Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 10-10-2017
Uruchomiony przez Kamil Kowalczyk (10-10-2017 18:28:10) Run:1
Uruchomiony z C:\Users\Kamil Kowalczyk\Desktop
Załadowane profile: Kamil Kowalczyk (Dostępne profile: Kamil Kowalczyk)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM\...\Winlogon: [Userinit] C:\Users\Kamil Kowalczyk\AppData\Local\Kometa\StartButton\kometastartvx64.exe,C:\windows\system32\userinit.exe,
HKU\S-1-5-21-696178943-1244779741-494401308-1001\...\Run: [cqdbtbuhke] => explorer "hxxp://khovymush.ru/?utm_source=uoua03&utm_content=295e913c7eb43d006191a7eeee61c5ce&utm_term=D8E957798745964B948E3505AF0E8E8A&utm_d=20170321" <==== UWAGA
HKU\S-1-5-21-696178943-1244779741-494401308-1001\...\Run: [Java x86 applicate] => C:\Users\Kamil Kowalczyk\AppData\Roaming\Java\x86-64bits Windows\Config-DefaultMain\SysUtils SDK v2.49\svhcost.exe [ ] ()
HKU\S-1-5-21-696178943-1244779741-494401308-1001\...\RunOnce: [Flash Inc.] => C:\Users\Kamil Kowalczyk\AppData\Roaming\Adobe\syssl.exe [509952 2017-10-03] ()
C:\Users\Kamil Kowalczyk\AppData\Roaming\Java
C:\Users\Kamil Kowalczyk\AppData\Local\Kometa
C:\Users\Kamil Kowalczyk\AppData\Roaming\Adobe\syssl.exe
ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Brak pliku)
GroupPolicy: Ograniczenia <==== UWAGA
GroupPolicy\User: Ograniczenia <==== UWAGA
HKU\S-1-5-21-696178943-1244779741-494401308-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-696178943-1244779741-494401308-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-696178943-1244779741-494401308-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
C:\ProgramData\Microsoft\Windows\GameExplorer\{E48C0AD5-44D5-40E4-979C-F5EC3239172A}\PlayTasks\0\Play.lnk 
C:\Users\Kamil Kowalczyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk
DeleteKey: HKCU\Software\Google
DeleteKey: HKCU\SOFTWARE\Google
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google
VirusTotal: C:\Users\Kamil Kowalczyk\AppData\Roaming\Java\x86-64bits Windows\Config-DefaultMain\SysUtils SDK v2.49\svhcost.exe
VirusTotal: C:\Users\Kamil Kowalczyk\AppData\Local\Kometa\StartButton\kometastartvx64.exe
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a "C:\Program Files\Common Files\System"
CMD: dir /a "C:\Program Files (x86)\Common Files\System"
CMD: dir /a C:\ProgramData
CMD: dir /a C:\Users\Kamil Kowalczyk\AppData\Local
CMD: dir /a C:\Users\Kamil Kowalczyk\AppData\LocalLow
CMD: dir /a C:\Users\Kamil Kowalczyk\AppData\Roaming
CMD: netsh advfirewall reset 
Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
EmptyTemp:̩
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Wartość pomyślnie przywrócono
HKU\S-1-5-21-696178943-1244779741-494401308-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cqdbtbuhke => Wartość pomyślnie usunięto
HKU\S-1-5-21-696178943-1244779741-494401308-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Java x86 applicate => Wartość pomyślnie usunięto
HKU\S-1-5-21-696178943-1244779741-494401308-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Flash Inc. => Wartość pomyślnie usunięto
C:\Users\Kamil Kowalczyk\AppData\Roaming\Java => pomyślnie przeniesiono
"C:\Users\Kamil Kowalczyk\AppData\Local\Kometa" => nie znaleziono.
C:\Users\Kamil Kowalczyk\AppData\Roaming\Adobe\syssl.exe => pomyślnie przeniesiono
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE => nie znaleziono.
C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono
C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => pomyślnie przeniesiono
C:\WINDOWS\system32\GroupPolicy\User => pomyślnie przeniesiono
HKU\S-1-5-21-696178943-1244779741-494401308-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-696178943-1244779741-494401308-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto
HKU\S-1-5-21-696178943-1244779741-494401308-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz pomyślnie usunięto
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. 
HKLM\System\CurrentControlSet\Services\ibtsiva => klucz pomyślnie usunięto
ibtsiva => serwis pomyślnie usunięto
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => klucz pomyślnie usunięto
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => klucz nie znaleziono. 
C:\ProgramData\Microsoft\Windows\GameExplorer\{E48C0AD5-44D5-40E4-979C-F5EC3239172A}\PlayTasks\0\Play.lnk => pomyślnie przeniesiono
C:\Users\Kamil Kowalczyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk => pomyślnie przeniesiono
HKCU\Software\Google => klucz pomyślnie usunięto
HKCU\SOFTWARE\Google => klucz nie znaleziono. 
HKLM\SOFTWARE\Wow6432Node\Google => klucz pomyślnie usunięto
VirusTotal: C:\Users\Kamil Kowalczyk\AppData\Roaming\Java\x86-64bits Windows\Config-DefaultMain\SysUtils SDK v2.49\svhcost.exe => nie znaleziono
VirusTotal: C:\Users\Kamil Kowalczyk\AppData\Local\Kometa\StartButton\kometastartvx64.exe => nie znaleziono

========= dir /a "C:\Program Files" =========

 Volume in drive C is OS
 Volume Serial Number is 1641-DF7F

 Directory of C:\Program Files

03.10.2017  23:51    <DIR>          .
03.10.2017  23:51    <DIR>          ..
10.03.2017  17:37    <DIR>          Adobe
29.07.2017  18:12    <DIR>          Common Files
29.07.2017  18:12    <DIR>          CONEXANT
23.06.2017  15:10    <DIR>          DAEMON Tools Lite
18.03.2017  23:01               174 desktop.ini
11.01.2017  16:04    <DIR>          DIFX
10.03.2017  17:56    <DIR>          Google
29.07.2017  18:12    <DIR>          Intel
13.09.2017  01:09    <DIR>          Internet Explorer
18.09.2017  15:55    <DIR>          Microsoft Office
14.03.2017  21:50    <DIR>          MPC-HC
29.07.2017  19:02    <DIR>          MSBuild
29.07.2017  19:02    <DIR>          Reference Assemblies
10.03.2017  15:18    <DIR>          Uninstall Information
29.06.2017  23:19    <DIR>          UNP
11.07.2017  07:47    <DIR>          Windows Defender
13.09.2017  01:09    <DIR>          Windows Mail
20.03.2017  06:00    <DIR>          Windows Media Player
18.03.2017  23:03    <DIR>          Windows Multimedia Platform
29.07.2017  18:18    <DIR>          Windows NT
13.09.2017  01:09    <DIR>          Windows Photo Viewer
18.03.2017  23:03    <DIR>          Windows Portable Devices
18.03.2017  23:03    <DIR>          Windows Security
18.03.2017  23:03    <DIR>          Windows Sidebar
10.10.2017  13:46    <DIR>          WindowsApps
18.03.2017  23:03    <DIR>          WindowsPowerShell
               1 File(s)            174 bytes
              27 Dir(s)  133˙129˙285˙632 bytes free

========= Koniec  CMD: =========


========= dir /a "C:\Program Files (x86)" =========

 Volume in drive C is OS
 Volume Serial Number is 1641-DF7F

 Directory of C:\Program Files (x86)

29.09.2017  08:50    <DIR>          .
29.09.2017  08:50    <DIR>          ..
01.07.2017  18:23    <DIR>          2K Games
16.05.2017  17:46    <DIR>          Ad Muncher
28.04.2017  17:56    <DIR>          Adobe
01.07.2017  17:36    <DIR>          AGEIA Technologies
11.01.2017  16:03    <DIR>          AmUStor
16.09.2017  11:52    <DIR>          Armagetron Advanced
14.03.2017  16:28    <DIR>          ASUS
18.09.2017  15:56    <DIR>          Common Files
18.03.2017  23:01               174 desktop.ini
30.03.2017  12:59    <DIR>          Dropbox
16.09.2017  12:20    <DIR>          EA GAMES
11.01.2017  16:16    <DIR>          FarStone
10.03.2017  17:56    <DIR>          Google
11.01.2017  16:09    <DIR>          ICEpower
28.09.2017  21:54    <DIR>          InstallShield Installation Information
29.07.2017  18:12    <DIR>          Intel
13.09.2017  01:09    <DIR>          Internet Explorer
29.09.2017  08:50    <DIR>          KASHU
18.09.2017  15:55    <DIR>          Microsoft Analysis Services
18.09.2017  16:25    <DIR>          Microsoft Office
07.05.2017  18:58    <DIR>          Microsoft OneDrive
18.09.2017  16:25    <DIR>          Microsoft Visual Studio 8
18.09.2017  15:55    <DIR>          Microsoft.NET
18.09.2017  23:16    <DIR>          Mount Blade Warband
07.10.2017  12:52    <DIR>          Mozilla Firefox
23.06.2017  19:15    <DIR>          Mr DJ
29.07.2017  19:02    <DIR>          MSBuild
13.03.2017  08:43    <DIR>          NapiProjekt
01.07.2017  17:36    <DIR>          NVIDIA Corporation
14.09.2017  16:48    <DIR>          OpenAL
07.05.2017  21:51    <DIR>          OpenOffice 4
03.09.2017  12:29    <DIR>          PLAY INTERNET
27.09.2017  21:39    <DIR>          R.G. Mechanics
11.01.2017  16:03    <DIR>          Realtek
29.07.2017  19:02    <DIR>          Reference Assemblies
23.06.2017  15:12    <DIR>          Steam
03.04.2016  06:42    <DIR>          TeamViewer
27.09.2017  21:21    <DIR>          Ubisoft
11.07.2017  07:47    <DIR>          Windows Defender
13.09.2017  01:09    <DIR>          Windows Mail
20.03.2017  06:00    <DIR>          Windows Media Player
18.03.2017  23:03    <DIR>          Windows Multimedia Platform
18.03.2017  23:03    <DIR>          Windows NT
13.09.2017  01:09    <DIR>          Windows Photo Viewer
18.03.2017  23:03    <DIR>          Windows Portable Devices
18.03.2017  23:03    <DIR>          Windows Sidebar
18.03.2017  23:03    <DIR>          WindowsPowerShell
21.03.2017  14:05    <DIR>          WinRAR
               1 File(s)            174 bytes
              49 Dir(s)  133˙129˙285˙632 bytes free

========= Koniec  CMD: =========


========= dir /a "C:\Program Files\Common Files\System" =========

 Volume in drive C is OS
 Volume Serial Number is 1641-DF7F

 Directory of C:\Program Files\Common Files\System

20.03.2017  05:59    <DIR>          .
20.03.2017  05:59    <DIR>          ..
11.07.2017  07:47    <DIR>          ado
18.03.2017  22:59            32˙768 DirectDB.dll
20.03.2017  05:59    <DIR>          en-US
20.03.2017  05:59    <DIR>          msadc
20.03.2017  05:59    <DIR>          Ole DB
20.03.2017  05:59    <DIR>          pl-PL
18.03.2017  22:57           854˙528 wab32.dll
18.03.2017  22:57           964˙096 wab32res.dll
               3 File(s)      1˙851˙392 bytes
               7 Dir(s)  133˙129˙285˙632 bytes free

========= Koniec  CMD: =========


========= dir /a "C:\Program Files (x86)\Common Files\System" =========

 Volume in drive C is OS
 Volume Serial Number is 1641-DF7F

 Directory of C:\Program Files (x86)\Common Files\System

18.09.2017  16:25    <DIR>          .
18.09.2017  16:25    <DIR>          ..
11.07.2017  07:47    <DIR>          ado
18.03.2017  22:59            27˙648 DirectDB.dll
20.03.2017  05:59    <DIR>          en-US
20.03.2017  05:59    <DIR>          msadc
18.09.2017  16:25    <DIR>          MSMAPI
18.09.2017  15:56    <DIR>          Ole DB
20.03.2017  05:59    <DIR>          pl-PL
18.03.2017  22:58           741˙888 wab32.dll
18.03.2017  22:58           964˙096 wab32res.dll
               3 File(s)      1˙733˙632 bytes
               8 Dir(s)  133˙129˙285˙632 bytes free

========= Koniec  CMD: =========


========= dir /a C:\ProgramData =========

 Volume in drive C is OS
 Volume Serial Number is 1641-DF7F

 Directory of C:\ProgramData

18.09.2017  15:55    <DIR>          .
18.09.2017  15:55    <DIR>          ..
16.05.2017  17:46    <DIR>          Ad Muncher
28.04.2017  17:58    <DIR>          Adobe
11.01.2017  16:03    <DIR>          AmUStor
10.03.2017  15:28    <DIR>          APRP
01.08.2017  23:01    <DIR>          Armagetron
03.04.2016  06:33    <DIR>          ASUS WebStorage
16.07.2016  13:47    <DIR>          Comms
11.01.2017  15:58    <DIR>          Conexant
10.03.2017  16:05    <DIR>          CyberLink
23.06.2017  15:10    <DIR>          DAEMON Tools Lite
10.03.2017  15:25    <JUNCTION>     Dane aplikacji [C:\ProgramData]
03.09.2017  12:29    <DIR>          DatacardService
23.06.2017  18:30    <DIR>          Dishonored 2
10.03.2017  15:25    <JUNCTION>     Dokumenty [C:\Users\Public\Documents]
03.04.2016  06:35    <DIR>          Dropbox
11.01.2017  16:16    <DIR>          FarStone
11.03.2017  11:13    <DIR>          GOG.com
10.03.2017  19:47    <DIR>          Google
11.01.2017  16:21    <DIR>          install_clap
08.04.2017  16:31    <DIR>          Intel
03.04.2016  06:35    <DIR>          Kingsoft
07.05.2017  19:09    <DIR>          KMSAuto
09.06.2017  20:16    <DIR>          McAfee
10.03.2017  15:25    <JUNCTION>     Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
18.09.2017  15:55    <DIR>          Microsoft
18.09.2017  16:25    <DIR>          Microsoft Help
29.07.2017  18:19    <DIR>          Microsoft OneDrive
03.10.2017  23:47    <DIR>          Package Cache
03.09.2017  12:29    <DIR>          PLAY INTERNET
10.03.2017  15:25    <JUNCTION>     Pulpit [C:\Users\Public\Desktop]
29.07.2017  18:14    <DIR>          regid.1986-12.com.adobe
18.09.2017  15:47    <DIR>          regid.1991-06.com.microsoft
11.01.2017  16:01    <DIR>          Roaming
18.03.2017  23:03    <DIR>          SoftwareDistribution
20.08.2017  13:44    <DIR>          Steam
10.03.2017  15:25    <JUNCTION>     Szablony [C:\ProgramData\Microsoft\Windows\Templates]
11.01.2017  16:22    <DIR>          Temp
10.03.2017  15:20    <DIR>          UIU
10.03.2017  14:30    <DIR>          USBChargerPlus
29.07.2017  18:18    <DIR>          USOPrivate
29.07.2017  18:18    <DIR>          USOShared
03.04.2016  06:33    <DIR>          WebStorage
10.03.2017  16:08    <DIR>          WildTangent
20.03.2017  06:01    <DIR>          WindowsHolographicDevices
               0 File(s)              0 bytes
              46 Dir(s)  133˙129˙281˙536 bytes free

========= Koniec  CMD: =========


========= dir /a C:\Users\Kamil Kowalczyk\AppData\Local =========

System nie moľe odnale«† okrelonej cieľki.

========= Koniec  CMD: =========


========= dir /a C:\Users\Kamil Kowalczyk\AppData\LocalLow =========

System nie moľe odnale«† okrelonej cieľki.

========= Koniec  CMD: =========


========= dir /a C:\Users\Kamil Kowalczyk\AppData\Roaming =========

System nie moľe odnale«† okrelonej cieľki.

========= Koniec  CMD: =========


========= netsh advfirewall reset =========

Ok.


========= Koniec  CMD: =========


========= wevtutil el | Foreach-Object {wevtutil cl "$_"} =========


========= Koniec  Powershell: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8675328 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 98984828 B
Java, Flash, Steam htmlcache => 896 B
Windows/system/drivers => 9444193 B
Edge => 28220665 B
Chrome => 0 B
Firefox => 407093582 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 31232 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 428922 B
Kamil Kowalczyk => 324205807 B

RecycleBin => 13790873 B
EmptyTemp: => 849.6 MB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 18:29:10 ====