Rezultat naprawy Farbar Recovery Scan Tool (x86) Wersja: 17-12-2016
Uruchomiony przez Administrator (22-12-2016 17:32:55) Run:1
Uruchomiony z D:\Programy
Załadowane profile: Administrator (Dostępne profile: Administrator)
Tryb startu: Safe Mode (minimal)

==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM\...\Winlogon: [Shell] Explorer.exe "C:\WINDOWS\KesenjanganSosial.exe" [x ] ()
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoStartBanner] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoStartBanner] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Run: [Tok-Cirrhatus-3444] => C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\smss.exe [43319 2014-10-19] ()
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Run: [Tok-Cirrhatus] => 0
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoStartBanner] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [NoFolderOptions] 1
HKU\S-1-5-21-1078081533-1647877149-839522115-500\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSMHelp] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoStartBanner] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\Empty.pif [2014-10-19] ()
AlternateShell: cmd-brontok.exe
U4 Alerter; Brak ImagePath
S4 IntelIde; Brak ImagePath
U4 Messenger; Brak ImagePath
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; Brak ImagePath
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\*Bron*
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\*Bron*.*
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"="cmd-brontok.exe"
2015-01-16 19:47 - 2014-10-19 15:41 - 0043319 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\csrss.exe
2015-01-16 19:47 - 2014-10-19 15:41 - 0043319 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\inetinfo.exe
2015-01-16 19:47 - 2014-10-19 15:41 - 0043319 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\lsass.exe
2015-01-16 19:47 - 2014-10-19 15:41 - 0043319 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\services.exe
2015-01-16 19:47 - 2014-10-19 15:41 - 0043319 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\smss.exe
2015-01-16 19:47 - 2014-10-19 15:41 - 0043319 ____N () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\winlogon.exe
CMD: dir /a C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Error: Punkt przywracania można utworzyć tylko w trybie normalnym.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Wartość pomyślnie przywrócono
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun => Wartość pomyślnie usunięto