Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 26-12-2017 Uruchomiony przez Magdalena (30-12-2017 10:12:47) Run:1 Uruchomiony z G:\Pobrane z Chrome Załadowane profile: Magdalena (Dostępne profile: Magdalena) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Brak pliku ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Brak pliku <==== UWAGA Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Brak pliku <==== UWAGA Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Brak pliku <==== UWAGA Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Brak pliku <==== UWAGA Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Brak pliku <==== UWAGA Task: {13121896-BB29-4710-89F2-E24B6FF15385} - System32\Tasks\{7DD6FF9E-93F9-ABC2-BDF2-3A2558B5AC47} => C:\Users\MAGDAL~1\AppData\Roaming\{7DD6F~1\SYNHEL~1 [Argument = /Check] <==== UWAGA Task: C:\Windows\Tasks\{7DD6FF9E-93F9-ABC2-BDF2-3A2558B5AC47}.job => C:\Users\MAGDAL~1\AppData\Roaming\{7DD6F~1\SYNHEL~1/CheckMadzia\Magdalena0֠< <==== UWAGA Task: {89505FB3-D403-4D9B-9141-37BAF572E843} - System32\Tasks\MagdalenaParsleyNoncombatantsV2 => rundll32.exe EroticizeBrooked.dll,main 7 1 <==== UWAGA Task: {8F4A782E-6C9E-49E5-90C0-3819C6D30371} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2017-12-28] () C:\Windows\AutoKMS C:\Users\MAGDAL~1\AppData\Roaming\{7DD6F~1 HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk C:\Users\Magdalena\AppData\Roaming\Microsoft\Word\Notatki%20na%20kolokwium%202305694770191935699\Notatki%20na%20kolokwium%202.docx.lnk C:\Users\Magdalena\AppData\Roaming\Microsoft\Windows\SendTo\Android (ALLPlayer Pilot).lnk C:\Users\Magdalena\AppData\Roaming\Microsoft\PowerPoint\Moje-Hobby-Paznokcie-hybrydowe305689102831473957\Moje-Hobby-Paznokcie-hybrydowe.pptx.lnk C:\Users\Magdalena.Madzia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Luxmed DICOM Viewer\Odinstaluj.lnk C:\Users\Magdalena.Madzia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Luxmed DICOM Viewer\RTG-zdjecia.lnk C:\Users\Magdalena.Madzia\AppData\Local\Adobe Photoshop CS6\local\modified\@DESKTOP@\Adobe Photoshop CS6.lnk Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => klucz nie znaleziono "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => klucz nie znaleziono "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => klucz nie znaleziono "HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => klucz nie znaleziono "HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => klucz nie znaleziono "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => pomyślnie usunięto HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => klucz nie znaleziono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D8A891D-890C-4808-84D8-2F436AB14653} => niepowodzenie przy usuwaniu klucz. ErrorCode1: 0x00000002 "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D8A891D-890C-4808-84D8-2F436AB14653}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Maintenance Configurator" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1687544D-7247-4F5A-965A-A6E920E55278}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1687544D-7247-4F5A-965A-A6E920E55278}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Manual Maintenance" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Idle Maintenance" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Regular Maintenance" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13121896-BB29-4710-89F2-E24B6FF15385}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13121896-BB29-4710-89F2-E24B6FF15385}" => pomyślnie usunięto C:\Windows\System32\Tasks\{7DD6FF9E-93F9-ABC2-BDF2-3A2558B5AC47} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7DD6FF9E-93F9-ABC2-BDF2-3A2558B5AC47}" => pomyślnie usunięto C:\Windows\Tasks\{7DD6FF9E-93F9-ABC2-BDF2-3A2558B5AC47}.job => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{89505FB3-D403-4D9B-9141-37BAF572E843}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89505FB3-D403-4D9B-9141-37BAF572E843}" => pomyślnie usunięto C:\Windows\System32\Tasks\MagdalenaParsleyNoncombatantsV2 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MagdalenaParsleyNoncombatantsV2" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8F4A782E-6C9E-49E5-90C0-3819C6D30371}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F4A782E-6C9E-49E5-90C0-3819C6D30371}" => pomyślnie usunięto C:\Windows\System32\Tasks\AutoKMS => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => pomyślnie usunięto C:\Windows\AutoKMS => pomyślnie przeniesiono C:\Users\MAGDAL~1\AppData\Roaming\{7DD6F~1 => pomyślnie przeniesiono "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => nie znaleziono "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\McAfee Security Scan Plus.lnk" => pomyślnie usunięto C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk => pomyślnie przeniesiono C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk => pomyślnie przeniesiono C:\Users\Administrator\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk => pomyślnie przeniesiono C:\Users\Magdalena\AppData\Roaming\Microsoft\Word\Notatki%20na%20kolokwium%202305694770191935699\Notatki%20na%20kolokwium%202.docx.lnk => pomyślnie przeniesiono C:\Users\Magdalena\AppData\Roaming\Microsoft\Windows\SendTo\Android (ALLPlayer Pilot).lnk => pomyślnie przeniesiono C:\Users\Magdalena\AppData\Roaming\Microsoft\PowerPoint\Moje-Hobby-Paznokcie-hybrydowe305689102831473957\Moje-Hobby-Paznokcie-hybrydowe.pptx.lnk => pomyślnie przeniesiono C:\Users\Magdalena.Madzia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Luxmed DICOM Viewer\Odinstaluj.lnk => pomyślnie przeniesiono C:\Users\Magdalena.Madzia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Luxmed DICOM Viewer\RTG-zdjecia.lnk => pomyślnie przeniesiono C:\Users\Magdalena.Madzia\AppData\Local\Adobe Photoshop CS6\local\modified\@DESKTOP@\Adobe Photoshop CS6.lnk => pomyślnie przeniesiono ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38238145 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 59411 B Edge => 0 B Chrome => 337050520 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 236336 B systemprofile32 => 128 B LocalService => 0 B NetworkService => -656 B Magdalena.Madzia => 16909724 B Magdalena => 19356658 B RecycleBin => 0 B EmptyTemp: => 400.8 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 10:18:28 ====