Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 01-01-2017 Uruchomiony przez Piotrek (07-01-2017 11:10:47) Run:2 Uruchomiony z C:\Users\Piotrek\Desktop Załadowane profile: Piotrek (Dostępne profile: Piotrek) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-4037366159-1690126974-2979737429-1001\...\Run: [Udvmedia] => regsvr32.exe C:\Users\Piotrek\AppData\Local\Udvmedia\sgjdatcr.dll <===== UWAGA HKU\S-1-5-18\...\Run: [] => 0 HKLM\...\Providers\hsch11h1: C:\Program Files (x86)\Sizayarigily Reports\local64spl.dll [292352 2017-01-05] () C:\Program Files (x86)\Sizayarigily Reports ShellExecuteHooks: Brak nazwy - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\ProgramData\igfxDH.dll -> Brak pliku ShellExecuteHooks: Brak nazwy - {05637422-CCFF-11E6-8821-64006A5CFC23} - C:\Users\Piotrek\AppData\Roaming\Shhoward\Arinuch.dll -> Brak pliku CHR StartupUrls: Default -> "hxxp://www.oursurfing.com/?type=hp&ts=1436210060&z=c8760eec810d9d1f9cb3977g0z3c0qfo7g6efeaq2g&from=2sq1&uid=ST9640423AS_5WS16EWLXXXX5WS16EWL","hxxp://www.mystartsearch.com/?type=hp&ts=1436210090&z=a9cec4e634c170ba8a1e71eg3z6cdqao7g5e3e2b4b&from=slbnew&uid=ST9640423AS_5WS16EWLXXXX5WS16EWL" S3 VGPU; System32\drivers\rdvgkmd.sys [X] Task: {0FE1ED1B-69E2-4468-B810-149DD172CEBF} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> Brak pliku <==== UWAGA Task: {126C4780-EBC7-49B1-893D-1742D5D38AB4} - \Microsoft\Windows\Media Center\OCURActivate -> Brak pliku <==== UWAGA Task: {250DAB8A-C4AB-4637-AF79-5E31F0742D58} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> Brak pliku <==== UWAGA Task: {29708982-A2F0-4510-AB6A-D38049B4160D} - \Microsoft\Windows\Media Center\PvrScheduleTask -> Brak pliku <==== UWAGA Task: {2EE10851-C5AF-4494-A363-BFF8352AB54D} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> Brak pliku <==== UWAGA Task: {3727C66C-4574-4F83-A29E-04D7E6FF3DCA} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> Brak pliku <==== UWAGA Task: {3B7627C6-96FD-4C34-BC58-E700C27DB5EA} - \Microsoft\Windows\Media Center\RegisterSearch -> Brak pliku <==== UWAGA Task: {475E0A49-71E2-4C83-B8D3-DAC8ED30E79E} - \Microsoft\Windows\Media Center\InstallPlayReady -> Brak pliku <==== UWAGA Task: {478CC213-402C-4F66-B8C3-DEA3105E0BAF} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> Brak pliku <==== UWAGA Task: {5149EDB9-EC09-488F-8F75-4372BAA9EC1E} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> Brak pliku <==== UWAGA Task: {5AD52747-84FF-43D1-A67A-717F19E378E7} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> Brak pliku <==== UWAGA Task: {65FC7088-6D38-436A-8DC9-21B33A18DDA8} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> Brak pliku <==== UWAGA Task: {68D333FA-5809-4857-98CD-1DCEAC974A0B} - \Microsoft\Windows\Media Center\OCURDiscovery -> Brak pliku <==== UWAGA Task: {958537A2-C418-4719-A22B-27CE2E5B8BA4} - \Microsoft\Windows\Media Center\ehDRMInit -> Brak pliku <==== UWAGA Task: {B3D79C6E-7C69-46BC-BBD1-2AB8AE1C127B} - \Microsoft\Windows\Media Center\RecordingRestart -> Brak pliku <==== UWAGA Task: {CBFD96B7-13EA-4093-A432-60614D352D1D} - \Microsoft\Windows\Media Center\PBDADiscovery -> Brak pliku <==== UWAGA Task: {CC333C6D-2E01-4286-A5E0-7E44E4752588} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> Brak pliku <==== UWAGA Task: {CCF69E08-EB3D-4F38-94ED-2957C5B51ADE} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> Brak pliku <==== UWAGA Task: {DAA5F001-C040-4061-8FC1-289F8AC8E86E} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> Brak pliku <==== UWAGA Task: {E909D3B5-8E2A-4EC0-94E3-90890C904D7E} - \Microsoft\Windows\Media Center\mcupdate -> Brak pliku <==== UWAGA Task: {F178738A-A064-47C6-A983-960398FEB13C} - \Microsoft\Windows\Media Center\UpdateRecordPath -> Brak pliku <==== UWAGA ShortcutWithArgument: C:\Users\Piotrek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Piotrek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Piotrek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Piotrek\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Piotrek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Piotrek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Piotrek\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ Hosts: EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. CreateRestorePoint => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => Wartość pomyślnie usunięto HKU\S-1-5-21-4037366159-1690126974-2979737429-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Udvmedia => Wartość pomyślnie usunięto HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyślnie usunięto HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\hsch11h1 => klucz pomyślnie usunięto HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order hsch11h1 => pomyślnie usunięto C:\Program Files (x86)\Sizayarigily Reports => pomyślnie przeniesiono HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} => Wartość pomyślnie usunięto HKCR\CLSID\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} => klucz nie znaleziono. HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{05637422-CCFF-11E6-8821-64006A5CFC23} => Wartość pomyślnie usunięto HKCR\CLSID\{05637422-CCFF-11E6-8821-64006A5CFC23} => klucz nie znaleziono. Chrome StartupUrls => pomyślnie usunięto HKLM\System\CurrentControlSet\Services\VGPU => klucz pomyślnie usunięto VGPU => serwis pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FE1ED1B-69E2-4468-B810-149DD172CEBF} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FE1ED1B-69E2-4468-B810-149DD172CEBF} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{126C4780-EBC7-49B1-893D-1742D5D38AB4} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{126C4780-EBC7-49B1-893D-1742D5D38AB4} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{250DAB8A-C4AB-4637-AF79-5E31F0742D58} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{250DAB8A-C4AB-4637-AF79-5E31F0742D58} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29708982-A2F0-4510-AB6A-D38049B4160D} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29708982-A2F0-4510-AB6A-D38049B4160D} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EE10851-C5AF-4494-A363-BFF8352AB54D} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EE10851-C5AF-4494-A363-BFF8352AB54D} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1 => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3727C66C-4574-4F83-A29E-04D7E6FF3DCA} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3727C66C-4574-4F83-A29E-04D7E6FF3DCA} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B7627C6-96FD-4C34-BC58-E700C27DB5EA} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B7627C6-96FD-4C34-BC58-E700C27DB5EA} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{475E0A49-71E2-4C83-B8D3-DAC8ED30E79E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{475E0A49-71E2-4C83-B8D3-DAC8ED30E79E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{478CC213-402C-4F66-B8C3-DEA3105E0BAF} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{478CC213-402C-4F66-B8C3-DEA3105E0BAF} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2 => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5149EDB9-EC09-488F-8F75-4372BAA9EC1E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5149EDB9-EC09-488F-8F75-4372BAA9EC1E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AD52747-84FF-43D1-A67A-717F19E378E7} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD52747-84FF-43D1-A67A-717F19E378E7} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65FC7088-6D38-436A-8DC9-21B33A18DDA8} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65FC7088-6D38-436A-8DC9-21B33A18DDA8} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68D333FA-5809-4857-98CD-1DCEAC974A0B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68D333FA-5809-4857-98CD-1DCEAC974A0B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{958537A2-C418-4719-A22B-27CE2E5B8BA4} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{958537A2-C418-4719-A22B-27CE2E5B8BA4} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B3D79C6E-7C69-46BC-BBD1-2AB8AE1C127B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3D79C6E-7C69-46BC-BBD1-2AB8AE1C127B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBFD96B7-13EA-4093-A432-60614D352D1D} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBFD96B7-13EA-4093-A432-60614D352D1D} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC333C6D-2E01-4286-A5E0-7E44E4752588} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC333C6D-2E01-4286-A5E0-7E44E4752588} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCF69E08-EB3D-4F38-94ED-2957C5B51ADE} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCF69E08-EB3D-4F38-94ED-2957C5B51ADE} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAA5F001-C040-4061-8FC1-289F8AC8E86E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAA5F001-C040-4061-8FC1-289F8AC8E86E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E909D3B5-8E2A-4EC0-94E3-90890C904D7E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E909D3B5-8E2A-4EC0-94E3-90890C904D7E} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate => klucz nie znaleziono. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F178738A-A064-47C6-A983-960398FEB13C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F178738A-A064-47C6-A983-960398FEB13C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath => klucz nie znaleziono. C:\Users\Piotrek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk => Skrót - argument pomyślnie usunięto. C:\Users\Piotrek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Piotrek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Piotrek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Piotrek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10922118 B Java, Flash, Steam htmlcache => 674 B Windows/system/drivers => 3815981 B Edge => 0 B Chrome => 142096823 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 83017 B Public => 0 B ProgramData => 0 B systemprofile => 82985 B systemprofile32 => 66228 B LocalService => 66228 B NetworkService => 66228 B Piotrek => 323162958 B RecycleBin => 204759 B EmptyTemp: => 458.3 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 11:10:57 ====