Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 12-11-2016 Uruchomiony przez Paweł (12-11-2016 19:45:02) Run:1 Uruchomiony z C:\Users\Paweł\Desktop Załadowane profile: Paweł (Dostępne profile: Paweł) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** Task: {063ADB97-1EAF-426A-8012-82BC2D209941} - System32\Tasks\{A94751CC-B6D8-40EA-9CB5-03CA4A894098} => pcalua.exe -a C:\Users\Paweł\AppData\Local\{4B027D5E-6FAA-11E6-0232-340E265AC896}\uninst.exe -c -FN="C:\Users\Paweł\AppData\Local\{4B5F7DE4-6E0D-1092-053B-3740D9E9CA7E}\SynHelper.exe"-P=/Uninstall /s /noun /DelSelfDir Task: {6F7425C2-1B7F-4081-8192-77B7CF0BF6F5} - System32\Tasks\{496DF6DA-893B-45B8-AFF2-494F5B3D9B64} => pcalua.exe -a C:\Users\Paweł\AppData\Local\{E630D06C-C298-BCD4-AF00-993C8B6865A4}\uninst.exe -c -FN="C:\Users\Paweł\AppData\Local\{E66DD0D6-C33F-BDA0-A809-9A7274DB674C}\updatetask.exe"-P=/Uninstall /s /noun /DelSelfDir Task: {73D8C3CC-BDB0-4187-861E-4316E62580F8} - System32\Tasks\{64F6AAEE-CF1D-451C-8602-789549E57FF5} => pcalua.exe -a D:\Eden4S\4Story.exe -d D:\Eden4S Task: {A4D2A5A9-EEE3-49BC-B3AB-C3A5296D410F} - System32\Tasks\Bing Powered Search nirol => Wscript.exe "C:\ProgramData\{0312C671-8950-4CB7-0F96-D2F595D4593B}\tife.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b30333132433637312d383935302d344342372d304639362d4432463539354434353933427d5c666f6c6f6669" "433a5c50726f6772616d446174615c7b30333132433637312d383935302d344342372d304639 (dane wartości zawierają 78 znaków więcej). Task: {D21B5023-6EF4-4467-B8C4-F46138319FE5} - System32\Tasks\Yahoo! Powered nirol => Wscript.exe "C:\ProgramData\{8F724A11-0530-C0D7-83F6-5E9519B4D55B}\tife.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b38463732344131312d303533302d433044372d383346362d3545393531394234443535427d5c666f6c6f6669" "433a5c50726f6772616d446174615c7b38463732344131312d303533302d433044372d383346 (dane wartości zawierają 78 znaków więcej). Task: C:\WINDOWS\Tasks\Bing Powered Search nirol.job => Wscript.exe C:\ProgramData\{0312C671-8950-4CB7-0F96-D2F595D4593B}\tife.txt <==== UWAGA Task: C:\WINDOWS\Tasks\Yahoo! Powered nirol.job => Wscript.exe C:\ProgramData\{8F724A11-0530-C0D7-83F6-5E9519B4D55B}\tife.txt <==== UWAGA RemoveDirectory: C:\ProgramData\{8F724A11-0530-C0D7-83F6-5E9519B4D55B} RemoveDirectory: C:\ProgramData\{0312C671-8950-4CB7-0F96-D2F595D4593B} RemoveDirectory: RemoveDirectory: ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Brak pliku GroupPolicy: Ograniczenia <======= UWAGA CHR HKLM-x32\...\Chrome\Extension: [bmlggjgglgmlgbendppbpmkpakefkmkd] - CHR HKLM\...\Chrome\Extension: [bmlggjgglgmlgbendppbpmkpakefkmkd] - C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TCTRL_GSP Uninstall.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TLOG0 Uninstall.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TLOGIN_GSP Uninstall.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TMAP_GSP Uninstall.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TRELAY_GSP Uninstall.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TWORLD_GSP Uninstall.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TCTRL_GSP SETUP.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TLOG0 SETUP.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TLOGIN_GSP SETUP.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TMAP_GSP SETUP.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TPATCH_GSP SETUP.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TRELAY_GSP SETUP.lnk C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TWORLD_GSP SETUP.lnk EmptyTemp: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{063ADB97-1EAF-426A-8012-82BC2D209941}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{063ADB97-1EAF-426A-8012-82BC2D209941}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\{A94751CC-B6D8-40EA-9CB5-03CA4A894098} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A94751CC-B6D8-40EA-9CB5-03CA4A894098}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F7425C2-1B7F-4081-8192-77B7CF0BF6F5}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F7425C2-1B7F-4081-8192-77B7CF0BF6F5}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\{496DF6DA-893B-45B8-AFF2-494F5B3D9B64} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{496DF6DA-893B-45B8-AFF2-494F5B3D9B64}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73D8C3CC-BDB0-4187-861E-4316E62580F8}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73D8C3CC-BDB0-4187-861E-4316E62580F8}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\{64F6AAEE-CF1D-451C-8602-789549E57FF5} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{64F6AAEE-CF1D-451C-8602-789549E57FF5}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4D2A5A9-EEE3-49BC-B3AB-C3A5296D410F}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4D2A5A9-EEE3-49BC-B3AB-C3A5296D410F}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Bing Powered Search nirol => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bing Powered Search nirol" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21B5023-6EF4-4467-B8C4-F46138319FE5}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21B5023-6EF4-4467-B8C4-F46138319FE5}" => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Yahoo! Powered nirol => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Powered nirol" => klucz pomyślnie usunięto C:\WINDOWS\Tasks\Bing Powered Search nirol.job => pomyślnie przeniesiono C:\WINDOWS\Tasks\Yahoo! Powered nirol.job => pomyślnie przeniesiono "C:\ProgramData\{8F724A11-0530-C0D7-83F6-5E9519B4D55B}" => pomyślnie usunięto. "C:\ProgramData\{0312C671-8950-4CB7-0F96-D2F595D4593B}" => pomyślnie usunięto. "RemoveDirectory:" => nie znaleziono. "RemoveDirectory:" => nie znaleziono. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => klucz pomyślnie usunięto HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => klucz nie znaleziono. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => klucz pomyślnie usunięto HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => klucz nie znaleziono. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => klucz pomyślnie usunięto HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => klucz nie znaleziono. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => klucz nie znaleziono. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => klucz nie znaleziono. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => klucz nie znaleziono. C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => pomyślnie przeniesiono "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bmlggjgglgmlgbendppbpmkpakefkmkd" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Google\Chrome\Extensions\bmlggjgglgmlgbendppbpmkpakefkmkd" => klucz pomyślnie usunięto C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TCTRL_GSP Uninstall.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TLOG0 Uninstall.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TLOGIN_GSP Uninstall.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TMAP_GSP Uninstall.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TRELAY_GSP Uninstall.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Uninstall Services\TWORLD_GSP Uninstall.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TCTRL_GSP SETUP.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TLOG0 SETUP.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TLOGIN_GSP SETUP.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TMAP_GSP SETUP.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TPATCH_GSP SETUP.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TRELAY_GSP SETUP.lnk => pomyślnie przeniesiono C:\Users\Paweł\Desktop\4.1er Files (1)\4.1er Files\Files\Install Services\TWORLD_GSP SETUP.lnk => pomyślnie przeniesiono =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 98722941 B Java, Flash, Steam htmlcache => 506 B Windows/system/drivers => 592828 B Edge => 798348 B Chrome => 541666938 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 822 B NetworkService => 0 B Paweł => 353958173 B RecycleBin => 47277678 B EmptyTemp: => 994.7 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 19:45:12 ====