Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:21-10-2015 01 Uruchomiony przez Szelma (2015-10-23 19:18:20) Run:1 Uruchomiony z C:\Users\Szelma\Desktop Załadowane profile: Szelma (Dostępne profile: Szelma) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: HKLM\...\Policies\Explorer\Run: [1071341723] => C:\ProgramData\msubmb.exe [83999872 2010-11-21] () HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-3341007479-885208892-836665845-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3341007479-885208892-836665845-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Toolbar: HKU\S-1-5-21-3341007479-885208892-836665845-1000 -> Brak nazwy - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Brak pliku FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [Brak pliku] FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [Brak pliku] S2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz136; \??\C:\Users\Szelma\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] Task: {0138F2B6-291F-4D0C-A9B8-E302400240CB} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe Task: {24A2F5B5-EF3C-4AB2-B226-C3359A346C43} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3341007479-885208892-836665845-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe Task: {33487B79-A38E-4794-AD73-7D31CF3AD29C} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe Task: {37A04020-E950-4DDF-A3F8-8FBC6D252275} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3341007479-885208892-836665845-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe C:\ProgramData\msubmb.exe C:\ProgramData\TEMP C:\ProgramData\Microsoft\Windows\GameExplorer\{DC1521F1-D081-473F-B0E6-0DEFCB6BF881} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Borderlands The Pre-Sequel.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks C:\Users\Szelma\AppData\Local\{34CCC3B6-8D74-4CCA-8E76-A4D56E10857E} C:\Users\Szelma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ Borderlands The Pre-Sequel.lnk C:\Users\Szelma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiosurf 2 1.0.0.2 C:\Users\Szelma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\age.lnk C:\Users\Szelma\Desktop\studia\Razer Game Booster.lnk C:\Users\Szelma\Desktop\Wszystko (2)\Audiosurf 2.lnk C:\Users\Szelma\Desktop\Wszystko (2)\Mount&Blade Warband.lnk C:\Users\Szelma\Favorites\GG dysk.lnk C:\Windows\pss\Stardock ObjectDock.lnk.Startup C:\Windows\SysWOW64\regsvr32.exe.log H:\Removable Drive (4GB).lnk CMD: attrib /d /s -s -h H:\* Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Szelma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Andy" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InstallerLauncher" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Privatefirewall" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RazerGameBooster" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SlimCleaner Plus" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Błąd: (0) Nie udało się utworzyć punktu przywracania. HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1071341723 => Wartość pomyślnie usunięto "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => klucz pomyślnie usunięto "HKU\S-1-5-21-3341007479-885208892-836665845-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => klucz pomyślnie usunięto HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-3341007479-885208892-836665845-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-3341007479-885208892-836665845-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => Wartość pomyślnie usunięto HKCR\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => klucz nie znaleziono. "HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10" => klucz pomyślnie usunięto "HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10" => klucz pomyślnie usunięto PanService => serwis pomyślnie usunięto catchme => serwis pomyślnie usunięto cpuz136 => serwis pomyślnie usunięto EagleX64 => serwis pomyślnie usunięto nvvad_WaveExtensible => serwis pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0138F2B6-291F-4D0C-A9B8-E302400240CB}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0138F2B6-291F-4D0C-A9B8-E302400240CB}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TabletPC\InputPersonalization" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24A2F5B5-EF3C-4AB2-B226-C3359A346C43}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24A2F5B5-EF3C-4AB2-B226-C3359A346C43}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3341007479-885208892-836665845-1000 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3341007479-885208892-836665845-1000" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33487B79-A38E-4794-AD73-7D31CF3AD29C}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33487B79-A38E-4794-AD73-7D31CF3AD29C}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\RealDownloader Update Check => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloader Update Check" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37A04020-E950-4DDF-A3F8-8FBC6D252275}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37A04020-E950-4DDF-A3F8-8FBC6D252275}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3341007479-885208892-836665845-1000 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3341007479-885208892-836665845-1000" => klucz pomyślnie usunięto C:\ProgramData\msubmb.exe => pomyślnie przeniesiono C:\ProgramData\TEMP => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\GameExplorer\{DC1521F1-D081-473F-B0E6-0DEFCB6BF881} => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Borderlands The Pre-Sequel.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks => pomyślnie przeniesiono C:\Users\Szelma\AppData\Local\{34CCC3B6-8D74-4CCA-8E76-A4D56E10857E} => pomyślnie przeniesiono C:\Users\Szelma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ Borderlands The Pre-Sequel.lnk => pomyślnie przeniesiono C:\Users\Szelma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiosurf 2 1.0.0.2 => pomyślnie przeniesiono C:\Users\Szelma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\age.lnk => pomyślnie przeniesiono C:\Users\Szelma\Desktop\studia\Razer Game Booster.lnk => pomyślnie przeniesiono C:\Users\Szelma\Desktop\Wszystko (2)\Audiosurf 2.lnk => pomyślnie przeniesiono C:\Users\Szelma\Desktop\Wszystko (2)\Mount&Blade Warband.lnk => pomyślnie przeniesiono C:\Users\Szelma\Favorites\GG dysk.lnk => pomyślnie przeniesiono C:\Windows\pss\Stardock ObjectDock.lnk.Startup => pomyślnie przeniesiono C:\Windows\SysWOW64\regsvr32.exe.log => pomyślnie przeniesiono H:\Removable Drive (4GB).lnk => pomyślnie przeniesiono ========= attrib /d /s -s -h H:\* ========= ========= Koniec CMD: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Szelma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Andy" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InstallerLauncher" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Privatefirewall" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RazerGameBooster" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SlimCleaner Plus" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= EmptyTemp: => 862.5 MB danych tymczasowych Usunięto. System wymagał restartu. ==== Koniec Fixlog 19:29:02 ====