Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 12-06-2017 Uruchomiony przez Patryk (13-06-2017 20:33:49) Run:1 Uruchomiony z C:\Users\Patryk\Downloads Załadowane profile: Patryk (Dostępne profile: Patryk) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-2829311126-617542664-3329239027-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2829311126-617542664-3329239027-1000\...\Policies\Explorer: [NoWindowsUpdate] 1 ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku CMD: type "C:\Program Files (x86)\mozilla firefox\1098902.cfg" FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\1098902.js [2017-06-10] <==== UWAGA (Linkuje do pliku *.cfg) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\1098902.cfg [2017-06-10] <==== UWAGA U3 aswbdisk; Brak ImagePath S3 dbx; system32\DRIVERS\dbx.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] Task: {6B0F5998-B184-4864-996D-743066D343E4} - System32\Tasks\AutoPico Daily Restart => C:\Users\Patryk\AppData\Local\Temp\RarSFX0\AutoPico.exe <==== UWAGA Task: {7CA7EF89-12EB-4EDD-94C7-6FF63C9E5630} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software C:\Windows\System32\Tasks\AVAST Software MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart RemoveProxy: EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyślnie usunięto HKU\S-1-5-21-2829311126-617542664-3329239027-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Wartość pomyślnie usunięto HKU\S-1-5-21-2829311126-617542664-3329239027-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => Wartość pomyślnie usunięto HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => klucz pomyślnie usunięto HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => klucz nie znaleziono. ========= type "C:\Program Files (x86)\mozilla firefox\1098902.cfg" ========= var certdb; try { certdb = Components.classes["@mozilla.org/security/x509certdb;1"].getService(Components.interfaces.nsIX509CertDB2); } catch (e) { certdb = Components.classes["@mozilla.org/security/x509certdb;1"].getService(Components.interfaces.nsIX509CertDB); } cert = 'MIIDMzCCAhugAwIBAgIJAPS11EdgnGopMA0GCSqGSIb3DQEBCwUAMDAxFjAUBgNVBAMMDXdlYnVuc3RvcC5uZXQxFjAUBgNVBAoMDXdlYnVuc3RvcC5uZXQwHhcNMTcwNDI3MTY0MjA2WhcNMjcwNDI1MTY0MjA2WjAwMRYwFAYDVQQDDA13ZWJ1bnN0b3AubmV0MRYwFAYDVQQKDA13ZWJ1bnN0b3AubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2pESayAsOYG9rQiLtMFzhq1zOXvmYE4uPGBz/zULotfg9gJTjvgffw3x+zdRJgDwjikQzsd09isJm2w5qQhFyPxIYMkN7t7FtqAU1j42iPw5fZ4IIXMOLQfrj/NBpe3kMC/CmPNn8pNGpwqt0Um0sbz3PzkK75Pn8XdyUiGSuiWPFcCuW9g3C4LC0BR1UVtJzgjZPqiKbDJynxtSZRL44KxsWAg8ZVWrQhk46K3PS/Gb8bnGm04r1dgGNUtAYWzixwFUxS1Vqo4T69awvIF7bd55VlwhwDd3cKsrBa32jDzJmM8vddrx5+F9H9cq15f48V+OF0LTnMl0aZLD9FfswIDAQABo1AwTjAdBgNVHQ4EFgQUvpxk1vrmWiPaOs0rivUNW+OfLnowHwYDVR0jBBgwFoAUvpxk1vrmWiPaOs0rivUNW+OfLnowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAukWS/t61yD0yvAq+cxR6DeGS6RrilPwpF3w8LDGJEJ8nXKRJb4S6l5Vwis2LIPjdomXJzNKS/OeVd4XSbwydfBqWsuOpGjUXEw6YEu1tbjgtXzOuydmjgIxQr6jdv3loF6/FcWGypHCDBTZqbN8o3TwCnP+hJpvSxlH4Fsq8thYUN31KDHNySaSkRYawQMcsVc1Y0BL+9fGH6PDGwQCm3hY0tRe7i4LWtEciJnZBupE3YGtU3YAu83ycm4qaXfA5Xwe4jfEW0/o4umIRpa/iNYJBmHqSx2ym8f+rFCoLBQONaWVsT5k6kcLEyVpCS+u9FHFbhHm8hx6PSQ3CPKT9Gg=='; certdb.addCertFromBase64(cert, "CT,C,C", ""); ========= Koniec CMD: ========= C:\Program Files (x86)\mozilla firefox\defaults\pref\1098902.js => pomyślnie przeniesiono C:\Program Files (x86)\mozilla firefox\1098902.cfg => pomyślnie przeniesiono HKLM\System\CurrentControlSet\Services\aswbdisk => klucz pomyślnie usunięto aswbdisk => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\dbx => klucz pomyślnie usunięto dbx => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\sptd => klucz pomyślnie usunięto sptd => serwis pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B0F5998-B184-4864-996D-743066D343E4} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B0F5998-B184-4864-996D-743066D343E4} => klucz pomyślnie usunięto C:\Windows\System32\Tasks\AutoPico Daily Restart => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7CA7EF89-12EB-4EDD-94C7-6FF63C9E5630} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CA7EF89-12EB-4EDD-94C7-6FF63C9E5630} => klucz pomyślnie usunięto C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C016366B-7126-46CA-B36B-592A3D95A60B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C016366B-7126-46CA-B36B-592A3D95A60B} => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software => klucz pomyślnie usunięto C:\Windows\System32\Tasks\AVAST Software => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CyberGhost => klucz pomyślnie usunięto ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wartość pomyślnie usunięto HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wartość pomyślnie usunięto HKU\S-1-5-21-2829311126-617542664-3329239027-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wartość pomyślnie usunięto HKU\S-1-5-21-2829311126-617542664-3329239027-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wartość pomyślnie usunięto ========= Koniec RemoveProxy: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10536340 B Java, Flash, Steam htmlcache => 572113745 B Windows/system/drivers => 3868283 B Edge => 0 B Chrome => 0 B Firefox => 398875514 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 35487 B systemprofile32 => 99221 B LocalService => 66228 B NetworkService => 4408 B Patryk => 111667943 B RecycleBin => 485010 B EmptyTemp: => 1 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 20:34:51 ====