Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:01-12-2015
Uruchomiony przez euro (2015-12-03 23:18:48) Run:1
Uruchomiony z C:\Users\euro\Downloads
Załadowane profile: UpdatusUser & euro (Dostępne profile: UpdatusUser & euro & Administrator)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
CMD: type "C:\Program Files (x86)\Mozilla Firefox\defaults\pref\!A22ACC81AB803BFF35C287F93B8731F6A22A.js"
FF ExtraCheck: C:\Program Files (x86)\Mozilla Firefox\defaults\pref\!A22ACC81AB803BFF35C287F93B8731F6A22A.js [2015-12-03]
Task: {0C78E21C-1E52-4982-80C2-7C89C06C8EA8} - System32\Tasks\Total Plugin2 => Rundll32.exe "C:\Users\euro\AppData\Local\Total Plugin\{8E3E8921-6AA7-4F65-12AE-66B592CDE853}\zhym.dll",#1
Task: {85D44DD4-5ABB-4B03-8639-587963405A90} - System32\Tasks\{6B70ADE4-1D6E-411B-9376-2B21BB11631E} => pcalua.exe -a C:\Users\euro\Downloads\USB_PCDRV_LB_1_02_0000.exe -d C:\Users\euro\Downloads
Task: {9EBBBBE9-451A-44F9-B2F6-E581025C3E00} - System32\Tasks\AdobeAAMUpdater-1.0-MARCIN-euro => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {C89073FA-574D-4624-9CD9-78CCF6746882} - System32\Tasks\Total Plugin => Rundll32.exe "C:\Users\euro\AppData\Local\Total Plugin\{8E3E8921-6AA7-4F65-12AE-66B592CDE853}\TotalPlugin.dll",#1
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
S2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [X]
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S3 cpuz135; \??\C:\Users\euro\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 intaud_WaveExtensible; system32\drivers\intelaud.sys [X]
S3 iwdbus; system32\DRIVERS\iwdbus.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3957981385-1540240800-1925116713-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://houmpage.com/?src=hp&ssid=1449148032&a=1004641&uuid=2879534c-f8b7-4b42-9403-80f0b6db6bf5
SearchScopes: HKU\S-1-5-21-3957981385-1540240800-1925116713-1001 -> {cf34d395-9ff1-49a0-98a5-8db1636431b1} URL = hxxp://houmpage.com/search/?src=ds&q={searchTerms}&ssid=1449148032&a=1004641&uuid=2879534c-f8b7-4b42-9403-80f0b6db6bf5
C:\ProgramData\Temp
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\Dell Stage.lnk
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\Intel® WiDi.lnk
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\Roxio Creator Starter.lnk
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\SyncUP.lnk
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\Zinio Reader 4.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{10C78B1A-4BF1-4D2C-9796-25B36D3B88AE}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange\Pomoc.lnk
C:\Users\euro\AppData\Local\69ff07055291669bb2b218.72821112
C:\Users\euro\AppData\Local\Google
C:\Users\euro\AppData\Local\Total Plugin
C:\Users\euro\AppData\Roaming\Mozilla\plugins
C:\Users\euro\Desktop\Continue TestDisk &amp;amp; PhotoRec installation.lnk
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaOviSuite2" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe" /f
CMD: netsh advfirewall reset
RemoveProxy:
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.

=========  type "C:\Program Files (x86)\Mozilla Firefox\defaults\pref\!A22ACC81AB803BFF35C287F93B8731F6A22A.js" =========

pref("general.config.filename", "A22ACC81AB803BFF35C287F93B8731F6A22A");

========= Koniec  CMD: =========

C:\Program Files (x86)\Mozilla Firefox\defaults\pref\!A22ACC81AB803BFF35C287F93B8731F6A22A.js => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C78E21C-1E52-4982-80C2-7C89C06C8EA8}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C78E21C-1E52-4982-80C2-7C89C06C8EA8}" => klucz pomyślnie usunięto
C:\windows\System32\Tasks\Total Plugin2 => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Total Plugin2" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85D44DD4-5ABB-4B03-8639-587963405A90}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85D44DD4-5ABB-4B03-8639-587963405A90}" => klucz pomyślnie usunięto
C:\windows\System32\Tasks\{6B70ADE4-1D6E-411B-9376-2B21BB11631E} => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6B70ADE4-1D6E-411B-9376-2B21BB11631E}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9EBBBBE9-451A-44F9-B2F6-E581025C3E00}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EBBBBE9-451A-44F9-B2F6-E581025C3E00}" => klucz pomyślnie usunięto
C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MARCIN-euro => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-MARCIN-euro" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C89073FA-574D-4624-9CD9-78CCF6746882}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C89073FA-574D-4624-9CD9-78CCF6746882}" => klucz pomyślnie usunięto
C:\windows\System32\Tasks\Total Plugin => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Total Plugin" => klucz pomyślnie usunięto
ADExchange => serwis pomyślnie usunięto
AdobeActiveFileMonitor11.0 => serwis pomyślnie usunięto
ArcCtrl => serwis pomyślnie usunięto
cpuz135 => serwis pomyślnie usunięto
hwusbfake => serwis pomyślnie usunięto
intaud_WaveExtensible => serwis pomyślnie usunięto
iwdbus => serwis pomyślnie usunięto
nvvad_WaveExtensible => serwis pomyślnie usunięto
pccsmcfd => serwis pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Creative SB Monitoring Utility => Wartość pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Wartość pomyślnie usunięto
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Wartość pomyślnie usunięto
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Wartość nie znaleziono.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3957981385-1540240800-1925116713-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
"HKU\S-1-5-21-3957981385-1540240800-1925116713-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf34d395-9ff1-49a0-98a5-8db1636431b1}" => klucz pomyślnie usunięto
HKCR\CLSID\{cf34d395-9ff1-49a0-98a5-8db1636431b1} => klucz nie znaleziono. 
C:\ProgramData\Temp => pomyślnie przeniesiono
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\Dell Stage.lnk => pomyślnie przeniesiono
"C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\Intel® WiDi.lnk" => nie znaleziono.
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\Roxio Creator Starter.lnk => pomyślnie przeniesiono
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\SyncUP.lnk => pomyślnie przeniesiono
C:\ProgramData\Dell\Dell Stage\deleted_shortcuts\Zinio Reader 4.lnk => pomyślnie przeniesiono
C:\ProgramData\Microsoft\Windows\GameExplorer\{10C78B1A-4BF1-4D2C-9796-25B36D3B88AE} => pomyślnie przeniesiono
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange\Pomoc.lnk => pomyślnie przeniesiono
C:\Users\euro\AppData\Local\69ff07055291669bb2b218.72821112 => pomyślnie przeniesiono
C:\Users\euro\AppData\Local\Google => pomyślnie przeniesiono
"C:\Users\euro\AppData\Local\Total Plugin" => nie znaleziono.
C:\Users\euro\AppData\Roaming\Mozilla\plugins => pomyślnie przeniesiono
C:\Users\euro\Desktop\Continue TestDisk &amp;amp; PhotoRec installation.lnk => pomyślnie przeniesiono

========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaOviSuite2" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe" /f =========

Operacja ukoäczona pomylnie.


========= Koniec  Reg: =========


=========  netsh advfirewall reset =========

Ok.


========= Koniec  CMD: =========


========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wartość pomyślnie usunięto
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wartość pomyślnie usunięto
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wartość pomyślnie usunięto
HKU\S-1-5-21-3957981385-1540240800-1925116713-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => Wartość pomyślnie usunięto
HKU\S-1-5-21-3957981385-1540240800-1925116713-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wartość pomyślnie usunięto
HKU\S-1-5-21-3957981385-1540240800-1925116713-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wartość pomyślnie usunięto


========= Koniec  RemoveProxy: =========

EmptyTemp: => 33 GB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 23:30:21 ====