Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:01-12-2015 Uruchomiony przez User (2015-12-03 23:25:59) Run:1 Uruchomiony z C:\Users\User\Desktop\Sprzątanie Załadowane profile: User (Dostępne profile: User) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: Task: {627480FA-715B-4DE3-B89C-FBA8415E2A01} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe Task: {7F799B60-1BEB-483C-9439-52749AB0326C} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe Task: {93B96BCC-977A-4F27-9841-FAC6A15301A9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {D4A39F7E-0478-41C4-8967-67D5BB9FAC76} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {E02B9FA0-0477-474C-98E5-703430587320} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe Task: {F65C3153-712E-43D8-A138-911BC2DFA5B1} - System32\Tasks\DressedMounterV2 => Rundll32.exe AurorasAurate.dll,main 7 1 DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Anti-Theft HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-2310339651-1844684010-2764154791-1001\...\MountPoints2: {bbdf8785-da1a-11e3-8267-00c2c623c8ae} - "G:\vs_ultimate.exe" HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2310339651-1844684010-2764154791-1001 -> {E07D08BF-7418-47F8-B233-D487DA569F48} URL = BHO-x32: Brak nazwy -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Brak pliku FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tvhmtuwk.default\searchplugins\google-lavasoft.xml [2015-12-03] S3 avchv; \SystemRoot\system32\DRIVERS\avchv.sys [X] S3 iscFlash; \??\C:\Windows\Temp\ArchesP10SP10SG_BIOS_V160_WIN\x64\iscflashx64.sys [X] AlternateDataStreams: C:\Users\User\AppData\Local\Temp:5a8drv2HWQR487ig7 AlternateDataStreams: C:\Users\User\AppData\Local\Temporary Internet Files:0pzb5XLxQKZZG1mtKUUdzbKVm7Lr AlternateDataStreams: C:\Users\User\AppData\Local\Temporary Internet Files:xjmHoFgeIzKmsbLL C:\Prefs.js C:\searchplugins C:\Program Files (x86)\Lenovo C:\Program Files (x86)\Mozilla Firefox\plugins C:\ProgramData\Lavasoft C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - toshiba.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMapa C:\Users\User\REACHit C:\Users\User\AppData\Local\ACCCx2_9_1_474.zip.aamdownload C:\Users\User\AppData\Local\ACCCx2_9_1_474.zip.aamdownload.aamd C:\Users\User\AppData\Local\DressedMounter C:\Users\User\AppData\Local\Lenovo C:\Users\User\AppData\Local\Sparta C:\Users\User\Desktop\Free HTML5 Video Player And Converter 5.exe C:\Users\User\Desktop\Niepotwierdzony 663299.crdownload C:\Windows\TempFileCleaner.cmd C:\Windows\system32\LavasoftTcpService64.dll C:\Windows\system32\LavasoftTcpServiceOff.ini C:\Windows\System32\Tasks\Lenovo C:\Windows\System32\Tasks\Norton Anti-Theft C:\Windows\SysWOW64\LavasoftTcpService.dll C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini Reg: reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v "DAEMON Tools Lite" /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v LiveSupport /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v KiesAirMessage /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v "IVONA Reader" /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v VideoDownloaderUltimate /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v TortoiseHgOverlayIconServer /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v SunJavaUpdateSched /f EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{627480FA-715B-4DE3-B89C-FBA8415E2A01}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{627480FA-715B-4DE3-B89C-FBA8415E2A01}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F799B60-1BEB-483C-9439-52749AB0326C}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F799B60-1BEB-483C-9439-52749AB0326C}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Anti-Theft\Norton Error Analyzer" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93B96BCC-977A-4F27-9841-FAC6A15301A9}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93B96BCC-977A-4F27-9841-FAC6A15301A9}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D4A39F7E-0478-41C4-8967-67D5BB9FAC76}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4A39F7E-0478-41C4-8967-67D5BB9FAC76}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\AutoKMS => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E02B9FA0-0477-474C-98E5-703430587320}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E02B9FA0-0477-474C-98E5-703430587320}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Norton Anti-Theft\Norton Error Processor => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Anti-Theft\Norton Error Processor" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F65C3153-712E-43D8-A138-911BC2DFA5B1}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F65C3153-712E-43D8-A138-911BC2DFA5B1}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\DressedMounterV2 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DressedMounterV2" => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Anti-Theft => klucz pomyślnie usunięto HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyślnie usunięto "HKU\S-1-5-21-2310339651-1844684010-2764154791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bbdf8785-da1a-11e3-8267-00c2c623c8ae}" => klucz pomyślnie usunięto HKCR\CLSID\{bbdf8785-da1a-11e3-8267-00c2c623c8ae} => klucz nie znaleziono. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => klucz pomyślnie usunięto HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. "HKU\S-1-5-21-2310339651-1844684010-2764154791-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E07D08BF-7418-47F8-B233-D487DA569F48}" => klucz pomyślnie usunięto HKCR\CLSID\{E07D08BF-7418-47F8-B233-D487DA569F48} => klucz nie znaleziono. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B69F34DD-F0F9-42DC-9EDD-957187DA688D}" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{B69F34DD-F0F9-42DC-9EDD-957187DA688D} => klucz nie znaleziono. C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tvhmtuwk.default\searchplugins\google-lavasoft.xml => pomyślnie przeniesiono avchv => serwis pomyślnie usunięto iscFlash => serwis pomyślnie usunięto C:\Users\User\AppData\Local\Temp => ":5a8drv2HWQR487ig7" ADS pomyślnie usunięto. "C:\Users\User\AppData\Local\Temporary Internet Files" => ":0pzb5XLxQKZZG1mtKUUdzbKVm7Lr" ADS nie znaleziono. "C:\Users\User\AppData\Local\Temporary Internet Files" => ":xjmHoFgeIzKmsbLL" ADS nie znaleziono. C:\Prefs.js => pomyślnie przeniesiono C:\searchplugins => pomyślnie przeniesiono C:\Program Files (x86)\Lenovo => pomyślnie przeniesiono C:\Program Files (x86)\Mozilla Firefox\plugins => pomyślnie przeniesiono C:\ProgramData\Lavasoft => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - toshiba.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMapa => pomyślnie przeniesiono C:\Users\User\REACHit => pomyślnie przeniesiono C:\Users\User\AppData\Local\ACCCx2_9_1_474.zip.aamdownload => pomyślnie przeniesiono C:\Users\User\AppData\Local\ACCCx2_9_1_474.zip.aamdownload.aamd => pomyślnie przeniesiono C:\Users\User\AppData\Local\DressedMounter => pomyślnie przeniesiono C:\Users\User\AppData\Local\Lenovo => pomyślnie przeniesiono C:\Users\User\AppData\Local\Sparta => pomyślnie przeniesiono C:\Users\User\Desktop\Free HTML5 Video Player And Converter 5.exe => pomyślnie przeniesiono C:\Users\User\Desktop\Niepotwierdzony 663299.crdownload => pomyślnie przeniesiono C:\Windows\TempFileCleaner.cmd => pomyślnie przeniesiono C:\Windows\system32\LavasoftTcpService64.dll => pomyślnie przeniesiono C:\Windows\system32\LavasoftTcpServiceOff.ini => pomyślnie przeniesiono C:\Windows\System32\Tasks\Lenovo => pomyślnie przeniesiono C:\Windows\System32\Tasks\Norton Anti-Theft => pomyślnie przeniesiono C:\Windows\SysWOW64\LavasoftTcpService.dll => pomyślnie przeniesiono C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini => pomyślnie przeniesiono ========= reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v "DAEMON Tools Lite" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v LiveSupport /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v KiesAirMessage /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v "IVONA Reader" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v VideoDownloaderUltimate /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v TortoiseHgOverlayIconServer /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v SunJavaUpdateSched /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= EmptyTemp: => 1.4 GB danych tymczasowych Usunięto. System wymagał restartu. ==== Koniec Fixlog 23:27:25 ====