Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 01-11-2019 Uruchomiony przez MICHAL (01-11-2019 18:41:21) Run:4 Uruchomiony z C:\Users\MICHAL\Desktop Załadowane profile: MICHAL (Dostępne profile: MICHAL) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** C:\Users\MICHAL\AppData\Roaming\Python\zm.exe HKU\S-1-5-21-370479639-3369542867-3407148108-1000\...\Run: [Python] => C:\Users\MICHAL\AppData\Roaming\Python\pythonw.exe [96408 2017-12-16] (Python Software Foundation -> Python Software Foundation) <==== UWAGA Task: {AC1F0EB9-CCB4-40E3-8BDD-80C4E4AC1184} - System32\Tasks\{BF15D691-0DE4-4D92-B87B-E7BF833D6375} => C:\Windows\system32\pcalua.exe -a "F:\Gry\The Crew (Russian)\Support\InsHelper.exe" -c CallUplayProtocol Uninstall 507 Task: {CA4C2A00-DC01-4C55-A051-453C9759FA8A} - \MICHAL -> Brak pliku <==== UWAGA Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} S3 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X] S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X] S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X] FirewallRules: [{81F438A4-775B-4BF3-A5B1-C51349D4EE40}] => (Allow) C:\Program Files (x86)\CDP Games\Construction Machines 2016\cms2016.exe Brak pliku FirewallRules: [TCP Query User{7850C4FD-73B0-4819-B18E-B8014C54C236}F:\gry\mafia.iii.2016.pl-voksi\mafia iii\launcher.exe] => (Block) F:\gry\mafia.iii.2016.pl-voksi\mafia iii\launcher.exe Brak pliku FirewallRules: [UDP Query User{930DE612-DF05-4546-BEF4-924D797D07FA}F:\gry\mafia.iii.2016.pl-voksi\mafia iii\launcher.exe] => (Block) F:\gry\mafia.iii.2016.pl-voksi\mafia iii\launcher.exe Brak pliku EmptyTemp: ***************** C:\Users\MICHAL\AppData\Roaming\Python\zm.exe => pomyślnie przeniesiono "HKU\S-1-5-21-370479639-3369542867-3407148108-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Python" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC1F0EB9-CCB4-40E3-8BDD-80C4E4AC1184}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC1F0EB9-CCB4-40E3-8BDD-80C4E4AC1184}" => pomyślnie usunięto C:\Windows\System32\Tasks\{BF15D691-0DE4-4D92-B87B-E7BF833D6375} => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BF15D691-0DE4-4D92-B87B-E7BF833D6375}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CA4C2A00-DC01-4C55-A051-453C9759FA8A}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4C2A00-DC01-4C55-A051-453C9759FA8A}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MICHAL" => nie znaleziono ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= HKLM\System\CurrentControlSet\Services\InstallerService => pomyślnie usunięto InstallerService => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ZAM => pomyślnie usunięto ZAM => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\ZAM_Guard => pomyślnie usunięto ZAM_Guard => serwis pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81F438A4-775B-4BF3-A5B1-C51349D4EE40}" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7850C4FD-73B0-4819-B18E-B8014C54C236}F:\gry\mafia.iii.2016.pl-voksi\mafia iii\launcher.exe" => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{930DE612-DF05-4546-BEF4-924D797D07FA}F:\gry\mafia.iii.2016.pl-voksi\mafia iii\launcher.exe" => pomyślnie usunięto =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18327970 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 0 B Edge => 0 B Chrome => 0 B Firefox => 268132520 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B MICHAL => 1873766 B RecycleBin => 0 B EmptyTemp: => 283 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 18:42:01 ====