Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 27-08-2016
Uruchomiony przez Niedek (27-08-2016 15:52:58) Run:1
Uruchomiony z C:\Users\Niedek\Downloads
Załadowane profile: Niedek (Dostępne profile: Niedek)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
AutoConfigURL: [S-1-5-21-1415306604-3237751945-344847680-1000] => hxxp://stoppblock.org/wpad.dat?0fb1d199775272e1f1a46d2a4877871014318635
ManualProxies: 0hxxp://stoppblock.org/wpad.dat?0fb1d199775272e1f1a46d2a4877871014318635
Task: {155EDC27-D376-434A-B095-15325248626F} - System32\Tasks\{2FE165A3-7112-4170-92E6-CC859AE9D850} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall HOMESTUDENTR /dll OSETUP.DLL
Task: {75F814B2-407E-4779-848E-28A10F08016C} - System32\Tasks\{24948C81-8D65-45AC-B2AB-8CCF2E0328CC} => pcalua.exe -a "E:\SW Episode I Racer\racerdemo.exe" -d "E:\SW Episode I Racer"
Task: {CBA90383-A7B1-4896-A27C-585F7EA2FA2E} - System32\Tasks\{CB5A4E13-905B-48C9-B217-EB0D00B338BD} => pcalua.exe -a "E:\Quake 3\q3test_win32_1_08.exe" -d "E:\Quake 3"
ShortcutWithArgument: C:\Users\Niedek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1471083762&a=1077859&src=sh&uuid=fff4010c-aa8b-4778-a478-4bca8265f4f2"
ShortcutWithArgument: C:\Users\Niedek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1471083762&a=1077859&src=sh&uuid=fff4010c-aa8b-4778-a478-4bca8265f4f2"
ShortcutWithArgument: C:\Users\Niedek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1471083762&a=1077859&src=sh&uuid=fff4010c-aa8b-4778-a478-4bca8265f4f2"
FirewallRules: [TCP Query User{24C5774E-D058-4C05-9151-6F979EBCF82D}C:\users\niedek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\niedek\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A6270709-9DDE-4225-A598-8B6A9659C86B}C:\users\niedek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\niedek\appdata\local\akamai\netsession_win.exe
C:\users\niedek\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{04B984A8-84B6-45F1-B08B-DA8C434EC3EA}C:\users\niedek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\niedek\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7C945C0D-A95A-4DC7-B3E5-37C31C0732F6}C:\users\niedek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\niedek\appdata\local\akamai\netsession_win.exe
FirewallRules: [{34D0A7A1-38C0-495F-A780-D89CC052B6D9}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{631AF5E2-9159-4BDC-B8E7-FBE5F40253E3}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{E7F7D133-8078-43A2-9011-22E285C2D3D5}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{7009C0EA-625A-4F7B-9F25-A33E526510B6}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{B01E20A1-696B-4009-86AD-E0720E03FCDF}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{E331AC87-618B-4A5F-88DB-FCAB1498B11C}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
RemoveDirectory:  C:\ProgramData\gkolapjokpjnemkbbjhppneogpjgjnjk
RemoveDirectory: C:\Program Files (x86)\LuckyBrowse
RemoveDirectory: C:\Program Files (x86)\SrpnFiles
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1415306604-3237751945-344847680-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Niedek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Brak pliku]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [Brak pliku]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Brak pliku]
CHR Extension: (uniosales) - C:\ProgramData\cmiefaccganmhbplkhgapmbkpjhhfpme\ []
CHR Extension: (unisAAles) - C:\ProgramData\gkolapjokpjnemkbbjhppneogpjgjnjk\ []
S2 fc67e7a0; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\DeltaFix\DeltaFix.dll",serv <==== UWAGA
S2 Update BrowseMark; "C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe" [X]
S2 Update NetCrawl; "C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe" [X]
C:\Program Files (x86)\BrowseMark
C:\Program Files (x86)\NetCrawl
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 wolfkr; \??\E:\AeraGames\WolfTeam-PL\avital\wolfk64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
C:\ProgramData\mntemp
C:\ProgramData\eaapqbsg.gfr
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts\Racer Webdemo\Play Racer Webdemo.LNK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts\Racer Webdemo\Uninstall Racer Webdemo.LNK
HOSTS:
EmptyTemp:
*****************

HKU\S-1-5-21-1415306604-3237751945-344847680-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wartość pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{155EDC27-D376-434A-B095-15325248626F}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{155EDC27-D376-434A-B095-15325248626F}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{2FE165A3-7112-4170-92E6-CC859AE9D850} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2FE165A3-7112-4170-92E6-CC859AE9D850}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75F814B2-407E-4779-848E-28A10F08016C}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75F814B2-407E-4779-848E-28A10F08016C}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{24948C81-8D65-45AC-B2AB-8CCF2E0328CC} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{24948C81-8D65-45AC-B2AB-8CCF2E0328CC}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBA90383-A7B1-4896-A27C-585F7EA2FA2E}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBA90383-A7B1-4896-A27C-585F7EA2FA2E}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\{CB5A4E13-905B-48C9-B217-EB0D00B338BD} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CB5A4E13-905B-48C9-B217-EB0D00B338BD}" => klucz pomyślnie usunięto
C:\Users\Niedek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Niedek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyślnie przywrócono
C:\Users\Niedek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{24C5774E-D058-4C05-9151-6F979EBCF82D}C:\users\niedek\appdata\local\akamai\netsession_win.exe => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A6270709-9DDE-4225-A598-8B6A9659C86B}C:\users\niedek\appdata\local\akamai\netsession_win.exe => Wartość pomyślnie usunięto
"C:\users\niedek\appdata\local\akamai\netsession_win.exe" => nie znaleziono.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{04B984A8-84B6-45F1-B08B-DA8C434EC3EA}C:\users\niedek\appdata\local\akamai\netsession_win.exe => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7C945C0D-A95A-4DC7-B3E5-37C31C0732F6}C:\users\niedek\appdata\local\akamai\netsession_win.exe => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{34D0A7A1-38C0-495F-A780-D89CC052B6D9} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{631AF5E2-9159-4BDC-B8E7-FBE5F40253E3} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E7F7D133-8078-43A2-9011-22E285C2D3D5} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7009C0EA-625A-4F7B-9F25-A33E526510B6} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B01E20A1-696B-4009-86AD-E0720E03FCDF} => Wartość pomyślnie usunięto
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E331AC87-618B-4A5F-88DB-FCAB1498B11C} => Wartość pomyślnie usunięto
"C:\ProgramData\gkolapjokpjnemkbbjhppneogpjgjnjk" => pomyślnie usunięto.
"C:\Program Files (x86)\LuckyBrowse" => nie znaleziono.
"C:\Program Files (x86)\SrpnFiles" => nie znaleziono.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyślnie usunięto
HKU\S-1-5-21-1415306604-3237751945-344847680-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Wartość pomyślnie usunięto
"HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto
"HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => klucz pomyślnie usunięto
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0" => klucz pomyślnie usunięto
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => klucz pomyślnie usunięto
C:\ProgramData\cmiefaccganmhbplkhgapmbkpjhhfpme\ => pomyślnie przeniesiono
C:\ProgramData\gkolapjokpjnemkbbjhppneogpjgjnjk\ => nie znaleziono
fc67e7a0 => serwis pomyślnie usunięto
Update BrowseMark => serwis pomyślnie usunięto
Update NetCrawl => serwis pomyślnie usunięto
"C:\Program Files (x86)\BrowseMark" => nie znaleziono.
"C:\Program Files (x86)\NetCrawl" => nie znaleziono.
DrvAgent64 => serwis pomyślnie usunięto
EagleX64 => serwis pomyślnie usunięto
MSICDSetup => serwis pomyślnie usunięto
wolfkr => serwis pomyślnie usunięto
xhunter1 => serwis pomyślnie usunięto
C:\ProgramData\mntemp => pomyślnie przeniesiono
C:\ProgramData\eaapqbsg.gfr => pomyślnie przeniesiono
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts\Racer Webdemo\Play Racer Webdemo.LNK => pomyślnie przeniesiono
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts\Racer Webdemo\Uninstall Racer Webdemo.LNK => pomyślnie przeniesiono
C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono
Hosts pomyślnie przywrócono.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30271505 B
Java, Flash, Steam htmlcache => 119410339 B
Windows/system/drivers => 691049698 B
Edge => 0 B
Chrome => 859172880 B
Firefox => 0 B
Opera => 39654457 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 43324410 B
systemprofile32 => 74796 B
LocalService => 66228 B
NetworkService => 1330252 B
Niedek => 3630138218 B
Maciej => 62431081 B

RecycleBin => 655611104 B
EmptyTemp: => 5.7 GB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 15:54:39 ====