Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 28-09-2016 Uruchomiony przez Karol (01-10-2016 17:27:08) Run:3 Uruchomiony z F:\Programy instalacyjne\Antywirusy Załadowane profile: Karol (Dostępne profile: Karol) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: HKU\S-1-5-21-2154850424-1150076514-2689900897-1000\...\Run: [SysinfY2X] => C:\WINDOWS\system32\cmd.exe /c start wscript /e:VBScript.Encode %temp%\SysinfY2X.db HKU\S-1-5-21-2154850424-1150076514-2689900897-1000\...\Policies\Explorer: [] HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-2154850424-1150076514-2689900897-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA DeleteKey: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main HKU\S-1-5-21-2154850424-1150076514-2689900897-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla\Thunderbird Task: {25BBDA8D-C74D-486C-95B0-BDDE285CB0AA} - System32\Tasks\{E7EFB6B2-B613-4374-91A5-AE0F8DE7F5B0} => pcalua.exe -a "F:\Instalki do gier\Gothic\gothic1_playerkit108k\gothic1_playerkit-1.08k\gothic1_playerkit-1.08k.exe" -d "F:\Instalki do gier\Gothic\gothic1_playerkit108k\gothic1_playerkit-1.08k" Task: {5632745C-3716-4DBB-906B-EBBD1E1273D0} - System32\Tasks\{BF03AFC3-95E7-4133-87D0-7EEFF4C6A1D3} => pcalua.exe -a "F:\Instalki do gier\Mount&Blade Fire and Sword +MULTIPLAYER by iMortaluz\DirectX - install if the game doesn't work.exe" -d "F:\Instalki do gier\Mount&Blade Fire and Sword +MULTIPLAYER by iMortaluz" Task: {5F1D028C-2B6A-4656-B777-5B78939C1108} - System32\Tasks\{A1BB2123-6A4F-488E-9384-ABD5C6C0739B} => pcalua.exe -a "F:\Programy instalacyjne\Huawei sterowniki\64280_slate-driver-s1082-win7-wwan3.5g-2.0.6.718\slate-driver-s1082-win7-wwan(3.5g)-2.0.6.718\DriverSetup.exe" -d "F:\Programy instalacyjne\Huawei sterowniki\64280_slate-driver-s1082-win7-wwan3.5g-2.0.6.718\slate-driver-s1082-win7-wwan(3.5g)-2.0.6.718" Task: {9C164DEE-2A4B-42CC-B60D-D7139F347519} - System32\Tasks\{56F32D16-EAA8-4BFA-9EA2-0766728E5FDD} => pcalua.exe -a "F:\Wonder pliki\Setup.exe" -d "F:\Wonder pliki" Task: {B1334EE1-7936-495D-84E5-E9FA60826902} - System32\Tasks\{23003EB3-106F-4E9C-8DB4-40B56E653C87} => pcalua.exe -a "F:\Programy instalacyjne\Sterowniki\sp65178 Sterownik oprogramowania Ralink Bluetooth.exe" -d "F:\Programy instalacyjne\Sterowniki" Task: {F1F19554-0B64-4214-8C62-0A0882539896} - System32\Tasks\{30B5BC00-99C7-4790-ABF2-61515936C33A} => pcalua.exe -a "F:\Programy instalacyjne\wmp11-windowsxp-x86-PL-PL.exe" -d "F:\Programy instalacyjne" Task: {F66A11B6-628D-4A73-994E-A086E39F802F} - System32\Tasks\{2D6DDA36-CDCC-4EDF-8099-0A75282CC5A3} => pcalua.exe -a C:\Users\Karol\Desktop\wmp11-windowsxp-x86-PL-PL.exe -d C:\Users\Karol\Desktop MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Karol\AppData\Local\Akamai\netsession_win.exe" S3 BtAudioBusSrv; System32\Drivers\BtAudioBus.sys [X] S3 BthL2caScoIfSrv; System32\Drivers\BtL2caScoIf.sys [X] S3 btUrbFilterDrv; System32\Drivers\IvtUrbBtFlt.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" DisableService: PLAY ONLINE. RunOuc CMD: del /q "C:\Users\Karol\Desktop\Manuel z pendrive.txt" Reg: reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 0x1 /f Reg: reg query HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. HKU\S-1-5-21-2154850424-1150076514-2689900897-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SysinfY2X => Wartość nie znaleziono. HKU\S-1-5-21-2154850424-1150076514-2689900897-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => Wartość nie znaleziono. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => klucz nie znaleziono. HKU\S-1-5-21-2154850424-1150076514-2689900897-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => klucz nie znaleziono. HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main => klucz nie znaleziono. HKU\S-1-5-21-2154850424-1150076514-2689900897-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono HKLM\Software\Mozilla\Firefox\Extensions\\sp@avast.com => Wartość nie znaleziono. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => Wartość nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Mozilla\Thunderbird => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25BBDA8D-C74D-486C-95B0-BDDE285CB0AA} => klucz nie znaleziono. C:\Windows\System32\Tasks\{E7EFB6B2-B613-4374-91A5-AE0F8DE7F5B0} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E7EFB6B2-B613-4374-91A5-AE0F8DE7F5B0} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5632745C-3716-4DBB-906B-EBBD1E1273D0} => klucz nie znaleziono. C:\Windows\System32\Tasks\{BF03AFC3-95E7-4133-87D0-7EEFF4C6A1D3} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BF03AFC3-95E7-4133-87D0-7EEFF4C6A1D3} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F1D028C-2B6A-4656-B777-5B78939C1108} => klucz nie znaleziono. C:\Windows\System32\Tasks\{A1BB2123-6A4F-488E-9384-ABD5C6C0739B} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1BB2123-6A4F-488E-9384-ABD5C6C0739B} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C164DEE-2A4B-42CC-B60D-D7139F347519} => klucz nie znaleziono. C:\Windows\System32\Tasks\{56F32D16-EAA8-4BFA-9EA2-0766728E5FDD} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{56F32D16-EAA8-4BFA-9EA2-0766728E5FDD} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1334EE1-7936-495D-84E5-E9FA60826902} => klucz nie znaleziono. C:\Windows\System32\Tasks\{23003EB3-106F-4E9C-8DB4-40B56E653C87} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{23003EB3-106F-4E9C-8DB4-40B56E653C87} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1F19554-0B64-4214-8C62-0A0882539896} => klucz nie znaleziono. C:\Windows\System32\Tasks\{30B5BC00-99C7-4790-ABF2-61515936C33A} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{30B5BC00-99C7-4790-ABF2-61515936C33A} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F66A11B6-628D-4A73-994E-A086E39F802F} => klucz nie znaleziono. C:\Windows\System32\Tasks\{2D6DDA36-CDCC-4EDF-8099-0A75282CC5A3} => nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D6DDA36-CDCC-4EDF-8099-0A75282CC5A3} => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface => klucz nie znaleziono. BtAudioBusSrv => serwis nie znaleziono. BthL2caScoIfSrv => serwis nie znaleziono. btUrbFilterDrv => serwis nie znaleziono. catchme => serwis nie znaleziono. HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => klucz nie znaleziono. HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => klucz nie znaleziono. HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => klucz nie znaleziono. HKLM\System\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => klucz nie znaleziono. PLAY ONLINE. RunOuc => usługę wyłączono ========= del /q "C:\Users\Karol\Desktop\Manuel z pendrive.txt" ========= Nie można odnaleźć C:\Users\Karol\Desktop\Manuel z pendrive.txt. ========= Koniec CMD: ========= ========= reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 0x1 /f ========= Operacja ukończona pomyślnie. ========= Koniec Reg: ========= ========= reg query HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced ========= HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced Start_SearchFiles REG_DWORD 0x2 ServerAdminUI REG_DWORD 0x0 Hidden REG_DWORD 0x1 ShowCompColor REG_DWORD 0x1 HideFileExt REG_DWORD 0x1 DontPrettyPath REG_DWORD 0x0 ShowInfoTip REG_DWORD 0x1 HideIcons REG_DWORD 0x0 MapNetDrvBtn REG_DWORD 0x0 WebView REG_DWORD 0x1 Filter REG_DWORD 0x0 SuperHidden REG_DWORD 0x0 SeparateProcess REG_DWORD 0x0 AutoCheckSelect REG_DWORD 0x0 IconsOnly REG_DWORD 0x0 ShowTypeOverlay REG_DWORD 0x1 ListviewShadow REG_DWORD 0x1 StartMenuInit REG_DWORD 0x4 Start_ShowMyGames REG_DWORD 0x0 TaskbarSizeMove REG_DWORD 0x0 DisablePreviewDesktop REG_DWORD 0x0 TaskbarSmallIcons REG_DWORD 0x0 TaskbarGlomLevel REG_DWORD 0x0 Start_PowerButtonAction REG_DWORD 0x2 Start_MinMFU REG_DWORD 0xc Start_JumpListItems REG_DWORD 0xa ShowSuperHidden REG_DWORD 0x1 ListviewAlphaSelect REG_DWORD 0x0 TaskbarAnimations REG_DWORD 0x0 ExtendedUIHoverTime REG_DWORD 0x0 DesktopLivePreviewHoverTime REG_DWORD 0x0 ========= Koniec Reg: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6637765 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 524288 B Edge => 0 B Chrome => 0 B Firefox => 16700916 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B Karol => 4679365 B RecycleBin => 0 B EmptyTemp: => 35.2 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 17:27:31 ====