Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:10-01-2015 01 Uruchomiony przez Sokół (2016-01-13 15:37:36) Run:1 Uruchomiony z C:\Users\Sokół\Downloads Załadowane profile: Sokół (Dostępne profile: Sokół) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** HKU\S-1-5-21-352955893-3744871428-3861659463-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\msvtdrjz.exe <===== UWAGA C:\ProgramData\msvtdrjz.exe Task: {6D8F29D4-CD63-4760-A960-379C25E41C5C} - System32\Tasks\{0FF5D997-A47C-4B15-8DCC-51BF614FF68F} => pcalua.exe -a C:\Users\Sokół\Downloads\Hentor-130728-Lilith\Hentor-130728-Lilith\Hentor-130728-Lilith\setup.exe -d C:\Users\Sokół\Downloads\Hentor-130728-Lilith\Hentor-130728-Lilith\Hentor-130728-Lilith HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1426544080&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1426544080&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hppp&ts=1426544092&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hppp&ts=1426544092&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1426544080&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1426544080&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X&q={searchTerms} HKU\S-1-5-21-352955893-3744871428-3861659463-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=dspp&ts=1426544092&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X&q={searchTerms} HKU\S-1-5-21-352955893-3744871428-3861659463-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hppp&ts=1426544092&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X HKU\S-1-5-21-352955893-3744871428-3861659463-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=dspp&ts=1426544092&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X&q={searchTerms} SearchScopes: HKU\S-1-5-21-352955893-3744871428-3861659463-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-352955893-3744871428-3861659463-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-352955893-3744871428-3861659463-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-352955893-3744871428-3861659463-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll => Brak pliku StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://do-search.com/?type=sc&ts=1426544080&from=cor&uid=ST1000DM003-1CH162_Z1D71V9XXXXXZ1D71V9X S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X] EmptyTemp: ***************** HKU\S-1-5-21-352955893-3744871428-3861659463-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Wartość pomyślnie usunięto Nie można przenieść "C:\ProgramData\msvtdrjz.exe" => Zaplanowany do przeniesienia przy restarcie. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D8F29D4-CD63-4760-A960-379C25E41C5C}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D8F29D4-CD63-4760-A960-379C25E41C5C}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{0FF5D997-A47C-4B15-8DCC-51BF614FF68F} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0FF5D997-A47C-4B15-8DCC-51BF614FF68F}" => klucz pomyślnie usunięto HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKU\S-1-5-21-352955893-3744871428-3861659463-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-352955893-3744871428-3861659463-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKU\S-1-5-21-352955893-3744871428-3861659463-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono "HKU\S-1-5-21-352955893-3744871428-3861659463-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => klucz pomyślnie usunięto HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. "HKU\S-1-5-21-352955893-3744871428-3861659463-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. "HKU\S-1-5-21-352955893-3744871428-3861659463-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => klucz pomyślnie usunięto HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => klucz nie znaleziono. "HKU\S-1-5-21-352955893-3744871428-3861659463-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => klucz pomyślnie usunięto HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => klucz nie znaleziono. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => klucz pomyślnie usunięto "HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => klucz pomyślnie usunięto HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono AxtuDrv => serwis pomyślnie usunięto EmptyTemp: => 4.2 GB danych tymczasowych Usunięto. Rezultat przenoszenia plików przy restarcie (Tryb startu: Normal) (Data i godzina: 2016-01-13 15:39:06) C:\ProgramData\msvtdrjz.exe => został pomyślnie przeniesiony ==== Koniec Fixlog 15:39:06 ====