Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 24.10.2018 Uruchomiony przez dom (01-11-2018 08:50:50) Run:1 Uruchomiony z C:\Users\dom\Downloads Załadowane profile: dom (Dostępne profile: dom) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** C:\Users\dom\AppData\Local\WServices\svb98s12e.exe C:\Users\dom\AppData\Local\WServices\pdqjw9d8as123hdk.exe RemoveDirectory: C:\Users\dom\AppData\Local\WServices HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Intel Graphic Media Accelerator] => cmd /c start /MIN %localappdata%\Microsoft\Windows\Intel\run.bat & exit HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\...\Run: [Opos] => [X] HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\...\Run: [GoogleChromeAutoLaunch_E2B03182C29EF7A5D59690143152C5DA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589080 2018-10-23] (Google Inc.) HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\...\Run: [view] => C:\Users\dom\AppData\Roaming\view\viewU.exe [39424 2018-10-31] ( GoldDay Corp) HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\...\Policies\Explorer: [] HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2872320 2010-11-21] (Microsoft Corporation) <==== UWAGA GroupPolicy: Ograniczenia ? <==== UWAGA GroupPolicy\User: Ograniczenia ? <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA SearchScopes: HKU\S-1-5-21-2873098329-2865010418-1003574698-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = FF Homepage: Mozilla\Firefox\Profiles\90kpk92t.default -> hxxps://inline.go.mail.ru/homepage?inline_comp=hp&inline_hp_cnt=11956636 CHR HomePage: Default -> inline.go.mail.ru CHR NewTab: Default -> Active:"chrome-extension://jjgmamfgfagkcjcgjcaokkmnnfijpcdi/index.html" CHR Session Restore: Default -> [funkcja włączona] CHR HKLM-x32\...\Chrome\Extension: [fppjhfcgnalgfiimdflmikpifodndljf] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gbnhehnpnbiioheicppmmmjaekcdfigc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx R2 Key Symbols Notifier; C:\Users\dom\AppData\Local\WServices\svb98s12e.exe [1833984 2018-10-31] () [Brak podpisu cyfrowego] S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] Task: {04BF8576-02C7-4D87-A05E-39E4A500255D} - System32\Tasks\Windows Disk Defragment Utility => c:\windows\temp\amz.exe <==== UWAGA Task: {09184B3B-36F8-4134-9F4D-EB26C67E192B} - System32\Tasks\{405711E0-656A-4014-AC9E-73C2EF1630C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{304D46E1-364B-45AB-9170-53E200DB4E85}\setup.exe" -c -runfromtemp -l0x0409 -removeonly Task: {9E379639-DF85-468B-BEC8-87FC3636012E} - System32\Tasks\{076EA303-4B9C-4DF9-AF31-558CA27F8695} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\smartCARS\365\en-US\installer.exe" -c /allownoinstall Task: {C9996377-4FA2-4317-A050-31B0D3EA7DDE} - System32\Tasks\WindowsDiskCleanup => c:\windows\temp\scvhost.exe [2018-08-12] (DIMON Incorporated) <==== UWAGA ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files\nodejs\nodevars.bat" ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd C:\ProgramData\boost_interprocess C:\Users\dom\AppData\Roaming\FC29FA0894FE.ini C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships\Deinstalacja programu World of Warships.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSCloud\FSCloud.lnk HOSTS: EmptyTemp: ***************** C:\Users\dom\AppData\Local\WServices\svb98s12e.exe => pomyślnie przeniesiono C:\Users\dom\AppData\Local\WServices\pdqjw9d8as123hdk.exe => pomyślnie przeniesiono "C:\Users\dom\AppData\Local\WServices" => pomyślnie usunięto "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => pomyślnie usunięto "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Intel Graphic Media Accelerator" => pomyślnie usunięto HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => pomyślnie usunięto "HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Opos" => pomyślnie usunięto "HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E2B03182C29EF7A5D59690143152C5DA" => pomyślnie usunięto "HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\Software\Microsoft\Windows\CurrentVersion\Run\\view" => pomyślnie usunięto "HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => pomyślnie usunięto "HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => pomyślnie usunięto C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\Windows\SysWOW64\GroupPolicy\GPT.ini => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\User => pomyślnie przeniesiono HKLM\SOFTWARE\Policies\Google => pomyślnie usunięto "HKU\S-1-5-21-2873098329-2865010418-1003574698-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto "Firefox homepage" => pomyślnie usunięto "Chrome HomePage" => pomyślnie usunięto "Chrome NewTab" => pomyślnie usunięto "Chrome Session Restore" => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fppjhfcgnalgfiimdflmikpifodndljf => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gbnhehnpnbiioheicppmmmjaekcdfigc => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe => pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ikpcpgklmefncbfgbdifkaphbaapgafh => pomyślnie usunięto Key Symbols Notifier => Nie można zatrzymać usługi. HKLM\System\CurrentControlSet\Services\Key Symbols Notifier => pomyślnie usunięto Key Symbols Notifier => serwis pomyślnie usunięto HKLM\System\CurrentControlSet\Services\BRDriver64_1_3_3_E02B25FC => pomyślnie usunięto BRDriver64_1_3_3_E02B25FC => serwis pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{04BF8576-02C7-4D87-A05E-39E4A500255D}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04BF8576-02C7-4D87-A05E-39E4A500255D}" => pomyślnie usunięto C:\Windows\System32\Tasks\Windows Disk Defragment Utility => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows Disk Defragment Utility" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09184B3B-36F8-4134-9F4D-EB26C67E192B}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09184B3B-36F8-4134-9F4D-EB26C67E192B}" => pomyślnie usunięto C:\Windows\System32\Tasks\{405711E0-656A-4014-AC9E-73C2EF1630C9} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{405711E0-656A-4014-AC9E-73C2EF1630C9}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E379639-DF85-468B-BEC8-87FC3636012E}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E379639-DF85-468B-BEC8-87FC3636012E}" => pomyślnie usunięto C:\Windows\System32\Tasks\{076EA303-4B9C-4DF9-AF31-558CA27F8695} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{076EA303-4B9C-4DF9-AF31-558CA27F8695}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C9996377-4FA2-4317-A050-31B0D3EA7DDE}" => pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9996377-4FA2-4317-A050-31B0D3EA7DDE}" => pomyślnie usunięto C:\Windows\System32\Tasks\WindowsDiskCleanup => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsDiskCleanup" => pomyślnie usunięto C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Node.js command prompt.lnk => Skrót - argument pomyślnie usunięto C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Google Hangouts.lnk => Skrót - argument pomyślnie usunięto C:\ProgramData\boost_interprocess => pomyślnie przeniesiono C:\Users\dom\AppData\Roaming\FC29FA0894FE.ini => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships\Deinstalacja programu World of Warships.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSCloud\FSCloud.lnk => pomyślnie przeniesiono C:\Windows\System32\Drivers\etc\hosts => pomyślnie przeniesiono Hosts pomyślnie przywrócono. =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49936522 B Java, Flash, Steam htmlcache => 534333749 B Windows/system/drivers => 434359570 B Edge => 0 B Chrome => 80328629 B Firefox => 480948073 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 58596023 B systemprofile32 => 69748 B LocalService => 66228 B NetworkService => 66228 B dom => 2035418618 B RecycleBin => 210162727 B EmptyTemp: => 3.6 GB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 09:01:00 ====