Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:18-05-2016 Uruchomiony przez Dudek (2016-05-19 18:39:55) Run:1 Uruchomiony z E:\FRST\Nowy folder (2) ZaÅ‚adowane profile: Dudek (DostÄ™pne profile: Dudek) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () [Brak podpisu cyfrowego] S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation) S1 nvport; C:\Windows\SysWOW64\Drivers\nvport.sys [4608 2006-05-05] (NVIDIA Corporation.) [Brak podpisu cyfrowego] S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [9856 2006-03-29] (Padus, Inc.) [Brak podpisu cyfrowego] S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [Brak podpisu cyfrowego] S3 cpuz132; \??\C:\Users\Dudek\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X] Task: {6302761C-F4EE-45B9-848B-B34F8F5F31E5} - System32\Tasks\Driver Booster SkipUAC (Dudek) => D:\IObit Driver Booster Pro\App\Driver Booster\DriverBooster.exe [2015-10-16] (IObit) Task: {7633AB18-18D4-4F40-8954-02A3E73F5347} - System32\Tasks\{DAFCE646-E615-4D45-B7CB-48106FB7974E} => pcalua.exe -a "D:\FreeRapid Downloader\frd.exe" -d "D:\FreeRapid Downloader" Task: {9D308604-70AC-406D-932A-50B0356E7425} - System32\Tasks\Driver Booster Scheduler => D:\IObit Driver Booster Pro\App\Driver Booster\Scheduler.exe [2015-10-16] (IObit) Task: {E2F10B0B-D9A5-4D0C-989D-14E5166C431E} - System32\Tasks\Opera scheduled Autoupdate 1445176897 => D:\Opera\launcher.exe HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service" HKLM-x32\...\Winlogon: [Userinit] [X] HKU\S-1-5-21-3109523066-2476599016-3366156518-1000\Software\Classes\.exe: => <===== UWAGA ProxyServer: [S-1-5-21-3109523066-2476599016-3366156518-1000] => localhost:8080 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealProtect DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched DeleteKey: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files (x86)\GUT1BAB.tmp C:\ProgramData\Microsoft\Windows\GameExplorer\{11BCFDD7-21E9-4B70-A512-F56A5066AFEE} C:\ProgramData\Microsoft\Windows\GameExplorer\{8146C1DF-E311-4B6F-B348-3AC31EA1DF60} C:\ProgramData\Microsoft\Windows\GameExplorer\{BA590910-03EC-4F7B-8760-DDB39076496C} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Engelmann Media C:\Users\Dudek\AppData\Local\Microsoft\Windows\GameExplorer\{AFEA67F0-6FAE-4F68-845B-AC6DFF6C4363} C:\Users\Dudek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Cinema HD 2.0.lnk C:\Users\Dudek\Desktop\PROGRAMY\Odtwarzacze\Total Video Player.lnk C:\Windows\System32\Drivers\ATITool64.sys C:\Windows\System32\Drivers\GenericMount.sys C:\Windows\SysWOW64\Drivers\nvport.sys C:\Windows\SysWOW64\Drivers\pfc.sys C:\Windows\SysWOW64\Drivers\PortTalk.sys CMD: netsh advfirewall reset CMD: set EmptyTemp: ***************** Procesy zostaÅ‚y pomyÅ›lnie zamkniÄ™te. Punkt przywracania zostaÅ‚ pomyÅ›lnie utworzony. ATITool => serwis pomyÅ›lnie usuniÄ™to GenericMount => serwis pomyÅ›lnie usuniÄ™to nvport => serwis pomyÅ›lnie usuniÄ™to pfc => serwis pomyÅ›lnie usuniÄ™to PortTalk => serwis pomyÅ›lnie usuniÄ™to cpuz132 => serwis pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6302761C-F4EE-45B9-848B-B34F8F5F31E5}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6302761C-F4EE-45B9-848B-B34F8F5F31E5}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\Driver Booster SkipUAC (Dudek) => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Dudek)" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7633AB18-18D4-4F40-8954-02A3E73F5347}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7633AB18-18D4-4F40-8954-02A3E73F5347}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\{DAFCE646-E615-4D45-B7CB-48106FB7974E} => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DAFCE646-E615-4D45-B7CB-48106FB7974E}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D308604-70AC-406D-932A-50B0356E7425}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D308604-70AC-406D-932A-50B0356E7425}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\Driver Booster Scheduler => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E2F10B0B-D9A5-4D0C-989D-14E5166C431E}" => klucz pomyÅ›lnie usuniÄ™to "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2F10B0B-D9A5-4D0C-989D-14E5166C431E}" => klucz pomyÅ›lnie usuniÄ™to C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1445176897 => pomyÅ›lnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1445176897" => klucz pomyÅ›lnie usuniÄ™to "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\PAexec" => klucz pomyÅ›lnie usuniÄ™to "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk" => klucz pomyÅ›lnie usuniÄ™to "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys" => klucz pomyÅ›lnie usuniÄ™to "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k" => klucz pomyÅ›lnie usuniÄ™to "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys" => klucz pomyÅ›lnie usuniÄ™to "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfevtp" => klucz pomyÅ›lnie usuniÄ™to "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PAexec" => klucz pomyÅ›lnie usuniÄ™to HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Wartość pomyÅ›lnie przywrócono "HKU\S-1-5-21-3109523066-2476599016-3366156518-1000\Software\Classes\.exe" => klucz pomyÅ›lnie usuniÄ™to HKU\S-1-5-21-3109523066-2476599016-3366156518-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wartość pomyÅ›lnie usuniÄ™to HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyÅ›lnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyÅ›lnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyÅ›lnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Wartość pomyÅ›lnie przywrócono HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Wartość pomyÅ›lnie przywrócono HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 => niepowodzenie przy usuwaniu w pierwszym podejÅ›ciu (ErrorCode: C0000121), zobacz kolejnÄ… liniÄ™. HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 => klucz pomyÅ›lnie usuniÄ™to HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealProtect => klucz pomyÅ›lnie usuniÄ™to HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched => klucz pomyÅ›lnie usuniÄ™to HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes => klucz pomyÅ›lnie usuniÄ™to HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes => klucz pomyÅ›lnie usuniÄ™to HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes => klucz pomyÅ›lnie usuniÄ™to C:\Program Files (x86)\GUT1BAB.tmp => pomyÅ›lnie przeniesiono C:\ProgramData\Microsoft\Windows\GameExplorer\{11BCFDD7-21E9-4B70-A512-F56A5066AFEE} => pomyÅ›lnie przeniesiono C:\ProgramData\Microsoft\Windows\GameExplorer\{8146C1DF-E311-4B6F-B348-3AC31EA1DF60} => pomyÅ›lnie przeniesiono C:\ProgramData\Microsoft\Windows\GameExplorer\{BA590910-03EC-4F7B-8760-DDB39076496C} => pomyÅ›lnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Engelmann Media => pomyÅ›lnie przeniesiono C:\Users\Dudek\AppData\Local\Microsoft\Windows\GameExplorer\{AFEA67F0-6FAE-4F68-845B-AC6DFF6C4363} => pomyÅ›lnie przeniesiono C:\Users\Dudek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Cinema HD 2.0.lnk => pomyÅ›lnie przeniesiono C:\Users\Dudek\Desktop\PROGRAMY\Odtwarzacze\Total Video Player.lnk => pomyÅ›lnie przeniesiono C:\Windows\System32\Drivers\ATITool64.sys => pomyÅ›lnie przeniesiono C:\Windows\System32\Drivers\GenericMount.sys => pomyÅ›lnie przeniesiono C:\Windows\SysWOW64\Drivers\nvport.sys => pomyÅ›lnie przeniesiono C:\Windows\SysWOW64\Drivers\pfc.sys => pomyÅ›lnie przeniesiono C:\Windows\SysWOW64\Drivers\PortTalk.sys => pomyÅ›lnie przeniesiono ========= netsh advfirewall reset ========= Nazwa 'netsh' nie jest rozpoznawana jako polecenie wewn©trzne lub zewn©trzne, program wykonywalny lub plik wsadowy. ========= Koniec CMD: ========= ========= set ========= ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\Dudek\AppData\Roaming CommonProgramFiles=C:\Program Files\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=AIRBORNE82 ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\Dudek LOCALAPPDATA=C:\Users\Dudek\AppData\Local LOGONSERVER=\\AIRBORNE82 NUMBER_OF_PROCESSORS=4 OS=Windows_NT Path=c:\program files (x86)\ivt corporation\bluesoleil\mobile;c:\program files (x86)\ati technologies\ati.ace\core-static;d:\skype\phone\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=3c03 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PROMPT=$P$G PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\ PUBLIC=C:\Users\Public SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\Dudek\AppData\Local\Temp TMP=C:\Users\Dudek\AppData\Local\Temp USERDOMAIN=Airborne82 USERNAME=Dudek USERPROFILE=C:\Users\Dudek windir=C:\Windows windows_tracing_flags=3 windows_tracing_logfile=C:\BVTBin\Tests\installpackage\csilogfile.log ========= Koniec CMD: ========= EmptyTemp: => 1.2 GB danych tymczasowych UsuniÄ™to. System wymagaÅ‚ restartu. ==== Koniec Fixlog 18:40:52 ====