _____ () C:\progra\Todo Backup\bin\EnumTapeDevice.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000054416 _____ () C:\progra\Todo Backup\bin\TbTapeBrowse.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000066192 _____ () C:\progra\Todo Backup\bin\RegLib.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000026768 _____ () C:\progra\Todo Backup\bin\AccountManager.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000072848 _____ () C:\progra\Todo Backup\bin\NasOperator.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000292496 _____ () C:\progra\Todo Backup\bin\EmailBrowser.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000078992 _____ () C:\progra\Todo Backup\bin\CloudOperator.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000021648 _____ () C:\progra\Todo Backup\bin\ActiveOnline.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000138384 _____ () C:\progra\Todo Backup\bin\VMConfig.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000075408 _____ () C:\progra\Todo Backup\bin\SqlExBrowser.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000585872 _____ () C:\progra\Todo Backup\bin\SqlSMOCPlusPlus.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000119952 _____ () C:\progra\Todo Backup\bin\FileSearch.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000045200 _____ () C:\progra\Todo Backup\bin\TbDataSwap.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000367760 _____ () C:\progra\Todo Backup\bin\DeviceManager.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000142992 _____ () C:\progra\Todo Backup\bin\Device.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000149136 _____ () C:\progra\Todo Backup\bin\Partition.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000052368 _____ () C:\progra\Todo Backup\bin\FileSystemAnalyser.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000064144 _____ () C:\progra\Todo Backup\bin\FATFileSystemAnalyser.dll 2018-11-02 13:42 - 2018-10-22 14:16 - 000091792 _____ () C:\progra\Todo Backup\bin\Common.dll 2018-11-02 13:42 - 2018-10-22 14:17 - 000058512 _____ () C:\progra\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2018-11-02 13:42 - 2018-10-22 14:18 - 000220304 _____ () C:\progra\Todo Backup\bin\SmartBackup.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2018-11-03 13:16 - 000002103 _____ C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2714874936-2885573605-2700010397-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TES1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{1653ADFA-07BC-4EEC-98D8-15BBC0B7E68A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{91F4BA39-A854-4874-8932-562B66D66707}] => (Allow) LPort=2869 FirewallRules: [{07611995-341E-4F99-B6D8-5917AB2AB7D2}] => (Allow) LPort=1900 FirewallRules: [{709A1AFC-628C-467A-9179-CA0AE382E69F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{B6E5125C-F452-446F-A6A4-999371483F4B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{31A1C8DB-E2F1-4FDE-8A8D-98A1C2A11B15}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{E90DAA28-0135-4A35-ACC3-F1E255DBF13B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{9DE7D6E0-5909-4408-8B89-476857D0BA56}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{1CCA4D99-DE0E-40E0-BD8A-F1F5C75005F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [TCP Query User{BBED7AB0-8E84-4735-BCA1-58427C8AEB4E}C:\progra\vlc\vlc.exe] => (Block) C:\progra\vlc\vlc.exe FirewallRules: [UDP Query User{6B70EFEE-0524-478C-9EA7-3208A8BB04E8}C:\progra\vlc\vlc.exe] => (Block) C:\progra\vlc\vlc.exe FirewallRules: [{EAA062AD-5D58-4C96-BBF9-4A02E7006584}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{280BC37A-548C-4BBF-8DBA-5C9EF8121C28}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe FirewallRules: [{8633A4DF-25F8-415E-96D7-21E3DE4D52A1}] => (Allow) C:\Program Files\COMODO\cCloud\cCloud.exe FirewallRules: [{F89373A1-0736-4BA6-A3B8-5C785FEC4802}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C1280E8A-3CEE-4441-B82F-1069884EA89D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{577C8BCB-B989-45A3-BA6D-A2B204606FEB}] => (Allow) C:\progra\Iperius Backup\Iperius.exe FirewallRules: [{0BEFC9B0-2C6F-4029-8EF6-E967D24AA580}] => (Allow) C:\progra\Iperius Backup\Iperius.exe FirewallRules: [{97216278-0180-4801-9DF1-7AF5B1A51E3D}] => (Allow) C:\progra\Iperius Backup\IperiusService.exe FirewallRules: [{BEEE29C7-035A-49EF-85C4-4CB68F69E17F}] => (Allow) C:\progra\Iperius Backup\IperiusService.exe FirewallRules: [{2D1C1393-4975-44A7-866B-A86EFC5DF688}] => (Allow) C:\progra\Todo Backup\bin\TbService.exe FirewallRules: [{1D4D632A-C30A-4227-B6C5-69E544D8C6C6}] => (Allow) C:\progra\Todo Backup\bin\TbService.exe FirewallRules: [{B5A87517-CEEF-4EED-82EF-729A53A2876F}] => (Allow) C:\progra\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{C531735F-E81F-4039-B3EC-9E22D23FD64F}] => (Allow) C:\progra\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{BB2AB65D-1997-4976-ACDB-0CFEA9153C7D}] => (Allow) C:\progra\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{54440426-FE80-453E-88EF-1411CCE4831C}] => (Allow) C:\progra\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{CBCC6305-4297-484B-92B8-BF6EB335ADE4}] => (Allow) C:\progra\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{D1B246ED-07E4-4333-B5B4-E3969B0ABDC2}] => (Allow) C:\progra\Todo Backup\bin\TodoBackupService.exe ==================== Punkty Przywracania systemu ========================= 31-10-2018 19:28:40 Zaplanowany punkt kontrolny 01-11-2018 12:39:33 COMODO Antivirus Binary update 01-11-2018 15:06:00 Removing COMODO Client - Security 03-11-2018 11:45:40 Installed PartitionMagic 03-11-2018 11:57:28 Installed Paragon Partition Manager™ 12 Professional Demo. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: adgnetworktdidrv Description: adgnetworktdidrv Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: adgnetworktdidrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/03/2018 01:18:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/03/2018 01:16:59 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Users\TES1\AppData\Local\chromium\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 63.0.3223.0,language="*",type="win32",version="63.0.3223.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (11/03/2018 01:00:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/03/2018 12:59:18 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Users\TES1\AppData\Local\chromium\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 63.0.3223.0,language="*",type="win32",version="63.0.3223.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (11/03/2018 12:51:39 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.1.7601.17514 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 720 Godzina rozpoczęcia: 01d47362f9a55ead Godzina zakończenia: 10 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu: ce2566f0-df5e-11e8-bfc9-c81f6612e4b4 Error: (11/03/2018 11:51:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/03/2018 11:50:14 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Users\TES1\AppData\Local\chromium\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 63.0.3223.0,language="*",type="win32",version="63.0.3223.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (11/03/2018 11:17:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (11/03/2018 02:05:44 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (11/03/2018 02:05:44 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (11/03/2018 02:05:25 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (11/03/2018 02:05:25 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (11/03/2018 02:05:13 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (11/03/2018 02:05:13 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (11/03/2018 02:04:11 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (11/03/2018 02:04:11 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz Procent pamięci w użyciu: 39% Całkowita pamięć fizyczna: 8094.07 MB Dostępna pamięć fizyczna: 4923.54 MB Całkowita pamięć wirtualna: 16186.3 MB Dostępna pamięć wirtualna: 12757.31 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:351.56 GB) (Free:298.51 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive e: () (Removable) (Total:14.55 GB) (Free:5.78 GB) FAT32 Drive f: (ZAPAS) (Fixed) (Total:6.28 GB) (Free:6.21 GB) NTFS Drive g: (WIN7CZYSTY) (Fixed) (Total:97.66 GB) (Free:97.44 GB) NTFS Drive h: (VERBATIM HD) (Fixed) (Total:931.28 GB) (Free:763.89 GB) FAT32 \\?\Volume{100af743-c7f1-11e8-bc0f-806e6f6e6963}\ () (Fixed) (Total:0 GB) (Free:0 GB) ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 4562C974) Partition 1: (Not Active) - (Size=10.3 GB) - (Type=27) Partition 2: (Active) - (Size=351.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.7 GB) - (Type=0F Extended) Partition 4: (Not Active) - (Size=6.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Protective MBR) (Size: 14.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: E0D9F8F0) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C) ==================== Koniec Addition.txt ============================