Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 02.01.2018 Uruchomiony przez Waldek (02-01-2018 17:42:41) Uruchomiony z C:\Users\Waldek\Downloads\Programs Windows 8.1 Pro (Update) (X64) (2017-11-11 16:39:22) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3143409620-2237551117-509473781-500 - Administrator - Disabled) Gość (S-1-5-21-3143409620-2237551117-509473781-501 - Limited - Disabled) Waldek (S-1-5-21-3143409620-2237551117-509473781-1001 - Administrator - Enabled) => C:\Users\Waldek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Zapora (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-3143409620-2237551117-509473781-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) adobe (HKLM\...\{DC92137A-66A3-4FEF-A5B1-FB233399C823}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2042, 30.10.2017 - AIMP DevTeam) AOMEI Backupper Professional (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.8 - Ashampoo GmbH & Co. KG) Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team) Brother MFL-Pro Suite DCP-165C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: - ) DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.2.0.0644 - Disc Soft Ltd) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) ekAzek Download (HKLM-x32\...\ekAzek Download) (Version: 0.2.2017.1206 - kAzek29) ESET Security (HKLM\...\{8B35CE46-1F7C-4B22-815E-AB6DC63EE3AB}) (Version: 11.0.149.0 - ESET, spol. s r.o.) ExtremeCopy (HKLM\...\{2F54AF03-8D65-4FE0-8C1B-8D97236FC4AD}) (Version: 2.3.4 - Easersoft) FastStone Image Viewer 6.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.4 - FastStone Soft) FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.) Glary Utilities 5.90.0.111 (HKLM-x32\...\Glary Utilities_is1) (Version: 5.90.0.111 - lrepacks.ru) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden IDM Patch 6.29 build 2 Patch (HKLM-x32\...\IDM Patch 6.29 build 2 Patch) (Version: 6.29 build 2 - Crackingpatching.com Team) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) K-Lite Codec Pack 13.7.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP) Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Mozilla Firefox 57.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 57.0.2 (x64 pl)) (Version: 57.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) Nitro Pro (HKLM\...\{723397F7-8D17-4BAF-91DD-11A7D9EC2F4D}) (Version: 11.0.5.271 - Nitro) Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) Photodex ProShow Producer (HKLM-x32\...\Photodex ProShow Producer) (Version: - Photodex Corporation) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.7145 - Kakao Corp.) RadioSure (HKU\S-1-5-21-3143409620-2237551117-509473781-1001\...\RadioSure) (Version: - ) Rapala Pro Fishing (HKLM-x32\...\{CCCAA826-D6DE-4FA9-AC5F-73966AA00028}) (Version: 1.0.0 - Activision Value) Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.) Skijumping 2007 (HKLM-x32\...\Skijumping 2007_0001) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated) UltraISO Premium V9.7 (HKLM-x32\...\UltraISO_is1) (Version: 9.7.0.3476 - EZB Systems, Inc.) WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare) Wondershare Video Converter Ultimate(Build 10.1.3.141) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.1.3.141 - Wondershare Software) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3143409620-2237551117-509473781-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2017-06-23] (Tonec Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-11-13] (AIMP DevTeam) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-28] (ESET) ContextMenuHandlers1: [ExtremeCopy] -> {2D4E0551-33FE-4C58-B1BF-1277B9C511F2} => C:\Program Files\Easersoft\ExtremeCopy\XCShellExt64.dll [2012-10-06] (EaserSoft Inc.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => -> Brak pliku ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler_x64.dll [2017-11-17] (Glarysoft Ltd) ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2017-07-16] (Nitro Software, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-28] (ESET) ContextMenuHandlers2: [ExtremeCopy] -> {2D4E0551-33FE-4C58-B1BF-1277B9C511F2} => C:\Program Files\Easersoft\ExtremeCopy\XCShellExt64.dll [2012-10-06] (EaserSoft Inc.) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler_x64.dll [2017-11-17] (Glarysoft Ltd) ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2016-11-19] (EZB Systems, Inc.) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-11-13] (AIMP DevTeam) ContextMenuHandlers4: [ExtremeCopy] -> {2D4E0551-33FE-4C58-B1BF-1277B9C511F2} => C:\Program Files\Easersoft\ExtremeCopy\XCShellExt64.dll [2012-10-06] (EaserSoft Inc.) ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2016-11-19] (EZB Systems, Inc.) ContextMenuHandlers5: [ExtremeCopy] -> {2D4E0551-33FE-4C58-B1BF-1277B9C511F2} => C:\Program Files\Easersoft\ExtremeCopy\XCShellExt64.dll [2012-10-06] (EaserSoft Inc.) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-28] (ESET) ContextMenuHandlers6: [ExtremeCopy] -> {2D4E0551-33FE-4C58-B1BF-1277B9C511F2} => C:\Program Files\Easersoft\ExtremeCopy\XCShellExt64.dll [2012-10-06] (EaserSoft Inc.) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => -> Brak pliku ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler_x64.dll [2017-11-17] (Glarysoft Ltd) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group) ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2016-11-19] (EZB Systems, Inc.) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-12-24 22:35 - 2017-12-14 03:49 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\libglesv2.dll 2017-12-24 22:35 - 2017-12-14 03:49 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\libegl.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000966512 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000339816 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000266096 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000139112 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000360304 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000040808 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000495464 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000081776 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000114544 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000089960 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000073584 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000298864 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000978792 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000348008 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll 2017-12-25 12:47 - 2017-09-04 10:10 - 000126832 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000175984 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000724848 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll 2017-12-25 12:47 - 2017-09-01 16:35 - 002411968 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000114544 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000266088 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll 2017-12-25 12:47 - 2017-09-04 10:11 - 000188264 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-12-25 10:06 - 2017-12-25 10:06 - 000000130 ____R C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 keystone.mwbsys.com 0.0.0.0 telemetry.malwarebytes.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3143409620-2237551117-509473781-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 62.179.1.63 - 62.179.1.62 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKU\S-1-5-21-3143409620-2237551117-509473781-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent" HKU\S-1-5-21-3143409620-2237551117-509473781-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-3143409620-2237551117-509473781-1001\...\StartupApproved\Run: => "Kaspersky Software Updater" HKU\S-1-5-21-3143409620-2237551117-509473781-1001\...\StartupApproved\Run: => "KSS" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{A5CB4299-1B4C-4334-AB67-B213B2022A7F}E:\nowy folder\sdi_r1790\sdi_x64_r1790.exe] => (Allow) E:\nowy folder\sdi_r1790\sdi_x64_r1790.exe FirewallRules: [UDP Query User{0EAFD587-38DF-40E1-8D8C-1ED8CDB95CBE}E:\nowy folder\sdi_r1790\sdi_x64_r1790.exe] => (Allow) E:\nowy folder\sdi_r1790\sdi_x64_r1790.exe FirewallRules: [TCP Query User{FABAA62A-B60F-42B1-9A80-86DD0FC6CE56}E:\nowy folder\sdi_r1790\sdi_r1790.exe] => (Allow) E:\nowy folder\sdi_r1790\sdi_r1790.exe FirewallRules: [UDP Query User{551C1692-7BE6-4758-9308-ABB65BB25014}E:\nowy folder\sdi_r1790\sdi_r1790.exe] => (Allow) E:\nowy folder\sdi_r1790\sdi_r1790.exe FirewallRules: [{B5225ABE-6A8E-42BA-B7F8-1CE66BCA6F90}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{399073B3-A2DE-407C-868A-3CF8E8A9DC70}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{72C4510A-5058-46B6-8E44-6F2D3ED849E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5509107A-F278-4E05-9AA6-9113CDC4F84D}] => (Allow) C:\Users\Waldek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B016F42E-25B7-4C78-8DAB-50F21527FC25}] => (Allow) C:\Users\Waldek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D11D064B-050D-4A4C-A74D-99B90BA1DEB4}] => (Allow) C:\Users\Waldek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0F89EFD3-CAB4-4AD8-859C-FBF8AD8987D4}] => (Allow) C:\Users\Waldek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1C409A94-CD87-4EC8-A230-0C31BABADD61}] => (Allow) C:\Users\Waldek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{80C816F2-D109-4A2C-A721-665B3A385EA9}] => (Allow) C:\Users\Waldek\AppData\Roaming\uTorrent\uTorrent.exe ==================== Punkty Przywracania systemu ========================= 31-12-2017 14:34:03 Instalator modułów systemu Windows 31-12-2017 14:35:29 Instalator modułów systemu Windows 31-12-2017 14:40:09 Instalator modułów systemu Windows 31-12-2017 14:46:38 Instalator modułów systemu Windows 31-12-2017 14:47:53 Instalator modułów systemu Windows 31-12-2017 15:04:01 Instalator modułów systemu Windows 31-12-2017 15:12:31 Instalator modułów systemu Windows 31-12-2017 15:54:19 Instalator modułów systemu Windows 31-12-2017 15:56:51 Instalator modułów systemu Windows 31-12-2017 16:05:15 Instalator modułów systemu Windows 31-12-2017 16:28:03 Instalator modułów systemu Windows 31-12-2017 16:37:55 Instalator modułów systemu Windows 31-12-2017 21:40:24 Instalator modułów systemu Windows 31-12-2017 21:43:50 Instalator modułów systemu Windows 31-12-2017 21:45:15 Instalator modułów systemu Windows 31-12-2017 21:47:35 Instalator modułów systemu Windows 31-12-2017 21:50:50 Instalator modułów systemu Windows 31-12-2017 21:55:21 Instalator modułów systemu Windows 31-12-2017 22:05:31 Instalator modułów systemu Windows 31-12-2017 22:07:57 Instalator modułów systemu Windows 31-12-2017 22:10:51 Instalator modułów systemu Windows 31-12-2017 22:13:35 Instalator modułów systemu Windows 31-12-2017 22:47:16 Instalator modułów systemu Windows 31-12-2017 22:59:07 Instalator modułów systemu Windows 31-12-2017 23:11:32 Instalator modułów systemu Windows 31-12-2017 23:15:30 Instalator modułów systemu Windows 31-12-2017 23:25:28 Instalator modułów systemu Windows 31-12-2017 23:29:30 Instalator modułów systemu Windows 31-12-2017 23:33:47 Instalator modułów systemu Windows 31-12-2017 23:45:40 Instalator modułów systemu Windows 31-12-2017 23:51:16 Instalator modułów systemu Windows 01-01-2018 00:48:50 Instalator modułów systemu Windows 02-01-2018 09:21:46 Installed Microsoft Office Word Viewer 2003 02-01-2018 09:30:04 Zainstalowano: Pakiet zgodności dla systemu Office 2007 02-01-2018 12:54:35 Instalator modułów systemu Windows 02-01-2018 15:58:14 Instalator modułów systemu Windows 02-01-2018 16:08:13 Removed Microsoft Office Word Viewer 2003 02-01-2018 16:09:30 Usunięto: Pakiet zgodności dla systemu Office 2007 02-01-2018 17:15:58 Restore Point Created by FRST 02-01-2018 17:31:06 Punkt przywracania utworzony przez HitmanPro ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/02/2018 05:31:06 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {0f88b736-7809-421f-98fc-12067bb7c5bd} Dziennik System: ============= CodeIntegrity: =================================== Date: 2018-01-02 17:22:37.662 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz Procent pamięci w użyciu: 46% Całkowita pamięć fizyczna: 4063.18 MB Dostępna pamięć fizyczna: 2174.22 MB Całkowita pamięć wirtualna: 4767.18 MB Dostępna pamięć wirtualna: 2584.45 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:300.15 GB) (Free:237.69 GB) NTFS Drive e: (BACK-UP) (Fixed) (Total:631.02 GB) (Free:425.11 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A1D8E13E) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=300.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=631 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================