Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:18-10-2015 Uruchomiony przez BM (2015-10-21 18:36:07) Run:1 Uruchomiony z D:\Downloads\vir Załadowane profile: BM (Dostępne profile: BM) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Brak pliku CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Brak pliku Task: {36A37E29-380F-4500-A031-D1FD984D8162} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000Core => C:\Users\BM\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {36B87246-4C68-42E8-A8F8-2BBC1778402A} - System32\Tasks\{2427C378-ACFA-482C-980A-C45639FF938D} => pcalua.exe -a C:\Users\BM\Downloads\googlemon(3).exe -d C:\Users\BM\Downloads Task: {3BB0515B-0D40-4DEF-B30C-3950F51E3670} - System32\Tasks\{D2DEBA73-4DDE-4B27-A5AE-D0CD4FCB13FE} => pcalua.exe -a C:\Users\BM\Downloads\irfanview_plugins_433_setup.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {402076D7-30B3-4036-B446-888B8AC648E0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000UA => C:\Users\BM\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {40FD1B00-D5DA-477A-B8A1-3D2C522C8F08} - System32\Tasks\{F02A48C8-95BA-4638-8442-3A514452DA07} => pcalua.exe -a C:\TEMP\GTAINSTALLER\SETUP.EXE -d C:\TEMP\GTAINSTALLER Task: {5538D342-15A1-45F5-9EE0-953D79052132} - System32\Tasks\{11F22A97-0946-4B63-8053-4C67FA6A3F68} => pcalua.exe -a "C:\Program Files (x86)\XFastUsb\Uninstall.exe" Task: {57EE4030-D9C5-44B8-A721-622AD663C4C3} - System32\Tasks\Paragon Archive name arc_030413000426092 => C:\Program Files (x86)\Paragon Software\Hard Disk Manager 12 Professional\program\scripts.exe Task: {6A654567-D747-4F86-B2BC-E6B92FCFF42E} - System32\Tasks\{D21F9D2B-A2EA-43E9-BEBA-71F8A3E3D51E} => pcalua.exe -a C:\Users\BM\Downloads\googlemon.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {9D860236-C50F-4264-BF00-FB5BE8567999} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe Task: {DA1FFED2-3F6C-47A1-83FC-854D51D899F0} - System32\Tasks\{809CE9AB-A60E-454E-A562-8A1D1ABE9F75} => pcalua.exe -a C:\Users\BM\Documents\dav2avimon-1.0\dav2avi\dhplayer.exe -d C:\Users\BM\Documents\dav2avimon-1.0\dav2avi Task: {EB253384-11D9-4157-B749-9C147F8BFD0F} - System32\Tasks\{B178E1C2-8559-4568-866E-4691DDD60A34} => pcalua.exe -a "C:\Users\BM\Downloads\Photodex ProShow Gold 5.0.3222\SetUp.exe" -d "C:\Users\BM\Downloads\Photodex ProShow Gold 5.0.3222" Task: {FD685241-F150-417E-9EE3-E4D05E6F18D9} - System32\Tasks\{A1626C9E-D588-4B84-ADD0-6EE42FAF1B4B} => pcalua.exe -a C:\Users\BM\Downloads\googlemon(1).exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: C:\Windows\Tasks\Paragon Archive name arc_030413000426092.job => C:\Program Files (x86)\Paragon Software\Hard Disk Manager 12 Professional\program\scripts.exe-Wno --alternate --graph --multiple C:/Program Files (x86)/Paragon Software/Hard Disk Manager 12 Professional/scripts/scr_030413000704947.psl C:\Program Files (x86)\mozilla firefox\plugins C:\Users\BM\AppData\Local\134e6589520e51682091c0.32666518 C:\Users\BM\AppData\Local\69ff07055291669bb2b218.72821112 Folder: C:\temp Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f CMD: netsh advfirewall reset EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => klucz pomyślnie usunięto "HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => klucz pomyślnie usunięto "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => klucz pomyślnie usunięto "HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => klucz pomyślnie usunięto "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => klucz pomyślnie usunięto "HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => klucz pomyślnie usunięto "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => klucz pomyślnie usunięto "HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => klucz pomyślnie usunięto HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => klucz nie znaleziono. HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => klucz nie znaleziono. HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => klucz nie znaleziono. HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => klucz nie znaleziono. "HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" => klucz pomyślnie usunięto "HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" => klucz pomyślnie usunięto "HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" => klucz pomyślnie usunięto "HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36A37E29-380F-4500-A031-D1FD984D8162}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36A37E29-380F-4500-A031-D1FD984D8162}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000Core => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000Core" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36B87246-4C68-42E8-A8F8-2BBC1778402A}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36B87246-4C68-42E8-A8F8-2BBC1778402A}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{2427C378-ACFA-482C-980A-C45639FF938D} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2427C378-ACFA-482C-980A-C45639FF938D}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BB0515B-0D40-4DEF-B30C-3950F51E3670}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BB0515B-0D40-4DEF-B30C-3950F51E3670}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{D2DEBA73-4DDE-4B27-A5AE-D0CD4FCB13FE} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D2DEBA73-4DDE-4B27-A5AE-D0CD4FCB13FE}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{402076D7-30B3-4036-B446-888B8AC648E0}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{402076D7-30B3-4036-B446-888B8AC648E0}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000UA => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000UA" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40FD1B00-D5DA-477A-B8A1-3D2C522C8F08}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40FD1B00-D5DA-477A-B8A1-3D2C522C8F08}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{F02A48C8-95BA-4638-8442-3A514452DA07} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F02A48C8-95BA-4638-8442-3A514452DA07}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5538D342-15A1-45F5-9EE0-953D79052132}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5538D342-15A1-45F5-9EE0-953D79052132}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{11F22A97-0946-4B63-8053-4C67FA6A3F68} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{11F22A97-0946-4B63-8053-4C67FA6A3F68}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57EE4030-D9C5-44B8-A721-622AD663C4C3}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57EE4030-D9C5-44B8-A721-622AD663C4C3}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Paragon Archive name arc_030413000426092 => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Paragon Archive name arc_030413000426092" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A654567-D747-4F86-B2BC-E6B92FCFF42E}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A654567-D747-4F86-B2BC-E6B92FCFF42E}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{D21F9D2B-A2EA-43E9-BEBA-71F8A3E3D51E} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D21F9D2B-A2EA-43E9-BEBA-71F8A3E3D51E}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D860236-C50F-4264-BF00-FB5BE8567999}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D860236-C50F-4264-BF00-FB5BE8567999}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\Seagate_Install_Launch => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Seagate_Install_Launch" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA1FFED2-3F6C-47A1-83FC-854D51D899F0}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA1FFED2-3F6C-47A1-83FC-854D51D899F0}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{809CE9AB-A60E-454E-A562-8A1D1ABE9F75} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{809CE9AB-A60E-454E-A562-8A1D1ABE9F75}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB253384-11D9-4157-B749-9C147F8BFD0F}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB253384-11D9-4157-B749-9C147F8BFD0F}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{B178E1C2-8559-4568-866E-4691DDD60A34} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B178E1C2-8559-4568-866E-4691DDD60A34}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD685241-F150-417E-9EE3-E4D05E6F18D9}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD685241-F150-417E-9EE3-E4D05E6F18D9}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{A1626C9E-D588-4B84-ADD0-6EE42FAF1B4B} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1626C9E-D588-4B84-ADD0-6EE42FAF1B4B}" => klucz pomyślnie usunięto C:\Windows\Tasks\Paragon Archive name arc_030413000426092.job => pomyślnie przeniesiono C:\Program Files (x86)\mozilla firefox\plugins => pomyślnie przeniesiono C:\Users\BM\AppData\Local\134e6589520e51682091c0.32666518 => pomyślnie przeniesiono C:\Users\BM\AppData\Local\69ff07055291669bb2b218.72821112 => pomyślnie przeniesiono ========================= Folder: C:\temp ======================== 2015-06-18 22:41 - 2008-06-18 13:17 - 0139264 _____ (Enterprise Distributed Technologies) C:\temp\edtFTPnet.dll 2015-06-18 22:41 - 2011-06-21 17:58 - 0018528 _____ (M-Photo Ltd.) C:\temp\Update Manager.exe 2015-06-18 22:41 - 2012-05-29 23:09 - 0000990 _____ () C:\temp\UpdateManager.ini 2015-06-18 22:41 - 2011-12-21 15:01 - 5087232 _____ (M-Photo Ltd.) C:\temp\VSMPhotoLib.dll 2015-06-18 22:41 - 2015-06-18 22:41 - 0000000 ____D () C:\temp\Lang 2015-06-18 22:41 - 2015-06-18 22:41 - 0000000 ____D () C:\temp\Lang\Polish 2015-06-18 22:41 - 2011-11-20 17:32 - 0202956 _____ () C:\temp\Lang\Polish\MPR.txt 2015-06-18 22:41 - 2015-06-18 22:41 - 0000000 ____D () C:\temp\Logs 2015-06-18 22:41 - 2015-06-18 22:41 - 0013869 _____ () C:\temp\Logs\FtpDebugLog_2015-06-18-22-41-31-031.txt 2015-06-18 22:41 - 2015-06-18 22:41 - 0000000 ____D () C:\temp\Update Downloads 2015-06-18 22:41 - 2015-06-18 22:41 - 6253154 _____ () C:\temp\Update Downloads\AlbumSetup_KrukBook_soft_update_1307080912#6253154.exe ====== Koniec Folder: ====== ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= netsh advfirewall reset ========= Ok. ========= Koniec CMD: ========= EmptyTemp: => 1.2 GB danych tymczasowych Usunięto. System wymagał restartu. ==== Koniec Fixlog 18:37:06 ====