Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:07-02-2016 Uruchomiony przez dom (2016-02-11 18:22:20) Run:1 Uruchomiony z C:\Users\dom\Downloads\FRST ZaÅ‚adowane profile: dom (DostÄ™pne profile: dom) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: R1 wafd_1_10_0_18; C:\Windows\System32\drivers\wafd_1_10_0_18.sys [58240 2015-06-04] (WA) S2 wasvc_1.10.0.18; "C:\Program Files (x86)\WordAnchor_1.10.0.18\Service\wasvc.exe" [X] U2 CLKMSVC10_3A60B698; Brak ImagePath U2 CLKMSVC10_C3B3B687; Brak ImagePath U2 DriverService; Brak ImagePath U2 IAStorDataMgrSvc; Brak ImagePath U2 idealife Update Service; Brak ImagePath U3 IGRS; Brak ImagePath U2 IviRegMgr; Brak ImagePath U2 Oasis2Service; Brak ImagePath U2 PCCarerServic; Brak ImagePath U2 ReadyComm.DirectRouter; Brak ImagePath U2 RichVideo; Brak ImagePath U2 SoftwareService; Brak ImagePath S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] U2 Stereo Service; Brak ImagePath Task: {F81DD8F3-27C6-4491-86BD-A1B2CD06C9A5} - System32\Tasks\{F18C6F15-7873-47C8-B290-B385726A7CE4} => pcalua.exe -a C:\Users\dom\Downloads\RegCleaner(dobreprogramy.pl).exe -d C:\Users\dom\Downloads HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-304197070-3302841352-318972171-1001\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min HKU\S-1-5-21-304197070-3302841352-318972171-1001\...\MountPoints2: {5b9438f9-c1a1-11e5-b14c-f0def199c0f3} - E:\iLinker.exe HKU\S-1-5-21-304197070-3302841352-318972171-1001\...\MountPoints2: {b63de6cf-4376-11e5-b646-f0def199c0f3} - E:\SETUP.EXE HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKU\S-1-5-21-304197070-3302841352-318972171-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-01] C:\ProgramData\Microsoft\Windows\GameExplorer\{96C7E72A-7177-4C09-B03F-8F3DFB4AF7E3} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer C:\Users\dom\Desktop\Gry\Grand Theft Auto V.lnk C:\Users\dom\Desktop\Programy\DAEMON Tools Lite.lnk C:\Windows\System32\drivers\wafd_1_10_0_18.sys DeleteKey: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I DeleteKey: HKCU\Software\dobreprogramy DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\iphlpsvc DeleteKey: HKLM\SOFTWARE\Mozilla DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins DeleteKey: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes Reg: reg query HKLM\System\CurrentControlSet\Services\Eaphost\Methods /s CMD: ipconfig /flushdns CMD: netsh advfirewall reset CMD: netsh int ipv4 reset all CMD: netsh int ipv6 reset all CMD: netsh int httpstunnel reset all CMD: netsh int portproxy reset all CMD: netsh int tcp reset all CMD: netsh winsock reset CMD: sc config iphlpsvc start= auto RemoveProxy: EmptyTemp: ***************** Procesy zostaÅ‚y pomyÅ›lnie zamkniÄ™te. Punkt przywracania zostaÅ‚ pomyÅ›lnie utworzony. wafd_1_10_0_18 => Nie można zatrzymać usÅ‚ugi. wafd_1_10_0_18 => serwis pomyÅ›lnie usuniÄ™to wasvc_1.10.0.18 => serwis pomyÅ›lnie usuniÄ™to CLKMSVC10_3A60B698 => serwis pomyÅ›lnie usuniÄ™to CLKMSVC10_C3B3B687 => serwis pomyÅ›lnie usuniÄ™to DriverService => serwis pomyÅ›lnie usuniÄ™to IAStorDataMgrSvc => serwis pomyÅ›lnie usuniÄ™to idealife Update Service => serwis pomyÅ›lnie usuniÄ™to IGRS => serwis pomyÅ›lnie usuniÄ™to IviRegMgr => serwis pomyÅ›lnie usuniÄ™to Oasis2Service => serwis pomyÅ›lnie usuniÄ™to PCCarerServic => serwis pomyÅ›lnie usuniÄ™to ReadyComm.DirectRouter => serwis pomyÅ›lnie usuniÄ™to RichVideo => serwis pomyÅ›lnie usuniÄ™to SoftwareService => serwis pomyÅ›lnie usuniÄ™to sptd => serwis pomyÅ›lnie usuniÄ™to Stereo Service => serwis pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F81DD8F3-27C6-4491-86BD-A1B2CD06C9A5}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F81DD8F3-27C6-4491-86BD-A1B2CD06C9A5}" => klucz pomyÅ›lnie usuniÄ™to C:\windows\System32\Tasks\{F18C6F15-7873-47C8-B290-B385726A7CE4} => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F18C6F15-7873-47C8-B290-B385726A7CE4}" => klucz pomyÅ›lnie usuniÄ™to HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyÅ›lnie usuniÄ™to HKU\S-1-5-21-304197070-3302841352-318972171-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CyberGhost => Wartość pomyÅ›lnie usuniÄ™to "HKU\S-1-5-21-304197070-3302841352-318972171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b9438f9-c1a1-11e5-b14c-f0def199c0f3}" => klucz pomyÅ›lnie usuniÄ™to HKCR\CLSID\{5b9438f9-c1a1-11e5-b14c-f0def199c0f3} => klucz nie znaleziono. "HKU\S-1-5-21-304197070-3302841352-318972171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b63de6cf-4376-11e5-b646-f0def199c0f3}" => klucz pomyÅ›lnie usuniÄ™to HKCR\CLSID\{b63de6cf-4376-11e5-b646-f0def199c0f3} => klucz nie znaleziono. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyÅ›lnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyÅ›lnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyÅ›lnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyÅ›lnie przywrócono "HKU\S-1-5-21-304197070-3302841352-318972171-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => klucz pomyÅ›lnie usuniÄ™to HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => klucz nie znaleziono. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => klucz pomyÅ›lnie usuniÄ™to Nie można przenieść "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Zaplanowany do przeniesienia przy restarcie. C:\ProgramData\Microsoft\Windows\GameExplorer\{96C7E72A-7177-4C09-B03F-8F3DFB4AF7E3} => pomyÅ›lnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas => pomyÅ›lnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer => pomyÅ›lnie przeniesiono C:\Users\dom\Desktop\Gry\Grand Theft Auto V.lnk => pomyÅ›lnie przeniesiono C:\Users\dom\Desktop\Programy\DAEMON Tools Lite.lnk => pomyÅ›lnie przeniesiono C:\Windows\System32\drivers\wafd_1_10_0_18.sys => pomyÅ›lnie przeniesiono HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I => klucz pomyÅ›lnie usuniÄ™to HKCU\Software\dobreprogramy => klucz pomyÅ›lnie usuniÄ™to HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\iphlpsvc => klucz pomyÅ›lnie usuniÄ™to HKLM\SOFTWARE\Mozilla => klucz nie znaleziono. HKLM\SOFTWARE\MozillaPlugins => niepowodzenie przy usuwaniu w pierwszym podejÅ›ciu (ErrorCode: C0000121), zobacz kolejnÄ… liniÄ™. HKLM\SOFTWARE\MozillaPlugins => klucz pomyÅ›lnie usuniÄ™to HKLM\SOFTWARE\Wow6432Node\Mozilla => niepowodzenie przy usuwaniu w pierwszym podejÅ›ciu (ErrorCode: C0000121), zobacz kolejnÄ… liniÄ™. HKLM\SOFTWARE\Wow6432Node\Mozilla => klucz pomyÅ›lnie usuniÄ™to HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => niepowodzenie przy usuwaniu w pierwszym podejÅ›ciu (ErrorCode: C0000121), zobacz kolejnÄ… liniÄ™. HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => klucz pomyÅ›lnie usuniÄ™to HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes => klucz pomyÅ›lnie usuniÄ™to HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes => klucz pomyÅ›lnie usuniÄ™to HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes => klucz pomyÅ›lnie usuniÄ™to ========= reg query HKLM\System\CurrentControlSet\Services\Eaphost\Methods /s ========= HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\311 Name REG_SZ Microsoft HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\311\254 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\311\254\14122 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\311\254\14122\1 PeerFriendlyName REG_SZ Windows Connect Now EAP Peer Properties REG_DWORD 0x848000 PeerInvokeUsernameDialog REG_DWORD 0x0 PeerInvokePasswordDialog REG_DWORD 0x0 PeerRequireConfigUI REG_DWORD 0x1 PeerDllPath REG_EXPAND_SZ %SystemRoot%\System32\WcnEapPeerProxy.dll HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\8086 (domy˜lny) REG_SZ Intel HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\8086\18 PeerIdentityPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll (domy˜lny) REG_SZ Properties REG_DWORD 0x280000 PeerRequireConfigUI REG_DWORD 0x0 PeerDllPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eh_eap_sim.dll PeerInteractiveUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll PeerFriendlyName REG_SZ EAP-SIM PeerInvokePasswordDialog REG_DWORD 0x0 PeerInvokeUsernameDialog REG_DWORD 0x0 PeerConfigUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\8086\21 PeerIdentityPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll PeerConfigUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll PeerRequireConfigUI REG_DWORD 0x0 PeerFriendlyName REG_SZ EAP-TTLS PeerInteractiveUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll PeerDllPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eh_eap_ttls.dll PeerInvokeUsernameDialog REG_DWORD 0x0 PeerInvokePasswordDialog REG_DWORD 0x0 (domy˜lny) REG_SZ Properties REG_DWORD 0x280000 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\8086\23 PeerIdentityPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll PeerInvokeUsernameDialog REG_DWORD 0x0 (domy˜lny) REG_SZ PeerInvokePasswordDialog REG_DWORD 0x0 PeerConfigUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll Properties REG_DWORD 0x280000 PeerDllPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eh_eap_aka.dll PeerRequireConfigUI REG_DWORD 0x0 PeerFriendlyName REG_SZ EAP-AKA PeerInteractiveUIPath REG_EXPAND_SZ C:\Program Files\Intel\WiFi\bin\eapui.dll HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\9 (domy˜lny) REG_EXPAND_SZ Cisco HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\9\17 PeerDllPath REG_EXPAND_SZ C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll PeerFriendlyName REG_SZ @C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll,-117 Properties REG_DWORD 0x32c406e PeerInvokeUsernameDialog REG_DWORD 0x0 PeerInvokePasswordDialog REG_DWORD 0x0 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\9\25 PeerDllPath REG_EXPAND_SZ C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll PeerFriendlyName REG_SZ @C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll,-119 Properties REG_DWORD 0x173cd9ff PeerInvokeUsernameDialog REG_DWORD 0x0 PeerInvokePasswordDialog REG_DWORD 0x0 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\9\43 PeerDllPath REG_EXPAND_SZ C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll PeerFriendlyName REG_SZ @C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll,-30119 Properties REG_DWORD 0x173ef9ff PeerInvokeUsernameDialog REG_DWORD 0x0 PeerInvokePasswordDialog REG_DWORD 0x0 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eaphost\Methods\9\43\UserData ========= Koniec Reg: ========= ========= ipconfig /flushdns ========= Konfiguracja IP systemu Windows Pomy˜lnie opr¢¾niono pami©† podr©czn¥ programu rozpoznawania nazw DNS. ========= Koniec CMD: ========= ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= ========= netsh int ipv4 reset all ========= Resetowanie Interfejs - OK! Do ukoäczenia tej akcji wymagane jest ponowne uruchomienie komputera. ========= Koniec CMD: ========= ========= netsh int ipv6 reset all ========= Brak ustawieä okre˜lonych przez u¾ytkownika do zresetowania. ========= Koniec CMD: ========= ========= netsh int httpstunnel reset all ========= ========= Koniec CMD: ========= ========= netsh int portproxy reset all ========= ========= Koniec CMD: ========= ========= netsh int tcp reset all ========= Resetowanie wszystkich parametr¢w TCP powiodˆo si©! Ok. ========= Koniec CMD: ========= ========= netsh winsock reset ========= Pomy˜lnie zresetowano Winsock Catalog. Musisz ponownie uruchomi† komputer, aby ukoäczy† resetowanie. ========= Koniec CMD: ========= ========= sc config iphlpsvc start= auto ========= [SC] ChangeServiceConfig SUKCES ========= Koniec CMD: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wartość pomyÅ›lnie usuniÄ™to HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wartość pomyÅ›lnie usuniÄ™to HKU\S-1-5-21-304197070-3302841352-318972171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wartość pomyÅ›lnie usuniÄ™to HKU\S-1-5-21-304197070-3302841352-318972171-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wartość pomyÅ›lnie usuniÄ™to ========= Koniec RemoveProxy: ========= EmptyTemp: => 399.1 MB danych tymczasowych UsuniÄ™to. Rezultat przenoszenia plików przy restarcie (Tryb startu: Normal) (Data i godzina: 2016-02-11 18:31:37) "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Nie można przenieść ==== Koniec Fixlog 18:31:37 ====