Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 28.09.2018 Uruchomiony przez Bula (02-10-2018 15:52:39) Run:1 Uruchomiony z C:\Users\Bula\Desktop Załadowane profile: Bula (Dostępne profile: Bula) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** VirusTotal: C:\Users\Bula\AppData\Roaming\Python\zm.exe VirusTotal: C:\Users\Bula\AppData\Roaming\Python\pythonw.exe Task: {6108AFE8-8E76-44BA-8791-0A6ADA6F9E47} - System32\Tasks\{603A4C40-7B68-453A-9689-E826391F9FA5} => C:\Windows\system32\pcalua.exe -a D:\Flash_Disinfector_www.INSTALKI.pl.exe -d D:\ Task: {6662864B-3DD6-4B8C-94B3-D73AC0292380} - System32\Tasks\{9EA4D002-7D50-41F1-B432-01E4B783E019} => C:\Windows\system32\pcalua.exe -a G:\dx8a\DX81pol.exe -d G:\dx8a Task: {77186D02-8BAE-4F40-B1B4-1E4864B7F43E} - System32\Tasks\{B0EBAF8D-D44B-4826-89E0-95E3F7B176C2} => C:\Windows\system32\pcalua.exe -a D:\Gry\kam\Km\setup.EXE -d D:\Gry\kam\Km Task: {79218626-4E9B-483E-ACF9-77AA4F022F30} - System32\Tasks\{1922E8B9-17ED-4FC5-A94E-2BD63D81DDCF} => C:\Windows\system32\pcalua.exe -a D:\Gry\dirt3\Installer.exe -d D:\Gry\dirt3 Task: {7B910F32-A76D-4D89-8182-26A0CABEABB4} - System32\Tasks\{6C497C24-6871-4325-897E-7D18D8E2A0DC} => C:\Windows\system32\pcalua.exe -a D:\win64_154037.4835.exe -d D:\ Task: {8077A32B-3138-4933-9707-3FEAA945C1F9} - System32\Tasks\{379D1E27-E6E2-4800-B864-0ACC0CE82119} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Flexrancof\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\Flexrancof\uninstall.dat" -a uninstallme B15E5C24-012D-417D-84EA-C5CE518444DA DeviceId=6941b483-eb3d-b347-43bc-4f8421b29054 BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev HKU\S-1-5-21-557026980-2374518597-3869201236-1000\...\Run: [Python] => C:\Users\Bula\AppData\Roaming\Python\pythonw.exe [96408 2017-12-16] (Python Software Foundation) <==== UWAGA C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU\PokerStars.eu.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia\Odinstaluj Metin2 Ravia.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2.lnk EmptyTemp: ***************** VirusTotal: C:\Users\Bula\AppData\Roaming\Python\zm.exe => https://www.virustotal.com/file/3465c5fec88ee855d55c2f9589edea9b52cd21b6a0b368550a09be55140adea0/analysis/1528418111/ VirusTotal: C:\Users\Bula\AppData\Roaming\Python\pythonw.exe => https://www.virustotal.com/file/dbefec15acb08e0312e1c0693da98d1b246b0863e250da5cab8aaf506f8486c6/analysis/1532281329/ "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6108AFE8-8E76-44BA-8791-0A6ADA6F9E47}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6108AFE8-8E76-44BA-8791-0A6ADA6F9E47}" => pomyślnie usunięto C:\Windows\System32\Tasks\{603A4C40-7B68-453A-9689-E826391F9FA5} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{603A4C40-7B68-453A-9689-E826391F9FA5}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6662864B-3DD6-4B8C-94B3-D73AC0292380}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6662864B-3DD6-4B8C-94B3-D73AC0292380}" => pomyślnie usunięto C:\Windows\System32\Tasks\{9EA4D002-7D50-41F1-B432-01E4B783E019} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9EA4D002-7D50-41F1-B432-01E4B783E019}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77186D02-8BAE-4F40-B1B4-1E4864B7F43E}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77186D02-8BAE-4F40-B1B4-1E4864B7F43E}" => pomyślnie usunięto C:\Windows\System32\Tasks\{B0EBAF8D-D44B-4826-89E0-95E3F7B176C2} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B0EBAF8D-D44B-4826-89E0-95E3F7B176C2}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79218626-4E9B-483E-ACF9-77AA4F022F30}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79218626-4E9B-483E-ACF9-77AA4F022F30}" => pomyślnie usunięto C:\Windows\System32\Tasks\{1922E8B9-17ED-4FC5-A94E-2BD63D81DDCF} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1922E8B9-17ED-4FC5-A94E-2BD63D81DDCF}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B910F32-A76D-4D89-8182-26A0CABEABB4}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B910F32-A76D-4D89-8182-26A0CABEABB4}" => pomyślnie usunięto C:\Windows\System32\Tasks\{6C497C24-6871-4325-897E-7D18D8E2A0DC} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6C497C24-6871-4325-897E-7D18D8E2A0DC}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8077A32B-3138-4933-9707-3FEAA945C1F9}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8077A32B-3138-4933-9707-3FEAA945C1F9}" => pomyślnie usunięto C:\Windows\System32\Tasks\{379D1E27-E6E2-4800-B864-0ACC0CE82119} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{379D1E27-E6E2-4800-B864-0ACC0CE82119}" => pomyślnie usunięto "HKU\S-1-5-21-557026980-2374518597-3869201236-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Python" => pomyślnie usunięto C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU\PokerStars.eu.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia\Odinstaluj Metin2 Ravia.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2.lnk => pomyślnie przeniesiono =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9887253 B Java, Flash, Steam htmlcache => 87811354 B Windows/system/drivers => 20288 B Edge => 0 B Chrome => 7294976 B Firefox => 545002087 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 0 B Bula => 2848861 B RecycleBin => 0 B EmptyTemp: => 630.6 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 15:52:51 ====